x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x60, 0x0, 0x20, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x1, 0x1c}}}}, [@NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x369}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x130e}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x52d}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x2}, @NL80211_ATTR_CRIT_PROT_ID={0x6}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x2}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x10b5}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0xb81}]}, 0x60}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x13) sendmsg$nl_generic(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x1c, 0x1a, 0x101, 0x0, 0x0, {}, [@generic="7b828f25ec5b"]}, 0x1c}}, 0x0) 03:38:37 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 6) [ 906.772015] FAULT_INJECTION: forcing a failure. [ 906.772015] name failslab, interval 1, probability 0, space 0, times 0 [ 906.774362] CPU: 0 PID: 7402 Comm: syz-executor.5 Not tainted 5.10.200 #1 [ 906.775743] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 906.777448] Call Trace: [ 906.777992] dump_stack+0x107/0x167 [ 906.778744] should_fail.cold+0x5/0xa [ 906.779525] ? create_object.isra.0+0x3a/0xa20 03:38:37 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0xffffff7f, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 906.780480] should_failslab+0x5/0x20 [ 906.781367] kmem_cache_alloc+0x5b/0x310 [ 906.782205] create_object.isra.0+0x3a/0xa20 [ 906.783101] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 906.784143] kmem_cache_alloc_trace+0x151/0x320 [ 906.785113] find_get_context+0x18d/0x9a0 [ 906.785963] ? security_perf_event_alloc+0x79/0xa0 [ 906.786970] ? ctx_sched_out+0xa00/0xa00 [ 906.787815] __do_sys_perf_event_open+0xee7/0x2d50 [ 906.788839] ? __mutex_unlock_slowpath+0xe1/0x600 [ 906.789832] ? perf_event_set_output+0x5b0/0x5b0 [ 906.790801] ? wait_for_completion_io+0x270/0x270 [ 906.791809] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 906.792932] ? syscall_enter_from_user_mode+0x1d/0x50 [ 906.793992] do_syscall_64+0x33/0x40 [ 906.794749] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 906.795795] RIP: 0033:0x7f101cfbbb19 [ 906.796555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 906.800337] RSP: 002b:00007f101a531188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 906.801896] RAX: ffffffffffffffda RBX: 00007f101d0cef60 RCX: 00007f101cfbbb19 [ 906.803357] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 906.804820] RBP: 00007f101a5311d0 R08: 0000000000000000 R09: 0000000000000000 [ 906.806274] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 906.807730] R13: 00007ffe25c0905f R14: 00007f101a531300 R15: 0000000000022000 03:38:37 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 12) [ 906.834796] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 906.842297] FAULT_INJECTION: forcing a failure. [ 906.842297] name failslab, interval 1, probability 0, space 0, times 0 [ 906.844649] CPU: 1 PID: 7405 Comm: syz-executor.6 Not tainted 5.10.200 #1 [ 906.846051] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 906.847741] Call Trace: [ 906.848285] dump_stack+0x107/0x167 [ 906.849051] should_fail.cold+0x5/0xa [ 906.849832] ? selinux_perf_event_alloc+0x43/0x190 [ 906.850834] should_failslab+0x5/0x20 [ 906.851608] kmem_cache_alloc_trace+0x55/0x320 [ 906.852562] selinux_perf_event_alloc+0x43/0x190 [ 906.853522] security_perf_event_alloc+0x46/0xa0 [ 906.854478] perf_event_alloc.part.0+0x18b3/0x2b70 [ 906.855502] __do_sys_perf_event_open+0x580/0x2d50 [ 906.856511] ? __mutex_unlock_slowpath+0xe1/0x600 [ 906.857478] ? perf_event_set_output+0x5b0/0x5b0 [ 906.858433] ? wait_for_completion_io+0x270/0x270 [ 906.859448] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 906.860532] ? syscall_enter_from_user_mode+0x1d/0x50 [ 906.861577] do_syscall_64+0x33/0x40 [ 906.862344] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 906.863389] RIP: 0033:0x7f53a8b8eb19 [ 906.864148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 906.867887] RSP: 002b:00007f53a6104188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 906.869442] RAX: ffffffffffffffda RBX: 00007f53a8ca1f60 RCX: 00007f53a8b8eb19 [ 906.870885] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 906.872343] RBP: 00007f53a61041d0 R08: 0000000000000000 R09: 0000000000000000 [ 906.873783] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 906.875221] R13: 00007ffe5f64f26f R14: 00007f53a6104300 R15: 0000000000022000 [ 906.892172] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7408 comm=syz-executor.1 03:38:37 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0xffffff9e, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:38:37 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) syz_io_uring_setup(0x263d, 0x0, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x3, 0x0, 0x0}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_FSYNC={0x3, 0x3, 0x0, @fd_index=0x5, 0x0, 0x0, 0x0, 0x1}, 0x2) fsmount(0xffffffffffffffff, 0x0, 0x88) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x404) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0x1}, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, 0xffffffffffffffff, 0x800, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) fsetxattr$security_evm(0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0)=@sha1={0x1, "385e421f86d190dbb4bb5b76868499ea0ea26e6d"}, 0x15, 0x1) r3 = openat(r2, &(0x7f0000000040)='./file0\x00', 0x440900, 0x0) ftruncate(r3, 0x1000004) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) sendfile(r4, r3, 0x0, 0x404) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4000006}) r5 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x2d83c0, 0x0) sendfile(r4, r5, 0x0, 0x6) [ 906.939369] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7410 comm=syz-executor.1 [ 906.946302] FAULT_INJECTION: forcing a failure. [ 906.946302] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 906.948785] CPU: 0 PID: 7412 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 906.950187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 906.951886] Call Trace: [ 906.952452] dump_stack+0x107/0x167 [ 906.953204] should_fail.cold+0x5/0xa [ 906.953998] __alloc_pages_nodemask+0x182/0x600 [ 906.954690] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 906.954952] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 906.954980] ? cap_capable+0x1d6/0x240 [ 906.955009] alloc_pages_current+0x187/0x280 [ 906.959396] __get_free_pages+0xc/0xa0 [ 906.960199] io_uring_setup+0xdfe/0x2a40 [ 906.961049] ? wait_for_completion_io+0x270/0x270 [ 906.962051] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 906.963113] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 906.964183] ? syscall_enter_from_user_mode+0x1d/0x50 [ 906.965265] do_syscall_64+0x33/0x40 [ 906.966032] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 906.967075] RIP: 0033:0x7fd4717f2b19 [ 906.967849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 906.971646] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 906.973216] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 906.974684] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 906.976143] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 906.977619] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 906.979092] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:38:37 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0xfffffff0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:38:37 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000040), 0x4) r2 = socket$unix(0x1, 0xf59b57f35a516a87, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'macvlan0\x00'}) accept$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000100)=0x1c) r3 = fcntl$dupfd(r0, 0x406, r1) setsockopt$inet_udp_encap(r3, 0x11, 0x64, &(0x7f00000000c0), 0x58) close(r0) 03:38:37 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 7) [ 907.099070] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:38:37 executing program 0: r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_config_ext, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) timerfd_gettime(r0, &(0x7f0000001180)) ioctl$VT_RESIZE(r1, 0x5609, &(0x7f00000000c0)={0x0, 0x4}) getdents(0xffffffffffffffff, &(0x7f0000000180)=""/4096, 0x1000) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) r2 = creat(&(0x7f0000000080)='./file0/file0\x00', 0x1) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f00000001c0)={0x6b8, 0x9, 0x54}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000058000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4200, 0x123) ioctl$BTRFS_IOC_LOGICAL_INO(r2, 0xc0389424, &(0x7f0000000140)={0x3ff, 0x10, '\x00', 0x0, &(0x7f0000000040)=[0x0, 0x0]}) [ 907.126827] FAULT_INJECTION: forcing a failure. [ 907.126827] name failslab, interval 1, probability 0, space 0, times 0 [ 907.129193] CPU: 1 PID: 7425 Comm: syz-executor.6 Not tainted 5.10.200 #1 [ 907.130591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 907.132265] Call Trace: [ 907.132812] dump_stack+0x107/0x167 [ 907.133561] should_fail.cold+0x5/0xa [ 907.134342] ? create_object.isra.0+0x3a/0xa20 [ 907.135275] should_failslab+0x5/0x20 [ 907.136054] kmem_cache_alloc+0x5b/0x310 [ 907.136890] ? slab_free_freelist_hook+0xa9/0x180 [ 907.137864] create_object.isra.0+0x3a/0xa20 [ 907.138749] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 907.139774] kmem_cache_alloc_trace+0x151/0x320 [ 907.140742] selinux_perf_event_alloc+0x43/0x190 [ 907.141696] security_perf_event_alloc+0x46/0xa0 [ 907.142652] perf_event_alloc.part.0+0x18b3/0x2b70 [ 907.143649] __do_sys_perf_event_open+0x580/0x2d50 [ 907.144656] ? __mutex_unlock_slowpath+0xe1/0x600 [ 907.145625] ? perf_event_set_output+0x5b0/0x5b0 [ 907.146582] ? wait_for_completion_io+0x270/0x270 [ 907.147586] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 907.148654] ? syscall_enter_from_user_mode+0x1d/0x50 [ 907.149711] do_syscall_64+0x33/0x40 [ 907.150467] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 907.151507] RIP: 0033:0x7f53a8b8eb19 [ 907.152257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 907.156036] RSP: 002b:00007f53a6104188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 907.157574] RAX: ffffffffffffffda RBX: 00007f53a8ca1f60 RCX: 00007f53a8b8eb19 [ 907.159023] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 907.160465] RBP: 00007f53a61041d0 R08: 0000000000000000 R09: 0000000000000000 [ 907.161903] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 907.163339] R13: 00007ffe5f64f26f R14: 00007f53a6104300 R15: 0000000000022000 03:38:37 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 13) 03:38:37 executing program 1: sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x20000000000000}, 0x4000, 0x0, 0x0, 0x0, 0x10000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup(0xffffffffffffffff) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x2) io_setup(0x3e3, &(0x7f0000000580)=0x0) io_submit(r1, 0x2, &(0x7f0000000540)=[&(0x7f0000000080)={0x4004800, 0x500, 0x0, 0x0, 0x0, r0, 0x0}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r5, r4, 0x800, 0x0) sendfile(r4, r3, &(0x7f0000000240)=0x80000000, 0x1) tee(r3, r2, 0x800, 0x0) ioctl$TIOCL_PASTESEL(r2, 0x541c, &(0x7f0000000200)) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) io_setup(0x1, &(0x7f00000000c0)=0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) io_submit(r6, 0x1, &(0x7f00000024c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r7, 0x0, 0x0, 0x401}]) io_submit(r6, 0x0, &(0x7f00000001c0)) [ 907.227237] FAULT_INJECTION: forcing a failure. [ 907.227237] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 907.229746] CPU: 0 PID: 7429 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 907.231145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 907.232850] Call Trace: [ 907.233402] dump_stack+0x107/0x167 [ 907.234155] should_fail.cold+0x5/0xa [ 907.234939] __alloc_pages_nodemask+0x182/0x600 [ 907.235898] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 907.237152] ? cap_capable+0x1d6/0x240 [ 907.237946] alloc_pages_current+0x187/0x280 [ 907.238852] __get_free_pages+0xc/0xa0 [ 907.239653] io_uring_setup+0xf6b/0x2a40 [ 907.240396] serio: Serial port tty23 [ 907.240516] ? wait_for_completion_io+0x270/0x270 [ 907.240544] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 907.240585] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 907.244488] ? syscall_enter_from_user_mode+0x1d/0x50 [ 907.245553] do_syscall_64+0x33/0x40 [ 907.246320] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 907.247372] RIP: 0033:0x7fd4717f2b19 [ 907.248135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 907.251917] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 907.253491] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 907.254957] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 907.256436] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 907.257899] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 907.259367] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:38:53 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 10) 03:38:53 executing program 1: r0 = creat(&(0x7f00000001c0)='./cgroup/cgroup.procs/file0\x00', 0x0) open_by_handle_at(r0, &(0x7f0000000240)=ANY=[@ANYRES16], 0x4a0043) setsockopt$inet_udp_int(r0, 0x11, 0x65, &(0x7f0000000100)=0x7, 0x4) socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x20010, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xd}, 0x0, 0x0, 0xfffffffe, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000280)=ANY=[@ANYBLOB="0100000001000000180000009b9c32af091b23d3972aae1605ea700e64351f876b362178bc51856f38d9f829b223556bbdd68a70cc07ba34a198a0cca2388ff8c71d36367cd270784913f8798f072f93d3bbed9710aea19e94653770e898bf", @ANYRES32, @ANYBLOB="ffa22106352f00002e2f661c696c653000"]) socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'syz_tun\x00'}) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = dup(r2) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x8, 0x0, 0x0, 0x10000, 0x6, 0x0, 0x1}, 0x0, 0xd, 0xffffffffffffffff, 0x0) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_group_source_req(r5, 0x29, 0x0, &(0x7f0000000040)={0x2, {{0xa, 0x0, 0xaa, @private1, 0x2}}, {{0xa, 0x4e21, 0xbb, @local, 0xfffffff4}}}, 0x108) setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @local}}}, 0x108) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x11}}, 0x77, r6}) creat(&(0x7f00000000c0)='./cgroup/cgroup.procs\x00', 0x20) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, r6}) [ 923.375504] FAULT_INJECTION: forcing a failure. [ 923.375504] name failslab, interval 1, probability 0, space 0, times 0 03:38:53 executing program 7: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000600), 0x10}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_unix(&(0x7f0000000080)='./file1\x00', &(0x7f0000002f00)='./file0/../file0\x00', 0x0, 0x2d30c6, 0x0) mount$9p_unix(0x0, 0x0, 0x0, 0x0, 0x0) mount$bind(0x0, 0x0, &(0x7f0000000700), 0x1000, 0x0) setxattr$security_selinux(&(0x7f0000000000)='./file1\x00', &(0x7f0000000140), &(0x7f0000000180)='system_u:object_r:dbusd_etc_t:s0\x00', 0x21, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f00000002c0)) lstat(&(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) perf_event_open(0x0, 0x0, 0x8, r0, 0x2) chown(&(0x7f0000000540)='./file0\x00', r1, 0x0) truncate(0x0, 0x3) mknod$loop(0x0, 0x0, 0x1) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') preadv(r0, &(0x7f0000000040)=[{&(0x7f00000011c0)=""/121, 0x79}, {&(0x7f00000003c0)=""/171, 0xab}, {&(0x7f0000000200)=""/204, 0xcc}], 0x3, 0x6, 0x0) mount$bind(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)='./file0/../file0\x00', &(0x7f0000000580), 0x1200000, 0x0) fsmount(r2, 0x0, 0x88) mount$9p_unix(&(0x7f0000000940)='./file0\x00', &(0x7f0000000980)='./file0/../file0\x00', 0x0, 0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="7472616e733d756e69782c76657273696f6e3d3970323030302e752c64666c747569643dc62ba4bef96cd464209cd8c05bce78c837e242043d71b1c38d26f5d6f54a6f48b1eb0ce0ff62e4bed0bd2fcb44fa8bc1fb5e0b78ca413675417cc0a2223b5932f65858d592dd442999eb13036fa728e0f93bbe1f1a260fcdf8c360eec4541305dbcf9b115cd52ecf545f16bd408d964da96f8c4a8bb58281eb9f99b3e78b3807776c93828d2069a79f6047fc1edbbcaea832139a3a1c4c7d5abf60650759710691ebec08ded882344db18d3e23bf3ea3eaa11a1ce12f3de5fe51e5edafbfbfa757cbf76490733161a84fcb47e47b679ec5b9e358bd77ff3a88042919f5372d93ce560359b49396994535aca0f9cf2598c1ef722bddcfa3927a480142fc67245dfab8d00d6b5c5696b018660ebe29af47dacb37f1f731be6c96226acd334d608bc85fdc1e3ff1984b2336de467951cf8944dc6b27930a33d19d9b0995306491", @ANYRESHEX=0x0, @ANYBLOB=',version=9p2000.L,nodevmap,version=9p2000,defcontext=system_u,context=uncon']) lgetxattr(&(0x7f0000000800)='./file0/../file0\x00', &(0x7f00000005c0)=ANY=[@ANYBLOB="005ba8c3e3a8976dee6b55a75056743c77f2514794c08e9f7ee33c35c5ad"], 0x0, 0x0) [ 923.377861] CPU: 0 PID: 7442 Comm: syz-executor.5 Not tainted 5.10.200 #1 [ 923.379369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 923.381076] Call Trace: [ 923.381628] dump_stack+0x107/0x167 [ 923.382403] should_fail.cold+0x5/0xa [ 923.383181] ? __d_alloc+0x2a/0x990 [ 923.383916] should_failslab+0x5/0x20 [ 923.384709] kmem_cache_alloc+0x5b/0x310 03:38:53 executing program 0: syz_mount_image$nfs4(0x0, 0x0, 0x0, 0x3, &(0x7f0000001540)=[{&(0x7f0000001080)="dd", 0x1}, {&(0x7f0000001180)="d2", 0x1}, {&(0x7f0000000000)="e6", 0x1}], 0x0, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x60, 0x0) pivot_root(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00') 03:38:53 executing program 3: r0 = fork() pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) r3 = gettid() capset(&(0x7f0000000000)={0x19980330, r3}, &(0x7f0000000040)) sendmsg$nl_netfilter(r1, &(0x7f0000000880)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000840)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4c040000050301032dbd7000fddf25030000010800320000", @ANYRES32=r3, @ANYBLOB="0df52bf399153de11cee6ccf533bf6bfb9a5dd66cc71838ed89c9dab63d27db7e3718784039e625627a19f5662f3cb1458572970b13fc5900ecc72822bdee349730ea259c40bddbab32ff6fc3011574ec98d9c720303238004002700c1e21775ca926da399e5bbbe8b62d33f85c2200bb56d73132f6f7608457e759ad55e512f73ef251a927c0aec90706711b37ab4b8a64052b2ed9bc064245061bc693cc275b0f8215185a108f7e0d369cf727c164f491c096f58290fcb5ff42a3a6b93dd65ca161f5f6b348108da58fd4b1f83605830f3c26c67889daabfda217baba5c9eb2fe3361837dbc53e756427ccf412f1cb56a73474f1de5a59e871d19c1bd9e42f63c6b87d334f9e3e097a4a7ff87a83ca6e082553316ea2f453075125d896f86c098ef880e3313ae436e47c9db1baa2b3bde888a44c17f5f5d49a0484c4fdc97b3aef713830a828f2baa49cb62b4c9d585909fe10a154552d5dabe7bf5ee15a71f503ea062befc9f62bb0adac7e4d79161d72249039a9b5942f48c952f11a77e63cdece622eb35ae2cb85bde25c1e151a57c396d785b1d792d1002ebb8e9c05ab996cf5d418637675a4989e59d61f7d2331477bf844383791bd6a783c1bc0f9ba6af756f6f1186148b1d81c22886ee741a8cbfcbaa63717d5eb082d85352599d2af469bf532632cdd3659db19770aa5ba06832c3053c8c9f0ee2591bb095f727b4316914c94d5e534fd3cbdf183f967d27eead8facdcf41472b05c83e34d8b13405a98fb7274db246d2badebd57e13f4426d892c2e882fc1db5a604328a8d52e30ca6a56c03eb008d9e9a01dfe66aa7bec5732668e197980a6928aedb75f4f6b561e31e0b399fe42feb5ec1378113945a4df9f603214e55205eec43de87e390f54f6e1cf229a2d1a18d5dcfd52a1633daff738602247068f8166edcfa49886b63ed3a1a0d91937dcb43cae34645dfc0ad40503786af1424698d20bc16033983a60b77167f8b83f188330de9da6e5e3c708dfb1d0f2a4b96789401d325d67aaf3963cc59b1cc8d9149803722c05a37d397fdb29ba0ef52e651fc6bfcabaeb2e6569500c644e04038419a2a62888146a30abb860068c29ac853dd50ee2ee9da5842d646ed52a29f5bf98aaa9b604fdec583b032d2f27c32019e15d68e14008900fc01000000000000000000000000000108009500ac1414bb00d730d42fa76399aab5ea70301136dd9cf4ecb9b86444cf3e83de73a1d209f7d41cd5cc83d4ceba92676412c7c3a756658b274a0f19876b0ba89c78bcc80d1e24630c34b3549e0aebdcc1914ae502ccf075d83d38cece4d71ce89a46c00e4332e629d80aa93e1a73ce2393b3bbfe0d27c9e696f70ebb83c9c1197535981dbf28669ac93ebc469fc5c2c87cc35cc886d5a2997f419a31795729a4a0da14a3af9c67163742eb377a4f3ea1ee8526a3e80fb0032fc0521b87f735e04526c5e1c8b4b08af94861c7d4db3d713e90d5dc23eaacde02eaf44000000"], 0x44c}, 0x1, 0x0, 0x0, 0x4048000}, 0x4000040) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300)={0x0}, &(0x7f0000000340)=0xc) r5 = clone3(&(0x7f0000000280)={0x980300, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x9}, &(0x7f0000000140)=""/47, 0x2f, &(0x7f0000000180)=""/140, &(0x7f0000000240)=[r4], 0x1}, 0x58) ptrace(0x11, r5) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) [ 923.385540] __d_alloc+0x2a/0x990 [ 923.386305] d_alloc_pseudo+0x19/0x70 [ 923.387091] alloc_file_pseudo+0xce/0x250 [ 923.387924] ? alloc_file+0x5a0/0x5a0 [ 923.388723] ? ctx_sched_out+0xa00/0xa00 [ 923.389555] anon_inode_getfile+0xc8/0x1f0 [ 923.390434] __do_sys_perf_event_open+0xf6f/0x2d50 [ 923.391438] ? __mutex_unlock_slowpath+0xe1/0x600 [ 923.392418] ? perf_event_set_output+0x5b0/0x5b0 [ 923.393378] ? wait_for_completion_io+0x270/0x270 [ 923.394378] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 923.395403] ? syscall_enter_from_user_mode+0x1d/0x50 [ 923.396423] do_syscall_64+0x33/0x40 [ 923.397190] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 923.398238] RIP: 0033:0x7f101cfbbb19 [ 923.398988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 923.402730] RSP: 002b:00007f101a531188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 923.404259] RAX: ffffffffffffffda RBX: 00007f101d0cef60 RCX: 00007f101cfbbb19 [ 923.405715] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 923.407156] RBP: 00007f101a5311d0 R08: 0000000000000000 R09: 0000000000000000 [ 923.408604] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 923.410052] R13: 00007ffe25c0905f R14: 00007f101a531300 R15: 0000000000022000 03:38:53 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 14) 03:38:53 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0xffffffff, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:38:53 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 8) [ 923.425960] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 923.465786] FAULT_INJECTION: forcing a failure. [ 923.465786] name failslab, interval 1, probability 0, space 0, times 0 [ 923.468238] CPU: 0 PID: 7461 Comm: syz-executor.6 Not tainted 5.10.200 #1 [ 923.469663] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 923.471373] Call Trace: [ 923.471918] dump_stack+0x107/0x167 [ 923.472697] should_fail.cold+0x5/0xa [ 923.473479] ? find_get_context+0x18d/0x9a0 [ 923.474365] should_failslab+0x5/0x20 [ 923.475132] kmem_cache_alloc_trace+0x55/0x320 [ 923.476056] find_get_context+0x18d/0x9a0 [ 923.476926] ? security_perf_event_alloc+0x79/0xa0 [ 923.477915] ? ctx_sched_out+0xa00/0xa00 [ 923.478757] __do_sys_perf_event_open+0xee7/0x2d50 [ 923.479761] ? __mutex_unlock_slowpath+0xe1/0x600 [ 923.480744] ? perf_event_set_output+0x5b0/0x5b0 [ 923.481672] ? wait_for_completion_io+0x270/0x270 [ 923.482674] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 923.483740] ? syscall_enter_from_user_mode+0x1d/0x50 [ 923.484830] do_syscall_64+0x33/0x40 [ 923.485587] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 923.486627] RIP: 0033:0x7f53a8b8eb19 [ 923.487402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 923.491119] RSP: 002b:00007f53a60e3188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 923.492692] RAX: ffffffffffffffda RBX: 00007f53a8ca2020 RCX: 00007f53a8b8eb19 [ 923.494134] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 923.495574] RBP: 00007f53a60e31d0 R08: 0000000000000000 R09: 0000000000000000 [ 923.497032] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 923.498468] R13: 00007ffe5f64f26f R14: 00007f53a60e3300 R15: 0000000000022000 [ 923.504214] FAULT_INJECTION: forcing a failure. [ 923.504214] name failslab, interval 1, probability 0, space 0, times 0 [ 923.506733] CPU: 1 PID: 7448 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 923.508081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 923.509743] Call Trace: [ 923.510271] dump_stack+0x107/0x167 [ 923.511010] should_fail.cold+0x5/0xa [ 923.511777] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 923.512903] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 923.514010] should_failslab+0x5/0x20 [ 923.514760] kmem_cache_alloc_trace+0x55/0x320 [ 923.515681] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 923.516753] io_uring_setup+0x14db/0x2a40 [ 923.517593] ? wait_for_completion_io+0x270/0x270 [ 923.518540] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 923.519575] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 923.520622] ? syscall_enter_from_user_mode+0x1d/0x50 [ 923.521665] do_syscall_64+0x33/0x40 [ 923.522398] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 923.523417] RIP: 0033:0x7fd4717f2b19 [ 923.524149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 923.527896] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 923.529401] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 923.530815] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 923.532221] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 923.533662] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 923.535071] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:39:08 executing program 3: r0 = fork() pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) r3 = gettid() capset(&(0x7f0000000000)={0x19980330, r3}, &(0x7f0000000040)) sendmsg$nl_netfilter(r1, &(0x7f0000000880)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000840)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4c040000050301032dbd7000fddf25030000010800320000", @ANYRES32=r3, @ANYBLOB="0df52bf399153de11cee6ccf533bf6bfb9a5dd66cc71838ed89c9dab63d27db7e3718784039e625627a19f5662f3cb1458572970b13fc5900ecc72822bdee349730ea259c40bddbab32ff6fc3011574ec98d9c720303238004002700c1e21775ca926da399e5bbbe8b62d33f85c2200bb56d73132f6f7608457e759ad55e512f73ef251a927c0aec90706711b37ab4b8a64052b2ed9bc064245061bc693cc275b0f8215185a108f7e0d369cf727c164f491c096f58290fcb5ff42a3a6b93dd65ca161f5f6b348108da58fd4b1f83605830f3c26c67889daabfda217baba5c9eb2fe3361837dbc53e756427ccf412f1cb56a73474f1de5a59e871d19c1bd9e42f63c6b87d334f9e3e097a4a7ff87a83ca6e082553316ea2f453075125d896f86c098ef880e3313ae436e47c9db1baa2b3bde888a44c17f5f5d49a0484c4fdc97b3aef713830a828f2baa49cb62b4c9d585909fe10a154552d5dabe7bf5ee15a71f503ea062befc9f62bb0adac7e4d79161d72249039a9b5942f48c952f11a77e63cdece622eb35ae2cb85bde25c1e151a57c396d785b1d792d1002ebb8e9c05ab996cf5d418637675a4989e59d61f7d2331477bf844383791bd6a783c1bc0f9ba6af756f6f1186148b1d81c22886ee741a8cbfcbaa63717d5eb082d85352599d2af469bf532632cdd3659db19770aa5ba06832c3053c8c9f0ee2591bb095f727b4316914c94d5e534fd3cbdf183f967d27eead8facdcf41472b05c83e34d8b13405a98fb7274db246d2badebd57e13f4426d892c2e882fc1db5a604328a8d52e30ca6a56c03eb008d9e9a01dfe66aa7bec5732668e197980a6928aedb75f4f6b561e31e0b399fe42feb5ec1378113945a4df9f603214e55205eec43de87e390f54f6e1cf229a2d1a18d5dcfd52a1633daff738602247068f8166edcfa49886b63ed3a1a0d91937dcb43cae34645dfc0ad40503786af1424698d20bc16033983a60b77167f8b83f188330de9da6e5e3c708dfb1d0f2a4b96789401d325d67aaf3963cc59b1cc8d9149803722c05a37d397fdb29ba0ef52e651fc6bfcabaeb2e6569500c644e04038419a2a62888146a30abb860068c29ac853dd50ee2ee9da5842d646ed52a29f5bf98aaa9b604fdec583b032d2f27c32019e15d68e14008900fc01000000000000000000000000000108009500ac1414bb00d730d42fa76399aab5ea70301136dd9cf4ecb9b86444cf3e83de73a1d209f7d41cd5cc83d4ceba92676412c7c3a756658b274a0f19876b0ba89c78bcc80d1e24630c34b3549e0aebdcc1914ae502ccf075d83d38cece4d71ce89a46c00e4332e629d80aa93e1a73ce2393b3bbfe0d27c9e696f70ebb83c9c1197535981dbf28669ac93ebc469fc5c2c87cc35cc886d5a2997f419a31795729a4a0da14a3af9c67163742eb377a4f3ea1ee8526a3e80fb0032fc0521b87f735e04526c5e1c8b4b08af94861c7d4db3d713e90d5dc23eaacde02eaf44000000"], 0x44c}, 0x1, 0x0, 0x0, 0x4048000}, 0x4000040) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300)={0x0}, &(0x7f0000000340)=0xc) r5 = clone3(&(0x7f0000000280)={0x980300, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x9}, &(0x7f0000000140)=""/47, 0x2f, &(0x7f0000000180)=""/140, &(0x7f0000000240)=[r4], 0x1}, 0x58) ptrace(0x11, r5) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:39:08 executing program 0: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x284000, 0xc1) ioctl$PERF_EVENT_IOC_QUERY_BPF(r2, 0xc008240a, &(0x7f00000002c0)=ANY=[@ANYBLOB="08000000000000000000000000000400000000000000000000000000000000000000000000000000db62d5e1f619f3c203e6613163c08238dcf71a6a674ad3de4068feef8d2513c624389d2dd0e2b6e06f69c20d0184f77b64361e1bd038e61eab197740d4cffbc276ff877467c4144657121efac40611ab6cdfc99f6050fb1073def7f1ce1910a030e092a4cf0093ac4280d4fd82d8229f7e163b4cc9c03b"]) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r4 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$EBT_SO_GET_INFO(r4, 0x0, 0x15, 0x0, &(0x7f0000000900)) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000002a40)={0x0, 0x0, 0x0}, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8800000) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r2, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x3}}, './file0/file0\x00'}) ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000140)) r6 = syz_open_dev$evdev(&(0x7f0000006000), 0x0, 0x0) getsockopt$SO_COOKIE(0xffffffffffffffff, 0x1, 0x39, &(0x7f0000000100), &(0x7f0000000240)=0x8) ioctl$F2FS_IOC_DEFRAGMENT(r6, 0xc010f508, &(0x7f00000001c0)={0x3, 0x1ff}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8aa3, 0x2}, 0x8a0cc, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0002}}}, 0x14) connect$802154_dgram(r0, &(0x7f0000000200)={0x24, @short}, 0x14) sendmmsg$sock(0xffffffffffffffff, &(0x7f00000021c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x48800) 03:39:08 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 9) 03:39:08 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 15) 03:39:08 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0xa, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:39:08 executing program 7: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = getpid() perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x6, 0x0, 0x0, 0x8a, 0x0, 0x465, 0x10600, 0xd, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x85, 0x2, @perf_config_ext={0xffffffff, 0x100000000}, 0x10, 0x1, 0x1, 0x2, 0x20, 0x7f, 0x2598, 0x0, 0x1, 0x0, 0x3}, r1, 0xa, r0, 0x8) r2 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x81, 0x8, 0x20, 0x9d, 0x0, 0x1ff, 0x3a06, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffff800, 0x4, @perf_bp={&(0x7f0000000000), 0x6}, 0x20, 0x5, 0xfffffffe, 0x8, 0x9f73, 0x8, 0x200, 0x0, 0x8001, 0x0, 0x3f}, 0xffffffffffffffff, 0xa, r2, 0x1) unshare(0x42000000) 03:39:08 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 11) 03:39:08 executing program 1: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000100)={0x5, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @local}}}, 0x108) r1 = getpgrp(0x0) perf_event_open(&(0x7f0000000340)={0x3, 0x80, 0x5, 0x1, 0x2, 0x1e, 0x0, 0x80000000, 0x801, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0x7, 0x100000000}, 0x40c00, 0x1000, 0x8, 0x0, 0x5, 0xfffffffc, 0x9, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, r1, 0x10, 0xffffffffffffffff, 0xb) setsockopt$inet_group_source_req(r0, 0x0, 0x2d, &(0x7f0000000100)={0x1, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108) r2 = openat$hpet(0xffffffffffffff9c, &(0x7f00000002c0), 0x422002, 0x0) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000300)) pipe2(&(0x7f0000000480), 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x40010, 0xffffffffffffffff, 0x55b75000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x105142, 0x185) accept$unix(r3, &(0x7f00000001c0)=@abs, &(0x7f0000000240)=0x6e) sendfile(r3, 0xffffffffffffffff, 0x0, 0x100000001) ioctl$SG_NEXT_CMD_LEN(r3, 0x2283, &(0x7f0000000000)=0x78) kexec_load(0x0, 0x1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x8000000}], 0x0) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r4, 0x0) lchown(&(0x7f0000000280)='./file1\x00', r4, 0x0) [ 937.730101] FAULT_INJECTION: forcing a failure. [ 937.730101] name failslab, interval 1, probability 0, space 0, times 0 [ 937.731371] FAULT_INJECTION: forcing a failure. [ 937.731371] name failslab, interval 1, probability 0, space 0, times 0 [ 937.731445] CPU: 0 PID: 7484 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 937.734438] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 937.735377] Call Trace: [ 937.735684] dump_stack+0x107/0x167 [ 937.736104] should_fail.cold+0x5/0xa [ 937.736541] ? create_object.isra.0+0x3a/0xa20 [ 937.737067] should_failslab+0x5/0x20 [ 937.737495] kmem_cache_alloc+0x5b/0x310 [ 937.737955] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 937.738632] create_object.isra.0+0x3a/0xa20 [ 937.739125] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 937.739695] kmem_cache_alloc_trace+0x151/0x320 [ 937.740244] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 937.740882] io_uring_setup+0x14db/0x2a40 [ 937.741376] ? wait_for_completion_io+0x270/0x270 [ 937.741942] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 937.742544] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 937.743158] ? syscall_enter_from_user_mode+0x1d/0x50 [ 937.743762] do_syscall_64+0x33/0x40 [ 937.744197] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 937.744810] RIP: 0033:0x7fd4717f2b19 [ 937.745241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 937.747373] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 937.748243] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 937.749080] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 937.749889] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 937.750725] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 937.751565] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 937.752432] CPU: 1 PID: 7488 Comm: syz-executor.5 Not tainted 5.10.200 #1 [ 937.753847] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 937.755535] Call Trace: [ 937.756078] dump_stack+0x107/0x167 [ 937.756831] should_fail.cold+0x5/0xa [ 937.757609] ? create_object.isra.0+0x3a/0xa20 [ 937.758536] should_failslab+0x5/0x20 [ 937.759309] kmem_cache_alloc+0x5b/0x310 [ 937.760136] create_object.isra.0+0x3a/0xa20 [ 937.761045] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 937.762076] kmem_cache_alloc+0x159/0x310 [ 937.762925] __d_alloc+0x2a/0x990 [ 937.763635] d_alloc_pseudo+0x19/0x70 [ 937.764419] alloc_file_pseudo+0xce/0x250 [ 937.765284] ? alloc_file+0x5a0/0x5a0 [ 937.766071] ? ctx_sched_out+0xa00/0xa00 [ 937.766898] anon_inode_getfile+0xc8/0x1f0 [ 937.767769] __do_sys_perf_event_open+0xf6f/0x2d50 [ 937.768796] ? __mutex_unlock_slowpath+0xe1/0x600 [ 937.769780] ? perf_event_set_output+0x5b0/0x5b0 [ 937.770740] ? wait_for_completion_io+0x270/0x270 [ 937.771747] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 937.772836] ? syscall_enter_from_user_mode+0x1d/0x50 [ 937.773894] do_syscall_64+0x33/0x40 [ 937.774649] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 937.775695] RIP: 0033:0x7f101cfbbb19 [ 937.776458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 937.780190] RSP: 002b:00007f101a531188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 937.781728] RAX: ffffffffffffffda RBX: 00007f101d0cef60 RCX: 00007f101cfbbb19 [ 937.783163] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 937.784593] RBP: 00007f101a5311d0 R08: 0000000000000000 R09: 0000000000000000 [ 937.786045] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 937.787509] R13: 00007ffe25c0905f R14: 00007f101a531300 R15: 0000000000022000 03:39:08 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0xf, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 937.800478] FAULT_INJECTION: forcing a failure. [ 937.800478] name failslab, interval 1, probability 0, space 0, times 0 [ 937.802809] CPU: 1 PID: 7491 Comm: syz-executor.6 Not tainted 5.10.200 #1 [ 937.804223] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 937.805923] Call Trace: [ 937.806463] dump_stack+0x107/0x167 [ 937.807205] should_fail.cold+0x5/0xa [ 937.807981] ? create_object.isra.0+0x3a/0xa20 [ 937.808943] should_failslab+0x5/0x20 [ 937.809724] kmem_cache_alloc+0x5b/0x310 [ 937.810563] create_object.isra.0+0x3a/0xa20 [ 937.811465] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 937.812504] kmem_cache_alloc_trace+0x151/0x320 [ 937.813452] find_get_context+0x18d/0x9a0 [ 937.814285] ? security_perf_event_alloc+0x79/0xa0 [ 937.815290] ? ctx_sched_out+0xa00/0xa00 [ 937.816135] __do_sys_perf_event_open+0xee7/0x2d50 [ 937.817152] ? __mutex_unlock_slowpath+0xe1/0x600 [ 937.818132] ? perf_event_set_output+0x5b0/0x5b0 [ 937.819085] ? wait_for_completion_io+0x270/0x270 [ 937.820081] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 937.821147] ? syscall_enter_from_user_mode+0x1d/0x50 [ 937.822205] do_syscall_64+0x33/0x40 [ 937.822967] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 937.823995] RIP: 0033:0x7f53a8b8eb19 [ 937.824757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 937.828464] RSP: 002b:00007f53a60e3188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 937.830028] RAX: ffffffffffffffda RBX: 00007f53a8ca2020 RCX: 00007f53a8b8eb19 [ 937.831466] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 937.832921] RBP: 00007f53a60e31d0 R08: 0000000000000000 R09: 0000000000000000 [ 937.834355] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 937.835804] R13: 00007ffe5f64f26f R14: 00007f53a60e3300 R15: 0000000000022000 03:39:08 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x14, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:39:08 executing program 0: io_setup(0x2, &(0x7f0000000040)=0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2, {0x255890f9}}, './file0\x00'}) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r6, r5, 0x800, 0x0) close_range(r6, 0xffffffffffffffff, 0x0) io_submit(r0, 0x2, &(0x7f00000000c0)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x2, 0x81, r3, 0x0}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x400000000000, 0x0, 0x2, r6}]) 03:39:08 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x25, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:39:08 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 16) 03:39:08 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 10) [ 938.014659] FAULT_INJECTION: forcing a failure. [ 938.014659] name failslab, interval 1, probability 0, space 0, times 0 [ 938.017115] CPU: 1 PID: 7505 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 938.018493] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 938.020163] Call Trace: [ 938.020701] dump_stack+0x107/0x167 [ 938.021462] should_fail.cold+0x5/0xa [ 938.022230] ? create_object.isra.0+0x3a/0xa20 [ 938.023151] should_failslab+0x5/0x20 [ 938.023926] kmem_cache_alloc+0x5b/0x310 [ 938.024772] create_object.isra.0+0x3a/0xa20 [ 938.025662] kmemleak_alloc_percpu+0xa0/0x100 [ 938.026574] pcpu_alloc+0x4e2/0x1240 [ 938.027356] ? io_async_queue_proc+0x80/0x80 [ 938.028249] percpu_ref_init+0x31/0x3d0 [ 938.029090] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 938.030189] io_uring_setup+0x14db/0x2a40 [ 938.031046] ? wait_for_completion_io+0x270/0x270 [ 938.032021] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 938.033080] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 938.034141] ? syscall_enter_from_user_mode+0x1d/0x50 [ 938.035200] do_syscall_64+0x33/0x40 [ 938.035958] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 938.037026] RIP: 0033:0x7fd4717f2b19 [ 938.037782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 938.041561] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 938.043107] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 938.044533] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 938.045998] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 938.047437] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 938.048870] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 938.070653] FAULT_INJECTION: forcing a failure. [ 938.070653] name failslab, interval 1, probability 0, space 0, times 0 [ 938.071954] CPU: 0 PID: 7509 Comm: syz-executor.6 Not tainted 5.10.200 #1 [ 938.072705] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 938.073601] Call Trace: [ 938.073892] dump_stack+0x107/0x167 [ 938.074293] should_fail.cold+0x5/0xa [ 938.074705] ? __d_alloc+0x2a/0x990 [ 938.075110] should_failslab+0x5/0x20 [ 938.075521] kmem_cache_alloc+0x5b/0x310 [ 938.075973] __d_alloc+0x2a/0x990 [ 938.076357] d_alloc_pseudo+0x19/0x70 [ 938.076774] alloc_file_pseudo+0xce/0x250 [ 938.077225] ? alloc_file+0x5a0/0x5a0 [ 938.077653] ? ctx_sched_out+0xa00/0xa00 [ 938.078108] anon_inode_getfile+0xc8/0x1f0 [ 938.078580] __do_sys_perf_event_open+0xf6f/0x2d50 [ 938.079141] ? __mutex_unlock_slowpath+0xe1/0x600 [ 938.079690] ? perf_event_set_output+0x5b0/0x5b0 [ 938.080223] ? wait_for_completion_io+0x270/0x270 [ 938.080799] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 938.081384] ? syscall_enter_from_user_mode+0x1d/0x50 [ 938.081965] do_syscall_64+0x33/0x40 [ 938.082374] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 938.082957] RIP: 0033:0x7f53a8b8eb19 [ 938.083377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 938.085446] RSP: 002b:00007f53a6104188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 938.086354] RAX: ffffffffffffffda RBX: 00007f53a8ca1f60 RCX: 00007f53a8b8eb19 [ 938.087302] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 938.088129] RBP: 00007f53a61041d0 R08: 0000000000000000 R09: 0000000000000000 [ 938.088958] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 938.089776] R13: 00007ffe5f64f26f R14: 00007f53a6104300 R15: 0000000000022000 03:39:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0xc0, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:39:23 executing program 0: r0 = epoll_create(0x8000) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0x20000008}) readv(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/25, 0x19}, {&(0x7f0000000180)=""/98, 0x62}], 0x2) r2 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x1f012, r2, 0x0) epoll_wait(r0, &(0x7f0000000080)=[{}], 0x1, 0x0) pipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) epoll_wait(r3, &(0x7f0000000100)=[{}], 0x1, 0xde5e) 03:39:23 executing program 3: r0 = fork() pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) r3 = gettid() capset(&(0x7f0000000000)={0x19980330, r3}, &(0x7f0000000040)) sendmsg$nl_netfilter(r1, &(0x7f0000000880)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000840)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4c040000050301032dbd7000fddf25030000010800320000", @ANYRES32=r3, @ANYBLOB="0df52bf399153de11cee6ccf533bf6bfb9a5dd66cc71838ed89c9dab63d27db7e3718784039e625627a19f5662f3cb1458572970b13fc5900ecc72822bdee349730ea259c40bddbab32ff6fc3011574ec98d9c720303238004002700c1e21775ca926da399e5bbbe8b62d33f85c2200bb56d73132f6f7608457e759ad55e512f73ef251a927c0aec90706711b37ab4b8a64052b2ed9bc064245061bc693cc275b0f8215185a108f7e0d369cf727c164f491c096f58290fcb5ff42a3a6b93dd65ca161f5f6b348108da58fd4b1f83605830f3c26c67889daabfda217baba5c9eb2fe3361837dbc53e756427ccf412f1cb56a73474f1de5a59e871d19c1bd9e42f63c6b87d334f9e3e097a4a7ff87a83ca6e082553316ea2f453075125d896f86c098ef880e3313ae436e47c9db1baa2b3bde888a44c17f5f5d49a0484c4fdc97b3aef713830a828f2baa49cb62b4c9d585909fe10a154552d5dabe7bf5ee15a71f503ea062befc9f62bb0adac7e4d79161d72249039a9b5942f48c952f11a77e63cdece622eb35ae2cb85bde25c1e151a57c396d785b1d792d1002ebb8e9c05ab996cf5d418637675a4989e59d61f7d2331477bf844383791bd6a783c1bc0f9ba6af756f6f1186148b1d81c22886ee741a8cbfcbaa63717d5eb082d85352599d2af469bf532632cdd3659db19770aa5ba06832c3053c8c9f0ee2591bb095f727b4316914c94d5e534fd3cbdf183f967d27eead8facdcf41472b05c83e34d8b13405a98fb7274db246d2badebd57e13f4426d892c2e882fc1db5a604328a8d52e30ca6a56c03eb008d9e9a01dfe66aa7bec5732668e197980a6928aedb75f4f6b561e31e0b399fe42feb5ec1378113945a4df9f603214e55205eec43de87e390f54f6e1cf229a2d1a18d5dcfd52a1633daff738602247068f8166edcfa49886b63ed3a1a0d91937dcb43cae34645dfc0ad40503786af1424698d20bc16033983a60b77167f8b83f188330de9da6e5e3c708dfb1d0f2a4b96789401d325d67aaf3963cc59b1cc8d9149803722c05a37d397fdb29ba0ef52e651fc6bfcabaeb2e6569500c644e04038419a2a62888146a30abb860068c29ac853dd50ee2ee9da5842d646ed52a29f5bf98aaa9b604fdec583b032d2f27c32019e15d68e14008900fc01000000000000000000000000000108009500ac1414bb00d730d42fa76399aab5ea70301136dd9cf4ecb9b86444cf3e83de73a1d209f7d41cd5cc83d4ceba92676412c7c3a756658b274a0f19876b0ba89c78bcc80d1e24630c34b3549e0aebdcc1914ae502ccf075d83d38cece4d71ce89a46c00e4332e629d80aa93e1a73ce2393b3bbfe0d27c9e696f70ebb83c9c1197535981dbf28669ac93ebc469fc5c2c87cc35cc886d5a2997f419a31795729a4a0da14a3af9c67163742eb377a4f3ea1ee8526a3e80fb0032fc0521b87f735e04526c5e1c8b4b08af94861c7d4db3d713e90d5dc23eaacde02eaf44000000"], 0x44c}, 0x1, 0x0, 0x0, 0x4048000}, 0x4000040) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300)={0x0}, &(0x7f0000000340)=0xc) r5 = clone3(&(0x7f0000000280)={0x980300, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x9}, &(0x7f0000000140)=""/47, 0x2f, &(0x7f0000000180)=""/140, &(0x7f0000000240)=[r4], 0x1}, 0x58) ptrace(0x11, r5) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:39:23 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 11) 03:39:23 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 12) 03:39:23 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 17) 03:39:23 executing program 7: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mount$cgroup(0x0, 0x0, &(0x7f0000000100), 0x180010, 0x0) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x80}, 0x0, 0xffffffeffffffffe, 0xffffffffffffffff, 0x0) rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file2\x00') r0 = creat(&(0x7f0000000200)='./file1\x00', 0x2) chroot(&(0x7f0000000280)='./file2\x00') r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, r1) r3 = openat(r0, &(0x7f0000001a00)='./file1\x00', 0x42, 0x4) setxattr$security_selinux(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0), &(0x7f0000000600)='system_u:object_r:systemd_systemctl_exec_t:s0\x00', 0x2e, 0xbd0486275cc57ecd) renameat2(r0, &(0x7f0000000480)='./file0\x00', r3, &(0x7f0000000540)='./file3\x00', 0x6) io_setup(0x8, &(0x7f0000000640)=0x0) chroot(&(0x7f0000000440)='./file2\x00') io_submit(r4, 0x1, &(0x7f00000008c0)=[&(0x7f0000000200)={0x0, 0x0, 0x5, 0x0, 0x0, r3, 0x0}]) openat$incfs(r3, &(0x7f0000000300)='.pending_reads\x00', 0xc6000, 0x8) unlink(&(0x7f0000000340)='./file2\x00') stat(&(0x7f0000000380)='./file2\x00', &(0x7f00000003c0)) sendfile(r1, r2, 0x0, 0x100000001) 03:39:23 executing program 1: r0 = accept4$unix(0xffffffffffffffff, &(0x7f0000000000)=@abs, &(0x7f0000000080)=0x6e, 0x800) r1 = accept$unix(r0, &(0x7f00000000c0)=@abs, &(0x7f0000000140)=0x6e) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x82002, 0x0) r3 = openat(r2, &(0x7f00000001c0)='./file0\x00', 0x0, 0x88) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0xa27996b443bb370b, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, 0xee00}}, {@msize={'msize', 0x3d, 0x200000000000}}, {@mmap}, {@cache_loose}], [{@smackfshat={'smackfshat', 0x3d, '/dev/vcsu\x00'}}]}}) open_by_handle_at(r1, &(0x7f0000000340)=@fuse_with_parent={0x18, 0x82, {{0x1, 0xfffff96b, 0x7}, {0x0, 0x8, 0x4}}}, 0x24401) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000380)={{0x1, 0x1, 0x18, r2, {0x80000000}}, './file0\x00'}) syz_mount_image$tmpfs(&(0x7f00000003c0), &(0x7f0000000400)='./file0\x00', 0x5, 0x3, &(0x7f00000005c0)=[{&(0x7f0000000440)="4edccacf69eab99031c4665802707669396b2282a816d4a6b824f5f886624127592f98edc5557e9e95b50909f36f6c7efc45295bcce859c9614e132f1943013c3a8b48f1d2bb50484d2ec11a9c260a64d47f6b1f2d910679a7ed1f213a1716a44e5b6389a931e9649c0f8295914f0bc9aac4cd57757b0a8f2ae37a8d3ef4d5d794a0b9242c486de750a32901f55355c82691191e33711c5ddcde08dc320f8de148cd34bc49ada447f47e48bac8c636c77b499b16ea32e160540fac49188d56", 0xbf, 0x6d2d}, {&(0x7f0000000500)="6ba9a25dfff4c8d644f1b7e047bb1e152942c6d3610583cf44b14439b5b307308a1150c6572e7eeac2ea24f5", 0x2c}, {&(0x7f0000000540)="77c2c74a0398459c3c5d3b5da5899fcca94facad799633a93bda57803430db04e4d641495a39a4d3c4bd4624a9907e1bb3eece9a54972cc995728d5296e37868f3b7e004366354d0a7327dc5be96e26eebce8bef70b3036a0587acfeecbc08b0743b357865b77ecf8b8632a38b", 0x6d, 0x5295}], 0x30011, &(0x7f0000000640)={[{@nr_blocks={'nr_blocks', 0x3d, [0x67, 0x37, 0x67]}}, {@mode={'mode', 0x3d, 0xffffffffffffffc7}}, {@huge_never}], [{@hash}]}) openat(r4, &(0x7f0000000680)='./file0\x00', 0xa000, 0x0) r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000006c0), 0x408640, 0x0) r6 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r5, 0xc0189374, &(0x7f0000000700)={{0x1, 0x1, 0x18, r6, {0x1}}, './file0\x00'}) symlink(&(0x7f0000000740)='./file0\x00', &(0x7f0000000780)='./file0\x00') sendfile(r0, 0xffffffffffffffff, 0x0, 0x7) r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000800)={0x6, &(0x7f00000007c0)=[{0x800, 0xbb, 0xf, 0x8000}, {0x9, 0x7f, 0x5, 0x3}, {0x1, 0x1, 0x0, 0x800}, {0x98, 0x4, 0xee, 0x8}, {0x800, 0x4d, 0x9f, 0x4}, {0x100, 0x5, 0x9, 0x1}]}) write(r8, &(0x7f0000000840)="b2779c3e465c65a5e5143d6f3f168ea23b9c7acc18e2618a9877b419f8179db21fb572", 0x23) preadv(r7, &(0x7f00000018c0)=[{&(0x7f0000000880)=""/4096, 0x1000}, {&(0x7f0000001880)=""/13, 0xd}], 0x2, 0x5, 0xa05) read(r5, &(0x7f0000001900)=""/205, 0xcd) io_setup(0x401, &(0x7f0000001a00)=0x0) io_submit(r9, 0x2, &(0x7f0000001c40)=[&(0x7f0000001b40)={0x0, 0x0, 0x0, 0x4, 0x8, r2, &(0x7f0000001a40)="6dae7693ea49ba0c227dee1d8f58ed8f57c8182e54f8ec5a9eca14249671910c88dc9a6a3b2d817ba7dbbb495e3b10d98448250d11cc681e766848b90d3410355cf7afd6cf54022896dbfb874cd03d0128ca6a35ccb5c0e45a50849affbf78cbd2e6b1f7c7106ce2ed5d698a0580655796feede857c87c16eda14049a34e6828cfdb3ebb2353ea56e9e7179eff93c4386cc167c713879ce5cfc71221cae28c75ddaec599cbe4f561fcdc3ed390b39f2ddff21af9a8c34879b8d5ea12ffd4ad2c7fb0966c3da6e815f12cd9cdb42ccc7960d427cf01b1f1c3fc8a086bbf05cff8fa6f2c8684ee44f5f6592f33", 0xec, 0x9}, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x9d5c308efd0256a9, 0x1000, 0xffffffffffffffff, &(0x7f0000001b80)="99e083a25c88ad0472ac82a0945d5a4ce9e2ffec0fc1d0f496021eff2c653ff173934cbb48c678197330963821af3d8ffdba8eeafa4619bdb1d48aefa6335449e6f8365deca41dad5fde6a036cec80c1d144ddaf66599fb0e8dcd6c86bade498fe8bdc", 0x63, 0x3, 0x0, 0x2}]) [ 953.186996] FAULT_INJECTION: forcing a failure. [ 953.186996] name failslab, interval 1, probability 0, space 0, times 0 [ 953.187152] FAULT_INJECTION: forcing a failure. [ 953.187152] name failslab, interval 1, probability 0, space 0, times 0 [ 953.188357] CPU: 0 PID: 7536 Comm: syz-executor.6 Not tainted 5.10.200 #1 [ 953.188370] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 953.188376] Call Trace: [ 953.188396] dump_stack+0x107/0x167 [ 953.188423] should_fail.cold+0x5/0xa [ 953.188447] ? create_object.isra.0+0x3a/0xa20 [ 953.188480] should_failslab+0x5/0x20 [ 953.194447] kmem_cache_alloc+0x5b/0x310 [ 953.194932] create_object.isra.0+0x3a/0xa20 [ 953.195440] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 953.196032] kmem_cache_alloc+0x159/0x310 [ 953.196523] __d_alloc+0x2a/0x990 [ 953.196931] d_alloc_pseudo+0x19/0x70 [ 953.197380] alloc_file_pseudo+0xce/0x250 [ 953.197870] ? alloc_file+0x5a0/0x5a0 [ 953.198324] ? ctx_sched_out+0xa00/0xa00 [ 953.198808] anon_inode_getfile+0xc8/0x1f0 [ 953.199307] __do_sys_perf_event_open+0xf6f/0x2d50 [ 953.199889] ? __mutex_unlock_slowpath+0xe1/0x600 [ 953.200451] ? perf_event_set_output+0x5b0/0x5b0 [ 953.201016] ? wait_for_completion_io+0x270/0x270 [ 953.201593] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 953.202169] ? syscall_enter_from_user_mode+0x1d/0x50 [ 953.202742] do_syscall_64+0x33/0x40 [ 953.203160] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 953.203719] RIP: 0033:0x7f53a8b8eb19 [ 953.204132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 953.206126] RSP: 002b:00007f53a6104188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 953.206990] RAX: ffffffffffffffda RBX: 00007f53a8ca1f60 RCX: 00007f53a8b8eb19 [ 953.207795] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 953.208598] RBP: 00007f53a61041d0 R08: 0000000000000000 R09: 0000000000000000 [ 953.209439] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 953.210251] R13: 00007ffe5f64f26f R14: 00007f53a6104300 R15: 0000000000022000 [ 953.211095] CPU: 1 PID: 7534 Comm: syz-executor.5 Not tainted 5.10.200 #1 [ 953.212494] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 953.214189] Call Trace: [ 953.214728] dump_stack+0x107/0x167 [ 953.215470] should_fail.cold+0x5/0xa [ 953.216249] ? __alloc_file+0x21/0x320 [ 953.217049] ? __alloc_file+0x21/0x320 [ 953.217842] should_failslab+0x5/0x20 [ 953.218618] kmem_cache_alloc+0x5b/0x310 [ 953.219461] __alloc_file+0x21/0x320 [ 953.220241] alloc_empty_file+0x6d/0x170 [ 953.221086] alloc_file+0x5e/0x5a0 [ 953.221814] alloc_file_pseudo+0x16a/0x250 [ 953.222673] ? alloc_file+0x5a0/0x5a0 [ 953.223457] ? ctx_sched_out+0xa00/0xa00 [ 953.224290] anon_inode_getfile+0xc8/0x1f0 [ 953.225175] __do_sys_perf_event_open+0xf6f/0x2d50 [ 953.226183] ? __mutex_unlock_slowpath+0xe1/0x600 [ 953.227164] ? perf_event_set_output+0x5b0/0x5b0 [ 953.228124] ? wait_for_completion_io+0x270/0x270 [ 953.229156] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 953.230215] ? syscall_enter_from_user_mode+0x1d/0x50 [ 953.231264] do_syscall_64+0x33/0x40 [ 953.232022] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 953.233077] RIP: 0033:0x7f101cfbbb19 [ 953.233828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 953.237548] RSP: 002b:00007f101a531188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 953.239104] RAX: ffffffffffffffda RBX: 00007f101d0cef60 RCX: 00007f101cfbbb19 [ 953.240538] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 953.241983] RBP: 00007f101a5311d0 R08: 0000000000000000 R09: 0000000000000000 [ 953.243416] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 953.244854] R13: 00007ffe25c0905f R14: 00007f101a531300 R15: 0000000000022000 [ 953.307894] FAULT_INJECTION: forcing a failure. 03:39:23 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 13) [ 953.307894] name failslab, interval 1, probability 0, space 0, times 0 [ 953.310854] CPU: 1 PID: 7535 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 953.312239] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 953.313926] Call Trace: [ 953.314471] dump_stack+0x107/0x167 [ 953.315218] should_fail.cold+0x5/0xa [ 953.315998] ? create_object.isra.0+0x3a/0xa20 [ 953.316955] should_failslab+0x5/0x20 [ 953.317724] kmem_cache_alloc+0x5b/0x310 [ 953.318550] create_object.isra.0+0x3a/0xa20 [ 953.319450] kmemleak_alloc_percpu+0xa0/0x100 [ 953.320374] pcpu_alloc+0x4e2/0x1240 [ 953.321171] ? io_async_queue_proc+0x80/0x80 [ 953.322071] percpu_ref_init+0x31/0x3d0 [ 953.322879] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 953.324000] io_uring_setup+0x14db/0x2a40 [ 953.324842] ? wait_for_completion_io+0x270/0x270 [ 953.325837] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 953.326886] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 953.327952] ? syscall_enter_from_user_mode+0x1d/0x50 [ 953.329037] do_syscall_64+0x33/0x40 [ 953.329794] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 953.330847] RIP: 0033:0x7fd4717f2b19 [ 953.331618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 953.335370] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 953.336903] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 953.338343] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 953.339778] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 953.341240] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 953.342674] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:39:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0xec0, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 953.406306] FAULT_INJECTION: forcing a failure. [ 953.406306] name failslab, interval 1, probability 0, space 0, times 0 [ 953.408810] CPU: 1 PID: 7545 Comm: syz-executor.5 Not tainted 5.10.200 #1 [ 953.410238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 953.411923] Call Trace: 03:39:23 executing program 1: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000080)={0x0, r0, 0x0, 0x0, 0x0, 0xa6219d3}) r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) fadvise64(r2, 0x0, 0x0, 0x4) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000001940)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001880)=[@hopopts_2292={{0x11}}, @hopopts_2292={{0x18}}], 0x30}}], 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000140)={{0x1, 0x1, 0x18, r3, {0xffffffff}}, './file0\x00'}) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001280)=@updsa={0x158, 0x10, 0x1, 0x0, 0x0, {{@in6=@mcast2, @in6=@private0}, {@in=@private=0xa010101, 0x0, 0x32}, @in=@multicast1, {0x0, 0x5, 0x0, 0x0, 0x0, 0x8}, {}, {}, 0x0, 0x0, 0xa}, [@algo_aead={0x67, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xd8, 0x40, "976ae46d07d1812fd0664e95dee18314b91df2e10ff98153074f6a"}}]}, 0x158}}, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) openat(r1, &(0x7f0000000040)='.\x00', 0x480000, 0x189) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'lo\x00', 0x0}) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000000)={@local, r5}, 0x14) bind$packet(0xffffffffffffffff, &(0x7f0000001fc0)={0x11, 0x1a, r5, 0x1, 0x81, 0x6, @local}, 0x14) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000400)=ANY=[@ANYBLOB="0100000001002000180000004374e792b6b6dd0c38274e10ee8726e7aee12b33618e4c11db7b8f00000000c876e7aded52c810f7999e31e89ba77fc7d14619a87dbece8f31929170556720c3f3f05e028233039c9affa575a95234bc20b171d99b530c11bb8bb1826d58163930a372e6ee722ff54119e0a13800000000db4c76fa710c3b9db736b61095439642363db3524d4608d2a922351b0ff75e388376812fc42b0965160ff30950975b238fea9317dfedfc2fb831928de2cc3607", @ANYRES32=r0]) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmmsg$inet(r6, &(0x7f0000002040)=[{{&(0x7f0000000380)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f00000003c0)="db9c", 0xffe7}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000000000007000000c4040701000000001c000000000000ac105977c32000000000000083649c42a01cb529baa49c1e4cf80df3bc38d7c6cd6b9c9c22246ea75fe4822968e02e7720480d5e15f5f7cd0fc29ef76676c52b83b0ac05d58f17102dde4e86f4b6d3b9a9c130", @ANYRES32], 0x38}}], 0x1, 0x0) [ 953.412461] dump_stack+0x107/0x167 [ 953.413446] should_fail.cold+0x5/0xa [ 953.414228] ? create_object.isra.0+0x3a/0xa20 [ 953.415172] should_failslab+0x5/0x20 [ 953.415944] kmem_cache_alloc+0x5b/0x310 [ 953.416770] create_object.isra.0+0x3a/0xa20 [ 953.417694] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 953.418736] kmem_cache_alloc+0x159/0x310 [ 953.419589] __alloc_file+0x21/0x320 [ 953.420343] alloc_empty_file+0x6d/0x170 [ 953.421190] alloc_file+0x5e/0x5a0 [ 953.421922] alloc_file_pseudo+0x16a/0x250 03:39:23 executing program 0: pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x80100, 0x0) dup3(r3, r2, 0x80000) close_range(r1, 0xffffffffffffffff, 0x0) syz_mount_image$nfs4(&(0x7f0000002f40), &(0x7f0000002f80)='./file0\x00', 0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYRES16=r2]) [ 953.422777] ? alloc_file+0x5a0/0x5a0 [ 953.423701] ? ctx_sched_out+0xa00/0xa00 [ 953.424534] anon_inode_getfile+0xc8/0x1f0 [ 953.425408] __do_sys_perf_event_open+0xf6f/0x2d50 [ 953.426408] ? __mutex_unlock_slowpath+0xe1/0x600 [ 953.427378] ? perf_event_set_output+0x5b0/0x5b0 [ 953.428328] ? wait_for_completion_io+0x270/0x270 [ 953.429332] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 953.430387] ? syscall_enter_from_user_mode+0x1d/0x50 03:39:23 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 12) [ 953.431516] do_syscall_64+0x33/0x40 [ 953.432328] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 953.433388] RIP: 0033:0x7f101cfbbb19 03:39:23 executing program 7: ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000080)=0x2) getpgid(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$inet6_MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, &(0x7f0000000180)={{0xa, 0x0, 0x3, @mcast2}, {0xa, 0x4e20, 0x80, @private2}, 0x0, [0xb95, 0x81, 0x2, 0x6, 0x9, 0x0, 0x2, 0x5]}, 0x5c) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000140)={0x0, 0x9, "e35957"}) ioctl$sock_bt_hci(r1, 0x800448d2, &(0x7f0000000080)) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000f0000200", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000280)=0x1) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ptrace(0x10, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) ioctl$PIO_CMAP(r3, 0x4b71, &(0x7f0000000380)={0x400, 0x45, 0x7, 0x85, 0xf82, 0x8}) waitid(0x0, 0x0, &(0x7f0000000300), 0x41000004, &(0x7f0000000540)) wait4(0x0, &(0x7f0000000100), 0x40000000, &(0x7f00000003c0)) clone3(&(0x7f0000000200)={0x44004100, 0x0, &(0x7f00000000c0), 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 953.434148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 953.438039] RSP: 002b:00007f101a531188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 953.439593] RAX: ffffffffffffffda RBX: 00007f101d0cef60 RCX: 00007f101cfbbb19 [ 953.441057] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 953.442509] RBP: 00007f101a5311d0 R08: 0000000000000000 R09: 0000000000000000 [ 953.443960] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 953.445421] R13: 00007ffe25c0905f R14: 00007f101a531300 R15: 0000000000022000 [ 953.509109] FAULT_INJECTION: forcing a failure. [ 953.509109] name failslab, interval 1, probability 0, space 0, times 0 [ 953.511572] CPU: 0 PID: 7554 Comm: syz-executor.6 Not tainted 5.10.200 #1 [ 953.512996] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 953.514671] Call Trace: [ 953.515213] dump_stack+0x107/0x167 [ 953.515958] should_fail.cold+0x5/0xa [ 953.516737] ? __alloc_file+0x21/0x320 [ 953.517535] should_failslab+0x5/0x20 [ 953.518310] kmem_cache_alloc+0x5b/0x310 [ 953.519145] __alloc_file+0x21/0x320 [ 953.519905] alloc_empty_file+0x6d/0x170 [ 953.520735] alloc_file+0x5e/0x5a0 [ 953.521486] alloc_file_pseudo+0x16a/0x250 [ 953.522361] ? alloc_file+0x5a0/0x5a0 [ 953.523160] ? ctx_sched_out+0xa00/0xa00 [ 953.523997] anon_inode_getfile+0xc8/0x1f0 [ 953.524862] __do_sys_perf_event_open+0xf6f/0x2d50 [ 953.525890] ? __mutex_unlock_slowpath+0xe1/0x600 [ 953.526877] ? perf_event_set_output+0x5b0/0x5b0 [ 953.527834] ? wait_for_completion_io+0x270/0x270 [ 953.528835] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 953.529905] ? syscall_enter_from_user_mode+0x1d/0x50 [ 953.530968] do_syscall_64+0x33/0x40 [ 953.531727] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 953.532776] RIP: 0033:0x7f53a8b8eb19 [ 953.533541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 953.537302] RSP: 002b:00007f53a6104188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 953.538861] RAX: ffffffffffffffda RBX: 00007f53a8ca1f60 RCX: 00007f53a8b8eb19 [ 953.540315] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 953.541773] RBP: 00007f53a61041d0 R08: 0000000000000000 R09: 0000000000000000 [ 953.543241] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 953.544682] R13: 00007ffe5f64f26f R14: 00007f53a6104300 R15: 0000000000022000 [ 953.556535] nfs4: Unknown parameter '' 03:39:23 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 18) 03:39:23 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x33fe0, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 953.573137] nfs4: Unknown parameter '' [ 953.618683] FAULT_INJECTION: forcing a failure. [ 953.618683] name failslab, interval 1, probability 0, space 0, times 0 [ 953.621131] CPU: 0 PID: 7561 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 953.622527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 953.624223] Call Trace: [ 953.624769] dump_stack+0x107/0x167 [ 953.625520] should_fail.cold+0x5/0xa [ 953.626305] ? percpu_ref_init+0xd8/0x3d0 [ 953.627156] should_failslab+0x5/0x20 [ 953.627929] kmem_cache_alloc_trace+0x55/0x320 [ 953.628860] ? io_async_queue_proc+0x80/0x80 [ 953.629761] percpu_ref_init+0xd8/0x3d0 [ 953.630570] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 953.631676] io_uring_setup+0x14db/0x2a40 [ 953.632545] ? wait_for_completion_io+0x270/0x270 [ 953.633551] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 953.634619] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 953.635683] ? syscall_enter_from_user_mode+0x1d/0x50 [ 953.636731] do_syscall_64+0x33/0x40 [ 953.637497] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 953.638545] RIP: 0033:0x7fd4717f2b19 [ 953.639315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 953.643048] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 953.644614] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 953.646082] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 953.647537] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 953.648994] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 953.650432] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:39:24 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20000020, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:39:24 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 14) [ 953.706082] FAULT_INJECTION: forcing a failure. [ 953.706082] name failslab, interval 1, probability 0, space 0, times 0 [ 953.708451] CPU: 1 PID: 7569 Comm: syz-executor.5 Not tainted 5.10.200 #1 [ 953.709855] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 953.711531] Call Trace: [ 953.712081] dump_stack+0x107/0x167 [ 953.712827] should_fail.cold+0x5/0xa [ 953.713612] ? security_file_alloc+0x34/0x170 [ 953.714531] should_failslab+0x5/0x20 [ 953.715305] kmem_cache_alloc+0x5b/0x310 [ 953.716130] security_file_alloc+0x34/0x170 [ 953.717015] __alloc_file+0xb6/0x320 [ 953.717776] alloc_empty_file+0x6d/0x170 [ 953.718609] alloc_file+0x5e/0x5a0 [ 953.719341] alloc_file_pseudo+0x16a/0x250 [ 953.720195] ? alloc_file+0x5a0/0x5a0 [ 953.721001] ? ctx_sched_out+0xa00/0xa00 [ 953.721836] anon_inode_getfile+0xc8/0x1f0 [ 953.722704] __do_sys_perf_event_open+0xf6f/0x2d50 [ 953.723720] ? __mutex_unlock_slowpath+0xe1/0x600 [ 953.724711] ? perf_event_set_output+0x5b0/0x5b0 [ 953.725678] ? wait_for_completion_io+0x270/0x270 [ 953.726691] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 953.727775] ? syscall_enter_from_user_mode+0x1d/0x50 [ 953.728823] do_syscall_64+0x33/0x40 [ 953.729598] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 953.730648] RIP: 0033:0x7f101cfbbb19 [ 953.731426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 953.735212] RSP: 002b:00007f101a531188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 953.736773] RAX: ffffffffffffffda RBX: 00007f101d0cef60 RCX: 00007f101cfbbb19 [ 953.738218] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 953.739681] RBP: 00007f101a5311d0 R08: 0000000000000000 R09: 0000000000000000 [ 953.741303] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 953.742759] R13: 00007ffe25c0905f R14: 00007f101a531300 R15: 0000000000022000 03:39:38 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 13) 03:39:38 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 15) 03:39:38 executing program 3: r0 = fork() pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) r3 = gettid() capset(&(0x7f0000000000)={0x19980330, r3}, &(0x7f0000000040)) sendmsg$nl_netfilter(r1, &(0x7f0000000880)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000840)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4c040000050301032dbd7000fddf25030000010800320000", @ANYRES32=r3, @ANYBLOB="0df52bf399153de11cee6ccf533bf6bfb9a5dd66cc71838ed89c9dab63d27db7e3718784039e625627a19f5662f3cb1458572970b13fc5900ecc72822bdee349730ea259c40bddbab32ff6fc3011574ec98d9c720303238004002700c1e21775ca926da399e5bbbe8b62d33f85c2200bb56d73132f6f7608457e759ad55e512f73ef251a927c0aec90706711b37ab4b8a64052b2ed9bc064245061bc693cc275b0f8215185a108f7e0d369cf727c164f491c096f58290fcb5ff42a3a6b93dd65ca161f5f6b348108da58fd4b1f83605830f3c26c67889daabfda217baba5c9eb2fe3361837dbc53e756427ccf412f1cb56a73474f1de5a59e871d19c1bd9e42f63c6b87d334f9e3e097a4a7ff87a83ca6e082553316ea2f453075125d896f86c098ef880e3313ae436e47c9db1baa2b3bde888a44c17f5f5d49a0484c4fdc97b3aef713830a828f2baa49cb62b4c9d585909fe10a154552d5dabe7bf5ee15a71f503ea062befc9f62bb0adac7e4d79161d72249039a9b5942f48c952f11a77e63cdece622eb35ae2cb85bde25c1e151a57c396d785b1d792d1002ebb8e9c05ab996cf5d418637675a4989e59d61f7d2331477bf844383791bd6a783c1bc0f9ba6af756f6f1186148b1d81c22886ee741a8cbfcbaa63717d5eb082d85352599d2af469bf532632cdd3659db19770aa5ba06832c3053c8c9f0ee2591bb095f727b4316914c94d5e534fd3cbdf183f967d27eead8facdcf41472b05c83e34d8b13405a98fb7274db246d2badebd57e13f4426d892c2e882fc1db5a604328a8d52e30ca6a56c03eb008d9e9a01dfe66aa7bec5732668e197980a6928aedb75f4f6b561e31e0b399fe42feb5ec1378113945a4df9f603214e55205eec43de87e390f54f6e1cf229a2d1a18d5dcfd52a1633daff738602247068f8166edcfa49886b63ed3a1a0d91937dcb43cae34645dfc0ad40503786af1424698d20bc16033983a60b77167f8b83f188330de9da6e5e3c708dfb1d0f2a4b96789401d325d67aaf3963cc59b1cc8d9149803722c05a37d397fdb29ba0ef52e651fc6bfcabaeb2e6569500c644e04038419a2a62888146a30abb860068c29ac853dd50ee2ee9da5842d646ed52a29f5bf98aaa9b604fdec583b032d2f27c32019e15d68e14008900fc01000000000000000000000000000108009500ac1414bb00d730d42fa76399aab5ea70301136dd9cf4ecb9b86444cf3e83de73a1d209f7d41cd5cc83d4ceba92676412c7c3a756658b274a0f19876b0ba89c78bcc80d1e24630c34b3549e0aebdcc1914ae502ccf075d83d38cece4d71ce89a46c00e4332e629d80aa93e1a73ce2393b3bbfe0d27c9e696f70ebb83c9c1197535981dbf28669ac93ebc469fc5c2c87cc35cc886d5a2997f419a31795729a4a0da14a3af9c67163742eb377a4f3ea1ee8526a3e80fb0032fc0521b87f735e04526c5e1c8b4b08af94861c7d4db3d713e90d5dc23eaacde02eaf44000000"], 0x44c}, 0x1, 0x0, 0x0, 0x4048000}, 0x4000040) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300)={0x0}, &(0x7f0000000340)=0xc) clone3(&(0x7f0000000280)={0x980300, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), {0x9}, &(0x7f0000000140)=""/47, 0x2f, &(0x7f0000000180)=""/140, &(0x7f0000000240)=[r4], 0x1}, 0x58) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:39:38 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 19) 03:39:38 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x7ffff000, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:39:38 executing program 7: creat(&(0x7f0000001340)='./file1\x00', 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r0, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000200)=0xc) write$binfmt_elf64(r2, &(0x7f0000000280)=ANY=[], 0xfdef) ioctl$BTRFS_IOC_QGROUP_ASSIGN(0xffffffffffffffff, 0x40189429, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000080)="5c03c8b801f098720be1a0939cba80001e54ca1b89e060c72664e4e4345313484f661d367a499955de9b9a638b2c14a88e443a7d3c5b4ce453a108d0f12889b29c2ff887e11579623ebd970cc6c87ccc40ae49e747328a966ea363afa0ce2f71bd86a88209569b46dba8cabf829efefae6a880bdbc6eaf3cf5fc13485b9abe9f57f6918b14d5337ffa0d11168d95d226f8674ef0fc207b8108536eb17a546c761dfe7e21bdc8072b829dad3525454a771ae749b21e4568938d83bbd73990100739007fa12892dc19d0f896b228a979e4753873cdf6", 0xd5, 0x2) syz_io_uring_complete(r1) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000300), 0x400000, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, r3) sendmsg$nl_generic(r4, 0x0, 0x0) read$hidraw(0xffffffffffffffff, &(0x7f0000000340)=""/4096, 0x1000) tee(0xffffffffffffffff, 0xffffffffffffffff, 0xfff, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x1, 0x0, 0x401, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x400}, 0x0, 0xffdfffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 03:39:38 executing program 0: ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000340)=ANY=[@ANYBLOB="010000020000000018000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) openat$zero(0xffffffffffffff9c, &(0x7f0000000300), 0x90101, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x248e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) utimes(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={{}, {0x77359400}}) mount$cgroup(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)={[{@subsystem='freezer'}]}) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000002c0)=ANY=[@ANYBLOB="010000000100000018001b00", @ANYRES32, @ANYBLOB="04000000000000002e2f66696c653000"]) r0 = socket$inet(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @local}, {0x0, @link_local}, 0x28, {0x2, 0x0, @empty}}) bind(0xffffffffffffffff, &(0x7f00000004c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x3, 0x6, 0x3, 0x0, {0xa, 0x4e20, 0x800, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3}}}, 0x80) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x7, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x800, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x9, 0x7) tee(r3, r2, 0x800, 0x0) splice(r1, &(0x7f0000000140)=0x2000000000000, r2, &(0x7f0000000200)=0x3, 0x616b0ba7, 0x0) mq_open(&(0x7f0000005c00)='-@\x00', 0x0, 0x0, 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000001c00)) mount$cgroup(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), 0x2812020, &(0x7f0000000400)={[{@name={'name', 0x3d, '/dev/snapshot\x00'}}, {@cpuset_v2_mode}, {}, {@none}, {@cpuset_v2_mode}, {@xattr}, {@noprefix}, {@clone_children}, {@subsystem='hugetlb'}], [{@fsname={'fsname', 0x3d, '/dev/zero\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '.(+-^'}}, {@obj_role={'obj_role', 0x3d, '^('}}]}) 03:39:38 executing program 1: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x14, 0x1b, 0xc21, 0x0, 0x0, {0x2, 0x0, 0x2}}, 0x14}}, 0x0) syz_open_dev$vcsn(&(0x7f0000000080), 0x7e, 0x0) [ 968.210186] FAULT_INJECTION: forcing a failure. [ 968.210186] name failslab, interval 1, probability 0, space 0, times 0 [ 968.212188] FAULT_INJECTION: forcing a failure. [ 968.212188] name failslab, interval 1, probability 0, space 0, times 0 [ 968.212539] CPU: 1 PID: 7580 Comm: syz-executor.6 Not tainted 5.10.200 #1 [ 968.216125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 968.217820] Call Trace: [ 968.218355] dump_stack+0x107/0x167 [ 968.219099] should_fail.cold+0x5/0xa [ 968.219870] ? create_object.isra.0+0x3a/0xa20 [ 968.220803] should_failslab+0x5/0x20 [ 968.221583] kmem_cache_alloc+0x5b/0x310 [ 968.222418] create_object.isra.0+0x3a/0xa20 [ 968.223309] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 968.224340] kmem_cache_alloc+0x159/0x310 [ 968.225214] __alloc_file+0x21/0x320 [ 968.225974] alloc_empty_file+0x6d/0x170 [ 968.226802] alloc_file+0x5e/0x5a0 [ 968.227529] alloc_file_pseudo+0x16a/0x250 [ 968.228392] ? alloc_file+0x5a0/0x5a0 [ 968.229194] ? ctx_sched_out+0xa00/0xa00 [ 968.230023] anon_inode_getfile+0xc8/0x1f0 [ 968.230888] __do_sys_perf_event_open+0xf6f/0x2d50 [ 968.231899] ? __mutex_unlock_slowpath+0xe1/0x600 [ 968.232877] ? perf_event_set_output+0x5b0/0x5b0 [ 968.233842] ? wait_for_completion_io+0x270/0x270 [ 968.234861] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 968.235942] ? syscall_enter_from_user_mode+0x1d/0x50 [ 968.237002] do_syscall_64+0x33/0x40 [ 968.237778] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 968.238825] RIP: 0033:0x7f53a8b8eb19 [ 968.239581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 968.243325] RSP: 002b:00007f53a6104188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 968.244828] RAX: ffffffffffffffda RBX: 00007f53a8ca1f60 RCX: 00007f53a8b8eb19 [ 968.246291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 968.247722] RBP: 00007f53a61041d0 R08: 0000000000000000 R09: 0000000000000000 [ 968.249170] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 968.250606] R13: 00007ffe5f64f26f R14: 00007f53a6104300 R15: 0000000000022000 [ 968.252081] CPU: 0 PID: 7589 Comm: syz-executor.5 Not tainted 5.10.200 #1 [ 968.253481] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 968.255170] Call Trace: [ 968.255730] dump_stack+0x107/0x167 [ 968.256487] should_fail.cold+0x5/0xa [ 968.257286] ? create_object.isra.0+0x3a/0xa20 [ 968.258231] should_failslab+0x5/0x20 [ 968.259006] kmem_cache_alloc+0x5b/0x310 [ 968.259840] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 968.260965] create_object.isra.0+0x3a/0xa20 [ 968.261872] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 968.262921] kmem_cache_alloc+0x159/0x310 [ 968.263784] security_file_alloc+0x34/0x170 [ 968.264675] __alloc_file+0xb6/0x320 [ 968.265462] alloc_empty_file+0x6d/0x170 [ 968.266305] alloc_file+0x5e/0x5a0 [ 968.267050] alloc_file_pseudo+0x16a/0x250 [ 968.267929] ? alloc_file+0x5a0/0x5a0 [ 968.268721] ? ctx_sched_out+0xa00/0xa00 [ 968.269575] anon_inode_getfile+0xc8/0x1f0 [ 968.270451] __do_sys_perf_event_open+0xf6f/0x2d50 [ 968.271466] ? __mutex_unlock_slowpath+0xe1/0x600 [ 968.272457] ? perf_event_set_output+0x5b0/0x5b0 [ 968.273441] ? wait_for_completion_io+0x270/0x270 [ 968.274464] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 968.275541] ? syscall_enter_from_user_mode+0x1d/0x50 [ 968.276609] do_syscall_64+0x33/0x40 [ 968.277391] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 968.278445] RIP: 0033:0x7f101cfbbb19 [ 968.279220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 968.282994] RSP: 002b:00007f101a531188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 968.284558] RAX: ffffffffffffffda RBX: 00007f101d0cef60 RCX: 00007f101cfbbb19 [ 968.286025] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 968.287484] RBP: 00007f101a5311d0 R08: 0000000000000000 R09: 0000000000000000 [ 968.288965] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 968.290440] R13: 00007ffe25c0905f R14: 00007f101a531300 R15: 0000000000022000 03:39:38 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0xfffffdef, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 968.304630] FAULT_INJECTION: forcing a failure. [ 968.304630] name failslab, interval 1, probability 0, space 0, times 0 [ 968.306955] CPU: 0 PID: 7588 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 968.308338] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 968.310272] Call Trace: [ 968.310818] dump_stack+0x107/0x167 [ 968.311554] should_fail.cold+0x5/0xa [ 968.312319] ? create_object.isra.0+0x3a/0xa20 [ 968.313256] should_failslab+0x5/0x20 [ 968.314022] kmem_cache_alloc+0x5b/0x310 [ 968.314858] create_object.isra.0+0x3a/0xa20 [ 968.315756] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 968.316799] kmem_cache_alloc_trace+0x151/0x320 [ 968.317772] ? io_async_queue_proc+0x80/0x80 [ 968.318672] percpu_ref_init+0xd8/0x3d0 [ 968.319494] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 968.320603] io_uring_setup+0x14db/0x2a40 [ 968.321473] ? wait_for_completion_io+0x270/0x270 [ 968.322459] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 968.323501] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 968.324567] ? syscall_enter_from_user_mode+0x1d/0x50 [ 968.325618] do_syscall_64+0x33/0x40 [ 968.326381] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 968.327411] RIP: 0033:0x7fd4717f2b19 [ 968.328172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 968.331905] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 968.333474] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 968.334913] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 968.336347] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 968.337802] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 968.339237] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:39:38 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0xf, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 968.412607] cgroup: Invalid name 03:39:38 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 20) 03:39:38 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 16) 03:39:38 executing program 7: syz_emit_ethernet(0x51, &(0x7f0000000080)={@multicast, @remote, @void, {@ipv4={0x800, @udp={{0xd, 0x4, 0x0, 0x0, 0x43, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback, @multicast2, {[@timestamp_prespec={0x44, 0x1c, 0x0, 0x3, 0x0, [{@private}, {@local}, {@multicast1}]}, @rr={0x7, 0x3}]}}, {0x0, 0x0, 0xf, 0x0, @opaque="5b28232befcc72"}}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x8401, 0x0) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) write$tun(r1, &(0x7f0000000100)={@void, @void, @mpls={[{0x6}], @generic="08a5f0be340aaef4d12476d6ac0a0ce93375233e476b537f4b99d38c755676390a9c4c04630bd998cb8dcfad156f0e1df92c09df14673747b2afa5ccd65d4eda96d56c635e9f4990a00eda11651bffafe40876992a78b09383f66fe3f160f8555a73fae931167826209db4467c8d08f5c7eb900eb5a64d5556ad662296833697e90bf240f856103e7710e4932b3ef48a70a7b5b0b1e06cbddfaa2cb6f192c5e3f5f8d99b28957bc624ae03f16f10c0e78ae03b2b69d4f7b70928ecefdcea0536e1f0ae44edd8e6"}}, 0xcb) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f00000000c0)={'ipvlan1\x00'}) write$tun(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="00000000000000000000602eb1cb02532f00fe800000000000000000000000000000ff0200000000000000000000000000010009000000000000c204000000018000000000000000000000000035e5dba98930ef3a3494048564ff874ebe7ce7b7b339ef302f4d5b7a8dcf75cbf76b14c32e83cad76cf7f552508f1eb78f5efe24f344000000000000000420880b00420000000000002e4f9446cc8c6ae8060bf7b068ed093e5ee73e5665f4cf29337e1c341d8191132eb1e7582259bceed710471fc22ebdeb56d3d91d0d2184e8f97c51b4a257dae65fea0000080000005b7fa3ebef2d32f853813a49fcaea5cd257696b2e75f7f5ecabdd90e01000100000000009936c17620b48ae336195aca6136cfd990793584c9feaf56fd28a497196161ca9fe89928ede28a08d36116c6ab03894cb26649d252a10bfa539d99652de489dbcd636eab14bbbefdc3ce53b03668d5319dd139d1cc608c0b6db7970d9cd44bc5000086dd000000000000c89ced2c5a8924d07a8c1658abda04172f10f18d95cc3e8dd438e8fdd25f0b89199ea8f68b0728e4a5de88733b61c3dd2dbe6b94115e3914f7061f9bd168f0780c403e2228b0b56dcb4c27940870680846acaf2e6e3462980163660249fa64b0c4937cbdd14879a72399a1a6342fec2221a1afdd06ddc17def26ebc92ebf0fb7778c5a67e6a183c1012cb5b07216d5adb7c98de33d2d79f9e0cb71dbf66b61d60f2c3e2f16cd2978c80deec6b5caad84080088be00000000100000000100000000000000080022eb000000002000000002000000000000000000000008cbc7891447604afbe3fc7c3f4aa77900655800000000fe06be8846c3ca04f4260fc75e1eac7c42469b66685dd3000000000000000000000000000000b9213a4990aff43a2d90ab32d26f5acbfc6343119bc7c547e8d7c9f79efdfa6dcee0f13faa1adf229f7b352430c34cb1cb96a30130d150aa85e9822274452fbff6a97d8481219f570e9f742953507b087d54a4f6ebda4af24f83346b8db3a5034efd06c63744730d6bf5ff565331d5b4c031a7a4efb6beed89ed682fed114c8b1ef38a175ffdccfdc0704b15807121b536585fd037961af100963701e2ef4ee2b9954049a0285f2f5ecf19930e068781399962d512c121d868e012cf78e0d41f5c40b786e8fb01c644b58f943f"], 0x285) 03:39:38 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 14) 03:39:38 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0xd5884b98eddc93b4) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) pwrite64(r3, &(0x7f00000003c0)="42b416e9abc3843f1cd3548f1a4d1b7a17a02477ba26af00e0aceb8db45f77b32f0f7dc8b734fc0cca661eb0b902e275f8701d334b4772340b0b84b8e58448004c6b46f363465d50bbf3fdd95a201482ddac3fc4d7687e11b01edfb12dea514a52fe1114dfb0db13e7ee7b02ed9bb111b6decf7092611c050b67c41a0c6f1ddd679dce79269dccbb424799e883d50da97458bdaf55e7af25e790630668ab87081f9742522441d66fffd3626d3a157c0b7d5c6c60c2b0b382e258262aa3042aac30e5fc646f2847cdbc73af89f72ef9ffdcd977d816bea936d3041bb9fafbc759d63a66b7af8a7debd5113f5a117c94b1999971f84b73dfd9f33a625360308188daf3b8c6b61941a64e82d977245fccbd614a606fed79ef1078cbc19a9051404461ace05a1573a02159be5f1ab89b9cb9f9437be19bea8d10c62996478d1ef43d5e78b6d4daae8e567b1f10a7e3405940be50bd441f18d5916e25cd6b63c16378ba01870946f6da077110a7f54532d72f6ccc7ec1c385a734c46d166eaf2c499304c22b9a941c9e9ff47113346e31e2f1b393d490052a72e9fab58afeffb178adc24545ecbb034970ea988ea5b979f254802db2586f21430167a19d123057689a74837e682407345f1616090dc470f43380c91b561395df917790f959c65ce8a6b2689b3fd0893a2b2bd27021d0cd609dacb0298f089b20af873a27f0e112bd1fff47a3e85b105c8a5139cab9101b6555ef4a5bfb0729ec35f244d22ae5c0b38b6650072b5509cab7f9d5131e6e25f9fd14fb0dd87fb86f439029052366a8c3dd9dbed676afcb719b66306a826b70c3edf56130734d75dafd55cf7661a8515d9cf5d4396807a458f165c3b4e7b87f3c7b19de794230f6f6bbb45d9e5c54bde6063fe99535f5c092719ae21dcf7192a2420422f677e10651a9aa782af8b8b7312f5cfa8737d6637b2edcf78ee41f1334555902091d553915fa8fca49bc8f0ac34553914291084a342af0e2a48bade1681f7844f411ca400d3fc6db31167ce24e5bd14e4342f3df5021d910797d2ed3065cff6f17f02780ae22bc8fd8d9cc58d58034ee024ed1df0a1f83e9a761055d1e3a7c6ca765980f933ee378636dbd3ac7963bebafcb234ff7a9a8a1cdca59debf8f65dd291deafe409dbb158e0d1a367ecf387ab2bd62fda34555d08416a0fb5a5c760eb621e98fa565d6c983cbb2ecf99ee0ad28e68d8f1c287f2e469bc0750ebee6554427e2f6b4d1bc265e4538f8c49d28f9398fb6d1174f7a147757f7f076e04abbcb312083d0599b312aabee65cf00babaf6d025705dcdc9bb1f0e3812f8f07f1a3ea64facf4e954a963f2a6838cee57e00c50133041860a36bf8fee663a2f11d2520617af7ff998065153b8f7756de1a4de892e69e001b1d90f9f475fd301efa5de496d66c84bd6640e792ea680c9a2445cd2f470f099ba4a359252bfad56ade647726f14e072c121fbd8b96df892befbd5cc6dcc6ea955ec8528ddb16d47605642c26003e16e39a1fb9326428571f8001dfaa7252a6b702c365eda7bd32b80610aba5882ac2b7f7cc065295d1a5aa41af612314619f79ea18293e61842e8e93ba9301079c40e6d52592c5b7401750fee819930acadada6cf45cc6a31f6d89836d1b8482614a7797f38ddffbbce139e20317afd921f378905b4951bb153c461ea2d4445ff6db29c401cc75f95afedc4b983454ba89d5aad09911b71e2fea5cdd0233d4609ecf6e3a993134cd56d7a19a70847c6a92119dbb6d6c2e55a39798fd81bc0907f138a79dbd2c856798e30fb76dcb5ace894a54265482d8d62fcdacbab61b20c096b80630407c49d150500e7f0784fbda33ed15565aca9ba228d70d7b30c9f0d7b0c35858602020b2c0d3f96a39935a1b124bb7eb31e29672d9f84e10ff1447a5547e6fb490503b7b0fb071a83afdb9963a22f1427dec5c3479896c64c808f21c585fd6f020e40ceaeaf7ed49807cd7f07226cb03a1cb20b1a046653380b6b97704a69c234dd6002e9012e534bf334b5eb6b6978fd96d8d85a17442254411b0aa2f7f5000cd166821550337289d1bad46228ede0e3dcdc3d6e54964308e0663cff7959800b4eca14367f279e0760d90e5d59660a5b008a04c3b5b735e4d828ca9602bc4b0661c428b55bf43486a84031ed4cdd4598e90bdb4e690d4a3a1d2c61a1d1e94fa557efb0195153bbd8fb75e24e9076b62393f52bd74516d339f690ff3c9cd7d8a6b965a02f8f6f15b63d3a09ed7cbd0f94254a61de2dfce474ed069b6afcfb1f8d2d4cd0e8f641c93ee2e5b56bef013130dc57c26406a9ee61f51eef7ad5635110ff9733bbda57919b19ed5b906fdae9f52aecf13cf60fd4165b67d060755c0dabce43f5908cfc677032b291c2dcbb95f993b7dbd51481905d064cb66217ebe63863c036f3b4bc5e18677361239a969683a0b77fc5fd396f1bbae1349870953f390f37513ee36384c4a21013eaad1f29c6d7b9fc0b0f185d70c0a8ff2205d2e642380045d2d753d8675fd5bbe9ce8cc2ff9c7d767b79bddf62caee3f9e9fe91e626049a18a3c2dc6ce8068d4fefb7ff2e0c1c9d1afbe1f24de15417ece44731f4936e0ca99525fbedb81bd3a2156788dae699fbfdaa91e473076cdba1d78f698e15d7cc3ef0f2972c02999ee300f3f6068babaafcdc2c2ec2af0efef20eb530538f5796dc764ed9a67b0b2c22e4c2ac9fdb9b9b9c02cb10a9d3b266867c6f460ecf73618ff7b8cb36d4bfc19f41bf4102bd5357094156d0c58b5ad08d8a8d7049afc4a68d6dd2e043f39a0b059922b12c4fe2707cf8a7a08dea78938e7210998a5c46e652e43d1d176e839e8570421d05cec1b5255a4379c8f303a815d5370540626d9a2fd3a626351a576946b8c7dd07d1b115a5d17f9a819826978b2dfcf9993661e92c6afec46b01d9e50688b80ccfa3f9db8f5218036a734bc684d587c8a40abd6ff51d65d2785b8239fd7354ece20d43ba38051874497034c543cdda17eee7391541bcfdea4ef70a7bb06fabe8f82ed38cb2cfc5a6390ec8b3bc0195ee5b7576bd401217e9ae8a0d23d7f96a276992e2151b2de382790f8b0ef5f0524d182625ae94930416747d84414e525d5898637581446fb5f00a074e76716f03b813d78a61e66d6deabee3e6a19f8dad907e0f2bfae6e80cb8ffa5e281a86bde33c125c31e3e2261b1622cc0319a7c10affc392b5aa5b3e18e72cdeb89a5eb412cc9e9fe2acdf520ba7cf42c2fc5d18e869e8be02afb77ecac0699d5cd8ab5673b6343d51050e1a75110f8de48d13487652394be5e48fff1e0700925237c1fdcbb9dc3290db9c59a544d8b847a6156c814261faa7e20e6a34cee72db846a5aa1c9007211a0e7bd329efa36cbf3622c9a0a11a6be90dced8af406fddb0465af01820efcc8ec3085ac328e4f9c08a363f0b3fa781291b9220455db02a1ea182f3b6ecad79f9baa3129d13a94e32d145d893d33a22223593677771de1592618cdbbeb7e603fa4723706e1f2a3a6218765650a33cf82873e129c3099cde2d8b044be012fd595f86135c1a3340ac205767b186e1f6cb16f20f9330b95149356bdf9c22f7f6f9aab426e8f2863329f8adb652c53ea2d40f77c14d5e645c7c4b9ba4351d83653226d98ce58309f9094eb56bd76937b45b45208f892254b998c5ccae1de11b16a8b0142861d195f03a7aaa3ce2ce28a6f884e680d3f535751239a5fa85c188693b9ca41c71cd86735dc124d3237a99ab197b7725747c43710de57116f162340739fdb0bcba1f605e0e2e18d2dbbd135f8d8583e488906a5ca0610de2b3c94cea7e807bf1f047cb16d4caf6d7d1c1d6c0e81d790c2a563417f6a26fafe7578146cc763d04710c66e285d0995c4b6a41a41ece27447dd4fe0cb6762332d53c08faa7cc29945fc4aba96f1cac22a6c17a401eab12654b84ab2bf19c805c8c82094450b55f2251fb7891965d1a90b525a92f4f0ef1b085e993fa1b910e9ef1d403b648f2764d9ff84da2c79543757e3dfd7524e1945958757d682124d4724f137b93e53e2747aba04521bcb26d8db91ca5adcc530c534049fe74a9d4d95e4eaf6cc788a463388c7ac478370e97bde3efa9466bea5323e6313724cf366d7b46d9aed7fd1e8a919b868cd0569bf9ba8c439b80ed1e8dafdbc220f2b046ef169e949a45f06921dd89cd6923a447777a64f62b4691608fe526bf2ff8ce1a6fa1f362c9f7daf6984d3519faa1d62cc438508872ed30d94516b3b17c4492cc2b89756c5a0d32e1d78208a6b8f8cd40ad623e14e38924c25f49dabd74d6c7109ea0d8936ff33ad94e24025f2ef95dc2e158ef60bd2b678648c799c3d98d24f8eaf64e6c0bac2a9631611ea513ce5d330765ee9411fcdfbbd39f10a8952cd0539a8e56913a57d5abf5f1738cb62a88798c85f8300947aad84ebb7864f18e5628920ab0b1129e588179f546c77d286c578b2c248d5141d7ff65b197f0d741c3d2b3cdda6655dc6c447739a6f02a407284a244e47d8d0a1c1eae14b4ef3f25962249169ca75a44310146ee8170b35a6c5a82d1e4c63b92cad7e9f4d3bf427b5d4941fd3cec5f66e3367c01b2ac328cbaf2ed921b8c0ee373521b0dc9788b07874742b59a858facebe095003514108b72ab9f064788cce892b6c55f1373035859da23602c8aff610a9fb45091a5d348a0bee77061af535711b3e5797b3676249bcc72c8af71a689a2a58ab9d400a55f5ebd5435608f10297b51dbaf351db1ca448066dca1f78fb9c8084f3363bc5104487d754150d0d25902e71141751eb7a7c609d5180702745afd09fa9fb6f0f688eb71b8472f59e062ac4931ffdedac198b97bf57c00274499344d4d05a9e5939fd70648320ad8dc79be019dd0ae24584c6546f7f15860117348446659b4f910fcd704b00332415527983d55873780e55c2f45b9d180518ec4372e10756f9737798af50725ece532cb5137596232ead102c3276d336cca640c02fee4b6935549e2a38002cff936057cca789071c25506c0d161c23d9be1cdbc51b4934f2c7c96a7a0d155875658d190c19a84db0fc19da1620f5fdbd22ba72e4eaa001a9375d84c515f04c251215fd762e7bb3e6b5144382b8946caa1bb9d420b52d4e356ee157e0af1e3a4f18480b47c28522af0d8931914e61d4dd4bfc40c32510c14a0a418156aa861c578c42ddbe045d194638f7e1a80d66707b33b050af9deab50a4f2a81fccc1e0e3111124235507ed5ead3f1163f271959ec34530b125b4f2115c644ee0c5f1cbf02161a8bb4b97ffdebea6886724690e60b545e0ada911339c4eb4a951b4ba72dd5ed29265c39cdfa76647d9fb4b3dc2e28b41c29f0fc970ff525d2a4386656c52b1f9d4812ab01399a6d37adf05ec969f76537a367e116712e276af731a5433a603d67498933ba8660f6ef8f3f1e2ce9173b6bfb4c63e9b3788414d589450a27b67e00e1b816ab7ca931f7d5f9493149f47e0cd4ab8f8e7f0527bdcb7e4ca8f8e536da330f9d1b2e75659466f592d52102ff0e68b533078e4cfc32033d7fc577ffd2817d6bf17ca884b17c8b3e1dc7111371f4ecf816bfea59509eedcd7d50cc896c465805cd48ee16d56bceda0329e81dba1caec2ba53b511bff4359e067b3e56e959e339836f56830140c15ea9b0ad3f296bca5c54637b6cfb42e74d8ddb13eba96a78cf7db101176104d62cda9377205a26bc6b310a1898df9e6b001946fcdbb67bb80a0ad991f24aaaa908a7e56c4b3c36c1dc59009c793b7", 0x1000, 0x0) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00') ioctl$FITHAW(r5, 0xc0045878) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) [ 968.548559] FAULT_INJECTION: forcing a failure. [ 968.548559] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 968.551478] CPU: 1 PID: 7607 Comm: syz-executor.5 Not tainted 5.10.200 #1 [ 968.553391] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 968.555461] Call Trace: [ 968.556201] dump_stack+0x107/0x167 [ 968.557036] should_fail.cold+0x5/0xa [ 968.558131] _copy_to_user+0x2e/0x180 [ 968.559195] simple_read_from_buffer+0xcc/0x160 [ 968.560467] proc_fail_nth_read+0x198/0x230 [ 968.561490] ? proc_sessionid_read+0x230/0x230 [ 968.562574] ? security_file_permission+0x24e/0x570 [ 968.563727] ? perf_trace_initcall_start+0x101/0x380 [ 968.564934] ? proc_sessionid_read+0x230/0x230 [ 968.566000] vfs_read+0x228/0x580 [ 968.566843] ksys_read+0x12d/0x260 [ 968.567698] ? vfs_write+0xa70/0xa70 [ 968.568554] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 968.569871] ? syscall_enter_from_user_mode+0x1d/0x50 [ 968.571042] do_syscall_64+0x33/0x40 [ 968.571905] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 968.573106] RIP: 0033:0x7f101cf6e69c [ 968.573965] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 968.578178] RSP: 002b:00007f101a531170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 968.579958] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f101cf6e69c [ 968.581589] RDX: 000000000000000f RSI: 00007f101a5311e0 RDI: 0000000000000003 [ 968.583285] RBP: 00007f101a5311d0 R08: 0000000000000000 R09: 0000000000000000 [ 968.584967] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 968.586574] R13: 00007ffe25c0905f R14: 00007f101a531300 R15: 0000000000022000 [ 968.595432] FAULT_INJECTION: forcing a failure. [ 968.595432] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 968.598171] CPU: 1 PID: 7603 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 968.599559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 968.601247] Call Trace: [ 968.601782] dump_stack+0x107/0x167 [ 968.602531] should_fail.cold+0x5/0xa [ 968.603314] _copy_to_user+0x2e/0x180 [ 968.604091] io_uring_setup+0x117d/0x2a40 [ 968.604945] ? wait_for_completion_io+0x270/0x270 [ 968.605948] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 968.607011] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 968.608091] ? syscall_enter_from_user_mode+0x1d/0x50 [ 968.609163] do_syscall_64+0x33/0x40 [ 968.609929] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 968.610975] RIP: 0033:0x7fd4717f2b19 [ 968.611751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 968.615552] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 968.617104] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 968.618570] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 968.620018] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 968.621479] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 968.622939] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:39:39 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 968.650362] FAULT_INJECTION: forcing a failure. [ 968.650362] name failslab, interval 1, probability 0, space 0, times 0 [ 968.652334] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 968.652703] CPU: 0 PID: 7613 Comm: syz-executor.6 Not tainted 5.10.200 #1 [ 968.655536] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 968.657233] Call Trace: [ 968.657778] dump_stack+0x107/0x167 [ 968.658527] should_fail.cold+0x5/0xa [ 968.659315] ? security_file_alloc+0x34/0x170 [ 968.660240] should_failslab+0x5/0x20 [ 968.661019] kmem_cache_alloc+0x5b/0x310 [ 968.661873] security_file_alloc+0x34/0x170 [ 968.662762] __alloc_file+0xb6/0x320 [ 968.663530] alloc_empty_file+0x6d/0x170 [ 968.664372] alloc_file+0x5e/0x5a0 [ 968.665157] alloc_file_pseudo+0x16a/0x250 [ 968.666037] ? alloc_file+0x5a0/0x5a0 [ 968.666838] ? ctx_sched_out+0xa00/0xa00 [ 968.667691] anon_inode_getfile+0xc8/0x1f0 [ 968.668576] __do_sys_perf_event_open+0xf6f/0x2d50 [ 968.669607] ? __mutex_unlock_slowpath+0xe1/0x600 [ 968.670592] ? perf_event_set_output+0x5b0/0x5b0 [ 968.671558] ? wait_for_completion_io+0x270/0x270 [ 968.672567] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 968.673634] ? syscall_enter_from_user_mode+0x1d/0x50 [ 968.674681] do_syscall_64+0x33/0x40 [ 968.675440] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 968.676479] RIP: 0033:0x7f53a8b8eb19 [ 968.677263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 968.680941] RSP: 002b:00007f53a6104188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 968.682512] RAX: ffffffffffffffda RBX: 00007f53a8ca1f60 RCX: 00007f53a8b8eb19 [ 968.683951] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 968.685400] RBP: 00007f53a61041d0 R08: 0000000000000000 R09: 0000000000000000 [ 968.686833] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 968.688266] R13: 00007ffe5f64f26f R14: 00007f53a6104300 R15: 0000000000022000 03:39:39 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x2, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 968.762666] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 982.645558] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:39:53 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:39:53 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0xd5884b98eddc93b4) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) pwrite64(r3, &(0x7f00000003c0)="42b416e9abc3843f1cd3548f1a4d1b7a17a02477ba26af00e0aceb8db45f77b32f0f7dc8b734fc0cca661eb0b902e275f8701d334b4772340b0b84b8e58448004c6b46f363465d50bbf3fdd95a201482ddac3fc4d7687e11b01edfb12dea514a52fe1114dfb0db13e7ee7b02ed9bb111b6decf7092611c050b67c41a0c6f1ddd679dce79269dccbb424799e883d50da97458bdaf55e7af25e790630668ab87081f9742522441d66fffd3626d3a157c0b7d5c6c60c2b0b382e258262aa3042aac30e5fc646f2847cdbc73af89f72ef9ffdcd977d816bea936d3041bb9fafbc759d63a66b7af8a7debd5113f5a117c94b1999971f84b73dfd9f33a625360308188daf3b8c6b61941a64e82d977245fccbd614a606fed79ef1078cbc19a9051404461ace05a1573a02159be5f1ab89b9cb9f9437be19bea8d10c62996478d1ef43d5e78b6d4daae8e567b1f10a7e3405940be50bd441f18d5916e25cd6b63c16378ba01870946f6da077110a7f54532d72f6ccc7ec1c385a734c46d166eaf2c499304c22b9a941c9e9ff47113346e31e2f1b393d490052a72e9fab58afeffb178adc24545ecbb034970ea988ea5b979f254802db2586f21430167a19d123057689a74837e682407345f1616090dc470f43380c91b561395df917790f959c65ce8a6b2689b3fd0893a2b2bd27021d0cd609dacb0298f089b20af873a27f0e112bd1fff47a3e85b105c8a5139cab9101b6555ef4a5bfb0729ec35f244d22ae5c0b38b6650072b5509cab7f9d5131e6e25f9fd14fb0dd87fb86f439029052366a8c3dd9dbed676afcb719b66306a826b70c3edf56130734d75dafd55cf7661a8515d9cf5d4396807a458f165c3b4e7b87f3c7b19de794230f6f6bbb45d9e5c54bde6063fe99535f5c092719ae21dcf7192a2420422f677e10651a9aa782af8b8b7312f5cfa8737d6637b2edcf78ee41f1334555902091d553915fa8fca49bc8f0ac34553914291084a342af0e2a48bade1681f7844f411ca400d3fc6db31167ce24e5bd14e4342f3df5021d910797d2ed3065cff6f17f02780ae22bc8fd8d9cc58d58034ee024ed1df0a1f83e9a761055d1e3a7c6ca765980f933ee378636dbd3ac7963bebafcb234ff7a9a8a1cdca59debf8f65dd291deafe409dbb158e0d1a367ecf387ab2bd62fda34555d08416a0fb5a5c760eb621e98fa565d6c983cbb2ecf99ee0ad28e68d8f1c287f2e469bc0750ebee6554427e2f6b4d1bc265e4538f8c49d28f9398fb6d1174f7a147757f7f076e04abbcb312083d0599b312aabee65cf00babaf6d025705dcdc9bb1f0e3812f8f07f1a3ea64facf4e954a963f2a6838cee57e00c50133041860a36bf8fee663a2f11d2520617af7ff998065153b8f7756de1a4de892e69e001b1d90f9f475fd301efa5de496d66c84bd6640e792ea680c9a2445cd2f470f099ba4a359252bfad56ade647726f14e072c121fbd8b96df892befbd5cc6dcc6ea955ec8528ddb16d47605642c26003e16e39a1fb9326428571f8001dfaa7252a6b702c365eda7bd32b80610aba5882ac2b7f7cc065295d1a5aa41af612314619f79ea18293e61842e8e93ba9301079c40e6d52592c5b7401750fee819930acadada6cf45cc6a31f6d89836d1b8482614a7797f38ddffbbce139e20317afd921f378905b4951bb153c461ea2d4445ff6db29c401cc75f95afedc4b983454ba89d5aad09911b71e2fea5cdd0233d4609ecf6e3a993134cd56d7a19a70847c6a92119dbb6d6c2e55a39798fd81bc0907f138a79dbd2c856798e30fb76dcb5ace894a54265482d8d62fcdacbab61b20c096b80630407c49d150500e7f0784fbda33ed15565aca9ba228d70d7b30c9f0d7b0c35858602020b2c0d3f96a39935a1b124bb7eb31e29672d9f84e10ff1447a5547e6fb490503b7b0fb071a83afdb9963a22f1427dec5c3479896c64c808f21c585fd6f020e40ceaeaf7ed49807cd7f07226cb03a1cb20b1a046653380b6b97704a69c234dd6002e9012e534bf334b5eb6b6978fd96d8d85a17442254411b0aa2f7f5000cd166821550337289d1bad46228ede0e3dcdc3d6e54964308e0663cff7959800b4eca14367f279e0760d90e5d59660a5b008a04c3b5b735e4d828ca9602bc4b0661c428b55bf43486a84031ed4cdd4598e90bdb4e690d4a3a1d2c61a1d1e94fa557efb0195153bbd8fb75e24e9076b62393f52bd74516d339f690ff3c9cd7d8a6b965a02f8f6f15b63d3a09ed7cbd0f94254a61de2dfce474ed069b6afcfb1f8d2d4cd0e8f641c93ee2e5b56bef013130dc57c26406a9ee61f51eef7ad5635110ff9733bbda57919b19ed5b906fdae9f52aecf13cf60fd4165b67d060755c0dabce43f5908cfc677032b291c2dcbb95f993b7dbd51481905d064cb66217ebe63863c036f3b4bc5e18677361239a969683a0b77fc5fd396f1bbae1349870953f390f37513ee36384c4a21013eaad1f29c6d7b9fc0b0f185d70c0a8ff2205d2e642380045d2d753d8675fd5bbe9ce8cc2ff9c7d767b79bddf62caee3f9e9fe91e626049a18a3c2dc6ce8068d4fefb7ff2e0c1c9d1afbe1f24de15417ece44731f4936e0ca99525fbedb81bd3a2156788dae699fbfdaa91e473076cdba1d78f698e15d7cc3ef0f2972c02999ee300f3f6068babaafcdc2c2ec2af0efef20eb530538f5796dc764ed9a67b0b2c22e4c2ac9fdb9b9b9c02cb10a9d3b266867c6f460ecf73618ff7b8cb36d4bfc19f41bf4102bd5357094156d0c58b5ad08d8a8d7049afc4a68d6dd2e043f39a0b059922b12c4fe2707cf8a7a08dea78938e7210998a5c46e652e43d1d176e839e8570421d05cec1b5255a4379c8f303a815d5370540626d9a2fd3a626351a576946b8c7dd07d1b115a5d17f9a819826978b2dfcf9993661e92c6afec46b01d9e50688b80ccfa3f9db8f5218036a734bc684d587c8a40abd6ff51d65d2785b8239fd7354ece20d43ba38051874497034c543cdda17eee7391541bcfdea4ef70a7bb06fabe8f82ed38cb2cfc5a6390ec8b3bc0195ee5b7576bd401217e9ae8a0d23d7f96a276992e2151b2de382790f8b0ef5f0524d182625ae94930416747d84414e525d5898637581446fb5f00a074e76716f03b813d78a61e66d6deabee3e6a19f8dad907e0f2bfae6e80cb8ffa5e281a86bde33c125c31e3e2261b1622cc0319a7c10affc392b5aa5b3e18e72cdeb89a5eb412cc9e9fe2acdf520ba7cf42c2fc5d18e869e8be02afb77ecac0699d5cd8ab5673b6343d51050e1a75110f8de48d13487652394be5e48fff1e0700925237c1fdcbb9dc3290db9c59a544d8b847a6156c814261faa7e20e6a34cee72db846a5aa1c9007211a0e7bd329efa36cbf3622c9a0a11a6be90dced8af406fddb0465af01820efcc8ec3085ac328e4f9c08a363f0b3fa781291b9220455db02a1ea182f3b6ecad79f9baa3129d13a94e32d145d893d33a22223593677771de1592618cdbbeb7e603fa4723706e1f2a3a6218765650a33cf82873e129c3099cde2d8b044be012fd595f86135c1a3340ac205767b186e1f6cb16f20f9330b95149356bdf9c22f7f6f9aab426e8f2863329f8adb652c53ea2d40f77c14d5e645c7c4b9ba4351d83653226d98ce58309f9094eb56bd76937b45b45208f892254b998c5ccae1de11b16a8b0142861d195f03a7aaa3ce2ce28a6f884e680d3f535751239a5fa85c188693b9ca41c71cd86735dc124d3237a99ab197b7725747c43710de57116f162340739fdb0bcba1f605e0e2e18d2dbbd135f8d8583e488906a5ca0610de2b3c94cea7e807bf1f047cb16d4caf6d7d1c1d6c0e81d790c2a563417f6a26fafe7578146cc763d04710c66e285d0995c4b6a41a41ece27447dd4fe0cb6762332d53c08faa7cc29945fc4aba96f1cac22a6c17a401eab12654b84ab2bf19c805c8c82094450b55f2251fb7891965d1a90b525a92f4f0ef1b085e993fa1b910e9ef1d403b648f2764d9ff84da2c79543757e3dfd7524e1945958757d682124d4724f137b93e53e2747aba04521bcb26d8db91ca5adcc530c534049fe74a9d4d95e4eaf6cc788a463388c7ac478370e97bde3efa9466bea5323e6313724cf366d7b46d9aed7fd1e8a919b868cd0569bf9ba8c439b80ed1e8dafdbc220f2b046ef169e949a45f06921dd89cd6923a447777a64f62b4691608fe526bf2ff8ce1a6fa1f362c9f7daf6984d3519faa1d62cc438508872ed30d94516b3b17c4492cc2b89756c5a0d32e1d78208a6b8f8cd40ad623e14e38924c25f49dabd74d6c7109ea0d8936ff33ad94e24025f2ef95dc2e158ef60bd2b678648c799c3d98d24f8eaf64e6c0bac2a9631611ea513ce5d330765ee9411fcdfbbd39f10a8952cd0539a8e56913a57d5abf5f1738cb62a88798c85f8300947aad84ebb7864f18e5628920ab0b1129e588179f546c77d286c578b2c248d5141d7ff65b197f0d741c3d2b3cdda6655dc6c447739a6f02a407284a244e47d8d0a1c1eae14b4ef3f25962249169ca75a44310146ee8170b35a6c5a82d1e4c63b92cad7e9f4d3bf427b5d4941fd3cec5f66e3367c01b2ac328cbaf2ed921b8c0ee373521b0dc9788b07874742b59a858facebe095003514108b72ab9f064788cce892b6c55f1373035859da23602c8aff610a9fb45091a5d348a0bee77061af535711b3e5797b3676249bcc72c8af71a689a2a58ab9d400a55f5ebd5435608f10297b51dbaf351db1ca448066dca1f78fb9c8084f3363bc5104487d754150d0d25902e71141751eb7a7c609d5180702745afd09fa9fb6f0f688eb71b8472f59e062ac4931ffdedac198b97bf57c00274499344d4d05a9e5939fd70648320ad8dc79be019dd0ae24584c6546f7f15860117348446659b4f910fcd704b00332415527983d55873780e55c2f45b9d180518ec4372e10756f9737798af50725ece532cb5137596232ead102c3276d336cca640c02fee4b6935549e2a38002cff936057cca789071c25506c0d161c23d9be1cdbc51b4934f2c7c96a7a0d155875658d190c19a84db0fc19da1620f5fdbd22ba72e4eaa001a9375d84c515f04c251215fd762e7bb3e6b5144382b8946caa1bb9d420b52d4e356ee157e0af1e3a4f18480b47c28522af0d8931914e61d4dd4bfc40c32510c14a0a418156aa861c578c42ddbe045d194638f7e1a80d66707b33b050af9deab50a4f2a81fccc1e0e3111124235507ed5ead3f1163f271959ec34530b125b4f2115c644ee0c5f1cbf02161a8bb4b97ffdebea6886724690e60b545e0ada911339c4eb4a951b4ba72dd5ed29265c39cdfa76647d9fb4b3dc2e28b41c29f0fc970ff525d2a4386656c52b1f9d4812ab01399a6d37adf05ec969f76537a367e116712e276af731a5433a603d67498933ba8660f6ef8f3f1e2ce9173b6bfb4c63e9b3788414d589450a27b67e00e1b816ab7ca931f7d5f9493149f47e0cd4ab8f8e7f0527bdcb7e4ca8f8e536da330f9d1b2e75659466f592d52102ff0e68b533078e4cfc32033d7fc577ffd2817d6bf17ca884b17c8b3e1dc7111371f4ecf816bfea59509eedcd7d50cc896c465805cd48ee16d56bceda0329e81dba1caec2ba53b511bff4359e067b3e56e959e339836f56830140c15ea9b0ad3f296bca5c54637b6cfb42e74d8ddb13eba96a78cf7db101176104d62cda9377205a26bc6b310a1898df9e6b001946fcdbb67bb80a0ad991f24aaaa908a7e56c4b3c36c1dc59009c793b7", 0x1000, 0x0) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00') ioctl$FITHAW(r5, 0xc0045878) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) 03:39:53 executing program 0: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400020120000200008000f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x4000}], 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0100414c7258945ffbb11a1782af6917b705475dd8a6c6751970285653a9b825a6ea08aa8c423d3e042a629f89b706e102afe5044c794d708364e93ba86580e7e6a49aac8ff396ddea3663aca802dd4631f964f86ac842320c98b45f0b0f07830009b4f703f885093d06237ffa67ff3461b0dc7a504170f0653f97b7561333b65e2de5aabc7439ac9c05ea61dbfc3b16d980ac4930c6a3beb04a"]) r1 = openat(r0, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x100000001) 03:39:53 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 21) 03:39:53 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 15) 03:39:53 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x3, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:39:53 executing program 7: ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000)) unshare(0x6020080) unshare(0x60080) 03:39:53 executing program 3: r0 = fork() pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) r3 = gettid() capset(&(0x7f0000000000)={0x19980330, r3}, &(0x7f0000000040)) sendmsg$nl_netfilter(r1, &(0x7f0000000880)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000840)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4c040000050301032dbd7000fddf25030000010800320000", @ANYRES32=r3, @ANYBLOB="0df52bf399153de11cee6ccf533bf6bfb9a5dd66cc71838ed89c9dab63d27db7e3718784039e625627a19f5662f3cb1458572970b13fc5900ecc72822bdee349730ea259c40bddbab32ff6fc3011574ec98d9c720303238004002700c1e21775ca926da399e5bbbe8b62d33f85c2200bb56d73132f6f7608457e759ad55e512f73ef251a927c0aec90706711b37ab4b8a64052b2ed9bc064245061bc693cc275b0f8215185a108f7e0d369cf727c164f491c096f58290fcb5ff42a3a6b93dd65ca161f5f6b348108da58fd4b1f83605830f3c26c67889daabfda217baba5c9eb2fe3361837dbc53e756427ccf412f1cb56a73474f1de5a59e871d19c1bd9e42f63c6b87d334f9e3e097a4a7ff87a83ca6e082553316ea2f453075125d896f86c098ef880e3313ae436e47c9db1baa2b3bde888a44c17f5f5d49a0484c4fdc97b3aef713830a828f2baa49cb62b4c9d585909fe10a154552d5dabe7bf5ee15a71f503ea062befc9f62bb0adac7e4d79161d72249039a9b5942f48c952f11a77e63cdece622eb35ae2cb85bde25c1e151a57c396d785b1d792d1002ebb8e9c05ab996cf5d418637675a4989e59d61f7d2331477bf844383791bd6a783c1bc0f9ba6af756f6f1186148b1d81c22886ee741a8cbfcbaa63717d5eb082d85352599d2af469bf532632cdd3659db19770aa5ba06832c3053c8c9f0ee2591bb095f727b4316914c94d5e534fd3cbdf183f967d27eead8facdcf41472b05c83e34d8b13405a98fb7274db246d2badebd57e13f4426d892c2e882fc1db5a604328a8d52e30ca6a56c03eb008d9e9a01dfe66aa7bec5732668e197980a6928aedb75f4f6b561e31e0b399fe42feb5ec1378113945a4df9f603214e55205eec43de87e390f54f6e1cf229a2d1a18d5dcfd52a1633daff738602247068f8166edcfa49886b63ed3a1a0d91937dcb43cae34645dfc0ad40503786af1424698d20bc16033983a60b77167f8b83f188330de9da6e5e3c708dfb1d0f2a4b96789401d325d67aaf3963cc59b1cc8d9149803722c05a37d397fdb29ba0ef52e651fc6bfcabaeb2e6569500c644e04038419a2a62888146a30abb860068c29ac853dd50ee2ee9da5842d646ed52a29f5bf98aaa9b604fdec583b032d2f27c32019e15d68e14008900fc01000000000000000000000000000108009500ac1414bb00d730d42fa76399aab5ea70301136dd9cf4ecb9b86444cf3e83de73a1d209f7d41cd5cc83d4ceba92676412c7c3a756658b274a0f19876b0ba89c78bcc80d1e24630c34b3549e0aebdcc1914ae502ccf075d83d38cece4d71ce89a46c00e4332e629d80aa93e1a73ce2393b3bbfe0d27c9e696f70ebb83c9c1197535981dbf28669ac93ebc469fc5c2c87cc35cc886d5a2997f419a31795729a4a0da14a3af9c67163742eb377a4f3ea1ee8526a3e80fb0032fc0521b87f735e04526c5e1c8b4b08af94861c7d4db3d713e90d5dc23eaacde02eaf44000000"], 0x44c}, 0x1, 0x0, 0x0, 0x4048000}, 0x4000040) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300), &(0x7f0000000340)=0xc) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) [ 982.651985] FAULT_INJECTION: forcing a failure. [ 982.651985] name failslab, interval 1, probability 0, space 0, times 0 [ 982.653297] CPU: 0 PID: 7626 Comm: syz-executor.6 Not tainted 5.10.200 #1 [ 982.654085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 982.655019] Call Trace: [ 982.655338] dump_stack+0x107/0x167 [ 982.655756] should_fail.cold+0x5/0xa [ 982.656190] ? create_object.isra.0+0x3a/0xa20 [ 982.656710] should_failslab+0x5/0x20 [ 982.657143] kmem_cache_alloc+0x5b/0x310 [ 982.657609] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 982.658235] create_object.isra.0+0x3a/0xa20 [ 982.658734] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 982.659313] kmem_cache_alloc+0x159/0x310 [ 982.659793] security_file_alloc+0x34/0x170 [ 982.660282] __alloc_file+0xb6/0x320 [ 982.660709] alloc_empty_file+0x6d/0x170 [ 982.661176] alloc_file+0x5e/0x5a0 [ 982.661599] alloc_file_pseudo+0x16a/0x250 [ 982.662077] ? alloc_file+0x5a0/0x5a0 [ 982.662515] ? ctx_sched_out+0xa00/0xa00 [ 982.662988] anon_inode_getfile+0xc8/0x1f0 [ 982.663481] __do_sys_perf_event_open+0xf6f/0x2d50 [ 982.664042] ? __mutex_unlock_slowpath+0xe1/0x600 [ 982.664587] ? perf_event_set_output+0x5b0/0x5b0 [ 982.665124] ? wait_for_completion_io+0x270/0x270 [ 982.665688] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 982.666275] ? syscall_enter_from_user_mode+0x1d/0x50 [ 982.666858] do_syscall_64+0x33/0x40 [ 982.667277] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 982.667852] RIP: 0033:0x7f53a8b8eb19 [ 982.668270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 982.670353] RSP: 002b:00007f53a6104188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 982.671201] RAX: ffffffffffffffda RBX: 00007f53a8ca1f60 RCX: 00007f53a8b8eb19 [ 982.671992] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 982.672789] RBP: 00007f53a61041d0 R08: 0000000000000000 R09: 0000000000000000 [ 982.673597] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 982.674589] R13: 00007ffe5f64f26f R14: 00007f53a6104300 R15: 0000000000022000 [ 982.711132] FAT-fs (loop0): Unrecognized mount option "" or missing value [ 982.726559] FAULT_INJECTION: forcing a failure. [ 982.726559] name failslab, interval 1, probability 0, space 0, times 0 [ 982.728962] CPU: 1 PID: 7639 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 982.730341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 982.731998] Call Trace: [ 982.732530] dump_stack+0x107/0x167 [ 982.733274] should_fail.cold+0x5/0xa [ 982.734045] ? sock_alloc_inode+0x18/0x1c0 [ 982.734899] should_failslab+0x5/0x20 [ 982.735660] kmem_cache_alloc+0x5b/0x310 [ 982.736470] ? selinux_ipv6_output+0x180/0x180 [ 982.737394] ? sock_free_inode+0x20/0x20 [ 982.738202] sock_alloc_inode+0x18/0x1c0 [ 982.739003] ? sock_free_inode+0x20/0x20 [ 982.739805] alloc_inode+0x63/0x240 [ 982.740528] new_inode_pseudo+0x14/0xe0 [ 982.741315] sock_alloc+0x3c/0x270 [ 982.742040] __sock_create+0xbd/0x7f0 [ 982.742798] ? _copy_to_user+0x145/0x180 [ 982.743608] io_uring_setup+0x1357/0x2a40 [ 982.744437] ? wait_for_completion_io+0x270/0x270 [ 982.745405] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 982.746433] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 982.747469] ? syscall_enter_from_user_mode+0x1d/0x50 [ 982.748498] do_syscall_64+0x33/0x40 [ 982.749239] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 982.750260] RIP: 0033:0x7fd4717f2b19 [ 982.750998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 982.754635] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 982.756144] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 982.757563] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 982.758972] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 982.760379] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 982.761795] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 982.763286] socket: no more sockets 03:39:53 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:39:53 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x4, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:39:53 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 16) 03:39:53 executing program 0: perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x4}}, 0x0, 0xa, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x400448e4, &(0x7f0000000000)={0x0, 0x0, "dfdf99"}) [ 982.891468] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 982.899394] FAULT_INJECTION: forcing a failure. [ 982.899394] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 982.901827] CPU: 0 PID: 7653 Comm: syz-executor.6 Not tainted 5.10.200 #1 [ 982.903212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 982.904904] Call Trace: [ 982.905450] dump_stack+0x107/0x167 [ 982.906190] should_fail.cold+0x5/0xa [ 982.906973] _copy_to_user+0x2e/0x180 [ 982.907761] simple_read_from_buffer+0xcc/0x160 [ 982.908712] proc_fail_nth_read+0x198/0x230 [ 982.909619] ? proc_sessionid_read+0x230/0x230 [ 982.910556] ? security_file_permission+0x24e/0x570 [ 982.911570] ? perf_trace_initcall_start+0x101/0x380 [ 982.912615] ? proc_sessionid_read+0x230/0x230 [ 982.913552] vfs_read+0x228/0x580 [ 982.914298] ksys_read+0x12d/0x260 [ 982.915020] ? vfs_write+0xa70/0xa70 [ 982.915794] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 982.916857] ? syscall_enter_from_user_mode+0x1d/0x50 [ 982.917932] do_syscall_64+0x33/0x40 [ 982.918699] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 982.919737] RIP: 0033:0x7f53a8b4169c [ 982.920501] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 982.924239] RSP: 002b:00007f53a6104170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 982.925781] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f53a8b4169c [ 982.927219] RDX: 000000000000000f RSI: 00007f53a61041e0 RDI: 0000000000000004 [ 982.928656] RBP: 00007f53a61041d0 R08: 0000000000000000 R09: 0000000000000000 [ 982.930120] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 982.931556] R13: 00007ffe5f64f26f R14: 00007f53a6104300 R15: 0000000000022000 03:39:53 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:39:53 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 22) 03:39:53 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x5, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 982.977132] FAULT_INJECTION: forcing a failure. [ 982.977132] name failslab, interval 1, probability 0, space 0, times 0 [ 982.979609] CPU: 1 PID: 7659 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 982.980995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 982.982710] Call Trace: [ 982.983265] dump_stack+0x107/0x167 [ 982.984025] should_fail.cold+0x5/0xa [ 982.984818] ? create_object.isra.0+0x3a/0xa20 [ 982.985751] should_failslab+0x5/0x20 [ 982.986521] kmem_cache_alloc+0x5b/0x310 [ 982.987350] create_object.isra.0+0x3a/0xa20 [ 982.988244] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 982.989273] kmem_cache_alloc+0x159/0x310 [ 982.990130] ? selinux_ipv6_output+0x180/0x180 [ 982.991056] ? sock_free_inode+0x20/0x20 [ 982.991878] sock_alloc_inode+0x18/0x1c0 [ 982.992697] ? sock_free_inode+0x20/0x20 [ 982.993537] alloc_inode+0x63/0x240 [ 982.994047] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 982.994287] new_inode_pseudo+0x14/0xe0 [ 982.996588] sock_alloc+0x3c/0x270 [ 982.997322] __sock_create+0xbd/0x7f0 [ 982.998145] ? _copy_to_user+0x145/0x180 [ 982.998985] io_uring_setup+0x1357/0x2a40 [ 982.999841] ? wait_for_completion_io+0x270/0x270 [ 983.000830] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 983.001887] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 983.002954] ? syscall_enter_from_user_mode+0x1d/0x50 [ 983.004002] do_syscall_64+0x33/0x40 [ 983.004756] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 983.005797] RIP: 0033:0x7fd4717f2b19 [ 983.006552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 983.010288] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 983.011845] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 983.013299] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 983.014770] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 983.016231] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 983.017702] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:39:53 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x6, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:39:53 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 983.087568] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:40:06 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:40:06 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0xd5884b98eddc93b4) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) pwrite64(r3, &(0x7f00000003c0)="42b416e9abc3843f1cd3548f1a4d1b7a17a02477ba26af00e0aceb8db45f77b32f0f7dc8b734fc0cca661eb0b902e275f8701d334b4772340b0b84b8e58448004c6b46f363465d50bbf3fdd95a201482ddac3fc4d7687e11b01edfb12dea514a52fe1114dfb0db13e7ee7b02ed9bb111b6decf7092611c050b67c41a0c6f1ddd679dce79269dccbb424799e883d50da97458bdaf55e7af25e790630668ab87081f9742522441d66fffd3626d3a157c0b7d5c6c60c2b0b382e258262aa3042aac30e5fc646f2847cdbc73af89f72ef9ffdcd977d816bea936d3041bb9fafbc759d63a66b7af8a7debd5113f5a117c94b1999971f84b73dfd9f33a625360308188daf3b8c6b61941a64e82d977245fccbd614a606fed79ef1078cbc19a9051404461ace05a1573a02159be5f1ab89b9cb9f9437be19bea8d10c62996478d1ef43d5e78b6d4daae8e567b1f10a7e3405940be50bd441f18d5916e25cd6b63c16378ba01870946f6da077110a7f54532d72f6ccc7ec1c385a734c46d166eaf2c499304c22b9a941c9e9ff47113346e31e2f1b393d490052a72e9fab58afeffb178adc24545ecbb034970ea988ea5b979f254802db2586f21430167a19d123057689a74837e682407345f1616090dc470f43380c91b561395df917790f959c65ce8a6b2689b3fd0893a2b2bd27021d0cd609dacb0298f089b20af873a27f0e112bd1fff47a3e85b105c8a5139cab9101b6555ef4a5bfb0729ec35f244d22ae5c0b38b6650072b5509cab7f9d5131e6e25f9fd14fb0dd87fb86f439029052366a8c3dd9dbed676afcb719b66306a826b70c3edf56130734d75dafd55cf7661a8515d9cf5d4396807a458f165c3b4e7b87f3c7b19de794230f6f6bbb45d9e5c54bde6063fe99535f5c092719ae21dcf7192a2420422f677e10651a9aa782af8b8b7312f5cfa8737d6637b2edcf78ee41f1334555902091d553915fa8fca49bc8f0ac34553914291084a342af0e2a48bade1681f7844f411ca400d3fc6db31167ce24e5bd14e4342f3df5021d910797d2ed3065cff6f17f02780ae22bc8fd8d9cc58d58034ee024ed1df0a1f83e9a761055d1e3a7c6ca765980f933ee378636dbd3ac7963bebafcb234ff7a9a8a1cdca59debf8f65dd291deafe409dbb158e0d1a367ecf387ab2bd62fda34555d08416a0fb5a5c760eb621e98fa565d6c983cbb2ecf99ee0ad28e68d8f1c287f2e469bc0750ebee6554427e2f6b4d1bc265e4538f8c49d28f9398fb6d1174f7a147757f7f076e04abbcb312083d0599b312aabee65cf00babaf6d025705dcdc9bb1f0e3812f8f07f1a3ea64facf4e954a963f2a6838cee57e00c50133041860a36bf8fee663a2f11d2520617af7ff998065153b8f7756de1a4de892e69e001b1d90f9f475fd301efa5de496d66c84bd6640e792ea680c9a2445cd2f470f099ba4a359252bfad56ade647726f14e072c121fbd8b96df892befbd5cc6dcc6ea955ec8528ddb16d47605642c26003e16e39a1fb9326428571f8001dfaa7252a6b702c365eda7bd32b80610aba5882ac2b7f7cc065295d1a5aa41af612314619f79ea18293e61842e8e93ba9301079c40e6d52592c5b7401750fee819930acadada6cf45cc6a31f6d89836d1b8482614a7797f38ddffbbce139e20317afd921f378905b4951bb153c461ea2d4445ff6db29c401cc75f95afedc4b983454ba89d5aad09911b71e2fea5cdd0233d4609ecf6e3a993134cd56d7a19a70847c6a92119dbb6d6c2e55a39798fd81bc0907f138a79dbd2c856798e30fb76dcb5ace894a54265482d8d62fcdacbab61b20c096b80630407c49d150500e7f0784fbda33ed15565aca9ba228d70d7b30c9f0d7b0c35858602020b2c0d3f96a39935a1b124bb7eb31e29672d9f84e10ff1447a5547e6fb490503b7b0fb071a83afdb9963a22f1427dec5c3479896c64c808f21c585fd6f020e40ceaeaf7ed49807cd7f07226cb03a1cb20b1a046653380b6b97704a69c234dd6002e9012e534bf334b5eb6b6978fd96d8d85a17442254411b0aa2f7f5000cd166821550337289d1bad46228ede0e3dcdc3d6e54964308e0663cff7959800b4eca14367f279e0760d90e5d59660a5b008a04c3b5b735e4d828ca9602bc4b0661c428b55bf43486a84031ed4cdd4598e90bdb4e690d4a3a1d2c61a1d1e94fa557efb0195153bbd8fb75e24e9076b62393f52bd74516d339f690ff3c9cd7d8a6b965a02f8f6f15b63d3a09ed7cbd0f94254a61de2dfce474ed069b6afcfb1f8d2d4cd0e8f641c93ee2e5b56bef013130dc57c26406a9ee61f51eef7ad5635110ff9733bbda57919b19ed5b906fdae9f52aecf13cf60fd4165b67d060755c0dabce43f5908cfc677032b291c2dcbb95f993b7dbd51481905d064cb66217ebe63863c036f3b4bc5e18677361239a969683a0b77fc5fd396f1bbae1349870953f390f37513ee36384c4a21013eaad1f29c6d7b9fc0b0f185d70c0a8ff2205d2e642380045d2d753d8675fd5bbe9ce8cc2ff9c7d767b79bddf62caee3f9e9fe91e626049a18a3c2dc6ce8068d4fefb7ff2e0c1c9d1afbe1f24de15417ece44731f4936e0ca99525fbedb81bd3a2156788dae699fbfdaa91e473076cdba1d78f698e15d7cc3ef0f2972c02999ee300f3f6068babaafcdc2c2ec2af0efef20eb530538f5796dc764ed9a67b0b2c22e4c2ac9fdb9b9b9c02cb10a9d3b266867c6f460ecf73618ff7b8cb36d4bfc19f41bf4102bd5357094156d0c58b5ad08d8a8d7049afc4a68d6dd2e043f39a0b059922b12c4fe2707cf8a7a08dea78938e7210998a5c46e652e43d1d176e839e8570421d05cec1b5255a4379c8f303a815d5370540626d9a2fd3a626351a576946b8c7dd07d1b115a5d17f9a819826978b2dfcf9993661e92c6afec46b01d9e50688b80ccfa3f9db8f5218036a734bc684d587c8a40abd6ff51d65d2785b8239fd7354ece20d43ba38051874497034c543cdda17eee7391541bcfdea4ef70a7bb06fabe8f82ed38cb2cfc5a6390ec8b3bc0195ee5b7576bd401217e9ae8a0d23d7f96a276992e2151b2de382790f8b0ef5f0524d182625ae94930416747d84414e525d5898637581446fb5f00a074e76716f03b813d78a61e66d6deabee3e6a19f8dad907e0f2bfae6e80cb8ffa5e281a86bde33c125c31e3e2261b1622cc0319a7c10affc392b5aa5b3e18e72cdeb89a5eb412cc9e9fe2acdf520ba7cf42c2fc5d18e869e8be02afb77ecac0699d5cd8ab5673b6343d51050e1a75110f8de48d13487652394be5e48fff1e0700925237c1fdcbb9dc3290db9c59a544d8b847a6156c814261faa7e20e6a34cee72db846a5aa1c9007211a0e7bd329efa36cbf3622c9a0a11a6be90dced8af406fddb0465af01820efcc8ec3085ac328e4f9c08a363f0b3fa781291b9220455db02a1ea182f3b6ecad79f9baa3129d13a94e32d145d893d33a22223593677771de1592618cdbbeb7e603fa4723706e1f2a3a6218765650a33cf82873e129c3099cde2d8b044be012fd595f86135c1a3340ac205767b186e1f6cb16f20f9330b95149356bdf9c22f7f6f9aab426e8f2863329f8adb652c53ea2d40f77c14d5e645c7c4b9ba4351d83653226d98ce58309f9094eb56bd76937b45b45208f892254b998c5ccae1de11b16a8b0142861d195f03a7aaa3ce2ce28a6f884e680d3f535751239a5fa85c188693b9ca41c71cd86735dc124d3237a99ab197b7725747c43710de57116f162340739fdb0bcba1f605e0e2e18d2dbbd135f8d8583e488906a5ca0610de2b3c94cea7e807bf1f047cb16d4caf6d7d1c1d6c0e81d790c2a563417f6a26fafe7578146cc763d04710c66e285d0995c4b6a41a41ece27447dd4fe0cb6762332d53c08faa7cc29945fc4aba96f1cac22a6c17a401eab12654b84ab2bf19c805c8c82094450b55f2251fb7891965d1a90b525a92f4f0ef1b085e993fa1b910e9ef1d403b648f2764d9ff84da2c79543757e3dfd7524e1945958757d682124d4724f137b93e53e2747aba04521bcb26d8db91ca5adcc530c534049fe74a9d4d95e4eaf6cc788a463388c7ac478370e97bde3efa9466bea5323e6313724cf366d7b46d9aed7fd1e8a919b868cd0569bf9ba8c439b80ed1e8dafdbc220f2b046ef169e949a45f06921dd89cd6923a447777a64f62b4691608fe526bf2ff8ce1a6fa1f362c9f7daf6984d3519faa1d62cc438508872ed30d94516b3b17c4492cc2b89756c5a0d32e1d78208a6b8f8cd40ad623e14e38924c25f49dabd74d6c7109ea0d8936ff33ad94e24025f2ef95dc2e158ef60bd2b678648c799c3d98d24f8eaf64e6c0bac2a9631611ea513ce5d330765ee9411fcdfbbd39f10a8952cd0539a8e56913a57d5abf5f1738cb62a88798c85f8300947aad84ebb7864f18e5628920ab0b1129e588179f546c77d286c578b2c248d5141d7ff65b197f0d741c3d2b3cdda6655dc6c447739a6f02a407284a244e47d8d0a1c1eae14b4ef3f25962249169ca75a44310146ee8170b35a6c5a82d1e4c63b92cad7e9f4d3bf427b5d4941fd3cec5f66e3367c01b2ac328cbaf2ed921b8c0ee373521b0dc9788b07874742b59a858facebe095003514108b72ab9f064788cce892b6c55f1373035859da23602c8aff610a9fb45091a5d348a0bee77061af535711b3e5797b3676249bcc72c8af71a689a2a58ab9d400a55f5ebd5435608f10297b51dbaf351db1ca448066dca1f78fb9c8084f3363bc5104487d754150d0d25902e71141751eb7a7c609d5180702745afd09fa9fb6f0f688eb71b8472f59e062ac4931ffdedac198b97bf57c00274499344d4d05a9e5939fd70648320ad8dc79be019dd0ae24584c6546f7f15860117348446659b4f910fcd704b00332415527983d55873780e55c2f45b9d180518ec4372e10756f9737798af50725ece532cb5137596232ead102c3276d336cca640c02fee4b6935549e2a38002cff936057cca789071c25506c0d161c23d9be1cdbc51b4934f2c7c96a7a0d155875658d190c19a84db0fc19da1620f5fdbd22ba72e4eaa001a9375d84c515f04c251215fd762e7bb3e6b5144382b8946caa1bb9d420b52d4e356ee157e0af1e3a4f18480b47c28522af0d8931914e61d4dd4bfc40c32510c14a0a418156aa861c578c42ddbe045d194638f7e1a80d66707b33b050af9deab50a4f2a81fccc1e0e3111124235507ed5ead3f1163f271959ec34530b125b4f2115c644ee0c5f1cbf02161a8bb4b97ffdebea6886724690e60b545e0ada911339c4eb4a951b4ba72dd5ed29265c39cdfa76647d9fb4b3dc2e28b41c29f0fc970ff525d2a4386656c52b1f9d4812ab01399a6d37adf05ec969f76537a367e116712e276af731a5433a603d67498933ba8660f6ef8f3f1e2ce9173b6bfb4c63e9b3788414d589450a27b67e00e1b816ab7ca931f7d5f9493149f47e0cd4ab8f8e7f0527bdcb7e4ca8f8e536da330f9d1b2e75659466f592d52102ff0e68b533078e4cfc32033d7fc577ffd2817d6bf17ca884b17c8b3e1dc7111371f4ecf816bfea59509eedcd7d50cc896c465805cd48ee16d56bceda0329e81dba1caec2ba53b511bff4359e067b3e56e959e339836f56830140c15ea9b0ad3f296bca5c54637b6cfb42e74d8ddb13eba96a78cf7db101176104d62cda9377205a26bc6b310a1898df9e6b001946fcdbb67bb80a0ad991f24aaaa908a7e56c4b3c36c1dc59009c793b7", 0x1000, 0x0) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00') ioctl$FITHAW(r5, 0xc0045878) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) 03:40:06 executing program 3: r0 = fork() pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) r3 = gettid() capset(&(0x7f0000000000)={0x19980330, r3}, &(0x7f0000000040)) sendmsg$nl_netfilter(r1, &(0x7f0000000880)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000840)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4c040000050301032dbd7000fddf25030000010800320000", @ANYRES32=r3, @ANYBLOB="0df52bf399153de11cee6ccf533bf6bfb9a5dd66cc71838ed89c9dab63d27db7e3718784039e625627a19f5662f3cb1458572970b13fc5900ecc72822bdee349730ea259c40bddbab32ff6fc3011574ec98d9c720303238004002700c1e21775ca926da399e5bbbe8b62d33f85c2200bb56d73132f6f7608457e759ad55e512f73ef251a927c0aec90706711b37ab4b8a64052b2ed9bc064245061bc693cc275b0f8215185a108f7e0d369cf727c164f491c096f58290fcb5ff42a3a6b93dd65ca161f5f6b348108da58fd4b1f83605830f3c26c67889daabfda217baba5c9eb2fe3361837dbc53e756427ccf412f1cb56a73474f1de5a59e871d19c1bd9e42f63c6b87d334f9e3e097a4a7ff87a83ca6e082553316ea2f453075125d896f86c098ef880e3313ae436e47c9db1baa2b3bde888a44c17f5f5d49a0484c4fdc97b3aef713830a828f2baa49cb62b4c9d585909fe10a154552d5dabe7bf5ee15a71f503ea062befc9f62bb0adac7e4d79161d72249039a9b5942f48c952f11a77e63cdece622eb35ae2cb85bde25c1e151a57c396d785b1d792d1002ebb8e9c05ab996cf5d418637675a4989e59d61f7d2331477bf844383791bd6a783c1bc0f9ba6af756f6f1186148b1d81c22886ee741a8cbfcbaa63717d5eb082d85352599d2af469bf532632cdd3659db19770aa5ba06832c3053c8c9f0ee2591bb095f727b4316914c94d5e534fd3cbdf183f967d27eead8facdcf41472b05c83e34d8b13405a98fb7274db246d2badebd57e13f4426d892c2e882fc1db5a604328a8d52e30ca6a56c03eb008d9e9a01dfe66aa7bec5732668e197980a6928aedb75f4f6b561e31e0b399fe42feb5ec1378113945a4df9f603214e55205eec43de87e390f54f6e1cf229a2d1a18d5dcfd52a1633daff738602247068f8166edcfa49886b63ed3a1a0d91937dcb43cae34645dfc0ad40503786af1424698d20bc16033983a60b77167f8b83f188330de9da6e5e3c708dfb1d0f2a4b96789401d325d67aaf3963cc59b1cc8d9149803722c05a37d397fdb29ba0ef52e651fc6bfcabaeb2e6569500c644e04038419a2a62888146a30abb860068c29ac853dd50ee2ee9da5842d646ed52a29f5bf98aaa9b604fdec583b032d2f27c32019e15d68e14008900fc01000000000000000000000000000108009500ac1414bb00d730d42fa76399aab5ea70301136dd9cf4ecb9b86444cf3e83de73a1d209f7d41cd5cc83d4ceba92676412c7c3a756658b274a0f19876b0ba89c78bcc80d1e24630c34b3549e0aebdcc1914ae502ccf075d83d38cece4d71ce89a46c00e4332e629d80aa93e1a73ce2393b3bbfe0d27c9e696f70ebb83c9c1197535981dbf28669ac93ebc469fc5c2c87cc35cc886d5a2997f419a31795729a4a0da14a3af9c67163742eb377a4f3ea1ee8526a3e80fb0032fc0521b87f735e04526c5e1c8b4b08af94861c7d4db3d713e90d5dc23eaacde02eaf44000000"], 0x44c}, 0x1, 0x0, 0x0, 0x4048000}, 0x4000040) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:40:06 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e23, @remote}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x7, &(0x7f0000000080), 0x4) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$inet6(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000140)={0xa, 0x4e22, 0x400, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3}, 0x1c, &(0x7f0000000500)=[{0x0}, {&(0x7f0000000380)="8a3691b19fea4723ea33a0e17dbe7fceb5ec08be94d0a5b8e083361ccaf87653fd5475f33e238197e8847d571d84187e25ff8bf2c8ca2d311ec28efeb3f78e351d24e5ff46611bce20c7b23e671853c1ddb61ec52a4283f32975fa90bd8f2bba71d5bec94ec06ebfa018405a59b0ce8a81a89b9854a9a960539bd5dbe6750c0e188d4be49a9e82e32a6fad2325084491b0719c74db79f8b2d49ddb547c64c9045a86f67dca2ffb9070645be398b49395156ce3491167e1b5087b07af45f0813c8a41e9596ca78489bb432d15e3ac9bac0ce38264886cc9a051efa6ee238018e5f9f45f01b31984c2", 0xe8}, {&(0x7f0000000480)}], 0x3, &(0x7f0000000540)}, 0x2400c000) connect$inet(0xffffffffffffffff, 0x0, 0x0) ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0xf507, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @local, 0x4}, 0x1c) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r0, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000001c0)="4bc702854e3954b59347985ccc868289d3fe483d2c0900a2a1d12e33a66529e1f276fef452632dfa3c004ce3be84a5f66c29cd4ec39ae5206562fbc9ea3c0dbbebc22e628e147b0e9631f19b0ce0a48e0e675b2da3442226b898f1ddf8eabf133ab4a9cb0999c2ee1d3bd36d089b0d8e97ea00d4c5f6ad14dce058d595aacba2d587ff5eacd81b71a73f53ed276d1f3b3384bb2bfba4e0f37302e690df9e7024378ac754ac0576f996f3ee53d1034c7720767ddf2625817532f7ae89103367b73a36152b84c38bc227ba9e9ff48bcfe027585cf14bff37a888", 0xff41}], 0x3}}], 0x1, 0x0) 03:40:06 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x7, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:40:06 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 23) 03:40:06 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:40:06 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ftruncate(r0, 0x1000003) r2 = dup2(r0, r1) sendmsg$NL80211_CMD_GET_MPATH(r2, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={&(0x7f0000000500)={0x50, 0x0, 0x20, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x1, 0xc}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x50}, 0x1, 0x0, 0x0, 0x24000044}, 0x4810) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)={0x0, 0x9, 0x0, 0x0, 0x1}) fsetxattr$security_capability(r0, &(0x7f0000000040), &(0x7f0000000080)=@v2, 0x14, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCGARP(r3, 0x8954, &(0x7f0000001740)={{0x2, 0x0, @loopback}, {0x0, @link_local}, 0x0, {0x2, 0x0, @multicast2}}) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r5, r4, 0x800, 0x0) r6 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000580), 0x10000, 0x0) sendfile(r4, r6, 0x0, 0x3) syz_open_dev$vcsa(&(0x7f0000000140), 0x80000001, 0x212801) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = openat$sr(0xffffffffffffff9c, &(0x7f00000000c0), 0x48200, 0x0) sendmsg$TIPC_NL_MON_PEER_GET(r7, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)={0x1a0, 0x0, 0x20, 0x70bd29, 0x25dfdbff, {}, [@TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xa4d}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x400}, @TIPC_NLA_PUBL_LOWER={0x8}]}, @TIPC_NLA_NET={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffff8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xffffffff}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x401}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8}]}, @TIPC_NLA_NODE={0x134, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x48, 0x4, {'gcm(aes)\x00', 0x20, "d952a2621657be14e9265d3c08f236b96d7927082e0ac68fb0ce3e47085ea0b7"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "bcfa1b7f23b2b1702f9cdd82429136058f6ce10a0aae5186d0b1a22638"}}, @TIPC_NLA_NODE_ID={0x48, 0x3, "bb015511625a60c06bec64315ecfe5320f099da5179acd47682e416ff8166da9f0abcb99b678a1116ce80f2a515417202fedf464c64c89bf4b2f07eb149870c11bd48a5f"}, @TIPC_NLA_NODE_KEY={0x48, 0x4, {'gcm(aes)\x00', 0x20, "5dbf2678168742122ae3e9f818a415a948aa5a5afec7c4227873cb98d073e0b6"}}]}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x4844}, 0x404c000) write$binfmt_script(r1, &(0x7f0000000300)={'#! ', './file0', [], 0xd}, 0xb) [ 995.932889] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 995.946917] FAULT_INJECTION: forcing a failure. [ 995.946917] name failslab, interval 1, probability 0, space 0, times 0 [ 995.949311] CPU: 0 PID: 7681 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 995.950697] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 995.952375] Call Trace: [ 995.952938] dump_stack+0x107/0x167 [ 995.953696] should_fail.cold+0x5/0xa [ 995.954491] ? security_inode_alloc+0x34/0x160 [ 995.955427] should_failslab+0x5/0x20 [ 995.956370] kmem_cache_alloc+0x5b/0x310 [ 995.957213] security_inode_alloc+0x34/0x160 [ 995.958165] inode_init_always+0xa4e/0xd10 [ 995.959044] alloc_inode+0x84/0x240 [ 995.959935] new_inode_pseudo+0x14/0xe0 [ 995.960766] sock_alloc+0x3c/0x270 [ 995.961638] __sock_create+0xbd/0x7f0 [ 995.962417] ? _copy_to_user+0x145/0x180 [ 995.963410] io_uring_setup+0x1357/0x2a40 [ 995.964276] ? wait_for_completion_io+0x270/0x270 [ 995.965264] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 995.966346] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 995.967410] ? syscall_enter_from_user_mode+0x1d/0x50 [ 995.968469] do_syscall_64+0x33/0x40 [ 995.969236] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 995.970295] RIP: 0033:0x7fd4717f2b19 [ 995.971057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 995.974797] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 995.976345] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 995.977859] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 995.979307] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 995.980755] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 995.982217] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 995.983848] socket: no more sockets 03:40:06 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xa, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:40:06 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x8, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:40:06 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 24) [ 996.088215] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:40:06 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x18, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:40:06 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', r1, &(0x7f0000000080)='./file0\x00', 0x4) renameat2(r0, &(0x7f0000000140)='./file1\x00', r1, &(0x7f0000000180)='./file0\x00', 0x1) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x191) [ 996.186217] FAULT_INJECTION: forcing a failure. [ 996.186217] name failslab, interval 1, probability 0, space 0, times 0 [ 996.188548] CPU: 1 PID: 7706 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 996.189926] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 996.191580] Call Trace: [ 996.192118] dump_stack+0x107/0x167 [ 996.192853] should_fail.cold+0x5/0xa [ 996.193628] ? create_object.isra.0+0x3a/0xa20 [ 996.194546] should_failslab+0x5/0x20 [ 996.195310] kmem_cache_alloc+0x5b/0x310 [ 996.196130] create_object.isra.0+0x3a/0xa20 [ 996.197018] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 996.198073] kmem_cache_alloc+0x159/0x310 [ 996.198913] security_inode_alloc+0x34/0x160 [ 996.199818] inode_init_always+0xa4e/0xd10 [ 996.200685] alloc_inode+0x84/0x240 [ 996.201433] new_inode_pseudo+0x14/0xe0 [ 996.202257] sock_alloc+0x3c/0x270 [ 996.202985] __sock_create+0xbd/0x7f0 [ 996.203766] ? _copy_to_user+0x145/0x180 [ 996.204592] io_uring_setup+0x1357/0x2a40 [ 996.205460] ? wait_for_completion_io+0x270/0x270 [ 996.206461] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 996.207511] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 996.208581] ? syscall_enter_from_user_mode+0x1d/0x50 [ 996.209637] do_syscall_64+0x33/0x40 [ 996.210390] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 996.211429] RIP: 0033:0x7fd4717f2b19 [ 996.212187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 996.215902] RSP: 002b:00007fd46ed47108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 996.217435] RAX: ffffffffffffffda RBX: 00007fd471906020 RCX: 00007fd4717f2b19 [ 996.218900] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 996.220335] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 996.221792] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 996.223233] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:40:21 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x300, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:40:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x9, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:40:21 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:40:21 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 25) 03:40:21 executing program 0: capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) r0 = gettid() capset(&(0x7f0000000000)={0x19980330, r0}, &(0x7f0000000040)) capset(&(0x7f0000000080)={0x20080522, r0}, &(0x7f00000000c0)={0x7, 0x4, 0x3, 0xfffffffa, 0x5, 0xc2}) r1 = fork() capget(&(0x7f0000000140)={0x100c9d17, r1}, &(0x7f0000000180)={0x8000, 0x7, 0x7, 0x8, 0x4d, 0x3}) pidfd_open(r1, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/fscreate\x00') 03:40:21 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0xd5884b98eddc93b4) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) pwrite64(r3, &(0x7f00000003c0)="42b416e9abc3843f1cd3548f1a4d1b7a17a02477ba26af00e0aceb8db45f77b32f0f7dc8b734fc0cca661eb0b902e275f8701d334b4772340b0b84b8e58448004c6b46f363465d50bbf3fdd95a201482ddac3fc4d7687e11b01edfb12dea514a52fe1114dfb0db13e7ee7b02ed9bb111b6decf7092611c050b67c41a0c6f1ddd679dce79269dccbb424799e883d50da97458bdaf55e7af25e790630668ab87081f9742522441d66fffd3626d3a157c0b7d5c6c60c2b0b382e258262aa3042aac30e5fc646f2847cdbc73af89f72ef9ffdcd977d816bea936d3041bb9fafbc759d63a66b7af8a7debd5113f5a117c94b1999971f84b73dfd9f33a625360308188daf3b8c6b61941a64e82d977245fccbd614a606fed79ef1078cbc19a9051404461ace05a1573a02159be5f1ab89b9cb9f9437be19bea8d10c62996478d1ef43d5e78b6d4daae8e567b1f10a7e3405940be50bd441f18d5916e25cd6b63c16378ba01870946f6da077110a7f54532d72f6ccc7ec1c385a734c46d166eaf2c499304c22b9a941c9e9ff47113346e31e2f1b393d490052a72e9fab58afeffb178adc24545ecbb034970ea988ea5b979f254802db2586f21430167a19d123057689a74837e682407345f1616090dc470f43380c91b561395df917790f959c65ce8a6b2689b3fd0893a2b2bd27021d0cd609dacb0298f089b20af873a27f0e112bd1fff47a3e85b105c8a5139cab9101b6555ef4a5bfb0729ec35f244d22ae5c0b38b6650072b5509cab7f9d5131e6e25f9fd14fb0dd87fb86f439029052366a8c3dd9dbed676afcb719b66306a826b70c3edf56130734d75dafd55cf7661a8515d9cf5d4396807a458f165c3b4e7b87f3c7b19de794230f6f6bbb45d9e5c54bde6063fe99535f5c092719ae21dcf7192a2420422f677e10651a9aa782af8b8b7312f5cfa8737d6637b2edcf78ee41f1334555902091d553915fa8fca49bc8f0ac34553914291084a342af0e2a48bade1681f7844f411ca400d3fc6db31167ce24e5bd14e4342f3df5021d910797d2ed3065cff6f17f02780ae22bc8fd8d9cc58d58034ee024ed1df0a1f83e9a761055d1e3a7c6ca765980f933ee378636dbd3ac7963bebafcb234ff7a9a8a1cdca59debf8f65dd291deafe409dbb158e0d1a367ecf387ab2bd62fda34555d08416a0fb5a5c760eb621e98fa565d6c983cbb2ecf99ee0ad28e68d8f1c287f2e469bc0750ebee6554427e2f6b4d1bc265e4538f8c49d28f9398fb6d1174f7a147757f7f076e04abbcb312083d0599b312aabee65cf00babaf6d025705dcdc9bb1f0e3812f8f07f1a3ea64facf4e954a963f2a6838cee57e00c50133041860a36bf8fee663a2f11d2520617af7ff998065153b8f7756de1a4de892e69e001b1d90f9f475fd301efa5de496d66c84bd6640e792ea680c9a2445cd2f470f099ba4a359252bfad56ade647726f14e072c121fbd8b96df892befbd5cc6dcc6ea955ec8528ddb16d47605642c26003e16e39a1fb9326428571f8001dfaa7252a6b702c365eda7bd32b80610aba5882ac2b7f7cc065295d1a5aa41af612314619f79ea18293e61842e8e93ba9301079c40e6d52592c5b7401750fee819930acadada6cf45cc6a31f6d89836d1b8482614a7797f38ddffbbce139e20317afd921f378905b4951bb153c461ea2d4445ff6db29c401cc75f95afedc4b983454ba89d5aad09911b71e2fea5cdd0233d4609ecf6e3a993134cd56d7a19a70847c6a92119dbb6d6c2e55a39798fd81bc0907f138a79dbd2c856798e30fb76dcb5ace894a54265482d8d62fcdacbab61b20c096b80630407c49d150500e7f0784fbda33ed15565aca9ba228d70d7b30c9f0d7b0c35858602020b2c0d3f96a39935a1b124bb7eb31e29672d9f84e10ff1447a5547e6fb490503b7b0fb071a83afdb9963a22f1427dec5c3479896c64c808f21c585fd6f020e40ceaeaf7ed49807cd7f07226cb03a1cb20b1a046653380b6b97704a69c234dd6002e9012e534bf334b5eb6b6978fd96d8d85a17442254411b0aa2f7f5000cd166821550337289d1bad46228ede0e3dcdc3d6e54964308e0663cff7959800b4eca14367f279e0760d90e5d59660a5b008a04c3b5b735e4d828ca9602bc4b0661c428b55bf43486a84031ed4cdd4598e90bdb4e690d4a3a1d2c61a1d1e94fa557efb0195153bbd8fb75e24e9076b62393f52bd74516d339f690ff3c9cd7d8a6b965a02f8f6f15b63d3a09ed7cbd0f94254a61de2dfce474ed069b6afcfb1f8d2d4cd0e8f641c93ee2e5b56bef013130dc57c26406a9ee61f51eef7ad5635110ff9733bbda57919b19ed5b906fdae9f52aecf13cf60fd4165b67d060755c0dabce43f5908cfc677032b291c2dcbb95f993b7dbd51481905d064cb66217ebe63863c036f3b4bc5e18677361239a969683a0b77fc5fd396f1bbae1349870953f390f37513ee36384c4a21013eaad1f29c6d7b9fc0b0f185d70c0a8ff2205d2e642380045d2d753d8675fd5bbe9ce8cc2ff9c7d767b79bddf62caee3f9e9fe91e626049a18a3c2dc6ce8068d4fefb7ff2e0c1c9d1afbe1f24de15417ece44731f4936e0ca99525fbedb81bd3a2156788dae699fbfdaa91e473076cdba1d78f698e15d7cc3ef0f2972c02999ee300f3f6068babaafcdc2c2ec2af0efef20eb530538f5796dc764ed9a67b0b2c22e4c2ac9fdb9b9b9c02cb10a9d3b266867c6f460ecf73618ff7b8cb36d4bfc19f41bf4102bd5357094156d0c58b5ad08d8a8d7049afc4a68d6dd2e043f39a0b059922b12c4fe2707cf8a7a08dea78938e7210998a5c46e652e43d1d176e839e8570421d05cec1b5255a4379c8f303a815d5370540626d9a2fd3a626351a576946b8c7dd07d1b115a5d17f9a819826978b2dfcf9993661e92c6afec46b01d9e50688b80ccfa3f9db8f5218036a734bc684d587c8a40abd6ff51d65d2785b8239fd7354ece20d43ba38051874497034c543cdda17eee7391541bcfdea4ef70a7bb06fabe8f82ed38cb2cfc5a6390ec8b3bc0195ee5b7576bd401217e9ae8a0d23d7f96a276992e2151b2de382790f8b0ef5f0524d182625ae94930416747d84414e525d5898637581446fb5f00a074e76716f03b813d78a61e66d6deabee3e6a19f8dad907e0f2bfae6e80cb8ffa5e281a86bde33c125c31e3e2261b1622cc0319a7c10affc392b5aa5b3e18e72cdeb89a5eb412cc9e9fe2acdf520ba7cf42c2fc5d18e869e8be02afb77ecac0699d5cd8ab5673b6343d51050e1a75110f8de48d13487652394be5e48fff1e0700925237c1fdcbb9dc3290db9c59a544d8b847a6156c814261faa7e20e6a34cee72db846a5aa1c9007211a0e7bd329efa36cbf3622c9a0a11a6be90dced8af406fddb0465af01820efcc8ec3085ac328e4f9c08a363f0b3fa781291b9220455db02a1ea182f3b6ecad79f9baa3129d13a94e32d145d893d33a22223593677771de1592618cdbbeb7e603fa4723706e1f2a3a6218765650a33cf82873e129c3099cde2d8b044be012fd595f86135c1a3340ac205767b186e1f6cb16f20f9330b95149356bdf9c22f7f6f9aab426e8f2863329f8adb652c53ea2d40f77c14d5e645c7c4b9ba4351d83653226d98ce58309f9094eb56bd76937b45b45208f892254b998c5ccae1de11b16a8b0142861d195f03a7aaa3ce2ce28a6f884e680d3f535751239a5fa85c188693b9ca41c71cd86735dc124d3237a99ab197b7725747c43710de57116f162340739fdb0bcba1f605e0e2e18d2dbbd135f8d8583e488906a5ca0610de2b3c94cea7e807bf1f047cb16d4caf6d7d1c1d6c0e81d790c2a563417f6a26fafe7578146cc763d04710c66e285d0995c4b6a41a41ece27447dd4fe0cb6762332d53c08faa7cc29945fc4aba96f1cac22a6c17a401eab12654b84ab2bf19c805c8c82094450b55f2251fb7891965d1a90b525a92f4f0ef1b085e993fa1b910e9ef1d403b648f2764d9ff84da2c79543757e3dfd7524e1945958757d682124d4724f137b93e53e2747aba04521bcb26d8db91ca5adcc530c534049fe74a9d4d95e4eaf6cc788a463388c7ac478370e97bde3efa9466bea5323e6313724cf366d7b46d9aed7fd1e8a919b868cd0569bf9ba8c439b80ed1e8dafdbc220f2b046ef169e949a45f06921dd89cd6923a447777a64f62b4691608fe526bf2ff8ce1a6fa1f362c9f7daf6984d3519faa1d62cc438508872ed30d94516b3b17c4492cc2b89756c5a0d32e1d78208a6b8f8cd40ad623e14e38924c25f49dabd74d6c7109ea0d8936ff33ad94e24025f2ef95dc2e158ef60bd2b678648c799c3d98d24f8eaf64e6c0bac2a9631611ea513ce5d330765ee9411fcdfbbd39f10a8952cd0539a8e56913a57d5abf5f1738cb62a88798c85f8300947aad84ebb7864f18e5628920ab0b1129e588179f546c77d286c578b2c248d5141d7ff65b197f0d741c3d2b3cdda6655dc6c447739a6f02a407284a244e47d8d0a1c1eae14b4ef3f25962249169ca75a44310146ee8170b35a6c5a82d1e4c63b92cad7e9f4d3bf427b5d4941fd3cec5f66e3367c01b2ac328cbaf2ed921b8c0ee373521b0dc9788b07874742b59a858facebe095003514108b72ab9f064788cce892b6c55f1373035859da23602c8aff610a9fb45091a5d348a0bee77061af535711b3e5797b3676249bcc72c8af71a689a2a58ab9d400a55f5ebd5435608f10297b51dbaf351db1ca448066dca1f78fb9c8084f3363bc5104487d754150d0d25902e71141751eb7a7c609d5180702745afd09fa9fb6f0f688eb71b8472f59e062ac4931ffdedac198b97bf57c00274499344d4d05a9e5939fd70648320ad8dc79be019dd0ae24584c6546f7f15860117348446659b4f910fcd704b00332415527983d55873780e55c2f45b9d180518ec4372e10756f9737798af50725ece532cb5137596232ead102c3276d336cca640c02fee4b6935549e2a38002cff936057cca789071c25506c0d161c23d9be1cdbc51b4934f2c7c96a7a0d155875658d190c19a84db0fc19da1620f5fdbd22ba72e4eaa001a9375d84c515f04c251215fd762e7bb3e6b5144382b8946caa1bb9d420b52d4e356ee157e0af1e3a4f18480b47c28522af0d8931914e61d4dd4bfc40c32510c14a0a418156aa861c578c42ddbe045d194638f7e1a80d66707b33b050af9deab50a4f2a81fccc1e0e3111124235507ed5ead3f1163f271959ec34530b125b4f2115c644ee0c5f1cbf02161a8bb4b97ffdebea6886724690e60b545e0ada911339c4eb4a951b4ba72dd5ed29265c39cdfa76647d9fb4b3dc2e28b41c29f0fc970ff525d2a4386656c52b1f9d4812ab01399a6d37adf05ec969f76537a367e116712e276af731a5433a603d67498933ba8660f6ef8f3f1e2ce9173b6bfb4c63e9b3788414d589450a27b67e00e1b816ab7ca931f7d5f9493149f47e0cd4ab8f8e7f0527bdcb7e4ca8f8e536da330f9d1b2e75659466f592d52102ff0e68b533078e4cfc32033d7fc577ffd2817d6bf17ca884b17c8b3e1dc7111371f4ecf816bfea59509eedcd7d50cc896c465805cd48ee16d56bceda0329e81dba1caec2ba53b511bff4359e067b3e56e959e339836f56830140c15ea9b0ad3f296bca5c54637b6cfb42e74d8ddb13eba96a78cf7db101176104d62cda9377205a26bc6b310a1898df9e6b001946fcdbb67bb80a0ad991f24aaaa908a7e56c4b3c36c1dc59009c793b7", 0x1000, 0x0) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00') ioctl$FITHAW(r5, 0xc0045878) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) [ 1011.093463] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:40:21 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xa00, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:40:21 executing program 3: r0 = fork() pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) r3 = gettid() capset(&(0x7f0000000000)={0x19980330, r3}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:40:21 executing program 7: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0002}}}, 0x14) copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) connect$802154_dgram(r0, &(0x7f0000000180)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0002}}}, 0x14) bind$802154_dgram(r0, 0x0, 0x0) r1 = gettid() capset(&(0x7f0000000000)={0x19980330, r1}, &(0x7f0000000040)) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r3, r2, 0x800, 0x0) perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x4, 0x7, 0xd1, 0x1, 0x0, 0x0, 0x1800, 0x5, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7fff, 0x1, @perf_bp={&(0x7f0000000040)}, 0x110, 0x0, 0xda2, 0x2, 0x16, 0x9, 0x3, 0x0, 0x8, 0x0, 0x6}, r1, 0xffffffffffffffff, r2, 0x8) sendmmsg$sock(r0, &(0x7f00000021c0)=[{{0x0, 0x0, 0x0}}], 0x324, 0x0) 03:40:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xa, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:40:21 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1800, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1011.182243] FAULT_INJECTION: forcing a failure. [ 1011.182243] name failslab, interval 1, probability 0, space 0, times 0 [ 1011.184740] CPU: 0 PID: 7733 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1011.186152] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1011.187850] Call Trace: [ 1011.188406] dump_stack+0x107/0x167 [ 1011.189161] should_fail.cold+0x5/0xa [ 1011.189966] ? create_object.isra.0+0x3a/0xa20 [ 1011.190904] should_failslab+0x5/0x20 [ 1011.191712] kmem_cache_alloc+0x5b/0x310 [ 1011.192556] create_object.isra.0+0x3a/0xa20 [ 1011.193455] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1011.194519] kmem_cache_alloc+0x159/0x310 [ 1011.195389] security_inode_alloc+0x34/0x160 [ 1011.196301] inode_init_always+0xa4e/0xd10 [ 1011.197172] alloc_inode+0x84/0x240 [ 1011.197920] new_inode_pseudo+0x14/0xe0 [ 1011.198727] sock_alloc+0x3c/0x270 [ 1011.199450] __sock_create+0xbd/0x7f0 [ 1011.200228] ? _copy_to_user+0x145/0x180 [ 1011.201055] io_uring_setup+0x1357/0x2a40 [ 1011.201917] ? wait_for_completion_io+0x270/0x270 [ 1011.202890] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1011.203936] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1011.204993] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1011.206051] do_syscall_64+0x33/0x40 [ 1011.206806] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1011.207842] RIP: 0033:0x7fd4717f2b19 [ 1011.208595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1011.212309] RSP: 002b:00007fd46ed47108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1011.213855] RAX: ffffffffffffffda RBX: 00007fd471906020 RCX: 00007fd4717f2b19 [ 1011.215294] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1011.216733] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1011.218196] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1011.219639] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:40:21 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) close_range(r0, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(0xffffffffffffffff, 0x40189429, &(0x7f0000000380)={0x0, 0x1000000, 0xffff}) ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x80045440, &(0x7f0000000100)) ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x9361, 0x9) sendmsg$inet(0xffffffffffffffff, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001400)=[{0x0}, {0x0}], 0x2, &(0x7f0000001480)=[@ip_ttl={{0x14, 0x0, 0x2, 0x6}}], 0x18}, 0x0) fsetxattr$security_capability(r1, &(0x7f00000000c0), &(0x7f0000000140)=@v2={0x2000000, [{0x0, 0x2}, {0x40, 0xffff}]}, 0x14, 0x0) ioctl$HIDIOCINITREPORT(0xffffffffffffffff, 0x41015500, 0x20000000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x173, 0x2, @perf_config_ext={0xfffffffffffff0ef}, 0x0, 0x0, 0x2, 0x5, 0x0, 0xffffff7c, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000600000008000300f54affa059c5d724ac550f7c8a8827018ce737a157c8f88745a457c43f7c0d3f96c6ed19623455cbe38dd89055abcf9862ea2d5aa49b506decde50bd1cf5a0ae80b4895d3f73dd2f3642092d06b09e27383aa94c120a85a4eb000200000f842bc9048159e42672f0ca9400c77e4263996a854d61fed55704c215ec810e856c9ef0d999bcd006d1740e5e94c77a7966a6c68eb999beb3d5ea19ddd912066512706e6053ebcd04797d8756b48bada5e4c9198be924e7b2f55b8590d4732ebda754310bb113b1e679f6913ea64927ece51cddf21b8171777770", @ANYRES32=r3, @ANYBLOB="0800050000000000"], 0x24}}, 0x0) r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0), 0x40001, 0x0) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') dup2(r5, r6) sendmsg$IPVS_CMD_GET_SERVICE(r6, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2209000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000225bd7000fcdbdf250400000000050000000100"], 0x28}}, 0x44) ioctl$FITRIM(r2, 0xc0185879, &(0x7f00000001c0)={0xfb7e, 0x0, 0x8}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 03:40:21 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x4000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1011.258237] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:40:21 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xf, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1011.314071] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. 03:40:21 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1011.357292] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:40:36 executing program 3: r0 = fork() pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) gettid() migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:40:36 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x400000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1026.072167] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:40:36 executing program 0: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_tables_matches\x00') pread64(r0, &(0x7f0000000240)=""/83, 0x53, 0x200000048) write$binfmt_aout(r0, &(0x7f0000000940)={{0x107, 0x1, 0x32, 0x7, 0x2dd, 0x9, 0x239, 0x6}, "746797df7ac961a0ce8f40189258a3bb55ab6b971982908f381c4a0cd761818995f55f74221b08b4b8ba3a3eb0faee53e0664fe19850bd78818b1d2e1ac6584a34826ecc321cf3e7f8b7b9a3fec900cb252b4fa28ff1ca0b02aa0cd5967af9cec11a930a333d1250599d396e98390e2d258ea23b1fa0fcb493a336899be7fdf4581e1212fc739b4c5b9bba", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9ab) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1ff) signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x8001]}, 0x8, 0x100000) perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff810013a0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) write$binfmt_elf64(r1, &(0x7f00000002c0)={{0x7f, 0x45, 0x4c, 0x46, 0x2, 0x9, 0xc2, 0x8, 0x0, 0x2, 0x3, 0x3, 0x311, 0x40, 0x3a7, 0x7, 0x3ff, 0x38, 0x1, 0x3, 0x39d, 0x800}, [{0x6, 0x6, 0x81, 0x10001, 0x4, 0x84f, 0x1, 0x1f}, {0x5, 0x0, 0x4, 0x5, 0x200, 0x9, 0x331, 0x8}], "dd982c30bd946396a1f081d42dc594efb795f61535f242302f87409c5b3f8cbb60526d8025d1c2cad37616234f6441f36746cc7d3e50464a47fd3ae364f808a36f563a53f0b0db641948a03df33dc78ace40889988571b7a"}, 0x108) clone3(&(0x7f00000008c0)={0x3040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x0) msgrcv(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000c8eb98c6968371f6857938de5f105163d0fff324c161dfe955b6426ab2cc5fa78b4405ba7e8175d5d66dfeb45c2cdc15f0e535749f4bf672cc1a9d900c0443c429a8d00db81b"], 0x26, 0x0, 0x3000) msgsnd(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0300000000fbff00"], 0x8, 0x0) 03:40:36 executing program 7: r0 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040)=0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) timer_settime(r1, 0x1, &(0x7f0000000080)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f00000000c0)) timer_settime(0x0, 0x0, &(0x7f0000000140)={{}, {0x0, 0x989680}}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x100000001) 03:40:36 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 26) 03:40:36 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x48, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:40:36 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:40:36 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0xd5884b98eddc93b4) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) pwrite64(r3, &(0x7f00000003c0)="42b416e9abc3843f1cd3548f1a4d1b7a17a02477ba26af00e0aceb8db45f77b32f0f7dc8b734fc0cca661eb0b902e275f8701d334b4772340b0b84b8e58448004c6b46f363465d50bbf3fdd95a201482ddac3fc4d7687e11b01edfb12dea514a52fe1114dfb0db13e7ee7b02ed9bb111b6decf7092611c050b67c41a0c6f1ddd679dce79269dccbb424799e883d50da97458bdaf55e7af25e790630668ab87081f9742522441d66fffd3626d3a157c0b7d5c6c60c2b0b382e258262aa3042aac30e5fc646f2847cdbc73af89f72ef9ffdcd977d816bea936d3041bb9fafbc759d63a66b7af8a7debd5113f5a117c94b1999971f84b73dfd9f33a625360308188daf3b8c6b61941a64e82d977245fccbd614a606fed79ef1078cbc19a9051404461ace05a1573a02159be5f1ab89b9cb9f9437be19bea8d10c62996478d1ef43d5e78b6d4daae8e567b1f10a7e3405940be50bd441f18d5916e25cd6b63c16378ba01870946f6da077110a7f54532d72f6ccc7ec1c385a734c46d166eaf2c499304c22b9a941c9e9ff47113346e31e2f1b393d490052a72e9fab58afeffb178adc24545ecbb034970ea988ea5b979f254802db2586f21430167a19d123057689a74837e682407345f1616090dc470f43380c91b561395df917790f959c65ce8a6b2689b3fd0893a2b2bd27021d0cd609dacb0298f089b20af873a27f0e112bd1fff47a3e85b105c8a5139cab9101b6555ef4a5bfb0729ec35f244d22ae5c0b38b6650072b5509cab7f9d5131e6e25f9fd14fb0dd87fb86f439029052366a8c3dd9dbed676afcb719b66306a826b70c3edf56130734d75dafd55cf7661a8515d9cf5d4396807a458f165c3b4e7b87f3c7b19de794230f6f6bbb45d9e5c54bde6063fe99535f5c092719ae21dcf7192a2420422f677e10651a9aa782af8b8b7312f5cfa8737d6637b2edcf78ee41f1334555902091d553915fa8fca49bc8f0ac34553914291084a342af0e2a48bade1681f7844f411ca400d3fc6db31167ce24e5bd14e4342f3df5021d910797d2ed3065cff6f17f02780ae22bc8fd8d9cc58d58034ee024ed1df0a1f83e9a761055d1e3a7c6ca765980f933ee378636dbd3ac7963bebafcb234ff7a9a8a1cdca59debf8f65dd291deafe409dbb158e0d1a367ecf387ab2bd62fda34555d08416a0fb5a5c760eb621e98fa565d6c983cbb2ecf99ee0ad28e68d8f1c287f2e469bc0750ebee6554427e2f6b4d1bc265e4538f8c49d28f9398fb6d1174f7a147757f7f076e04abbcb312083d0599b312aabee65cf00babaf6d025705dcdc9bb1f0e3812f8f07f1a3ea64facf4e954a963f2a6838cee57e00c50133041860a36bf8fee663a2f11d2520617af7ff998065153b8f7756de1a4de892e69e001b1d90f9f475fd301efa5de496d66c84bd6640e792ea680c9a2445cd2f470f099ba4a359252bfad56ade647726f14e072c121fbd8b96df892befbd5cc6dcc6ea955ec8528ddb16d47605642c26003e16e39a1fb9326428571f8001dfaa7252a6b702c365eda7bd32b80610aba5882ac2b7f7cc065295d1a5aa41af612314619f79ea18293e61842e8e93ba9301079c40e6d52592c5b7401750fee819930acadada6cf45cc6a31f6d89836d1b8482614a7797f38ddffbbce139e20317afd921f378905b4951bb153c461ea2d4445ff6db29c401cc75f95afedc4b983454ba89d5aad09911b71e2fea5cdd0233d4609ecf6e3a993134cd56d7a19a70847c6a92119dbb6d6c2e55a39798fd81bc0907f138a79dbd2c856798e30fb76dcb5ace894a54265482d8d62fcdacbab61b20c096b80630407c49d150500e7f0784fbda33ed15565aca9ba228d70d7b30c9f0d7b0c35858602020b2c0d3f96a39935a1b124bb7eb31e29672d9f84e10ff1447a5547e6fb490503b7b0fb071a83afdb9963a22f1427dec5c3479896c64c808f21c585fd6f020e40ceaeaf7ed49807cd7f07226cb03a1cb20b1a046653380b6b97704a69c234dd6002e9012e534bf334b5eb6b6978fd96d8d85a17442254411b0aa2f7f5000cd166821550337289d1bad46228ede0e3dcdc3d6e54964308e0663cff7959800b4eca14367f279e0760d90e5d59660a5b008a04c3b5b735e4d828ca9602bc4b0661c428b55bf43486a84031ed4cdd4598e90bdb4e690d4a3a1d2c61a1d1e94fa557efb0195153bbd8fb75e24e9076b62393f52bd74516d339f690ff3c9cd7d8a6b965a02f8f6f15b63d3a09ed7cbd0f94254a61de2dfce474ed069b6afcfb1f8d2d4cd0e8f641c93ee2e5b56bef013130dc57c26406a9ee61f51eef7ad5635110ff9733bbda57919b19ed5b906fdae9f52aecf13cf60fd4165b67d060755c0dabce43f5908cfc677032b291c2dcbb95f993b7dbd51481905d064cb66217ebe63863c036f3b4bc5e18677361239a969683a0b77fc5fd396f1bbae1349870953f390f37513ee36384c4a21013eaad1f29c6d7b9fc0b0f185d70c0a8ff2205d2e642380045d2d753d8675fd5bbe9ce8cc2ff9c7d767b79bddf62caee3f9e9fe91e626049a18a3c2dc6ce8068d4fefb7ff2e0c1c9d1afbe1f24de15417ece44731f4936e0ca99525fbedb81bd3a2156788dae699fbfdaa91e473076cdba1d78f698e15d7cc3ef0f2972c02999ee300f3f6068babaafcdc2c2ec2af0efef20eb530538f5796dc764ed9a67b0b2c22e4c2ac9fdb9b9b9c02cb10a9d3b266867c6f460ecf73618ff7b8cb36d4bfc19f41bf4102bd5357094156d0c58b5ad08d8a8d7049afc4a68d6dd2e043f39a0b059922b12c4fe2707cf8a7a08dea78938e7210998a5c46e652e43d1d176e839e8570421d05cec1b5255a4379c8f303a815d5370540626d9a2fd3a626351a576946b8c7dd07d1b115a5d17f9a819826978b2dfcf9993661e92c6afec46b01d9e50688b80ccfa3f9db8f5218036a734bc684d587c8a40abd6ff51d65d2785b8239fd7354ece20d43ba38051874497034c543cdda17eee7391541bcfdea4ef70a7bb06fabe8f82ed38cb2cfc5a6390ec8b3bc0195ee5b7576bd401217e9ae8a0d23d7f96a276992e2151b2de382790f8b0ef5f0524d182625ae94930416747d84414e525d5898637581446fb5f00a074e76716f03b813d78a61e66d6deabee3e6a19f8dad907e0f2bfae6e80cb8ffa5e281a86bde33c125c31e3e2261b1622cc0319a7c10affc392b5aa5b3e18e72cdeb89a5eb412cc9e9fe2acdf520ba7cf42c2fc5d18e869e8be02afb77ecac0699d5cd8ab5673b6343d51050e1a75110f8de48d13487652394be5e48fff1e0700925237c1fdcbb9dc3290db9c59a544d8b847a6156c814261faa7e20e6a34cee72db846a5aa1c9007211a0e7bd329efa36cbf3622c9a0a11a6be90dced8af406fddb0465af01820efcc8ec3085ac328e4f9c08a363f0b3fa781291b9220455db02a1ea182f3b6ecad79f9baa3129d13a94e32d145d893d33a22223593677771de1592618cdbbeb7e603fa4723706e1f2a3a6218765650a33cf82873e129c3099cde2d8b044be012fd595f86135c1a3340ac205767b186e1f6cb16f20f9330b95149356bdf9c22f7f6f9aab426e8f2863329f8adb652c53ea2d40f77c14d5e645c7c4b9ba4351d83653226d98ce58309f9094eb56bd76937b45b45208f892254b998c5ccae1de11b16a8b0142861d195f03a7aaa3ce2ce28a6f884e680d3f535751239a5fa85c188693b9ca41c71cd86735dc124d3237a99ab197b7725747c43710de57116f162340739fdb0bcba1f605e0e2e18d2dbbd135f8d8583e488906a5ca0610de2b3c94cea7e807bf1f047cb16d4caf6d7d1c1d6c0e81d790c2a563417f6a26fafe7578146cc763d04710c66e285d0995c4b6a41a41ece27447dd4fe0cb6762332d53c08faa7cc29945fc4aba96f1cac22a6c17a401eab12654b84ab2bf19c805c8c82094450b55f2251fb7891965d1a90b525a92f4f0ef1b085e993fa1b910e9ef1d403b648f2764d9ff84da2c79543757e3dfd7524e1945958757d682124d4724f137b93e53e2747aba04521bcb26d8db91ca5adcc530c534049fe74a9d4d95e4eaf6cc788a463388c7ac478370e97bde3efa9466bea5323e6313724cf366d7b46d9aed7fd1e8a919b868cd0569bf9ba8c439b80ed1e8dafdbc220f2b046ef169e949a45f06921dd89cd6923a447777a64f62b4691608fe526bf2ff8ce1a6fa1f362c9f7daf6984d3519faa1d62cc438508872ed30d94516b3b17c4492cc2b89756c5a0d32e1d78208a6b8f8cd40ad623e14e38924c25f49dabd74d6c7109ea0d8936ff33ad94e24025f2ef95dc2e158ef60bd2b678648c799c3d98d24f8eaf64e6c0bac2a9631611ea513ce5d330765ee9411fcdfbbd39f10a8952cd0539a8e56913a57d5abf5f1738cb62a88798c85f8300947aad84ebb7864f18e5628920ab0b1129e588179f546c77d286c578b2c248d5141d7ff65b197f0d741c3d2b3cdda6655dc6c447739a6f02a407284a244e47d8d0a1c1eae14b4ef3f25962249169ca75a44310146ee8170b35a6c5a82d1e4c63b92cad7e9f4d3bf427b5d4941fd3cec5f66e3367c01b2ac328cbaf2ed921b8c0ee373521b0dc9788b07874742b59a858facebe095003514108b72ab9f064788cce892b6c55f1373035859da23602c8aff610a9fb45091a5d348a0bee77061af535711b3e5797b3676249bcc72c8af71a689a2a58ab9d400a55f5ebd5435608f10297b51dbaf351db1ca448066dca1f78fb9c8084f3363bc5104487d754150d0d25902e71141751eb7a7c609d5180702745afd09fa9fb6f0f688eb71b8472f59e062ac4931ffdedac198b97bf57c00274499344d4d05a9e5939fd70648320ad8dc79be019dd0ae24584c6546f7f15860117348446659b4f910fcd704b00332415527983d55873780e55c2f45b9d180518ec4372e10756f9737798af50725ece532cb5137596232ead102c3276d336cca640c02fee4b6935549e2a38002cff936057cca789071c25506c0d161c23d9be1cdbc51b4934f2c7c96a7a0d155875658d190c19a84db0fc19da1620f5fdbd22ba72e4eaa001a9375d84c515f04c251215fd762e7bb3e6b5144382b8946caa1bb9d420b52d4e356ee157e0af1e3a4f18480b47c28522af0d8931914e61d4dd4bfc40c32510c14a0a418156aa861c578c42ddbe045d194638f7e1a80d66707b33b050af9deab50a4f2a81fccc1e0e3111124235507ed5ead3f1163f271959ec34530b125b4f2115c644ee0c5f1cbf02161a8bb4b97ffdebea6886724690e60b545e0ada911339c4eb4a951b4ba72dd5ed29265c39cdfa76647d9fb4b3dc2e28b41c29f0fc970ff525d2a4386656c52b1f9d4812ab01399a6d37adf05ec969f76537a367e116712e276af731a5433a603d67498933ba8660f6ef8f3f1e2ce9173b6bfb4c63e9b3788414d589450a27b67e00e1b816ab7ca931f7d5f9493149f47e0cd4ab8f8e7f0527bdcb7e4ca8f8e536da330f9d1b2e75659466f592d52102ff0e68b533078e4cfc32033d7fc577ffd2817d6bf17ca884b17c8b3e1dc7111371f4ecf816bfea59509eedcd7d50cc896c465805cd48ee16d56bceda0329e81dba1caec2ba53b511bff4359e067b3e56e959e339836f56830140c15ea9b0ad3f296bca5c54637b6cfb42e74d8ddb13eba96a78cf7db101176104d62cda9377205a26bc6b310a1898df9e6b001946fcdbb67bb80a0ad991f24aaaa908a7e56c4b3c36c1dc59009c793b7", 0x1000, 0x0) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00') ioctl$FITHAW(r5, 0xc0045878) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(0xffffffffffffffff, 0x0, 0x0) 03:40:36 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x80ffff, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1026.141564] FAULT_INJECTION: forcing a failure. [ 1026.141564] name failslab, interval 1, probability 0, space 0, times 0 [ 1026.144318] CPU: 1 PID: 7770 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1026.145885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1026.147776] Call Trace: [ 1026.148394] dump_stack+0x107/0x167 [ 1026.149219] should_fail.cold+0x5/0xa [ 1026.150138] ? create_object.isra.0+0x3a/0xa20 [ 1026.151173] should_failslab+0x5/0x20 [ 1026.152037] kmem_cache_alloc+0x5b/0x310 [ 1026.152975] create_object.isra.0+0x3a/0xa20 [ 1026.154000] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1026.155156] kmem_cache_alloc+0x159/0x310 [ 1026.156115] ? lock_acquire+0x197/0x470 [ 1026.157034] sk_prot_alloc+0x5f/0x2c0 [ 1026.157922] sk_alloc+0x30/0x350 [ 1026.158737] unix_create1+0xbf/0x550 [ 1026.159593] ? _raw_spin_unlock+0x1a/0x30 [ 1026.160522] unix_create+0xf9/0x1f0 [ 1026.161365] __sock_create+0x358/0x7f0 [ 1026.162269] ? _copy_to_user+0x145/0x180 [ 1026.163194] io_uring_setup+0x1357/0x2a40 [ 1026.164140] ? wait_for_completion_io+0x270/0x270 [ 1026.165254] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1026.166429] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1026.167627] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1026.168794] do_syscall_64+0x33/0x40 [ 1026.169649] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1026.170827] RIP: 0033:0x7fd4717f2b19 [ 1026.171669] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1026.175885] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1026.177600] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1026.179234] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1026.180868] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1026.182524] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1026.184152] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:40:36 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x4c, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1026.218018] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:40:36 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x68, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:40:36 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:40:36 executing program 7: getsockopt$IP6T_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x29, 0x44, &(0x7f0000000000)={'NETMAP\x00'}, &(0x7f0000000040)=0x1e) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x90, 0x15, 0x400, 0x70bd26, 0x25dfdbff, {0xb}, [@generic="0e9affe3a206b72c5219269de8c739e58f060fa8459c56045249777af2fd8a04c8e90320bb3e7d3bca9785fa2cc3a9f8921d5295e2805c7bf87e5d5d8f42dbc2c7230e71e729e3080d636789b1632e21a1367d9c9f4719cfab7a745af535988d7071114f", @typed={0x14, 0x2f, 0x0, 0x0, @ipv6=@empty}, @typed={0x4, 0x21}]}, 0x90}, 0x1, 0x0, 0x0, 0x40}, 0x10) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000540)=0x0) syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0xb815ac0, 0x3, &(0x7f00000004c0)=[{&(0x7f0000000280)="82eddceb4dfd729db69c43964cb315c014ce5fdfa160db27b61d9445e92c3b6faf73d9383d9f2a804ab0a00cb2c24a69c24c075a34946cf656cb5cc090e72af19bd3163899af0b1259db4e98df2dea8dbf1ab039cf561fa42e1ec13018efa17c4f6e40919c333ec835c0e776ac9a582f4e222cf021ffc2dd0d6b4ac904796a00fac14536b3ab8974f12c42f4a6a322fab10c826935a93b", 0x97, 0x2}, {&(0x7f0000000340)="e1ba5b8920717c1e1b889c7afce1d177471b03223ca87792f66eb7153788570af8bc283849b26796714a9d06be59f86f8cdcfb8608ed422dc3c4a9d78ce86eb794909c70c25679d15776fb39fd50460ca795f3d814a20f36eeddb23d9e796849da", 0x61}, {&(0x7f00000003c0)="8b8228305f05a36cadab84673e60121c5e11d99edf607abb218939938b03100c49ef91503b81c3d592cdb631237458e2f7fb3070ec04b2cbf795f043bfec85c1a4b502bc5918328eb672e5b3f169f5176a7017e5b33ec8d58a06a210cd6e10ac2783a9e747cd0ee0f89a0e3f488e4c6d76c721b02e278cf9c2189edc7d8a752866eed323011f1e997178306ddc041fa29b55c3f34547213b1832123bc566547de4016adaa07d091cca0729aab895c890548096377ae084d72f736e1d49d9913eccdcfdbe25e0cef360fc0e71b0c3a4642075138609de1536edc7a6920b021a05d6bb57c72922caef1310881bce20e6bb", 0xf0, 0x9}], 0x100000, &(0x7f0000000580)={[{@uni_xlateno}, {@shortname_lower}, {@fat=@codepage={'codepage', 0x3d, '936'}}], [{@uid_lt={'uid<', r0}}, {@subj_role={'subj_role', 0x3d, 'NETMAP\x00'}}]}) sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x7c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac01}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "395fc19f3f6667b5210c5b7bff"}, @NL80211_ATTR_KEY_SEQ={0x5, 0xa, 'n'}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "852d76eec0"}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4080}, 0x800) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000780)={'wlan1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000007c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x38, 0x0, 0x2, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x4f}, @val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x11, 0x61}}}}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r3, 0x8982, &(0x7f00000008c0)={0x3, 'ip6_vti0\x00', {0x800}, 0x2}) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000900), 0x480000, 0x0) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000006180)='/sys/power/resume', 0x2, 0x84) sendfile(r5, r3, &(0x7f00000061c0)=0x4, 0x2) sendmsg$nl_generic(r5, &(0x7f00000072c0)={&(0x7f0000006200)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000007280)={&(0x7f0000006240)={0x1014, 0x1f, 0x1, 0x70bd2d, 0x25dfdbfc, {0x4}, [@generic="3239f32c15511d621e5249433b96d06da77bdd933ebd2bfb398ab214adba1107157f36188a86fdcffe806ec5d208ca743f390947704ed154632ad7e88b14cd3f8eabc1fadaffba01fdaefce0c53cd9515e6a55b814f1cb2d259ca706d7c06c7bcadb0f70891827e947f71a31617c1603433fa72856e44330919ee86dd989017214c399092898f363e90e538ed24424feb100473af74f8f1083c25a4b91c54465b3fcfb1fe1db6dee4dd9fd6a6f100cf2bb00b4ae900c11a8b573b7064e2d4dc4e0a4768dd6fa72277668293c55a8085d331cc2572e359660f89489931e8792e412d66e256274f179f901cbcea5f74c0f59b532ca27d91340a0aad0c816c9a777715ec966c635c317b89d541feda09157d07cce2d2d2e389cec12252843f2c71b4dc4a1950650023d67c56ecb51c83d2d693b9ee80cc3a533c886fc66cd459f35facb8426e790677b42a8b20a585c9aecf49c78a4dfcd2d5ca8e9a9f55cc07e44b008eed7cb5fc8ab0faf96746ec74cd3be4924e6c53c8ab267f298b85413d9dc7cd2ff92e34d9e579761d14972da04194d7af176ca199e7f7bf0e884eaa3ac4970cf31ac0067fb717bd68b7fdd4d3907fcd5760e68f8fb2ba9bd9a3a1a0b9f2a8d89db99ffe40710bb215cd238d46e32bcac9fdd87ef93d76c1dc2e833dd6b482dac5731fd6855d4559def9db8a21bd22601d3b88c0837bc2a1cc966276cfd5792f6ba1a67c3c5aeaae3836958668838ced3290b6b421212cb8bb7a75e437a24d9aafcdc49b1204f90e52341e2d4e8c4422c9fec2c4655a84ae2c202a83348e1bedee8c7791533b12f67a18361efbf0d5dd81ff966539f9536b809075dade9cc25e7c98df6fd2f4caff12ce48c2d2d26c08d9c2c95f75b0236c2c4442f80ce6252f462ae6dc30c8933d5b86ac11e871815851970e1b5a102826e495d5d3f1992c50f74cc75841b9c2e78d0aec1c3f50bb4c687459dcc94200d22dd62404ac903e30b46ff268fe14223c4eefbb7310ee26934b1327d421498afa38e355b394682f655b6c8767a537ce5c0ab942d58db1c4974e74e808d78d997b0e98063fd07cecf2121b593faf7849527873976335eb95847a44b27786b7b2261ead297a52b69dd4561ff05dd69887af5c70c4f67a0ae409c022b11df1119e3197842c974b8fa9bb15202611dc04ea916b167f9f442a296f1a80fa08d55d45b002fb74d0867306b263fe62f296a57328ad8f6a7ee05b948f415f6bc2f9a1c5ed4196fd754487beb6222a27d9734c2c7a48d160d6cad379df0dd6e7112f6d4102f3b85b0605482e49aac01004830e3ab3478a1b9f82c0e2e3eb4549aa3e1c486d76d2d6f4008a513a39d53a56677a4cfa4974b298d1d874d07f20c3cb1424835bb7c420f900d8ab469c7957f1c99acf981ed010f605394fde8cc80e214f9cf6cce449637d9a24bec7b21e8b67bfef4af222fc6cd9c0404a4452f89ad8e26a0413062a144165eec4233e1a32f2e89269c7e3423a705d8e7157d23e8ee99b5d5a63cdefbe9bbb0cd5a98cdff9367b367b7d2b731e4e547dffc6f6ade0b99daeb6b737cd8d4f74cd598510c10d3663cffb7df69881ed54136039431aa28423c36e3e93236392212df6345d05fa7dd7e2a018216fb44bf188ba78a4e4fe9d3407fa589a73649564d6c1585b75783a5c4263bb1b29d756f6db15b04941254a0de669cb43bd64fa3c452f5f7ccaa52c9ef90b5b3bcfa5a9c66c833afcf334a0068ae6693e8c7ccf8ef6f7cafb55fcf483b751eed253e6196a82310ced9a84a211f1b1a43de4a4128f219a471b44105feb128473d7d06592de4571274c1beb44a9c0c178d84701096a0e810ea4556198ed14965302c19d353f8c820f4655ee544c739ca2bb38f5ded87ce3dcb45996242169b9551d00b54c5d8f94242e74e8c0c404a18a0531a2eebb316001d24fdd9031e7013f3adf30c33b0a41d3d9c33893ee15e61a2b1002d493e1e7c6493378891cbb62cabf6829edad0537b6670e23eb9f662447ac4e070fcbab43df98db06da921ea9556f1a02b8cf8e45dbe9558e4d8791f266b69ffa6dda0d9d79aeac33cbff711f174abe3c4545d0d460bee88d9ece54e65ce22934ea318512a56524dcb7fc32f53f4aaf634792f8c605a1d2772c61c4ba45a73d69eb5188dbdbdcfd9f17b05ca5093e598426d37215758c64fe5e6c237ffb56aec4662d2f8fab0c766242cef6bb0aed9aefd2d1eedef02f681085bd70704e2733ba9e1dead31e78ae57b7ff0c1bbb72dc2f0b08284b7094b28ae5c11826adae808e4f710c474632a9dca8b00f06d486620b633f0585c30a6d18cffa460a17594f1096b1ff3d7fee0cb6213647edc95c658050631549b9f4c82d03e6671f30aa7df3d4ea82beb4865044af221ad34fbaba9c5b8dbb623a7d8994947958d5d122fc597776190356acf68be21d831fe8ff387d5e714a36d0845120578f6dafb23abe406d733c153166a95665817e7d17bca6753672fbfdc79a53b200bfe69b8fa2af34c82e6451217b1a1cd36ec58fd57f7e9450c67739151cf2479cfe2a17f8c69343c07c02c1923021818d57777ebbcb0c489ad2b06a8cae312678dda55ff9975a5a6ed9d9b9ca562c6ca43d1f5f52a20d4d15204ef7c0a90d4069a9b0b0599026eebe2ca26f66b4b5126608459c0e7e14235c94f22383522dfe86697177ef2b877b7571b0042a187c0605d480990cd8e684502333fe73d5dc6102a4c2ea98f2523468dd56e20e139afc5e6dafcc2c416fba41547eb6dd297f2108a3d394d8815d99578cedcd447a5b19c67b8a8800a053cf9481b7fcdd19d58a6a07f3ad4b09021d1140690080140cea3d02f2286f1a549bfd72bae27c4f9a94e5cba5b61955b3b630e1b6db96a2913e542f594bfaa9b567f44664404a86f9679475612c466579ec7e5e53f0e7b150ce371e1d3162a6f2d899915063807acdc04fe23dd460e50fe68a1fe565cfa17ae912bbc2e49aa8fa91fd679fdf5bacdd48ce68f764f6900be8aeadfc2ac4be481500b64eb9eea3245dc2204217ebcbb3037e998840f2ad327a408c249d3009c470cd7d247c657a0b6a4d6450b023923901c37654deb0408384923af65277122d84601eb07e5d65215d4c9128c776c09e70bd76944d7abccfbf3b5dabc4e9870617d107baa81b4a8cc0c85d02a0d7b1931b140c7591d15fc0fa7183bf37dae9d006b0b1e5cd09a0996280268a1305484100c0a41222d2dd0e398670217f78cc8439b6f0aef560c3f20f33fc53e159103735a7acf53a7ef7032cde1d59caed3112eb7527955a2b7ee2c86dc895347538d1b84d94cdcf6c20e7605bd5a681ca29c12341ce6f5581175a4659760dbcf023537b990947528749ddb2c051b8c15a75b9b0b793f8cce465346cbf25e70147c705e5132ade477071f6e4c9c4f1d4581d5d405af618340bfef5cd4cf0e6a14b61304d4e62cd2e03cfd47a34272e2b16400edd3ee2c5a780bd8da8b4e122b70b8462973e10cf0a1e7453ef89ef009f8c3bd30479030292cb8ed02c442d813f2717858c71528fa9d392b6023278513cc953b798ffa495826ac7e4111db582331db75ae2ab83ac8ecf5bd5024fd708882690449f7e60704e6432975f8df5270ea8e7fd8ced9a858776ce6d499c21c9986ba439fdb1222505ead2b697be960a36e4c2bb7ce378c4d0533d9bf418c6d9154882131ebb3fcd2cd9c0ccd4d316c812c164beb6fee77478bb44cd9b281041945f9151b79af25541fc3ca1d2092491f34853dd5e2618c04f225e51a2cb0316cec298853d03205c30ee735a80762a38725f15ddad2298ca79191bd57fdd3256a642b64a5309015767c70e61c1d1d3f679c7e398dd462647bc478ca63c56b10be77543a9635d8ccaadbd32d2261fdc06fc6b3f3f41ae0153f54ffe0910a868cab148eb9842f9a5cee513df0d0376933884def2557b0f448345c2fe5c765c041809554b4bcaf15bf209f3e0b9219378ae8f48c511020602bdeafb33e1c2ad39ca1095af0fde94a842a0c2038f2596aec2a149febf5e0a26b40665bbcd381b7ddde520b4c96c3ec935ce80fca01c2a92e9de6d8982e3b2dd529009e7fa4355048630ef559e75b79ddce54cad5401977c019ab486d70954903cd448ff698fef52ef7f245b3f4275bb62fbbe1526bf6b60379bf7a440c2d1d0efc861d5d3a6561cbbf2ac20492f6b91ee5b8063523ee5eaef56d9a631e35c4063deb194b122239a9540ff819440714ef32c217bf955523dc243be7b38bc9e2bc44b1fa4279bfb01a05f09b87f9a47b6356fe445cb56118f1a06127938d6b5c6c3d2a4f859312a94be4ec4eddf945dd4fc0403509711577ecb138dc7d279dbb066108e47d0430094082abb1bc99a0518a57979db5035f03e78e1281b2b8121144216337805c1ade7eb9bf4f197aef29fb92ece49dceafdadb0eb9c8ba764efdb47f52a55feeff3332b007eb2290154332bc6d2913788487c032f28dcd27c104d1543b3a9e6f02351046d3efe84883b89a617a70f871825f999c431efd822bb4a8bc6295a193f764475801e1ab30c029efdc9892eaab6cd1e3f8d676ad73806e00a99a05dfe7a5f378f4ef82b6dccd5b192501b6376ca46b59ded94ccdfca59318e158a731ec458690c84ec33b83becea6ca2ce6a349dc623840f64e755a233022f4e7bc9b5a89878355cbc6ccc31e80d3e9ad106ba3b05111e86226dbb15baa5813390a98cfdc263663067273b2ff6a65e2353507de01f07806369fa6d679b590df57782ebf89ebaefb1dcc05e2526fff965f5407b8c64d67cca8e4a7ca6e375e57c1d2ac028ff15a70626d84698c0e1e53be5d387925891b273d59fb43f14022e26fab463e4c2028ca8de38bb672452edd75742cf7daef6024e6bee4c8ebeff800bd37437a295f3deba890b5c16ebe1090cb2c96633d25012e319a0fe75e9653f07a183620fbb535f1ed2f5e08ed5e3c54746f46f85f650c243d5cf34b26d0285db5f74f3561d3634c248d41f4575bc2d4c3ab1228a249004f4292cf69a0ccca2ce78a2108aba7226302fbe06b134116dbfb1ce08ab9377df0f02fe4028824bdbf03f9228edc5aa620e07c6ae2c54adc1b2af89feef2b84a714bb9fe3c95bbaf17dc77afc78f1cf669a1be984a52dc0b8f23b42d90d77a8b1022b059713ebfac29e5e4e719611131531a86ddeda7bdf89e8ccb43c27a7ba2934de0942225937026383b616883660cc7d9faf29c947c97b97f24afa54133ae3b4b409b9dc7b6669215f5d047d658a81f74ff38d4f2e681e5e55a05f355046ef7b3630603bf233e62362b1b959670d60919532a242a9152c0198d90baa7bce7287fba571f0cbeb3788e12df482e6fabe01325a57604c032a3cdae69d194fb70a76a220f6da800182569643e0a8ceaa10131eec38f9390a963bed2358dda8e9ff8d9af6e61d914ebb0e1da04857d312c6c73a60cb25ea14abe763a65c7f93639806cad790f76dd2c35c25ce5e57582819834873cbc0b3b86dbfe7fc18b29c85cecb81719bb7b75d1f34cbf0eb6175ad057d6ef7378f112a85a3a5187976b73f9947af637399700d131a9259a20e8b1dfa806c093948c8b75a55b40196259fc6c43677fd16c51255bef32aee33891f02ecb075122ee0cc74cc5e61cae97943d2551041bcaa70c503d42b8925c95e4af75d16438cd9312dd77fcc06fa4401eb297136214961b644c73c26c5fcbdcdad086750b0a71c9643b9c28ecbb0ab9378e94929ef7ee9065fcc1efdb11289231d2e618"]}, 0x1014}, 0x1, 0x0, 0x0, 0x800}, 0x8000085) pwrite64(r3, &(0x7f0000007300)="5f2027d363ea8a5669c966f2328287ffffb6c570c79a5d835d0daea2d06b38b1efe0d585872e75d2c42b04f0dd89d6676d651f886c324c2b5ee799822dfd9251cc102c4ac8ee944ac187baf1fb9dafd1ab545cdf64f21194d911e4d9fd84741cfb2a48148cd833222b", 0x69, 0x0) r6 = socket$packet(0x11, 0x2, 0x300) r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000073c0), r5) sendmsg$TIPC_CMD_GET_MAX_PORTS(r4, &(0x7f0000007480)={&(0x7f0000007380)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000007440)={&(0x7f0000007400)={0x1c, r7, 0x100, 0x70bd25, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x14) ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc020f509, &(0x7f00000074c0)={r6, 0x2, 0x6, 0x5}) openat(r8, &(0x7f0000007500)='./file0\x00', 0x44a800, 0x12) [ 1026.274489] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:40:36 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:40:36 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 27) 03:40:36 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x6c, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1026.363292] FAULT_INJECTION: forcing a failure. [ 1026.363292] name failslab, interval 1, probability 0, space 0, times 0 [ 1026.366079] CPU: 1 PID: 7795 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1026.367665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1026.369558] Call Trace: [ 1026.370170] dump_stack+0x107/0x167 [ 1026.371005] should_fail.cold+0x5/0xa [ 1026.371891] ? selinux_sk_alloc_security+0x8b/0x1b0 [ 1026.373026] should_failslab+0x5/0x20 [ 1026.373937] kmem_cache_alloc_trace+0x55/0x320 [ 1026.374982] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1026.376173] selinux_sk_alloc_security+0x8b/0x1b0 [ 1026.377299] security_sk_alloc+0x56/0xb0 [ 1026.378258] sk_prot_alloc+0xa5/0x2c0 [ 1026.379127] sk_alloc+0x30/0x350 [ 1026.379909] unix_create1+0xbf/0x550 [ 1026.380763] ? _raw_spin_unlock+0x1a/0x30 [ 1026.381715] unix_create+0xf9/0x1f0 [ 1026.382562] __sock_create+0x358/0x7f0 [ 1026.383484] ? _copy_to_user+0x145/0x180 [ 1026.384413] io_uring_setup+0x1357/0x2a40 [ 1026.385376] ? wait_for_completion_io+0x270/0x270 [ 1026.386479] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1026.387659] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1026.388847] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1026.390062] do_syscall_64+0x33/0x40 [ 1026.390911] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1026.392084] RIP: 0033:0x7fd4717f2b19 [ 1026.392943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1026.397094] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1026.398852] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1026.400460] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1026.402111] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1026.403724] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1026.405330] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 1026.415239] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:40:53 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:40:53 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x74, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:40:53 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:40:53 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 28) 03:40:53 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)=ANY=[@ANYRESOCT=r0], 0x20}}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) tee(r2, r1, 0x800, 0x0) r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x404800, 0x0) r5 = syz_open_dev$ttys(0xc, 0x2, 0x0) fcntl$dupfd(r4, 0x0, r5) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r3}, './file0\x00'}) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r6) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r9, r8, 0x800, 0x0) close_range(r9, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_NOTIFY_RADAR(r9, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, r7, 0x200, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x29}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000010}, 0x6814) 03:40:53 executing program 3: r0 = fork() pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) gettid() migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) [ 1042.994100] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:40:53 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0xd5884b98eddc93b4) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) pwrite64(r3, &(0x7f00000003c0)="42b416e9abc3843f1cd3548f1a4d1b7a17a02477ba26af00e0aceb8db45f77b32f0f7dc8b734fc0cca661eb0b902e275f8701d334b4772340b0b84b8e58448004c6b46f363465d50bbf3fdd95a201482ddac3fc4d7687e11b01edfb12dea514a52fe1114dfb0db13e7ee7b02ed9bb111b6decf7092611c050b67c41a0c6f1ddd679dce79269dccbb424799e883d50da97458bdaf55e7af25e790630668ab87081f9742522441d66fffd3626d3a157c0b7d5c6c60c2b0b382e258262aa3042aac30e5fc646f2847cdbc73af89f72ef9ffdcd977d816bea936d3041bb9fafbc759d63a66b7af8a7debd5113f5a117c94b1999971f84b73dfd9f33a625360308188daf3b8c6b61941a64e82d977245fccbd614a606fed79ef1078cbc19a9051404461ace05a1573a02159be5f1ab89b9cb9f9437be19bea8d10c62996478d1ef43d5e78b6d4daae8e567b1f10a7e3405940be50bd441f18d5916e25cd6b63c16378ba01870946f6da077110a7f54532d72f6ccc7ec1c385a734c46d166eaf2c499304c22b9a941c9e9ff47113346e31e2f1b393d490052a72e9fab58afeffb178adc24545ecbb034970ea988ea5b979f254802db2586f21430167a19d123057689a74837e682407345f1616090dc470f43380c91b561395df917790f959c65ce8a6b2689b3fd0893a2b2bd27021d0cd609dacb0298f089b20af873a27f0e112bd1fff47a3e85b105c8a5139cab9101b6555ef4a5bfb0729ec35f244d22ae5c0b38b6650072b5509cab7f9d5131e6e25f9fd14fb0dd87fb86f439029052366a8c3dd9dbed676afcb719b66306a826b70c3edf56130734d75dafd55cf7661a8515d9cf5d4396807a458f165c3b4e7b87f3c7b19de794230f6f6bbb45d9e5c54bde6063fe99535f5c092719ae21dcf7192a2420422f677e10651a9aa782af8b8b7312f5cfa8737d6637b2edcf78ee41f1334555902091d553915fa8fca49bc8f0ac34553914291084a342af0e2a48bade1681f7844f411ca400d3fc6db31167ce24e5bd14e4342f3df5021d910797d2ed3065cff6f17f02780ae22bc8fd8d9cc58d58034ee024ed1df0a1f83e9a761055d1e3a7c6ca765980f933ee378636dbd3ac7963bebafcb234ff7a9a8a1cdca59debf8f65dd291deafe409dbb158e0d1a367ecf387ab2bd62fda34555d08416a0fb5a5c760eb621e98fa565d6c983cbb2ecf99ee0ad28e68d8f1c287f2e469bc0750ebee6554427e2f6b4d1bc265e4538f8c49d28f9398fb6d1174f7a147757f7f076e04abbcb312083d0599b312aabee65cf00babaf6d025705dcdc9bb1f0e3812f8f07f1a3ea64facf4e954a963f2a6838cee57e00c50133041860a36bf8fee663a2f11d2520617af7ff998065153b8f7756de1a4de892e69e001b1d90f9f475fd301efa5de496d66c84bd6640e792ea680c9a2445cd2f470f099ba4a359252bfad56ade647726f14e072c121fbd8b96df892befbd5cc6dcc6ea955ec8528ddb16d47605642c26003e16e39a1fb9326428571f8001dfaa7252a6b702c365eda7bd32b80610aba5882ac2b7f7cc065295d1a5aa41af612314619f79ea18293e61842e8e93ba9301079c40e6d52592c5b7401750fee819930acadada6cf45cc6a31f6d89836d1b8482614a7797f38ddffbbce139e20317afd921f378905b4951bb153c461ea2d4445ff6db29c401cc75f95afedc4b983454ba89d5aad09911b71e2fea5cdd0233d4609ecf6e3a993134cd56d7a19a70847c6a92119dbb6d6c2e55a39798fd81bc0907f138a79dbd2c856798e30fb76dcb5ace894a54265482d8d62fcdacbab61b20c096b80630407c49d150500e7f0784fbda33ed15565aca9ba228d70d7b30c9f0d7b0c35858602020b2c0d3f96a39935a1b124bb7eb31e29672d9f84e10ff1447a5547e6fb490503b7b0fb071a83afdb9963a22f1427dec5c3479896c64c808f21c585fd6f020e40ceaeaf7ed49807cd7f07226cb03a1cb20b1a046653380b6b97704a69c234dd6002e9012e534bf334b5eb6b6978fd96d8d85a17442254411b0aa2f7f5000cd166821550337289d1bad46228ede0e3dcdc3d6e54964308e0663cff7959800b4eca14367f279e0760d90e5d59660a5b008a04c3b5b735e4d828ca9602bc4b0661c428b55bf43486a84031ed4cdd4598e90bdb4e690d4a3a1d2c61a1d1e94fa557efb0195153bbd8fb75e24e9076b62393f52bd74516d339f690ff3c9cd7d8a6b965a02f8f6f15b63d3a09ed7cbd0f94254a61de2dfce474ed069b6afcfb1f8d2d4cd0e8f641c93ee2e5b56bef013130dc57c26406a9ee61f51eef7ad5635110ff9733bbda57919b19ed5b906fdae9f52aecf13cf60fd4165b67d060755c0dabce43f5908cfc677032b291c2dcbb95f993b7dbd51481905d064cb66217ebe63863c036f3b4bc5e18677361239a969683a0b77fc5fd396f1bbae1349870953f390f37513ee36384c4a21013eaad1f29c6d7b9fc0b0f185d70c0a8ff2205d2e642380045d2d753d8675fd5bbe9ce8cc2ff9c7d767b79bddf62caee3f9e9fe91e626049a18a3c2dc6ce8068d4fefb7ff2e0c1c9d1afbe1f24de15417ece44731f4936e0ca99525fbedb81bd3a2156788dae699fbfdaa91e473076cdba1d78f698e15d7cc3ef0f2972c02999ee300f3f6068babaafcdc2c2ec2af0efef20eb530538f5796dc764ed9a67b0b2c22e4c2ac9fdb9b9b9c02cb10a9d3b266867c6f460ecf73618ff7b8cb36d4bfc19f41bf4102bd5357094156d0c58b5ad08d8a8d7049afc4a68d6dd2e043f39a0b059922b12c4fe2707cf8a7a08dea78938e7210998a5c46e652e43d1d176e839e8570421d05cec1b5255a4379c8f303a815d5370540626d9a2fd3a626351a576946b8c7dd07d1b115a5d17f9a819826978b2dfcf9993661e92c6afec46b01d9e50688b80ccfa3f9db8f5218036a734bc684d587c8a40abd6ff51d65d2785b8239fd7354ece20d43ba38051874497034c543cdda17eee7391541bcfdea4ef70a7bb06fabe8f82ed38cb2cfc5a6390ec8b3bc0195ee5b7576bd401217e9ae8a0d23d7f96a276992e2151b2de382790f8b0ef5f0524d182625ae94930416747d84414e525d5898637581446fb5f00a074e76716f03b813d78a61e66d6deabee3e6a19f8dad907e0f2bfae6e80cb8ffa5e281a86bde33c125c31e3e2261b1622cc0319a7c10affc392b5aa5b3e18e72cdeb89a5eb412cc9e9fe2acdf520ba7cf42c2fc5d18e869e8be02afb77ecac0699d5cd8ab5673b6343d51050e1a75110f8de48d13487652394be5e48fff1e0700925237c1fdcbb9dc3290db9c59a544d8b847a6156c814261faa7e20e6a34cee72db846a5aa1c9007211a0e7bd329efa36cbf3622c9a0a11a6be90dced8af406fddb0465af01820efcc8ec3085ac328e4f9c08a363f0b3fa781291b9220455db02a1ea182f3b6ecad79f9baa3129d13a94e32d145d893d33a22223593677771de1592618cdbbeb7e603fa4723706e1f2a3a6218765650a33cf82873e129c3099cde2d8b044be012fd595f86135c1a3340ac205767b186e1f6cb16f20f9330b95149356bdf9c22f7f6f9aab426e8f2863329f8adb652c53ea2d40f77c14d5e645c7c4b9ba4351d83653226d98ce58309f9094eb56bd76937b45b45208f892254b998c5ccae1de11b16a8b0142861d195f03a7aaa3ce2ce28a6f884e680d3f535751239a5fa85c188693b9ca41c71cd86735dc124d3237a99ab197b7725747c43710de57116f162340739fdb0bcba1f605e0e2e18d2dbbd135f8d8583e488906a5ca0610de2b3c94cea7e807bf1f047cb16d4caf6d7d1c1d6c0e81d790c2a563417f6a26fafe7578146cc763d04710c66e285d0995c4b6a41a41ece27447dd4fe0cb6762332d53c08faa7cc29945fc4aba96f1cac22a6c17a401eab12654b84ab2bf19c805c8c82094450b55f2251fb7891965d1a90b525a92f4f0ef1b085e993fa1b910e9ef1d403b648f2764d9ff84da2c79543757e3dfd7524e1945958757d682124d4724f137b93e53e2747aba04521bcb26d8db91ca5adcc530c534049fe74a9d4d95e4eaf6cc788a463388c7ac478370e97bde3efa9466bea5323e6313724cf366d7b46d9aed7fd1e8a919b868cd0569bf9ba8c439b80ed1e8dafdbc220f2b046ef169e949a45f06921dd89cd6923a447777a64f62b4691608fe526bf2ff8ce1a6fa1f362c9f7daf6984d3519faa1d62cc438508872ed30d94516b3b17c4492cc2b89756c5a0d32e1d78208a6b8f8cd40ad623e14e38924c25f49dabd74d6c7109ea0d8936ff33ad94e24025f2ef95dc2e158ef60bd2b678648c799c3d98d24f8eaf64e6c0bac2a9631611ea513ce5d330765ee9411fcdfbbd39f10a8952cd0539a8e56913a57d5abf5f1738cb62a88798c85f8300947aad84ebb7864f18e5628920ab0b1129e588179f546c77d286c578b2c248d5141d7ff65b197f0d741c3d2b3cdda6655dc6c447739a6f02a407284a244e47d8d0a1c1eae14b4ef3f25962249169ca75a44310146ee8170b35a6c5a82d1e4c63b92cad7e9f4d3bf427b5d4941fd3cec5f66e3367c01b2ac328cbaf2ed921b8c0ee373521b0dc9788b07874742b59a858facebe095003514108b72ab9f064788cce892b6c55f1373035859da23602c8aff610a9fb45091a5d348a0bee77061af535711b3e5797b3676249bcc72c8af71a689a2a58ab9d400a55f5ebd5435608f10297b51dbaf351db1ca448066dca1f78fb9c8084f3363bc5104487d754150d0d25902e71141751eb7a7c609d5180702745afd09fa9fb6f0f688eb71b8472f59e062ac4931ffdedac198b97bf57c00274499344d4d05a9e5939fd70648320ad8dc79be019dd0ae24584c6546f7f15860117348446659b4f910fcd704b00332415527983d55873780e55c2f45b9d180518ec4372e10756f9737798af50725ece532cb5137596232ead102c3276d336cca640c02fee4b6935549e2a38002cff936057cca789071c25506c0d161c23d9be1cdbc51b4934f2c7c96a7a0d155875658d190c19a84db0fc19da1620f5fdbd22ba72e4eaa001a9375d84c515f04c251215fd762e7bb3e6b5144382b8946caa1bb9d420b52d4e356ee157e0af1e3a4f18480b47c28522af0d8931914e61d4dd4bfc40c32510c14a0a418156aa861c578c42ddbe045d194638f7e1a80d66707b33b050af9deab50a4f2a81fccc1e0e3111124235507ed5ead3f1163f271959ec34530b125b4f2115c644ee0c5f1cbf02161a8bb4b97ffdebea6886724690e60b545e0ada911339c4eb4a951b4ba72dd5ed29265c39cdfa76647d9fb4b3dc2e28b41c29f0fc970ff525d2a4386656c52b1f9d4812ab01399a6d37adf05ec969f76537a367e116712e276af731a5433a603d67498933ba8660f6ef8f3f1e2ce9173b6bfb4c63e9b3788414d589450a27b67e00e1b816ab7ca931f7d5f9493149f47e0cd4ab8f8e7f0527bdcb7e4ca8f8e536da330f9d1b2e75659466f592d52102ff0e68b533078e4cfc32033d7fc577ffd2817d6bf17ca884b17c8b3e1dc7111371f4ecf816bfea59509eedcd7d50cc896c465805cd48ee16d56bceda0329e81dba1caec2ba53b511bff4359e067b3e56e959e339836f56830140c15ea9b0ad3f296bca5c54637b6cfb42e74d8ddb13eba96a78cf7db101176104d62cda9377205a26bc6b310a1898df9e6b001946fcdbb67bb80a0ad991f24aaaa908a7e56c4b3c36c1dc59009c793b7", 0x1000, 0x0) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00') ioctl$FITHAW(r5, 0xc0045878) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) 03:40:53 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000006000), 0x0, 0x0) ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f00000001c0)={0x17, 0x0, 0x0}) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1ec}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000100)=0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r5, r4, 0x800, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r4, 0x80047213, &(0x7f0000000140)) r6 = socket$inet_tcp(0x2, 0x1, 0x0) clone3(&(0x7f0000000540)={0x320880, &(0x7f0000000040), &(0x7f00000001c0), &(0x7f0000000240), {}, &(0x7f0000000280)=""/244, 0xf4, &(0x7f0000000380)=""/239, &(0x7f0000000500)=[0xffffffffffffffff], 0x1}, 0x58) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r6, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0}, 0x0, 0x2203, 0x0, {0x1}}, 0x0) ioctl$BTRFS_IOC_RESIZE(0xffffffffffffffff, 0x50009403, 0x0) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 1043.036341] FAULT_INJECTION: forcing a failure. [ 1043.036341] name failslab, interval 1, probability 0, space 0, times 0 [ 1043.038730] CPU: 1 PID: 7809 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1043.040110] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1043.041763] Call Trace: [ 1043.042311] dump_stack+0x107/0x167 [ 1043.043057] should_fail.cold+0x5/0xa [ 1043.043831] ? create_object.isra.0+0x3a/0xa20 [ 1043.044752] should_failslab+0x5/0x20 [ 1043.045523] kmem_cache_alloc+0x5b/0x310 [ 1043.046363] create_object.isra.0+0x3a/0xa20 [ 1043.047257] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1043.048293] kmem_cache_alloc_trace+0x151/0x320 [ 1043.049233] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1043.050292] selinux_sk_alloc_security+0x8b/0x1b0 [ 1043.051271] security_sk_alloc+0x56/0xb0 [ 1043.052102] sk_prot_alloc+0xa5/0x2c0 [ 1043.052882] sk_alloc+0x30/0x350 [ 1043.053571] unix_create1+0xbf/0x550 [ 1043.054349] ? _raw_spin_unlock+0x1a/0x30 [ 1043.055188] unix_create+0xf9/0x1f0 [ 1043.055929] __sock_create+0x358/0x7f0 [ 1043.056720] ? _copy_to_user+0x145/0x180 [ 1043.057550] io_uring_setup+0x1357/0x2a40 [ 1043.058413] ? wait_for_completion_io+0x270/0x270 [ 1043.059390] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1043.060479] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1043.061538] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1043.062615] do_syscall_64+0x33/0x40 [ 1043.063371] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1043.064410] RIP: 0033:0x7fd4717f2b19 [ 1043.065174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1043.068911] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1043.070472] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1043.071925] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1043.073399] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1043.074883] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1043.076331] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:40:53 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x7a, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:40:53 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x3000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1043.120951] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:40:53 executing program 7: ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0) ioctl$BTRFS_IOC_FS_INFO(0xffffffffffffffff, 0x8400941f, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000400000004f8000020004000030000000000000001000000000000000200", 0x2e}, {&(0x7f0000010500), 0x0, 0x4000}], 0x0, &(0x7f0000011300)) dup2(r0, r0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) 03:40:53 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 29) 03:40:53 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xa, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:40:53 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x4000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:40:53 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xb3, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1043.232996] FAT-fs (loop7): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 1043.240787] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1) [ 1043.242451] FAT-fs (loop7): Filesystem has been set read-only [ 1043.246432] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1043.264248] FAULT_INJECTION: forcing a failure. [ 1043.264248] name failslab, interval 1, probability 0, space 0, times 0 [ 1043.266794] CPU: 1 PID: 7840 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1043.268183] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1043.269861] Call Trace: [ 1043.270412] dump_stack+0x107/0x167 [ 1043.271153] should_fail.cold+0x5/0xa [ 1043.271934] ? __d_alloc+0x2a/0x990 [ 1043.272681] should_failslab+0x5/0x20 [ 1043.273455] kmem_cache_alloc+0x5b/0x310 [ 1043.274303] __d_alloc+0x2a/0x990 [ 1043.275006] ? selinux_socket_post_create+0x2ea/0x7f0 [ 1043.276087] d_alloc_pseudo+0x19/0x70 [ 1043.276862] alloc_file_pseudo+0xce/0x250 [ 1043.277702] ? alloc_file+0x5a0/0x5a0 [ 1043.278507] ? security_socket_post_create+0x9e/0xd0 [ 1043.279541] anon_inode_getfile+0xc8/0x1f0 [ 1043.280401] io_uring_setup+0x1e70/0x2a40 [ 1043.281255] ? wait_for_completion_io+0x270/0x270 [ 1043.282234] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1043.283293] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1043.284351] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1043.285409] do_syscall_64+0x33/0x40 [ 1043.286184] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1043.287218] RIP: 0033:0x7fd4717f2b19 [ 1043.288009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1043.291751] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1043.293302] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1043.294751] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1043.296199] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1043.297648] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1043.299099] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:40:53 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xf0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1043.382084] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:41:10 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xa000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:10 executing program 7: r0 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0) fcntl$getflags(r0, 0x40a) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x3, 0x3, &(0x7f0000001280)=[{0x0, 0x0, 0x8}, {&(0x7f0000000180)="a65c5573743bc4021190753ab7842b216280b0a20850ee47c45676a3023e5ab92a9fd2cd1d2f83eb18a9404329801e24e0f16202131c060a94fecf236564f07d06a76d20195d5437013c0506", 0x4c, 0xfffffffffffffe01}, {0x0, 0x0, 0x7}], 0x2000000, &(0x7f0000001300)={[{@discard}, {@discard}, {@init_itable_val={'init_itable', 0x3d, 0x1}}, {@bh}], [{@dont_appraise}, {@dont_measure}, {@smackfstransmute}]}) geteuid() linkat(r1, &(0x7f00000013c0)='./file0\x00', r1, &(0x7f0000001400)='./file0\x00', 0x600) socketpair(0x15, 0x0, 0x0, &(0x7f0000001440)={0xffffffffffffffff, 0xffffffffffffffff}) keyctl$reject(0x13, 0x0, 0x400, 0x100000000, 0x0) accept4(r2, &(0x7f0000001480)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000001500)=0x80, 0x0) r3 = add_key$fscrypt_v1(&(0x7f0000001540), &(0x7f0000001580)={'fscrypt:', @auto=[0x65, 0x38, 0x0, 0x35, 0x37, 0x63, 0x61, 0x62, 0x30, 0x64, 0x38, 0x64, 0x62, 0x31, 0x32, 0x38]}, &(0x7f00000015c0)={0x0, "17cfdf5d7e37c182a99e7947da3037a4637a7b9daaf1712e1b7090e43ffbf47e8f68a83b50443c333777877ee8482b6ee8f3338e761ec1d15388e29e717357ae", 0x1c}, 0x48, 0xfffffffffffffffc) geteuid() name_to_handle_at(r1, &(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000200)=@reiserfs_4={0x10, 0x4, {0x1000, 0xa9, 0x7fff, 0x6}}, &(0x7f0000000240), 0x1400) geteuid() shmctl$IPC_SET(0x0, 0x1, 0x0) stat(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)) request_key(0x0, &(0x7f0000001980)={'syz', 0x1}, &(0x7f00000019c0)='\x00', r3) socketpair(0x1f, 0x6, 0x0, &(0x7f0000002300)) 03:41:10 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x18, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:10 executing program 0: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {&(0x7f0000000dc0), 0x0, 0x393}], 0x0, &(0x7f0000000240)=ANY=[]) getdents64(r0, &(0x7f0000000240)=""/213, 0xd5) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) getdents64(r2, &(0x7f0000000000)=""/21, 0x15) 03:41:10 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0xd5884b98eddc93b4) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) pwrite64(r3, &(0x7f00000003c0)="42b416e9abc3843f1cd3548f1a4d1b7a17a02477ba26af00e0aceb8db45f77b32f0f7dc8b734fc0cca661eb0b902e275f8701d334b4772340b0b84b8e58448004c6b46f363465d50bbf3fdd95a201482ddac3fc4d7687e11b01edfb12dea514a52fe1114dfb0db13e7ee7b02ed9bb111b6decf7092611c050b67c41a0c6f1ddd679dce79269dccbb424799e883d50da97458bdaf55e7af25e790630668ab87081f9742522441d66fffd3626d3a157c0b7d5c6c60c2b0b382e258262aa3042aac30e5fc646f2847cdbc73af89f72ef9ffdcd977d816bea936d3041bb9fafbc759d63a66b7af8a7debd5113f5a117c94b1999971f84b73dfd9f33a625360308188daf3b8c6b61941a64e82d977245fccbd614a606fed79ef1078cbc19a9051404461ace05a1573a02159be5f1ab89b9cb9f9437be19bea8d10c62996478d1ef43d5e78b6d4daae8e567b1f10a7e3405940be50bd441f18d5916e25cd6b63c16378ba01870946f6da077110a7f54532d72f6ccc7ec1c385a734c46d166eaf2c499304c22b9a941c9e9ff47113346e31e2f1b393d490052a72e9fab58afeffb178adc24545ecbb034970ea988ea5b979f254802db2586f21430167a19d123057689a74837e682407345f1616090dc470f43380c91b561395df917790f959c65ce8a6b2689b3fd0893a2b2bd27021d0cd609dacb0298f089b20af873a27f0e112bd1fff47a3e85b105c8a5139cab9101b6555ef4a5bfb0729ec35f244d22ae5c0b38b6650072b5509cab7f9d5131e6e25f9fd14fb0dd87fb86f439029052366a8c3dd9dbed676afcb719b66306a826b70c3edf56130734d75dafd55cf7661a8515d9cf5d4396807a458f165c3b4e7b87f3c7b19de794230f6f6bbb45d9e5c54bde6063fe99535f5c092719ae21dcf7192a2420422f677e10651a9aa782af8b8b7312f5cfa8737d6637b2edcf78ee41f1334555902091d553915fa8fca49bc8f0ac34553914291084a342af0e2a48bade1681f7844f411ca400d3fc6db31167ce24e5bd14e4342f3df5021d910797d2ed3065cff6f17f02780ae22bc8fd8d9cc58d58034ee024ed1df0a1f83e9a761055d1e3a7c6ca765980f933ee378636dbd3ac7963bebafcb234ff7a9a8a1cdca59debf8f65dd291deafe409dbb158e0d1a367ecf387ab2bd62fda34555d08416a0fb5a5c760eb621e98fa565d6c983cbb2ecf99ee0ad28e68d8f1c287f2e469bc0750ebee6554427e2f6b4d1bc265e4538f8c49d28f9398fb6d1174f7a147757f7f076e04abbcb312083d0599b312aabee65cf00babaf6d025705dcdc9bb1f0e3812f8f07f1a3ea64facf4e954a963f2a6838cee57e00c50133041860a36bf8fee663a2f11d2520617af7ff998065153b8f7756de1a4de892e69e001b1d90f9f475fd301efa5de496d66c84bd6640e792ea680c9a2445cd2f470f099ba4a359252bfad56ade647726f14e072c121fbd8b96df892befbd5cc6dcc6ea955ec8528ddb16d47605642c26003e16e39a1fb9326428571f8001dfaa7252a6b702c365eda7bd32b80610aba5882ac2b7f7cc065295d1a5aa41af612314619f79ea18293e61842e8e93ba9301079c40e6d52592c5b7401750fee819930acadada6cf45cc6a31f6d89836d1b8482614a7797f38ddffbbce139e20317afd921f378905b4951bb153c461ea2d4445ff6db29c401cc75f95afedc4b983454ba89d5aad09911b71e2fea5cdd0233d4609ecf6e3a993134cd56d7a19a70847c6a92119dbb6d6c2e55a39798fd81bc0907f138a79dbd2c856798e30fb76dcb5ace894a54265482d8d62fcdacbab61b20c096b80630407c49d150500e7f0784fbda33ed15565aca9ba228d70d7b30c9f0d7b0c35858602020b2c0d3f96a39935a1b124bb7eb31e29672d9f84e10ff1447a5547e6fb490503b7b0fb071a83afdb9963a22f1427dec5c3479896c64c808f21c585fd6f020e40ceaeaf7ed49807cd7f07226cb03a1cb20b1a046653380b6b97704a69c234dd6002e9012e534bf334b5eb6b6978fd96d8d85a17442254411b0aa2f7f5000cd166821550337289d1bad46228ede0e3dcdc3d6e54964308e0663cff7959800b4eca14367f279e0760d90e5d59660a5b008a04c3b5b735e4d828ca9602bc4b0661c428b55bf43486a84031ed4cdd4598e90bdb4e690d4a3a1d2c61a1d1e94fa557efb0195153bbd8fb75e24e9076b62393f52bd74516d339f690ff3c9cd7d8a6b965a02f8f6f15b63d3a09ed7cbd0f94254a61de2dfce474ed069b6afcfb1f8d2d4cd0e8f641c93ee2e5b56bef013130dc57c26406a9ee61f51eef7ad5635110ff9733bbda57919b19ed5b906fdae9f52aecf13cf60fd4165b67d060755c0dabce43f5908cfc677032b291c2dcbb95f993b7dbd51481905d064cb66217ebe63863c036f3b4bc5e18677361239a969683a0b77fc5fd396f1bbae1349870953f390f37513ee36384c4a21013eaad1f29c6d7b9fc0b0f185d70c0a8ff2205d2e642380045d2d753d8675fd5bbe9ce8cc2ff9c7d767b79bddf62caee3f9e9fe91e626049a18a3c2dc6ce8068d4fefb7ff2e0c1c9d1afbe1f24de15417ece44731f4936e0ca99525fbedb81bd3a2156788dae699fbfdaa91e473076cdba1d78f698e15d7cc3ef0f2972c02999ee300f3f6068babaafcdc2c2ec2af0efef20eb530538f5796dc764ed9a67b0b2c22e4c2ac9fdb9b9b9c02cb10a9d3b266867c6f460ecf73618ff7b8cb36d4bfc19f41bf4102bd5357094156d0c58b5ad08d8a8d7049afc4a68d6dd2e043f39a0b059922b12c4fe2707cf8a7a08dea78938e7210998a5c46e652e43d1d176e839e8570421d05cec1b5255a4379c8f303a815d5370540626d9a2fd3a626351a576946b8c7dd07d1b115a5d17f9a819826978b2dfcf9993661e92c6afec46b01d9e50688b80ccfa3f9db8f5218036a734bc684d587c8a40abd6ff51d65d2785b8239fd7354ece20d43ba38051874497034c543cdda17eee7391541bcfdea4ef70a7bb06fabe8f82ed38cb2cfc5a6390ec8b3bc0195ee5b7576bd401217e9ae8a0d23d7f96a276992e2151b2de382790f8b0ef5f0524d182625ae94930416747d84414e525d5898637581446fb5f00a074e76716f03b813d78a61e66d6deabee3e6a19f8dad907e0f2bfae6e80cb8ffa5e281a86bde33c125c31e3e2261b1622cc0319a7c10affc392b5aa5b3e18e72cdeb89a5eb412cc9e9fe2acdf520ba7cf42c2fc5d18e869e8be02afb77ecac0699d5cd8ab5673b6343d51050e1a75110f8de48d13487652394be5e48fff1e0700925237c1fdcbb9dc3290db9c59a544d8b847a6156c814261faa7e20e6a34cee72db846a5aa1c9007211a0e7bd329efa36cbf3622c9a0a11a6be90dced8af406fddb0465af01820efcc8ec3085ac328e4f9c08a363f0b3fa781291b9220455db02a1ea182f3b6ecad79f9baa3129d13a94e32d145d893d33a22223593677771de1592618cdbbeb7e603fa4723706e1f2a3a6218765650a33cf82873e129c3099cde2d8b044be012fd595f86135c1a3340ac205767b186e1f6cb16f20f9330b95149356bdf9c22f7f6f9aab426e8f2863329f8adb652c53ea2d40f77c14d5e645c7c4b9ba4351d83653226d98ce58309f9094eb56bd76937b45b45208f892254b998c5ccae1de11b16a8b0142861d195f03a7aaa3ce2ce28a6f884e680d3f535751239a5fa85c188693b9ca41c71cd86735dc124d3237a99ab197b7725747c43710de57116f162340739fdb0bcba1f605e0e2e18d2dbbd135f8d8583e488906a5ca0610de2b3c94cea7e807bf1f047cb16d4caf6d7d1c1d6c0e81d790c2a563417f6a26fafe7578146cc763d04710c66e285d0995c4b6a41a41ece27447dd4fe0cb6762332d53c08faa7cc29945fc4aba96f1cac22a6c17a401eab12654b84ab2bf19c805c8c82094450b55f2251fb7891965d1a90b525a92f4f0ef1b085e993fa1b910e9ef1d403b648f2764d9ff84da2c79543757e3dfd7524e1945958757d682124d4724f137b93e53e2747aba04521bcb26d8db91ca5adcc530c534049fe74a9d4d95e4eaf6cc788a463388c7ac478370e97bde3efa9466bea5323e6313724cf366d7b46d9aed7fd1e8a919b868cd0569bf9ba8c439b80ed1e8dafdbc220f2b046ef169e949a45f06921dd89cd6923a447777a64f62b4691608fe526bf2ff8ce1a6fa1f362c9f7daf6984d3519faa1d62cc438508872ed30d94516b3b17c4492cc2b89756c5a0d32e1d78208a6b8f8cd40ad623e14e38924c25f49dabd74d6c7109ea0d8936ff33ad94e24025f2ef95dc2e158ef60bd2b678648c799c3d98d24f8eaf64e6c0bac2a9631611ea513ce5d330765ee9411fcdfbbd39f10a8952cd0539a8e56913a57d5abf5f1738cb62a88798c85f8300947aad84ebb7864f18e5628920ab0b1129e588179f546c77d286c578b2c248d5141d7ff65b197f0d741c3d2b3cdda6655dc6c447739a6f02a407284a244e47d8d0a1c1eae14b4ef3f25962249169ca75a44310146ee8170b35a6c5a82d1e4c63b92cad7e9f4d3bf427b5d4941fd3cec5f66e3367c01b2ac328cbaf2ed921b8c0ee373521b0dc9788b07874742b59a858facebe095003514108b72ab9f064788cce892b6c55f1373035859da23602c8aff610a9fb45091a5d348a0bee77061af535711b3e5797b3676249bcc72c8af71a689a2a58ab9d400a55f5ebd5435608f10297b51dbaf351db1ca448066dca1f78fb9c8084f3363bc5104487d754150d0d25902e71141751eb7a7c609d5180702745afd09fa9fb6f0f688eb71b8472f59e062ac4931ffdedac198b97bf57c00274499344d4d05a9e5939fd70648320ad8dc79be019dd0ae24584c6546f7f15860117348446659b4f910fcd704b00332415527983d55873780e55c2f45b9d180518ec4372e10756f9737798af50725ece532cb5137596232ead102c3276d336cca640c02fee4b6935549e2a38002cff936057cca789071c25506c0d161c23d9be1cdbc51b4934f2c7c96a7a0d155875658d190c19a84db0fc19da1620f5fdbd22ba72e4eaa001a9375d84c515f04c251215fd762e7bb3e6b5144382b8946caa1bb9d420b52d4e356ee157e0af1e3a4f18480b47c28522af0d8931914e61d4dd4bfc40c32510c14a0a418156aa861c578c42ddbe045d194638f7e1a80d66707b33b050af9deab50a4f2a81fccc1e0e3111124235507ed5ead3f1163f271959ec34530b125b4f2115c644ee0c5f1cbf02161a8bb4b97ffdebea6886724690e60b545e0ada911339c4eb4a951b4ba72dd5ed29265c39cdfa76647d9fb4b3dc2e28b41c29f0fc970ff525d2a4386656c52b1f9d4812ab01399a6d37adf05ec969f76537a367e116712e276af731a5433a603d67498933ba8660f6ef8f3f1e2ce9173b6bfb4c63e9b3788414d589450a27b67e00e1b816ab7ca931f7d5f9493149f47e0cd4ab8f8e7f0527bdcb7e4ca8f8e536da330f9d1b2e75659466f592d52102ff0e68b533078e4cfc32033d7fc577ffd2817d6bf17ca884b17c8b3e1dc7111371f4ecf816bfea59509eedcd7d50cc896c465805cd48ee16d56bceda0329e81dba1caec2ba53b511bff4359e067b3e56e959e339836f56830140c15ea9b0ad3f296bca5c54637b6cfb42e74d8ddb13eba96a78cf7db101176104d62cda9377205a26bc6b310a1898df9e6b001946fcdbb67bb80a0ad991f24aaaa908a7e56c4b3c36c1dc59009c793b7", 0x1000, 0x0) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00') ioctl$FITHAW(r5, 0xc0045878) 03:41:10 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 30) 03:41:10 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x300, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:41:10 executing program 3: r0 = fork() pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) gettid() migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) [ 1059.750850] FAT-fs (loop0): Directory bread(block 5) failed [ 1059.755682] FAT-fs (loop0): Directory bread(block 6) failed [ 1059.759237] FAT-fs (loop0): Directory bread(block 7) failed [ 1059.762934] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1059.763017] FAT-fs (loop0): Directory bread(block 8) failed [ 1059.768031] FAT-fs (loop0): Directory bread(block 9) failed [ 1059.770474] FAT-fs (loop0): Directory bread(block 10) failed [ 1059.772937] FAT-fs (loop0): Directory bread(block 11) failed [ 1059.777845] FAT-fs (loop0): Directory bread(block 5) failed [ 1059.780578] FAT-fs (loop0): Directory bread(block 6) failed [ 1059.783760] EXT4-fs (loop7): VFS: Can't find ext4 filesystem [ 1059.787893] FAT-fs (loop0): Directory bread(block 7) failed [ 1059.792115] FAULT_INJECTION: forcing a failure. [ 1059.792115] name failslab, interval 1, probability 0, space 0, times 0 [ 1059.794464] CPU: 1 PID: 7868 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1059.795856] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1059.797541] Call Trace: [ 1059.798073] dump_stack+0x107/0x167 [ 1059.798818] should_fail.cold+0x5/0xa [ 1059.799582] ? create_object.isra.0+0x3a/0xa20 [ 1059.800509] should_failslab+0x5/0x20 [ 1059.801275] kmem_cache_alloc+0x5b/0x310 [ 1059.802224] create_object.isra.0+0x3a/0xa20 [ 1059.803284] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1059.804483] kmem_cache_alloc+0x159/0x310 [ 1059.805484] __d_alloc+0x2a/0x990 [ 1059.806308] ? selinux_socket_post_create+0x2ea/0x7f0 [ 1059.807546] d_alloc_pseudo+0x19/0x70 [ 1059.808444] alloc_file_pseudo+0xce/0x250 [ 1059.809426] ? alloc_file+0x5a0/0x5a0 [ 1059.810323] ? security_socket_post_create+0x9e/0xd0 [ 1059.811551] anon_inode_getfile+0xc8/0x1f0 03:41:10 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x18000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1059.812547] io_uring_setup+0x1e70/0x2a40 [ 1059.813728] ? wait_for_completion_io+0x270/0x270 [ 1059.814876] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1059.816112] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1059.817352] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1059.818604] do_syscall_64+0x33/0x40 [ 1059.819494] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1059.820708] RIP: 0033:0x7fd4717f2b19 [ 1059.821599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1059.825957] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1059.827789] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1059.829475] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1059.831172] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1059.832857] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1059.834547] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:41:10 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x500, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:41:10 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xf5ffffff, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:10 executing program 0: openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x6a0301, 0x0) syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) connect(r1, &(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x8, @dev={0xfe, 0x80, '\x00', 0x19}, 0x4}, 0x80) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), 0xffffffffffffffff) openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0xa0000, 0x28) timer_settime(0x0, 0x0, &(0x7f0000000000)={{}, {0x0, 0x989680}}, &(0x7f0000000040)) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="210300000000a0e228f874e6c4000000001900000004000180"], 0x18}}, 0x0) [ 1059.913528] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:41:10 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2e, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1059.950772] EXT4-fs (loop7): VFS: Can't find ext4 filesystem 03:41:10 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xfeffffff, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:10 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x600, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1060.039328] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:41:10 executing program 7: r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) io_submit(0x0, 0x2, &(0x7f0000000380)=[&(0x7f0000001080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x3000000}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}]) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={&(0x7f0000000180)}, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {0x400}}, './file0\x00'}) io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f00000001c0)=r2, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0xd2, 0x0, 0x0, 0x0, 0x0, 0x5d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x46ff]}, 0x8, 0x80000) ioctl$sock_inet_SIOCDARP(r3, 0x8953, 0x0) sendfile(0xffffffffffffffff, r3, &(0x7f0000000140)=0x200, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c00000030003d01000000000000000000000000080001"], 0x1c}}, 0x0) recvmmsg(r1, &(0x7f0000004600)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000300)={0x53, 0x0, 0x5, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f00000007c0)="9baccc23f1", 0x0, 0x0, 0x0, 0x0, 0x0}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ff8000/0x7000)=nil, 0x7000, 0x3000000, 0x10, r3, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 1060.134091] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. [ 1060.284172] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'. 03:41:24 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xffff8000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:24 executing program 0: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1419c, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c) perf_event_open(0x0, 0x0, 0xf, 0xffffffffffffffff, 0x9) getpeername(r1, &(0x7f0000000000)=@nfc, &(0x7f0000000080)=0x80) sendmmsg$inet6(r1, &(0x7f0000004d00), 0x400000000000070, 0x0) setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000440)=ANY=[], 0x130) fallocate(r0, 0x70, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) connect$inet6(r2, &(0x7f0000000400)={0xa, 0x4e21, 0x300000, @private2, 0x8000}, 0x1c) sendmsg$inet6(r1, &(0x7f00000003c0)={&(0x7f0000000180)={0xa, 0x4e22, 0xfffffffd, @empty, 0x80a}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000001c0)="de8a694845193a22e93fb622910ed5c3ebb7921539b0a3ce5ff588b31670031062cc323a5ed20d1cbc95bedec932aad59ae8acc705a900dd871f64957af51f9cd0335d9537ce0cf74b9cdfb3e4287cc168c0632f770d417ab573422abf8c0ae73f98d6da777aeea1bff1714882d9891cb2de90f63cf47b62e2247f01da7cdfa8b5675230f87c7526c7ac67ba3db63537dfa8794318ac03d17957ee078a76240550a67d6c9d6ae7eb5eedbab845335e77cdf4a299588dc916", 0xb8}, {&(0x7f0000000280)="bb27a49a5a14e5ea1db0b5bcedd261a6fc7170a2a2a8b61944043dfa0e28e572969d15317a9cb1cc938b7459738d5bc81e93461bb527288e67738ad4ba0de662d9c416295e416aa1b3d896b40c59f104c5e9621af8a1e06e4eb80b0f993e345db586fc69d3e5e8b2537c495badd8cf86304b7add2f4931d9688e73d2a6aa62802501", 0x82}, {&(0x7f0000000340)="ccf249a77bdaf958e760e28fe62044efda55ff7b0e643c4a9d98215b5c6f4aec5b50d5e38fe311fb10693fb900743b315167", 0x32}], 0x3, &(0x7f0000000500)=[@rthdrdstopts={{0x38, 0x29, 0x37, {0x73, 0x3, '\x00', [@pad1, @ra={0x5, 0x2, 0x2}, @calipso={0x7, 0x10, {0x2, 0x2, 0x3f, 0x1f, [0x401]}}]}}}, @dstopts_2292={{0x40, 0x29, 0x4, {0x3b, 0x5, '\x00', [@pad1, @pad1, @hao={0xc9, 0x10, @mcast2}, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x7fff}]}}}, @hopopts={{0x38, 0x29, 0x36, {0xcb, 0x3, '\x00', [@ra={0x5, 0x2, 0x2}, @generic={0x81, 0x18, "f4406355b0d05ed09963403d9aa45c6f36b7bc1bb2ae3e70"}]}}}, @hoplimit={{0x14, 0x29, 0x34, 0xa21}}], 0xc8}, 0x10) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @private0}}}, 0x108) 03:41:24 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0xd5884b98eddc93b4) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) pwrite64(r3, &(0x7f00000003c0)="42b416e9abc3843f1cd3548f1a4d1b7a17a02477ba26af00e0aceb8db45f77b32f0f7dc8b734fc0cca661eb0b902e275f8701d334b4772340b0b84b8e58448004c6b46f363465d50bbf3fdd95a201482ddac3fc4d7687e11b01edfb12dea514a52fe1114dfb0db13e7ee7b02ed9bb111b6decf7092611c050b67c41a0c6f1ddd679dce79269dccbb424799e883d50da97458bdaf55e7af25e790630668ab87081f9742522441d66fffd3626d3a157c0b7d5c6c60c2b0b382e258262aa3042aac30e5fc646f2847cdbc73af89f72ef9ffdcd977d816bea936d3041bb9fafbc759d63a66b7af8a7debd5113f5a117c94b1999971f84b73dfd9f33a625360308188daf3b8c6b61941a64e82d977245fccbd614a606fed79ef1078cbc19a9051404461ace05a1573a02159be5f1ab89b9cb9f9437be19bea8d10c62996478d1ef43d5e78b6d4daae8e567b1f10a7e3405940be50bd441f18d5916e25cd6b63c16378ba01870946f6da077110a7f54532d72f6ccc7ec1c385a734c46d166eaf2c499304c22b9a941c9e9ff47113346e31e2f1b393d490052a72e9fab58afeffb178adc24545ecbb034970ea988ea5b979f254802db2586f21430167a19d123057689a74837e682407345f1616090dc470f43380c91b561395df917790f959c65ce8a6b2689b3fd0893a2b2bd27021d0cd609dacb0298f089b20af873a27f0e112bd1fff47a3e85b105c8a5139cab9101b6555ef4a5bfb0729ec35f244d22ae5c0b38b6650072b5509cab7f9d5131e6e25f9fd14fb0dd87fb86f439029052366a8c3dd9dbed676afcb719b66306a826b70c3edf56130734d75dafd55cf7661a8515d9cf5d4396807a458f165c3b4e7b87f3c7b19de794230f6f6bbb45d9e5c54bde6063fe99535f5c092719ae21dcf7192a2420422f677e10651a9aa782af8b8b7312f5cfa8737d6637b2edcf78ee41f1334555902091d553915fa8fca49bc8f0ac34553914291084a342af0e2a48bade1681f7844f411ca400d3fc6db31167ce24e5bd14e4342f3df5021d910797d2ed3065cff6f17f02780ae22bc8fd8d9cc58d58034ee024ed1df0a1f83e9a761055d1e3a7c6ca765980f933ee378636dbd3ac7963bebafcb234ff7a9a8a1cdca59debf8f65dd291deafe409dbb158e0d1a367ecf387ab2bd62fda34555d08416a0fb5a5c760eb621e98fa565d6c983cbb2ecf99ee0ad28e68d8f1c287f2e469bc0750ebee6554427e2f6b4d1bc265e4538f8c49d28f9398fb6d1174f7a147757f7f076e04abbcb312083d0599b312aabee65cf00babaf6d025705dcdc9bb1f0e3812f8f07f1a3ea64facf4e954a963f2a6838cee57e00c50133041860a36bf8fee663a2f11d2520617af7ff998065153b8f7756de1a4de892e69e001b1d90f9f475fd301efa5de496d66c84bd6640e792ea680c9a2445cd2f470f099ba4a359252bfad56ade647726f14e072c121fbd8b96df892befbd5cc6dcc6ea955ec8528ddb16d47605642c26003e16e39a1fb9326428571f8001dfaa7252a6b702c365eda7bd32b80610aba5882ac2b7f7cc065295d1a5aa41af612314619f79ea18293e61842e8e93ba9301079c40e6d52592c5b7401750fee819930acadada6cf45cc6a31f6d89836d1b8482614a7797f38ddffbbce139e20317afd921f378905b4951bb153c461ea2d4445ff6db29c401cc75f95afedc4b983454ba89d5aad09911b71e2fea5cdd0233d4609ecf6e3a993134cd56d7a19a70847c6a92119dbb6d6c2e55a39798fd81bc0907f138a79dbd2c856798e30fb76dcb5ace894a54265482d8d62fcdacbab61b20c096b80630407c49d150500e7f0784fbda33ed15565aca9ba228d70d7b30c9f0d7b0c35858602020b2c0d3f96a39935a1b124bb7eb31e29672d9f84e10ff1447a5547e6fb490503b7b0fb071a83afdb9963a22f1427dec5c3479896c64c808f21c585fd6f020e40ceaeaf7ed49807cd7f07226cb03a1cb20b1a046653380b6b97704a69c234dd6002e9012e534bf334b5eb6b6978fd96d8d85a17442254411b0aa2f7f5000cd166821550337289d1bad46228ede0e3dcdc3d6e54964308e0663cff7959800b4eca14367f279e0760d90e5d59660a5b008a04c3b5b735e4d828ca9602bc4b0661c428b55bf43486a84031ed4cdd4598e90bdb4e690d4a3a1d2c61a1d1e94fa557efb0195153bbd8fb75e24e9076b62393f52bd74516d339f690ff3c9cd7d8a6b965a02f8f6f15b63d3a09ed7cbd0f94254a61de2dfce474ed069b6afcfb1f8d2d4cd0e8f641c93ee2e5b56bef013130dc57c26406a9ee61f51eef7ad5635110ff9733bbda57919b19ed5b906fdae9f52aecf13cf60fd4165b67d060755c0dabce43f5908cfc677032b291c2dcbb95f993b7dbd51481905d064cb66217ebe63863c036f3b4bc5e18677361239a969683a0b77fc5fd396f1bbae1349870953f390f37513ee36384c4a21013eaad1f29c6d7b9fc0b0f185d70c0a8ff2205d2e642380045d2d753d8675fd5bbe9ce8cc2ff9c7d767b79bddf62caee3f9e9fe91e626049a18a3c2dc6ce8068d4fefb7ff2e0c1c9d1afbe1f24de15417ece44731f4936e0ca99525fbedb81bd3a2156788dae699fbfdaa91e473076cdba1d78f698e15d7cc3ef0f2972c02999ee300f3f6068babaafcdc2c2ec2af0efef20eb530538f5796dc764ed9a67b0b2c22e4c2ac9fdb9b9b9c02cb10a9d3b266867c6f460ecf73618ff7b8cb36d4bfc19f41bf4102bd5357094156d0c58b5ad08d8a8d7049afc4a68d6dd2e043f39a0b059922b12c4fe2707cf8a7a08dea78938e7210998a5c46e652e43d1d176e839e8570421d05cec1b5255a4379c8f303a815d5370540626d9a2fd3a626351a576946b8c7dd07d1b115a5d17f9a819826978b2dfcf9993661e92c6afec46b01d9e50688b80ccfa3f9db8f5218036a734bc684d587c8a40abd6ff51d65d2785b8239fd7354ece20d43ba38051874497034c543cdda17eee7391541bcfdea4ef70a7bb06fabe8f82ed38cb2cfc5a6390ec8b3bc0195ee5b7576bd401217e9ae8a0d23d7f96a276992e2151b2de382790f8b0ef5f0524d182625ae94930416747d84414e525d5898637581446fb5f00a074e76716f03b813d78a61e66d6deabee3e6a19f8dad907e0f2bfae6e80cb8ffa5e281a86bde33c125c31e3e2261b1622cc0319a7c10affc392b5aa5b3e18e72cdeb89a5eb412cc9e9fe2acdf520ba7cf42c2fc5d18e869e8be02afb77ecac0699d5cd8ab5673b6343d51050e1a75110f8de48d13487652394be5e48fff1e0700925237c1fdcbb9dc3290db9c59a544d8b847a6156c814261faa7e20e6a34cee72db846a5aa1c9007211a0e7bd329efa36cbf3622c9a0a11a6be90dced8af406fddb0465af01820efcc8ec3085ac328e4f9c08a363f0b3fa781291b9220455db02a1ea182f3b6ecad79f9baa3129d13a94e32d145d893d33a22223593677771de1592618cdbbeb7e603fa4723706e1f2a3a6218765650a33cf82873e129c3099cde2d8b044be012fd595f86135c1a3340ac205767b186e1f6cb16f20f9330b95149356bdf9c22f7f6f9aab426e8f2863329f8adb652c53ea2d40f77c14d5e645c7c4b9ba4351d83653226d98ce58309f9094eb56bd76937b45b45208f892254b998c5ccae1de11b16a8b0142861d195f03a7aaa3ce2ce28a6f884e680d3f535751239a5fa85c188693b9ca41c71cd86735dc124d3237a99ab197b7725747c43710de57116f162340739fdb0bcba1f605e0e2e18d2dbbd135f8d8583e488906a5ca0610de2b3c94cea7e807bf1f047cb16d4caf6d7d1c1d6c0e81d790c2a563417f6a26fafe7578146cc763d04710c66e285d0995c4b6a41a41ece27447dd4fe0cb6762332d53c08faa7cc29945fc4aba96f1cac22a6c17a401eab12654b84ab2bf19c805c8c82094450b55f2251fb7891965d1a90b525a92f4f0ef1b085e993fa1b910e9ef1d403b648f2764d9ff84da2c79543757e3dfd7524e1945958757d682124d4724f137b93e53e2747aba04521bcb26d8db91ca5adcc530c534049fe74a9d4d95e4eaf6cc788a463388c7ac478370e97bde3efa9466bea5323e6313724cf366d7b46d9aed7fd1e8a919b868cd0569bf9ba8c439b80ed1e8dafdbc220f2b046ef169e949a45f06921dd89cd6923a447777a64f62b4691608fe526bf2ff8ce1a6fa1f362c9f7daf6984d3519faa1d62cc438508872ed30d94516b3b17c4492cc2b89756c5a0d32e1d78208a6b8f8cd40ad623e14e38924c25f49dabd74d6c7109ea0d8936ff33ad94e24025f2ef95dc2e158ef60bd2b678648c799c3d98d24f8eaf64e6c0bac2a9631611ea513ce5d330765ee9411fcdfbbd39f10a8952cd0539a8e56913a57d5abf5f1738cb62a88798c85f8300947aad84ebb7864f18e5628920ab0b1129e588179f546c77d286c578b2c248d5141d7ff65b197f0d741c3d2b3cdda6655dc6c447739a6f02a407284a244e47d8d0a1c1eae14b4ef3f25962249169ca75a44310146ee8170b35a6c5a82d1e4c63b92cad7e9f4d3bf427b5d4941fd3cec5f66e3367c01b2ac328cbaf2ed921b8c0ee373521b0dc9788b07874742b59a858facebe095003514108b72ab9f064788cce892b6c55f1373035859da23602c8aff610a9fb45091a5d348a0bee77061af535711b3e5797b3676249bcc72c8af71a689a2a58ab9d400a55f5ebd5435608f10297b51dbaf351db1ca448066dca1f78fb9c8084f3363bc5104487d754150d0d25902e71141751eb7a7c609d5180702745afd09fa9fb6f0f688eb71b8472f59e062ac4931ffdedac198b97bf57c00274499344d4d05a9e5939fd70648320ad8dc79be019dd0ae24584c6546f7f15860117348446659b4f910fcd704b00332415527983d55873780e55c2f45b9d180518ec4372e10756f9737798af50725ece532cb5137596232ead102c3276d336cca640c02fee4b6935549e2a38002cff936057cca789071c25506c0d161c23d9be1cdbc51b4934f2c7c96a7a0d155875658d190c19a84db0fc19da1620f5fdbd22ba72e4eaa001a9375d84c515f04c251215fd762e7bb3e6b5144382b8946caa1bb9d420b52d4e356ee157e0af1e3a4f18480b47c28522af0d8931914e61d4dd4bfc40c32510c14a0a418156aa861c578c42ddbe045d194638f7e1a80d66707b33b050af9deab50a4f2a81fccc1e0e3111124235507ed5ead3f1163f271959ec34530b125b4f2115c644ee0c5f1cbf02161a8bb4b97ffdebea6886724690e60b545e0ada911339c4eb4a951b4ba72dd5ed29265c39cdfa76647d9fb4b3dc2e28b41c29f0fc970ff525d2a4386656c52b1f9d4812ab01399a6d37adf05ec969f76537a367e116712e276af731a5433a603d67498933ba8660f6ef8f3f1e2ce9173b6bfb4c63e9b3788414d589450a27b67e00e1b816ab7ca931f7d5f9493149f47e0cd4ab8f8e7f0527bdcb7e4ca8f8e536da330f9d1b2e75659466f592d52102ff0e68b533078e4cfc32033d7fc577ffd2817d6bf17ca884b17c8b3e1dc7111371f4ecf816bfea59509eedcd7d50cc896c465805cd48ee16d56bceda0329e81dba1caec2ba53b511bff4359e067b3e56e959e339836f56830140c15ea9b0ad3f296bca5c54637b6cfb42e74d8ddb13eba96a78cf7db101176104d62cda9377205a26bc6b310a1898df9e6b001946fcdbb67bb80a0ad991f24aaaa908a7e56c4b3c36c1dc59009c793b7", 0x1000, 0x0) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00') [ 1074.277608] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1074.298232] FAULT_INJECTION: forcing a failure. [ 1074.298232] name failslab, interval 1, probability 0, space 0, times 0 [ 1074.299587] CPU: 0 PID: 7917 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1074.300417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1074.301412] Call Trace: [ 1074.301733] dump_stack+0x107/0x167 [ 1074.302175] should_fail.cold+0x5/0xa [ 1074.302647] ? __alloc_file+0x21/0x320 [ 1074.303119] should_failslab+0x5/0x20 [ 1074.303580] kmem_cache_alloc+0x5b/0x310 [ 1074.304077] __alloc_file+0x21/0x320 [ 1074.304528] alloc_empty_file+0x6d/0x170 [ 1074.304997] alloc_file+0x5e/0x5a0 [ 1074.305440] alloc_file_pseudo+0x16a/0x250 [ 1074.305955] ? alloc_file+0x5a0/0x5a0 [ 1074.306432] anon_inode_getfile+0xc8/0x1f0 [ 1074.306961] io_uring_setup+0x1e70/0x2a40 [ 1074.307471] ? wait_for_completion_io+0x270/0x270 [ 1074.308039] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1074.308657] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1074.309281] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1074.309909] do_syscall_64+0x33/0x40 [ 1074.310359] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1074.310976] RIP: 0033:0x7fd4717f2b19 03:41:24 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x700, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:41:24 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 31) 03:41:24 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2f, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:24 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat$incfs(0xffffffffffffffff, 0x0, 0x0, 0x0) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) unlinkat(0xffffffffffffffff, 0x0, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) close(0xffffffffffffffff) close(0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) perf_event_open(&(0x7f0000000240)={0x6, 0x80, 0xe5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x0, @perf_bp={&(0x7f0000000200), 0x9}, 0x40008, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, 0x0, 0x2}, 0x0, 0xc, 0xffffffffffffffff, 0x3) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x104, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) lseek(r1, 0x0, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0) 03:41:24 executing program 3: r0 = fork() pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) [ 1074.311436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1074.313760] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1074.314694] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1074.315548] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1074.316372] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1074.317229] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1074.318077] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:41:24 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x900, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:41:24 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xfffffff5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:24 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 32) [ 1074.406476] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:41:24 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, 0x0) syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)=ANY=[]) ioctl$BLKRAGET(r0, 0x1263, &(0x7f0000000100)) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) creat(0x0, 0x0) r1 = openat$incfs(0xffffffffffffff9c, &(0x7f00000000c0)='.log\x00', 0x101500, 0x3) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x440, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, @perf_config_ext={0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x0, 0x40000040, 0x1}, 0x0, 0xffffffffffffffff, r1, 0x0) perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 1074.421643] FAULT_INJECTION: forcing a failure. [ 1074.421643] name failslab, interval 1, probability 0, space 0, times 0 [ 1074.423052] CPU: 0 PID: 7930 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1074.423810] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1074.424723] Call Trace: [ 1074.425032] dump_stack+0x107/0x167 [ 1074.425428] should_fail.cold+0x5/0xa [ 1074.425839] ? create_object.isra.0+0x3a/0xa20 [ 1074.426336] should_failslab+0x5/0x20 [ 1074.426764] kmem_cache_alloc+0x5b/0x310 [ 1074.427202] create_object.isra.0+0x3a/0xa20 [ 1074.427674] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1074.428250] kmem_cache_alloc+0x159/0x310 [ 1074.428725] __alloc_file+0x21/0x320 [ 1074.429147] alloc_empty_file+0x6d/0x170 [ 1074.429596] alloc_file+0x5e/0x5a0 [ 1074.429991] alloc_file_pseudo+0x16a/0x250 [ 1074.430455] ? alloc_file+0x5a0/0x5a0 [ 1074.430907] anon_inode_getfile+0xc8/0x1f0 [ 1074.431382] io_uring_setup+0x1e70/0x2a40 [ 1074.431853] ? wait_for_completion_io+0x270/0x270 [ 1074.432386] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1074.432973] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1074.433567] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1074.434158] do_syscall_64+0x33/0x40 [ 1074.434579] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1074.435148] RIP: 0033:0x7fd4717f2b19 [ 1074.435559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1074.437657] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1074.438494] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1074.439287] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1074.440085] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1074.440866] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1074.441676] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:41:24 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x30, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:24 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xa00, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:41:24 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 33) 03:41:24 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xfffffffe, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:24 executing program 0: openat(0xffffffffffffffff, 0x0, 0x0, 0x3a1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x101}, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, 0x0, 0x8, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x9}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x6}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x40040}, 0x800) fsync(r0) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x28, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@nested={0x12, 0x11, 0x0, 0x1, [@generic="809801a7b0c7dba09475f251c743"]}]}, 0x28}}, 0x0) [ 1074.573228] FAULT_INJECTION: forcing a failure. [ 1074.573228] name failslab, interval 1, probability 0, space 0, times 0 [ 1074.575602] CPU: 1 PID: 7943 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1074.576991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1074.578663] Call Trace: [ 1074.579197] dump_stack+0x107/0x167 [ 1074.579939] should_fail.cold+0x5/0xa [ 1074.580712] ? security_file_alloc+0x34/0x170 [ 1074.581620] should_failslab+0x5/0x20 [ 1074.582399] kmem_cache_alloc+0x5b/0x310 [ 1074.583250] security_file_alloc+0x34/0x170 [ 1074.584138] __alloc_file+0xb6/0x320 [ 1074.584907] alloc_empty_file+0x6d/0x170 [ 1074.585738] alloc_file+0x5e/0x5a0 [ 1074.586469] alloc_file_pseudo+0x16a/0x250 [ 1074.587357] ? alloc_file+0x5a0/0x5a0 [ 1074.588160] anon_inode_getfile+0xc8/0x1f0 [ 1074.589018] io_uring_setup+0x1e70/0x2a40 [ 1074.589867] ? wait_for_completion_io+0x270/0x270 [ 1074.590848] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1074.591925] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1074.592998] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1074.594047] do_syscall_64+0x33/0x40 [ 1074.594836] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1074.595865] RIP: 0033:0x7fd4717f2b19 [ 1074.596620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1074.600336] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1074.601868] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1074.603311] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1074.604739] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1074.606172] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1074.607621] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 1074.611785] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:41:25 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:41 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0xd5884b98eddc93b4) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) pwrite64(r3, &(0x7f00000003c0)="42b416e9abc3843f1cd3548f1a4d1b7a17a02477ba26af00e0aceb8db45f77b32f0f7dc8b734fc0cca661eb0b902e275f8701d334b4772340b0b84b8e58448004c6b46f363465d50bbf3fdd95a201482ddac3fc4d7687e11b01edfb12dea514a52fe1114dfb0db13e7ee7b02ed9bb111b6decf7092611c050b67c41a0c6f1ddd679dce79269dccbb424799e883d50da97458bdaf55e7af25e790630668ab87081f9742522441d66fffd3626d3a157c0b7d5c6c60c2b0b382e258262aa3042aac30e5fc646f2847cdbc73af89f72ef9ffdcd977d816bea936d3041bb9fafbc759d63a66b7af8a7debd5113f5a117c94b1999971f84b73dfd9f33a625360308188daf3b8c6b61941a64e82d977245fccbd614a606fed79ef1078cbc19a9051404461ace05a1573a02159be5f1ab89b9cb9f9437be19bea8d10c62996478d1ef43d5e78b6d4daae8e567b1f10a7e3405940be50bd441f18d5916e25cd6b63c16378ba01870946f6da077110a7f54532d72f6ccc7ec1c385a734c46d166eaf2c499304c22b9a941c9e9ff47113346e31e2f1b393d490052a72e9fab58afeffb178adc24545ecbb034970ea988ea5b979f254802db2586f21430167a19d123057689a74837e682407345f1616090dc470f43380c91b561395df917790f959c65ce8a6b2689b3fd0893a2b2bd27021d0cd609dacb0298f089b20af873a27f0e112bd1fff47a3e85b105c8a5139cab9101b6555ef4a5bfb0729ec35f244d22ae5c0b38b6650072b5509cab7f9d5131e6e25f9fd14fb0dd87fb86f439029052366a8c3dd9dbed676afcb719b66306a826b70c3edf56130734d75dafd55cf7661a8515d9cf5d4396807a458f165c3b4e7b87f3c7b19de794230f6f6bbb45d9e5c54bde6063fe99535f5c092719ae21dcf7192a2420422f677e10651a9aa782af8b8b7312f5cfa8737d6637b2edcf78ee41f1334555902091d553915fa8fca49bc8f0ac34553914291084a342af0e2a48bade1681f7844f411ca400d3fc6db31167ce24e5bd14e4342f3df5021d910797d2ed3065cff6f17f02780ae22bc8fd8d9cc58d58034ee024ed1df0a1f83e9a761055d1e3a7c6ca765980f933ee378636dbd3ac7963bebafcb234ff7a9a8a1cdca59debf8f65dd291deafe409dbb158e0d1a367ecf387ab2bd62fda34555d08416a0fb5a5c760eb621e98fa565d6c983cbb2ecf99ee0ad28e68d8f1c287f2e469bc0750ebee6554427e2f6b4d1bc265e4538f8c49d28f9398fb6d1174f7a147757f7f076e04abbcb312083d0599b312aabee65cf00babaf6d025705dcdc9bb1f0e3812f8f07f1a3ea64facf4e954a963f2a6838cee57e00c50133041860a36bf8fee663a2f11d2520617af7ff998065153b8f7756de1a4de892e69e001b1d90f9f475fd301efa5de496d66c84bd6640e792ea680c9a2445cd2f470f099ba4a359252bfad56ade647726f14e072c121fbd8b96df892befbd5cc6dcc6ea955ec8528ddb16d47605642c26003e16e39a1fb9326428571f8001dfaa7252a6b702c365eda7bd32b80610aba5882ac2b7f7cc065295d1a5aa41af612314619f79ea18293e61842e8e93ba9301079c40e6d52592c5b7401750fee819930acadada6cf45cc6a31f6d89836d1b8482614a7797f38ddffbbce139e20317afd921f378905b4951bb153c461ea2d4445ff6db29c401cc75f95afedc4b983454ba89d5aad09911b71e2fea5cdd0233d4609ecf6e3a993134cd56d7a19a70847c6a92119dbb6d6c2e55a39798fd81bc0907f138a79dbd2c856798e30fb76dcb5ace894a54265482d8d62fcdacbab61b20c096b80630407c49d150500e7f0784fbda33ed15565aca9ba228d70d7b30c9f0d7b0c35858602020b2c0d3f96a39935a1b124bb7eb31e29672d9f84e10ff1447a5547e6fb490503b7b0fb071a83afdb9963a22f1427dec5c3479896c64c808f21c585fd6f020e40ceaeaf7ed49807cd7f07226cb03a1cb20b1a046653380b6b97704a69c234dd6002e9012e534bf334b5eb6b6978fd96d8d85a17442254411b0aa2f7f5000cd166821550337289d1bad46228ede0e3dcdc3d6e54964308e0663cff7959800b4eca14367f279e0760d90e5d59660a5b008a04c3b5b735e4d828ca9602bc4b0661c428b55bf43486a84031ed4cdd4598e90bdb4e690d4a3a1d2c61a1d1e94fa557efb0195153bbd8fb75e24e9076b62393f52bd74516d339f690ff3c9cd7d8a6b965a02f8f6f15b63d3a09ed7cbd0f94254a61de2dfce474ed069b6afcfb1f8d2d4cd0e8f641c93ee2e5b56bef013130dc57c26406a9ee61f51eef7ad5635110ff9733bbda57919b19ed5b906fdae9f52aecf13cf60fd4165b67d060755c0dabce43f5908cfc677032b291c2dcbb95f993b7dbd51481905d064cb66217ebe63863c036f3b4bc5e18677361239a969683a0b77fc5fd396f1bbae1349870953f390f37513ee36384c4a21013eaad1f29c6d7b9fc0b0f185d70c0a8ff2205d2e642380045d2d753d8675fd5bbe9ce8cc2ff9c7d767b79bddf62caee3f9e9fe91e626049a18a3c2dc6ce8068d4fefb7ff2e0c1c9d1afbe1f24de15417ece44731f4936e0ca99525fbedb81bd3a2156788dae699fbfdaa91e473076cdba1d78f698e15d7cc3ef0f2972c02999ee300f3f6068babaafcdc2c2ec2af0efef20eb530538f5796dc764ed9a67b0b2c22e4c2ac9fdb9b9b9c02cb10a9d3b266867c6f460ecf73618ff7b8cb36d4bfc19f41bf4102bd5357094156d0c58b5ad08d8a8d7049afc4a68d6dd2e043f39a0b059922b12c4fe2707cf8a7a08dea78938e7210998a5c46e652e43d1d176e839e8570421d05cec1b5255a4379c8f303a815d5370540626d9a2fd3a626351a576946b8c7dd07d1b115a5d17f9a819826978b2dfcf9993661e92c6afec46b01d9e50688b80ccfa3f9db8f5218036a734bc684d587c8a40abd6ff51d65d2785b8239fd7354ece20d43ba38051874497034c543cdda17eee7391541bcfdea4ef70a7bb06fabe8f82ed38cb2cfc5a6390ec8b3bc0195ee5b7576bd401217e9ae8a0d23d7f96a276992e2151b2de382790f8b0ef5f0524d182625ae94930416747d84414e525d5898637581446fb5f00a074e76716f03b813d78a61e66d6deabee3e6a19f8dad907e0f2bfae6e80cb8ffa5e281a86bde33c125c31e3e2261b1622cc0319a7c10affc392b5aa5b3e18e72cdeb89a5eb412cc9e9fe2acdf520ba7cf42c2fc5d18e869e8be02afb77ecac0699d5cd8ab5673b6343d51050e1a75110f8de48d13487652394be5e48fff1e0700925237c1fdcbb9dc3290db9c59a544d8b847a6156c814261faa7e20e6a34cee72db846a5aa1c9007211a0e7bd329efa36cbf3622c9a0a11a6be90dced8af406fddb0465af01820efcc8ec3085ac328e4f9c08a363f0b3fa781291b9220455db02a1ea182f3b6ecad79f9baa3129d13a94e32d145d893d33a22223593677771de1592618cdbbeb7e603fa4723706e1f2a3a6218765650a33cf82873e129c3099cde2d8b044be012fd595f86135c1a3340ac205767b186e1f6cb16f20f9330b95149356bdf9c22f7f6f9aab426e8f2863329f8adb652c53ea2d40f77c14d5e645c7c4b9ba4351d83653226d98ce58309f9094eb56bd76937b45b45208f892254b998c5ccae1de11b16a8b0142861d195f03a7aaa3ce2ce28a6f884e680d3f535751239a5fa85c188693b9ca41c71cd86735dc124d3237a99ab197b7725747c43710de57116f162340739fdb0bcba1f605e0e2e18d2dbbd135f8d8583e488906a5ca0610de2b3c94cea7e807bf1f047cb16d4caf6d7d1c1d6c0e81d790c2a563417f6a26fafe7578146cc763d04710c66e285d0995c4b6a41a41ece27447dd4fe0cb6762332d53c08faa7cc29945fc4aba96f1cac22a6c17a401eab12654b84ab2bf19c805c8c82094450b55f2251fb7891965d1a90b525a92f4f0ef1b085e993fa1b910e9ef1d403b648f2764d9ff84da2c79543757e3dfd7524e1945958757d682124d4724f137b93e53e2747aba04521bcb26d8db91ca5adcc530c534049fe74a9d4d95e4eaf6cc788a463388c7ac478370e97bde3efa9466bea5323e6313724cf366d7b46d9aed7fd1e8a919b868cd0569bf9ba8c439b80ed1e8dafdbc220f2b046ef169e949a45f06921dd89cd6923a447777a64f62b4691608fe526bf2ff8ce1a6fa1f362c9f7daf6984d3519faa1d62cc438508872ed30d94516b3b17c4492cc2b89756c5a0d32e1d78208a6b8f8cd40ad623e14e38924c25f49dabd74d6c7109ea0d8936ff33ad94e24025f2ef95dc2e158ef60bd2b678648c799c3d98d24f8eaf64e6c0bac2a9631611ea513ce5d330765ee9411fcdfbbd39f10a8952cd0539a8e56913a57d5abf5f1738cb62a88798c85f8300947aad84ebb7864f18e5628920ab0b1129e588179f546c77d286c578b2c248d5141d7ff65b197f0d741c3d2b3cdda6655dc6c447739a6f02a407284a244e47d8d0a1c1eae14b4ef3f25962249169ca75a44310146ee8170b35a6c5a82d1e4c63b92cad7e9f4d3bf427b5d4941fd3cec5f66e3367c01b2ac328cbaf2ed921b8c0ee373521b0dc9788b07874742b59a858facebe095003514108b72ab9f064788cce892b6c55f1373035859da23602c8aff610a9fb45091a5d348a0bee77061af535711b3e5797b3676249bcc72c8af71a689a2a58ab9d400a55f5ebd5435608f10297b51dbaf351db1ca448066dca1f78fb9c8084f3363bc5104487d754150d0d25902e71141751eb7a7c609d5180702745afd09fa9fb6f0f688eb71b8472f59e062ac4931ffdedac198b97bf57c00274499344d4d05a9e5939fd70648320ad8dc79be019dd0ae24584c6546f7f15860117348446659b4f910fcd704b00332415527983d55873780e55c2f45b9d180518ec4372e10756f9737798af50725ece532cb5137596232ead102c3276d336cca640c02fee4b6935549e2a38002cff936057cca789071c25506c0d161c23d9be1cdbc51b4934f2c7c96a7a0d155875658d190c19a84db0fc19da1620f5fdbd22ba72e4eaa001a9375d84c515f04c251215fd762e7bb3e6b5144382b8946caa1bb9d420b52d4e356ee157e0af1e3a4f18480b47c28522af0d8931914e61d4dd4bfc40c32510c14a0a418156aa861c578c42ddbe045d194638f7e1a80d66707b33b050af9deab50a4f2a81fccc1e0e3111124235507ed5ead3f1163f271959ec34530b125b4f2115c644ee0c5f1cbf02161a8bb4b97ffdebea6886724690e60b545e0ada911339c4eb4a951b4ba72dd5ed29265c39cdfa76647d9fb4b3dc2e28b41c29f0fc970ff525d2a4386656c52b1f9d4812ab01399a6d37adf05ec969f76537a367e116712e276af731a5433a603d67498933ba8660f6ef8f3f1e2ce9173b6bfb4c63e9b3788414d589450a27b67e00e1b816ab7ca931f7d5f9493149f47e0cd4ab8f8e7f0527bdcb7e4ca8f8e536da330f9d1b2e75659466f592d52102ff0e68b533078e4cfc32033d7fc577ffd2817d6bf17ca884b17c8b3e1dc7111371f4ecf816bfea59509eedcd7d50cc896c465805cd48ee16d56bceda0329e81dba1caec2ba53b511bff4359e067b3e56e959e339836f56830140c15ea9b0ad3f296bca5c54637b6cfb42e74d8ddb13eba96a78cf7db101176104d62cda9377205a26bc6b310a1898df9e6b001946fcdbb67bb80a0ad991f24aaaa908a7e56c4b3c36c1dc59009c793b7", 0x1000, 0x0) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0) [ 1090.768606] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:41:41 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xf00, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:41:41 executing program 3: r0 = fork() pipe2(&(0x7f0000000480), 0x0) pipe2(&(0x7f0000000480), 0x0) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:41:41 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x248e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14) socket$inet6_udp(0xa, 0x2, 0x0) 03:41:41 executing program 7: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200", 0x5f, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) openat(r0, &(0x7f00000000c0)='./file0\x00', 0x101000, 0x90) r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r0, 0x3312, 0x2) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, r2) getresuid(&(0x7f00000002c0), &(0x7f0000000300), 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0) ftruncate(r3, 0xffff) sendfile(r0, r1, 0x0, 0x20d315) 03:41:41 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x33, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:41 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:41 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 34) [ 1090.827015] FAULT_INJECTION: forcing a failure. [ 1090.827015] name failslab, interval 1, probability 0, space 0, times 0 [ 1090.829386] CPU: 1 PID: 7971 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1090.830797] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1090.832463] Call Trace: [ 1090.832998] dump_stack+0x107/0x167 [ 1090.833737] should_fail.cold+0x5/0xa [ 1090.834499] ? create_object.isra.0+0x3a/0xa20 [ 1090.835440] should_failslab+0x5/0x20 [ 1090.836192] kmem_cache_alloc+0x5b/0x310 [ 1090.837001] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 1090.838098] create_object.isra.0+0x3a/0xa20 [ 1090.838984] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1090.840000] kmem_cache_alloc+0x159/0x310 [ 1090.840829] security_file_alloc+0x34/0x170 [ 1090.841701] __alloc_file+0xb6/0x320 [ 1090.842467] alloc_empty_file+0x6d/0x170 [ 1090.843313] alloc_file+0x5e/0x5a0 [ 1090.844038] alloc_file_pseudo+0x16a/0x250 [ 1090.844894] ? alloc_file+0x5a0/0x5a0 [ 1090.845687] anon_inode_getfile+0xc8/0x1f0 [ 1090.846540] io_uring_setup+0x1e70/0x2a40 [ 1090.847407] ? wait_for_completion_io+0x270/0x270 [ 1090.848380] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1090.849435] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1090.850493] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1090.851558] do_syscall_64+0x33/0x40 [ 1090.852319] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1090.853362] RIP: 0033:0x7fd4717f2b19 [ 1090.854126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1090.857843] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1090.859372] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1090.860805] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1090.862233] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1090.863695] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1090.865156] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 1090.887974] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue 03:41:41 executing program 3: r0 = fork() pipe2(&(0x7f0000000480), 0x0) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:41:41 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:41 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x4800, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1090.986291] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:41:41 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x3a, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:41 executing program 0: ftruncate(0xffffffffffffffff, 0x8) r0 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, &(0x7f0000000200)={0x0, "f038779de021f8c8c974dd89170cf2579d1fa459ba726003d07140eeb342b87ae631f7a548867a29f29fd1637ddac658a709b49b093393d0e1c7391515c7ab7c"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee01, 0xee00) r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000540)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffb) r2 = add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000440)={0x0, "9b55f610ffe7b9856842eb69443042b20caac33d7dda6ec6986b177fa13c2bd2c68577ea852c8bb47f31ee549b6a921e231ef07ee0f7fca620564faeeeafa440"}, 0x48, 0x0) getsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x24, &(0x7f00000004c0)={@multicast1, @broadcast}, &(0x7f0000000080)=0x8) r3 = add_key$keyring(&(0x7f0000000040), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) request_key(&(0x7f0000000240)='.request_key_auth\x00', &(0x7f0000000280)={'syz', 0x3}, &(0x7f0000000380)='dns_resolver\x00', r3) add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000580)=ANY=[@ANYBLOB="02000000000000000102030405060708090a0b0c0d0e0f101112131415161718191a1bc4451e1f202122232425262728292a2b32333400083723c8081953e7c5383b3a3b3c3d3e3f40000000000000"], 0x48, r1) add_key$keyring(&(0x7f0000000340), &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0x0, r0) pipe(&(0x7f00000014c0)={0xffffffffffffffff}) getpeername(r4, &(0x7f0000000580)=@xdp={0x2c, 0x0, 0x0}, &(0x7f0000000280)=0xfffffffffffffec0) r6 = add_key$keyring(&(0x7f0000000040), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r6, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000000)=@keyring={'key_or_keyring:', 0x0, 0xa}) r7 = request_key(&(0x7f0000000a00)='rxrpc_s\x00', &(0x7f0000000a40)={'syz', 0x0}, &(0x7f0000000a80)='fscrypt-provisioning\x00', r2) keyctl$KEYCTL_MOVE(0x1e, r6, r0, r7, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r4, 0x89fb, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000500)={'ip6tnl0\x00', r5, 0x2b, 0xff, 0x0, 0x5, 0x59, @empty, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x20, 0x8000, 0x20, 0x6}}) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000400)=[{{&(0x7f0000000300)={0x2, 0x4e24, @private=0xa010100}, 0x10, &(0x7f0000000980)=[{&(0x7f0000000600)="258954bab369313235a4ee660f9333b170f0981c562904859dfd83a141cf0d47532a79d495a714b0e58aa1409acd8fe02e53732f6427a276c25a8f799e4480e3c93a8ecd6821d1b4907eee1030fc5805c856171c59bb07d395d72627d5c4bd334b38f429e508e115879e708ae8fbab20ac3ae45bca66d7a36391affad1af60dd4b47fc9156ab75", 0x87}, {&(0x7f00000006c0)="49a1e8466711b7f29264faaddbc26c582cab0d518e2882b86cf996e5e2a25c11f52dd52621edbbafd7ba91f5585361c231cedaa085fd230c2b250a15aa2f19954478e77945f2783bb7128548b0a07b4399ed5beb91ee69f223", 0x59}, {&(0x7f0000000740)="6d1311de4fa525a1d3413e16265c5d4084356fd5bcab4807054ad0834d7f168d66437a03e8915750a4e1c559e60940b0d205171e5741e259efe18a4076c868d00733cecfd7ec30b4a1", 0x49}, {&(0x7f00000007c0)="ab9fd5a72d467dd7d349bb75c7e8c88e350316856c925018590b870381cb81615ce929d86cbd10e154d1a0140d53163195d01dcdf63824fdb92327005b51ee41046893c153830a00339519eca2df30462417dea358fed647f9256ebd2cfe8c65cbf5e549d23326161338b873584ae6aa8cc161e6031a12b9b776799fddd6aa631b9a518fbba182f0befc5d93f03852159fc1b28ca382b02c9a63b991242091fa2520666d6b5bff7866dedb27b6e096d5abeec94264", 0xb5}, {&(0x7f0000000b40)="b38093980f5da0aa44d5640fd98a66a55ae9fdfc1251963d80761b578d617b2000a6745857b0cffa1cf288a3fe466eade624dc3ba0fb2641421a89678f64d171edce795d34873c4b917a1ac6bbbef40c81edebb7e5d077754fd4faadd4986175484499f9ec593183bb614e615e8f0c94b79fa0d08aa755d51c0f535b0ba262fe476365d3c57d44ae4eebfa22529435a89efbf33448af7c68159a0fa772380dac41ce63a9ccd033a475883f80191b5866c0976aeea0f5381b333417b7fd63b214274334117921a0fdc7e57d68b999f138e08d3b36d2280f9e8c01a333a54240f37ba7f708b39c7237706a28893006145f266c131a6f6f678d8c7ccbdc08a0b549194e2443396ed22939a59ba505d1bb7c65c0d222c091160ca3dbbb46b1369c5bd3300f1fe9cd016ef8116b73abef23adefda47fa567bbdfb1f270833d218dcb326cd9d222d1836dd53c8633a080aa76a5e49ba0b4c9d7a5f2b75c387dacd9c44b2a68ebef824e79dd2ad157fe2446e1d20904b9e43bddd7f03d2efb5a4d892f5260eef45b24f003cde5dbf266023c0b93f2abc54b550bdbb77b6bc025521630d95cfaf94e93a652707eb413dedef0fe0f5fd432b91955f69a78b0dab126a33b271489aebba225795055d0d84750d4406e6c85841658f5236cee5b373a0de96ab5b088d9688c16914071fc2f6b6af43748995939ae8e3e3974e4e0d8088064d0d8595293f19fcd5338372c59e102eb7c882d2c27d8e1f185feb9b8c9ec0178a73f2df60aff86af432a7f56b76e833265b5830c300573ce3a030aa9d0ef65b1bbe10a96c6b1ae776e21b8695748ed291429102f55302c4ede2cb1d0ac89d57c45aebf2e1c969ed48bf3590849c124172f72db0a3a1108f626714ed05a2e15e656ec495e9a24f12b7fa728b76eefb1386791903498f40d891435668c44e8a3194ae88b988f1dcf19c4e35917d77c04a2ee4fb8086956560b0b4fc029816d64e6457248ef63085c2181acaf6ed6b3b1ffeeb51121825920ff773a458b91826d70b8b6a4b9c1ebfa93ea121c9070507d68735a64e3dd646042a7fae16c7352ec35c8542ec3e606b1b88591f8ecf279be16c0ea5ef84ca35521709679b29c201c243df0cb6e33b9e2f1cdf4568034638b24f6b002d1533d8070981334b2811b92827a2024f38769dca73530a5834cd150bbb422a23c3dbda8275025ee7629e15431caa90b5452ec1d5ee278767c3109958d32a1bbd14a15a7ff9eb9af1d635d2af9d45273dcf8d6e11fe5a787f61b091040b54490b8f3f1e0c0ed7217bbe4906d8c6ad46b62577a877b6e50bb9a2cc59329cf3f842c4d48f5650c8c3f81957445d8ee08b8a3f7fb94cfe836211827b5a446c85e8702d3aed62421cedb9ab9144cd1425f94158ca75934bd6d0647e193be7914bb627a0516e7d65b558decb5d276be41c0456e32610ab2c326aef53b4243ea451828618cff5ca842fe52c3ae291cf94de5640db3eec8ce71c67741f9ed046c829a864f849cbf165ebc4f8dca424ce5dab738dc49df5421b10a0f641dfc1fc9db03895ea205a8061c2a218d9bcd4621840d75463dcd7b0b5f974248572cccd0b9e7d5233d34dda34d9c21406832723cbc6097b6d0c0c4fb1a1e10668bf69f90af575ea3d26c951b22e05168e570badc31cfdb576a92794ef2a5db7ef4d1b981a58af3b0a283b9559820216823f241e8d87e5d90b2dc1d715855848952b99b754bc902e2b4f0f1cb3127167b463dabfb2301ad1137c4da45cb4a763a8a7a5cb472e2843d198a306d7a13e94b3094bd09619043e187c420bcb9a47d5568ca75550df9d8aeb4987c1602934030529038995c9e079b79d920ee54f25d298750190bae6f06f656e4de4ff8b74208d4676dcd233744482b7f3099286b4cbfee47bac0304fab0640aa21fc1c927682b6fa31d82e09d76f5553ce2d980507240749e4171be305b1f982eeeb91d959de687350fac1854608ed1026ab97941c65a3e36768ecbf41eaf451316d0e4ec091721e8919c0c45ae61dbf03ca5bd8739e4a463c7efee40c091512b9d964d11c05504913742aa0ef46accfd29bce1e9c6261b98f848a845f97b66adbbc3b0772f7d68da36fd7cf960bc9a600d762c92d2174668e514fb3ca91131885b7c7e2f66acaf7f6b788de44eba79105aebe25be0610c3be8c38e5cc913a8d392d38f93612d9aea3636db69dc0aa5968544c23bb67e606e700f7e390db4a4ffd52ad209d164dc4316b6b427483adb0298bbcff0f339c82d0728885a1595f13458beea658028254f5fc8085addd675b6cf512bb97b1c50ad486e0467b546ea1fc112bead8a54d244321fc8fe0c990c24150b2091b43cb7cdfd39547c4caa59c267557d711e6b7f0c93220159b9bca4882f2771da2ee9d81e8541d4a12fcfbc5c52ff48d560f6b8077b08c743a49d6801e1960b71973222d19dd6bffd41c8b7a631027ff5f0494d3f63be5124b20588b65f5da4b7dfeee762e42b7367378685eb133c7b42212a23f32b0211b1b25338c67786d9361fb3c84799c327c9ef76f50e6addeef9dd20852bc86fa86767f7d57fe8182bd7288cc6523ef2c70a952b19c14a98b52aef1a582020a129504d8901495c89d136b17809a88a44dff7f9e1dee1d93afa64a3fd8599c3212cc67291d8fc00f206c0bb0cd07b9f3e669245275d3616f8862ebfa520d943114f7e1e53d9f90411379146005663ff181038637ae7f023a17f401ffab2949f31ae99ff039d6255ee0a487002e62b10981cb2bec45fc349f94ed9069d8df6a065df4b96840c9f36d350ba15d594f978393823623ccc57bbfe2ba8581f67327eb52a208c12cb225faa44454f2e7fc4cd2fb370d3f8199e86434aaecf00d778fff17022c81277c291d0c3b526c58deae31a43d242037fd55cc598998b2344008944d21c33bb741ecb4bc7b41ff8b87d7371b5a2e3cea49143998f5a559167fc4fbbec27c62f8c2737762a884235823e341cddd3617e125dc5dab938e360f8742017292db272f238cdbc96dac5b0396d5c517df5da1a656bcf8f8567ed56f606b17ba8429debbde37bd9333dad1f1390e8c24b5c32c353ae24d71b08f523436d19b44059723e7d7facf391737ae828b9bc278bc32ef038f5213f548a71965246f418f2fa88337a2e1575b3c9f6564bd565a5cd949281a4cdb1f580da0ee819c719403845bc6e61e262dc90e0e510ec656bd33177cae5d53378dd1c62b0cf3a13e6cf896d2d788149c5f81e7897a71e5dbad392a0f1856fc9c1d9a523acdfcd09f2aa5de770ab05606c68372fccaef5e1d6494213e4eb62a5214a41b7fe6d371c3cc59668a86b8403eee7506e493df44c28c32223ae4c1b9f63b3b94cb36529ae4045ce8f2699448ae39f10d8ebaca7913848e118a4a7815c15bcb573fb4bdb02dc05b9e5edaf9a4e84fb67aef4b3a835f979863e6eb7ac077b31042357053f3431121298e6340daf38f60dcd81fecbcdb2f8ac393b502056baa6583470ff81ebdae8eefe5507ed38e728ff0f974211f1855aab3821e66991269ba4726f162f8fe6b423ebe76b7ba8dfe886c7da654b19df2a789bc0a35f8583e21dafdb97a48c97196c317b68472a2182268d6497fa4aac038247318d3bca4314d12416249ebec3991f2924fe24a59d1193bbf841d945432bcdbf233c02c05e98118f4f34e17396016ace26af0dc250669091e57e32054bf0366961c20a0b4739951f6f20b6f33d98e5eb36260eac6f2669e01241500cc883181093a56fa1507b399cfc30ac31d60a6414d418c64ca8dc71d56cb3c94f7392a89cb39141dde71356bd405cb0f8f1e5a14c6dfbdee47da6b94659d94374510ee57417f991d38af22ef12e7973ece5db255eab2d89ee1250811de5aa6cde3d58dec919ba72bdc86d8fed658e49c36d2d9c4823dfc9e46a5ad9519182a71852321156ae3a1a9f80faf17bea1ed264cd1f83ebda3d230b7815569797035060b422dd9a21b35d696a760d9823b6ddef639ffd0a7aabbb5140f6ddc77b62fa0364902eb1aac9ccd59a1deca2a31208f3867b708a2e851e659dee79f6a03c9a4c46c87835b3fbe2869f6dc84160209219d5d55d64e1e20bcf0366b12dc78e7d71c7d039d770a5f0d086154915bfdf4a43b6256b88bb9805db0a87ab064bf111837b191e49ff36bde897ea937043a4cf061509fa500838952fc538829ffb34a8d9bc13094f98889a419837f26dac828784ba1f9e0c0e5c8475729aca199dd60bac34c6f4ca062d8a9faac7c37c69c0ac49e4f63dcb79b408f6b8301c84a10ec3423cf36b0bffd0e645156e7d3057d1b7d92a64cbf78abcea53958dc7727ab5eb855c7959bf3cfb93ddb2d04ac79719ee2b49a32132a10eec44916a85a4da35a862490ed71ff1e43ce2ede4684cdeaaf1e0b7877b161d2572abbe20e5c708ef2be71dff17302e8e0aa248ba9e548d44c83166b2f9f49dfb260408c5fa2dd85b6a3f1c571d8ef11dac4fe3d48bc752654d400be6f95ed5944a8de219d1425699258d6e84e58fc5be5964741b17fa3a2c65a884e5e744f90df80e4e277b79ef75aa1af64b735b121243dd685b58f2c0b127e672a1ff3f76a7350a67011705aefc8e5008d22f31b17dfed5f1ac37c7494907e1b799dac8e2cd79327c1c9d302f321020db8c93f15dba91f00a0eee5ce05206b528dd40d906ddb564ebcfb5d60a9b4508e810d9e2f11c8f7445c37ef5ebeda1d06082d704ecc5e9a52d33ee2f7104f72c83286c3aed14ccb4b22157ea3223f81690e657fbfebbc8a73dc636facf86c34413c8de2a5138c5f2a6b09ccfe5db53f807a1eaf16d519983b79e513558dea57d54434d1ba7fa65907a155d1ee4b54acede1a62983aad6fec45c19c06294c69b1d13998a327a16ae4abcebc75545e8cac09df0e1314e324f653ed11b737d579ac71fc1b9b40dc93987c1768dc99828f80f054b0553d1ee246431a891f803e23eeb6ab796fe46677bb20b116d7e5f8404575735bebcab759085d9cb282b85bcc83fbd5e3daffa0b5111d0f8ce0d5fe38252ad6dc9b29f3ea57288daee990892bc2c8312dd862a01f4d9bde3c6159921fff27861ce73f7692010f10dd1cccf69ad696554cde327765946df1af57f01d4ddb22c0f3e5eff50a84e5cea6f9f8f6663509fcf156cce500de16baf68dcc865feea8dec069e63b8b5a806d221684d160b072606027ed012f4c530265e94f4709ee207676ef2a943ff7fa00ba37538d1893dcb53a547c778f5cd1ad0e7bb11b2d20394c50b6c9994d29059096c4647f46aaab200f3ca11e866cb0f1419ffcff07e05f6af0b89766e19c5d7644413704c1abd70de3a173ea6dc51bcfe1dc85cd7f2ed5af094f042ff459d5f2f36d700a86aeca5a0220aa241bcd237497edaf1e045169e21adce7f8af043998897b557f192f719d32efad6dd152b2807f6f9bb86f9d64c871a37f97ab874eb3e3eb5ee8e227d257b8ce643d4b83ad46d72665d3d85170711e2fababaae1b00a22df89003d2968b5b151a080e51493d32b864bffab8e1349d5f7348149ebaecb910128118f47fe81c1b28675b0d01eff630e0426a1c1324a654dedd6a65d7f4231d6ed46738d168db16303f649f21852ebec5b4ca3a97a33b1390f451fcc2207a8de01745f41e91777a1ee8e8bf3d9a15f7c9fb8784e4b96127d8e3ba13e0a02279a7da17c5c24ac8698b3fcf75bb1ba9529f682d29fc63aa51e4ee2d7b387b8d50b28ee7e50676e5330f16f149f28916747ccfdb68f8dd86e", 0x1000}, {&(0x7f0000000880)="1a6ebb352ccec228ca754d847e5ab97a902b1ba17422fde4ff0a8321f3700e90b4156d3ba0ffaebea72648dd37560af653cc38658ac8e39e2e579b2d428385be45a82060c990823257d327544b1dcf61bdc7f13ceaf7dec22668004551db458ad80ea142bdbc1076c274c04122379854cee5caea2dea934811b6ce1b6900281877bfe0fb1b30059efd38167f2897c4526b144f2f9922f43b22954e0a73a0590e7b2ec0be4be3e2c181aca56b8a7e1e0f243587199574656163081faa805ddd7ae90b61fcb8e44d0068eaaeabbeff", 0xce}], 0x6, &(0x7f0000001b40)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x8}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x10000}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @rand_addr=0x64010100, @multicast2}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @rand_addr=0x64010100}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x6}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_ttl={{0x14, 0x0, 0x2, 0x400}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x8}}], 0xe8}}], 0x1, 0x800) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000000ac0)={0x17412c500, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:41:41 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x4c00, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:41:41 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f0000000200)={0x2}, 0x8, 0x0) msgget(0x0, 0x474) msgrcv(r0, &(0x7f0000000000)={0x0, ""/24}, 0x20, 0x0, 0x1000) msgrcv(r0, &(0x7f0000000040)={0x0, ""/1}, 0x9, 0x3, 0x800) 03:41:41 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) [ 1091.133065] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:41:56 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:56 executing program 0: syz_io_uring_setup(0x8, &(0x7f0000000080), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = syz_mount_image$vfat(0x0, 0x0, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) pselect6(0x40, &(0x7f0000000180), &(0x7f00000001c0)={0x3fc}, 0x0, 0x0, 0x0) r2 = accept4$unix(0xffffffffffffffff, &(0x7f0000000100)=@abs, &(0x7f0000000200)=0x6e, 0x80800) ppoll(&(0x7f0000000240)=[{0xffffffffffffffff, 0x4001}, {r1, 0x87e0}, {r0, 0x4}, {r1, 0x2060}, {0xffffffffffffffff, 0x1400}, {r1, 0x8000}, {r2, 0x8000}], 0x7, &(0x7f0000000280), &(0x7f00000002c0)={[0x4]}, 0x8) 03:41:56 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 35) 03:41:56 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x42, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:56 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0xd5884b98eddc93b4) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) pwrite64(r3, &(0x7f00000003c0)="42b416e9abc3843f1cd3548f1a4d1b7a17a02477ba26af00e0aceb8db45f77b32f0f7dc8b734fc0cca661eb0b902e275f8701d334b4772340b0b84b8e58448004c6b46f363465d50bbf3fdd95a201482ddac3fc4d7687e11b01edfb12dea514a52fe1114dfb0db13e7ee7b02ed9bb111b6decf7092611c050b67c41a0c6f1ddd679dce79269dccbb424799e883d50da97458bdaf55e7af25e790630668ab87081f9742522441d66fffd3626d3a157c0b7d5c6c60c2b0b382e258262aa3042aac30e5fc646f2847cdbc73af89f72ef9ffdcd977d816bea936d3041bb9fafbc759d63a66b7af8a7debd5113f5a117c94b1999971f84b73dfd9f33a625360308188daf3b8c6b61941a64e82d977245fccbd614a606fed79ef1078cbc19a9051404461ace05a1573a02159be5f1ab89b9cb9f9437be19bea8d10c62996478d1ef43d5e78b6d4daae8e567b1f10a7e3405940be50bd441f18d5916e25cd6b63c16378ba01870946f6da077110a7f54532d72f6ccc7ec1c385a734c46d166eaf2c499304c22b9a941c9e9ff47113346e31e2f1b393d490052a72e9fab58afeffb178adc24545ecbb034970ea988ea5b979f254802db2586f21430167a19d123057689a74837e682407345f1616090dc470f43380c91b561395df917790f959c65ce8a6b2689b3fd0893a2b2bd27021d0cd609dacb0298f089b20af873a27f0e112bd1fff47a3e85b105c8a5139cab9101b6555ef4a5bfb0729ec35f244d22ae5c0b38b6650072b5509cab7f9d5131e6e25f9fd14fb0dd87fb86f439029052366a8c3dd9dbed676afcb719b66306a826b70c3edf56130734d75dafd55cf7661a8515d9cf5d4396807a458f165c3b4e7b87f3c7b19de794230f6f6bbb45d9e5c54bde6063fe99535f5c092719ae21dcf7192a2420422f677e10651a9aa782af8b8b7312f5cfa8737d6637b2edcf78ee41f1334555902091d553915fa8fca49bc8f0ac34553914291084a342af0e2a48bade1681f7844f411ca400d3fc6db31167ce24e5bd14e4342f3df5021d910797d2ed3065cff6f17f02780ae22bc8fd8d9cc58d58034ee024ed1df0a1f83e9a761055d1e3a7c6ca765980f933ee378636dbd3ac7963bebafcb234ff7a9a8a1cdca59debf8f65dd291deafe409dbb158e0d1a367ecf387ab2bd62fda34555d08416a0fb5a5c760eb621e98fa565d6c983cbb2ecf99ee0ad28e68d8f1c287f2e469bc0750ebee6554427e2f6b4d1bc265e4538f8c49d28f9398fb6d1174f7a147757f7f076e04abbcb312083d0599b312aabee65cf00babaf6d025705dcdc9bb1f0e3812f8f07f1a3ea64facf4e954a963f2a6838cee57e00c50133041860a36bf8fee663a2f11d2520617af7ff998065153b8f7756de1a4de892e69e001b1d90f9f475fd301efa5de496d66c84bd6640e792ea680c9a2445cd2f470f099ba4a359252bfad56ade647726f14e072c121fbd8b96df892befbd5cc6dcc6ea955ec8528ddb16d47605642c26003e16e39a1fb9326428571f8001dfaa7252a6b702c365eda7bd32b80610aba5882ac2b7f7cc065295d1a5aa41af612314619f79ea18293e61842e8e93ba9301079c40e6d52592c5b7401750fee819930acadada6cf45cc6a31f6d89836d1b8482614a7797f38ddffbbce139e20317afd921f378905b4951bb153c461ea2d4445ff6db29c401cc75f95afedc4b983454ba89d5aad09911b71e2fea5cdd0233d4609ecf6e3a993134cd56d7a19a70847c6a92119dbb6d6c2e55a39798fd81bc0907f138a79dbd2c856798e30fb76dcb5ace894a54265482d8d62fcdacbab61b20c096b80630407c49d150500e7f0784fbda33ed15565aca9ba228d70d7b30c9f0d7b0c35858602020b2c0d3f96a39935a1b124bb7eb31e29672d9f84e10ff1447a5547e6fb490503b7b0fb071a83afdb9963a22f1427dec5c3479896c64c808f21c585fd6f020e40ceaeaf7ed49807cd7f07226cb03a1cb20b1a046653380b6b97704a69c234dd6002e9012e534bf334b5eb6b6978fd96d8d85a17442254411b0aa2f7f5000cd166821550337289d1bad46228ede0e3dcdc3d6e54964308e0663cff7959800b4eca14367f279e0760d90e5d59660a5b008a04c3b5b735e4d828ca9602bc4b0661c428b55bf43486a84031ed4cdd4598e90bdb4e690d4a3a1d2c61a1d1e94fa557efb0195153bbd8fb75e24e9076b62393f52bd74516d339f690ff3c9cd7d8a6b965a02f8f6f15b63d3a09ed7cbd0f94254a61de2dfce474ed069b6afcfb1f8d2d4cd0e8f641c93ee2e5b56bef013130dc57c26406a9ee61f51eef7ad5635110ff9733bbda57919b19ed5b906fdae9f52aecf13cf60fd4165b67d060755c0dabce43f5908cfc677032b291c2dcbb95f993b7dbd51481905d064cb66217ebe63863c036f3b4bc5e18677361239a969683a0b77fc5fd396f1bbae1349870953f390f37513ee36384c4a21013eaad1f29c6d7b9fc0b0f185d70c0a8ff2205d2e642380045d2d753d8675fd5bbe9ce8cc2ff9c7d767b79bddf62caee3f9e9fe91e626049a18a3c2dc6ce8068d4fefb7ff2e0c1c9d1afbe1f24de15417ece44731f4936e0ca99525fbedb81bd3a2156788dae699fbfdaa91e473076cdba1d78f698e15d7cc3ef0f2972c02999ee300f3f6068babaafcdc2c2ec2af0efef20eb530538f5796dc764ed9a67b0b2c22e4c2ac9fdb9b9b9c02cb10a9d3b266867c6f460ecf73618ff7b8cb36d4bfc19f41bf4102bd5357094156d0c58b5ad08d8a8d7049afc4a68d6dd2e043f39a0b059922b12c4fe2707cf8a7a08dea78938e7210998a5c46e652e43d1d176e839e8570421d05cec1b5255a4379c8f303a815d5370540626d9a2fd3a626351a576946b8c7dd07d1b115a5d17f9a819826978b2dfcf9993661e92c6afec46b01d9e50688b80ccfa3f9db8f5218036a734bc684d587c8a40abd6ff51d65d2785b8239fd7354ece20d43ba38051874497034c543cdda17eee7391541bcfdea4ef70a7bb06fabe8f82ed38cb2cfc5a6390ec8b3bc0195ee5b7576bd401217e9ae8a0d23d7f96a276992e2151b2de382790f8b0ef5f0524d182625ae94930416747d84414e525d5898637581446fb5f00a074e76716f03b813d78a61e66d6deabee3e6a19f8dad907e0f2bfae6e80cb8ffa5e281a86bde33c125c31e3e2261b1622cc0319a7c10affc392b5aa5b3e18e72cdeb89a5eb412cc9e9fe2acdf520ba7cf42c2fc5d18e869e8be02afb77ecac0699d5cd8ab5673b6343d51050e1a75110f8de48d13487652394be5e48fff1e0700925237c1fdcbb9dc3290db9c59a544d8b847a6156c814261faa7e20e6a34cee72db846a5aa1c9007211a0e7bd329efa36cbf3622c9a0a11a6be90dced8af406fddb0465af01820efcc8ec3085ac328e4f9c08a363f0b3fa781291b9220455db02a1ea182f3b6ecad79f9baa3129d13a94e32d145d893d33a22223593677771de1592618cdbbeb7e603fa4723706e1f2a3a6218765650a33cf82873e129c3099cde2d8b044be012fd595f86135c1a3340ac205767b186e1f6cb16f20f9330b95149356bdf9c22f7f6f9aab426e8f2863329f8adb652c53ea2d40f77c14d5e645c7c4b9ba4351d83653226d98ce58309f9094eb56bd76937b45b45208f892254b998c5ccae1de11b16a8b0142861d195f03a7aaa3ce2ce28a6f884e680d3f535751239a5fa85c188693b9ca41c71cd86735dc124d3237a99ab197b7725747c43710de57116f162340739fdb0bcba1f605e0e2e18d2dbbd135f8d8583e488906a5ca0610de2b3c94cea7e807bf1f047cb16d4caf6d7d1c1d6c0e81d790c2a563417f6a26fafe7578146cc763d04710c66e285d0995c4b6a41a41ece27447dd4fe0cb6762332d53c08faa7cc29945fc4aba96f1cac22a6c17a401eab12654b84ab2bf19c805c8c82094450b55f2251fb7891965d1a90b525a92f4f0ef1b085e993fa1b910e9ef1d403b648f2764d9ff84da2c79543757e3dfd7524e1945958757d682124d4724f137b93e53e2747aba04521bcb26d8db91ca5adcc530c534049fe74a9d4d95e4eaf6cc788a463388c7ac478370e97bde3efa9466bea5323e6313724cf366d7b46d9aed7fd1e8a919b868cd0569bf9ba8c439b80ed1e8dafdbc220f2b046ef169e949a45f06921dd89cd6923a447777a64f62b4691608fe526bf2ff8ce1a6fa1f362c9f7daf6984d3519faa1d62cc438508872ed30d94516b3b17c4492cc2b89756c5a0d32e1d78208a6b8f8cd40ad623e14e38924c25f49dabd74d6c7109ea0d8936ff33ad94e24025f2ef95dc2e158ef60bd2b678648c799c3d98d24f8eaf64e6c0bac2a9631611ea513ce5d330765ee9411fcdfbbd39f10a8952cd0539a8e56913a57d5abf5f1738cb62a88798c85f8300947aad84ebb7864f18e5628920ab0b1129e588179f546c77d286c578b2c248d5141d7ff65b197f0d741c3d2b3cdda6655dc6c447739a6f02a407284a244e47d8d0a1c1eae14b4ef3f25962249169ca75a44310146ee8170b35a6c5a82d1e4c63b92cad7e9f4d3bf427b5d4941fd3cec5f66e3367c01b2ac328cbaf2ed921b8c0ee373521b0dc9788b07874742b59a858facebe095003514108b72ab9f064788cce892b6c55f1373035859da23602c8aff610a9fb45091a5d348a0bee77061af535711b3e5797b3676249bcc72c8af71a689a2a58ab9d400a55f5ebd5435608f10297b51dbaf351db1ca448066dca1f78fb9c8084f3363bc5104487d754150d0d25902e71141751eb7a7c609d5180702745afd09fa9fb6f0f688eb71b8472f59e062ac4931ffdedac198b97bf57c00274499344d4d05a9e5939fd70648320ad8dc79be019dd0ae24584c6546f7f15860117348446659b4f910fcd704b00332415527983d55873780e55c2f45b9d180518ec4372e10756f9737798af50725ece532cb5137596232ead102c3276d336cca640c02fee4b6935549e2a38002cff936057cca789071c25506c0d161c23d9be1cdbc51b4934f2c7c96a7a0d155875658d190c19a84db0fc19da1620f5fdbd22ba72e4eaa001a9375d84c515f04c251215fd762e7bb3e6b5144382b8946caa1bb9d420b52d4e356ee157e0af1e3a4f18480b47c28522af0d8931914e61d4dd4bfc40c32510c14a0a418156aa861c578c42ddbe045d194638f7e1a80d66707b33b050af9deab50a4f2a81fccc1e0e3111124235507ed5ead3f1163f271959ec34530b125b4f2115c644ee0c5f1cbf02161a8bb4b97ffdebea6886724690e60b545e0ada911339c4eb4a951b4ba72dd5ed29265c39cdfa76647d9fb4b3dc2e28b41c29f0fc970ff525d2a4386656c52b1f9d4812ab01399a6d37adf05ec969f76537a367e116712e276af731a5433a603d67498933ba8660f6ef8f3f1e2ce9173b6bfb4c63e9b3788414d589450a27b67e00e1b816ab7ca931f7d5f9493149f47e0cd4ab8f8e7f0527bdcb7e4ca8f8e536da330f9d1b2e75659466f592d52102ff0e68b533078e4cfc32033d7fc577ffd2817d6bf17ca884b17c8b3e1dc7111371f4ecf816bfea59509eedcd7d50cc896c465805cd48ee16d56bceda0329e81dba1caec2ba53b511bff4359e067b3e56e959e339836f56830140c15ea9b0ad3f296bca5c54637b6cfb42e74d8ddb13eba96a78cf7db101176104d62cda9377205a26bc6b310a1898df9e6b001946fcdbb67bb80a0ad991f24aaaa908a7e56c4b3c36c1dc59009c793b7", 0x1000, 0x0) 03:41:56 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x6800, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:41:56 executing program 3: capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(0x0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:41:56 executing program 7: r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x40) ioctl$KIOCSOUND(r0, 0x4b2f, 0x3) r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r1}}, 0x1) clone3(&(0x7f0000000140)={0x11060900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) socketpair(0x0, 0x0, 0x0, &(0x7f0000000000)) [ 1105.923491] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1105.954554] FAULT_INJECTION: forcing a failure. [ 1105.954554] name failslab, interval 1, probability 0, space 0, times 0 [ 1105.957035] CPU: 0 PID: 8025 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1105.958464] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1105.960200] Call Trace: [ 1105.960766] dump_stack+0x107/0x167 [ 1105.961537] should_fail.cold+0x5/0xa [ 1105.962334] ? io_uring_alloc_task_context+0x99/0x6a0 [ 1105.963428] should_failslab+0x5/0x20 [ 1105.964218] kmem_cache_alloc_trace+0x55/0x320 [ 1105.965168] io_uring_alloc_task_context+0x99/0x6a0 [ 1105.966189] ? io_sqe_buffer_register+0x13d0/0x13d0 [ 1105.967229] ? lock_downgrade+0x6d0/0x6d0 [ 1105.968088] ? do_raw_spin_lock+0x121/0x260 [ 1105.968981] ? rwlock_bug.part.0+0x90/0x90 [ 1105.969860] __io_uring_add_tctx_node+0x2c6/0x520 [ 1105.970867] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1105.971973] ? __alloc_fd+0x2b8/0x630 [ 1105.972787] io_uring_setup+0x2018/0x2a40 [ 1105.973653] ? wait_for_completion_io+0x270/0x270 [ 1105.974658] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1105.975747] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1105.976837] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1105.977907] do_syscall_64+0x33/0x40 [ 1105.978688] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1105.979766] RIP: 0033:0x7fd4717f2b19 [ 1105.980546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1105.984377] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1105.985951] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1105.987433] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1105.988891] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1105.990346] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1105.991807] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:41:56 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x6c00, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:41:56 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1106.028663] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:41:56 executing program 3: capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(0x0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:41:56 executing program 7: socket$netlink(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000700)={'syztnl2\x00', &(0x7f00000001c0)={'syztnl0\x00', 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, @mcast2, @private1, 0x0, 0x0, 0x3, 0x12d}}) socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'lo\x00'}) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8004) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r3, 0x29, 0x10, 0x0, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18}, './file0\x00'}) ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, &(0x7f0000000100)=0x0) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000002e00)={{}, r5, 0x6, @unused=[0x3, 0x0, 0x2, 0xfe], @devid}) ioctl$BTRFS_IOC_GET_DEV_STATS(r2, 0xc4089434, &(0x7f0000001440)={0x0, 0x5c3, 0x0, [0xbe2, 0xd7c, 0xe, 0x40, 0x791f], [0x4, 0x1, 0x7, 0x3, 0x400, 0xf089, 0x5, 0x40, 0x5, 0x2, 0x2, 0x7, 0x53, 0x1, 0x6, 0x8, 0x6, 0x7, 0x20, 0x10001, 0x1, 0x5, 0x7, 0x3ff, 0x1, 0x1, 0x3, 0x5, 0x5c3b, 0xfff, 0x3ff, 0x80, 0x8, 0x0, 0xca76, 0x1789, 0x9f0, 0x3, 0x9, 0x1, 0xfffffffffffffffc, 0x9, 0x61, 0x1, 0x8, 0x7, 0x1f, 0x5, 0x1, 0xa9, 0x4b13705c, 0x0, 0x43a2, 0x3, 0x3f, 0x3, 0x8001, 0x1ce, 0x8, 0x7, 0x6, 0x0, 0x9, 0x0, 0x5, 0xa082, 0xff, 0x72, 0x400, 0x4, 0x8b, 0x5, 0x100000000, 0x9, 0x7, 0x3, 0x59155637, 0x10000, 0x0, 0xab29, 0x4, 0x1, 0x3ff, 0xa403, 0x0, 0x4, 0x8, 0x4, 0x3, 0x4, 0xfffffffffffffffe, 0x4, 0x5, 0x6, 0xfff, 0x1, 0xffff, 0x81, 0x4, 0x9, 0x6, 0x5, 0x40, 0x4, 0xb0, 0xfff, 0x6, 0x7ff, 0xe7, 0x81, 0x7f, 0x1, 0x124f40000, 0x17a33f67, 0x7, 0xbb, 0x8, 0x40, 0x4, 0xff, 0x9]}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001880)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000440)={{}, r7, 0x0, @inherit={0x68, &(0x7f0000000340)={0x0, 0x4, 0x3b9e, 0x7fff, {0x22, 0x3c72, 0x2, 0x10000, 0x401}, [0x10001, 0x0, 0x6, 0x7fff]}}, @devid=r6}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_RELOAD_REGDB(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) 03:41:56 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 36) 03:41:56 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x300, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:56 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x7400, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1106.197280] audit: type=1326 audit(1700538116.599:116): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8015 comm="syz-executor.0" exe="/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2bdf78eb19 code=0x0 [ 1106.234035] FAULT_INJECTION: forcing a failure. [ 1106.234035] name failslab, interval 1, probability 0, space 0, times 0 [ 1106.236425] CPU: 1 PID: 8047 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1106.237821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1106.239540] Call Trace: [ 1106.240090] dump_stack+0x107/0x167 [ 1106.240846] should_fail.cold+0x5/0xa [ 1106.241633] ? create_object.isra.0+0x3a/0xa20 [ 1106.242587] should_failslab+0x5/0x20 [ 1106.243391] kmem_cache_alloc+0x5b/0x310 [ 1106.244243] create_object.isra.0+0x3a/0xa20 [ 1106.245151] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1106.246206] kmem_cache_alloc_trace+0x151/0x320 [ 1106.247187] io_uring_alloc_task_context+0x99/0x6a0 [ 1106.248220] ? io_sqe_buffer_register+0x13d0/0x13d0 [ 1106.249250] ? lock_downgrade+0x6d0/0x6d0 [ 1106.250111] ? do_raw_spin_lock+0x121/0x260 [ 1106.251029] ? rwlock_bug.part.0+0x90/0x90 [ 1106.251890] __io_uring_add_tctx_node+0x2c6/0x520 [ 1106.252871] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1106.253934] ? __alloc_fd+0x2b8/0x630 [ 1106.254724] io_uring_setup+0x2018/0x2a40 [ 1106.255595] ? wait_for_completion_io+0x270/0x270 [ 1106.256571] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1106.257622] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1106.258690] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1106.259754] do_syscall_64+0x33/0x40 [ 1106.260521] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1106.261577] RIP: 0033:0x7fd4717f2b19 [ 1106.262350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1106.266203] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1106.267790] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1106.269279] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1106.270759] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1106.272261] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1106.273744] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:41:56 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:41:56 executing program 3: capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(0x0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) [ 1106.285572] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1106.300216] audit: type=1326 audit(1700538116.704:117): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8015 comm="syz-executor.0" exe="/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2bdf78eb19 code=0x0 [ 1106.303471] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 03:42:11 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 37) 03:42:11 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0xd5884b98eddc93b4) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) 03:42:11 executing program 7: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x3fb, 0x4) sendto(r0, &(0x7f0000000040)="5ea18a99", 0x4, 0x880, &(0x7f00000000c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x1, 0x3}, 0x80) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140), 0x10600, 0x0) sendto(r1, &(0x7f0000000180)="233d1c7820d3b6195ab1e5daef123a211ac482ae43bf8bcb940fd4749d26d108cd629c4eedbf", 0x26, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 03:42:11 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x7a00, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:42:11 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x600, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:11 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:11 executing program 0: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x42, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:11 executing program 3: r0 = fork() capset(0x0, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) [ 1120.660127] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1120.663511] FAULT_INJECTION: forcing a failure. [ 1120.663511] name failslab, interval 1, probability 0, space 0, times 0 [ 1120.665829] CPU: 0 PID: 8071 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1120.667227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1120.668926] Call Trace: [ 1120.669472] dump_stack+0x107/0x167 [ 1120.670222] should_fail.cold+0x5/0xa [ 1120.671010] ? create_object.isra.0+0x3a/0xa20 [ 1120.671960] should_failslab+0x5/0x20 [ 1120.672735] kmem_cache_alloc+0x5b/0x310 [ 1120.673561] create_object.isra.0+0x3a/0xa20 [ 1120.674463] kmemleak_alloc_percpu+0xa0/0x100 [ 1120.675404] pcpu_alloc+0x4e2/0x1240 [ 1120.676189] __percpu_counter_init+0x10d/0x2d0 [ 1120.677127] io_uring_alloc_task_context+0xcc/0x6a0 [ 1120.678137] ? io_sqe_buffer_register+0x13d0/0x13d0 [ 1120.679179] ? lock_downgrade+0x6d0/0x6d0 [ 1120.680025] ? do_raw_spin_lock+0x121/0x260 [ 1120.680905] ? rwlock_bug.part.0+0x90/0x90 [ 1120.681769] __io_uring_add_tctx_node+0x2c6/0x520 [ 1120.682747] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1120.683829] ? __alloc_fd+0x2b8/0x630 [ 1120.684614] io_uring_setup+0x2018/0x2a40 [ 1120.685466] ? wait_for_completion_io+0x270/0x270 [ 1120.686446] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1120.687523] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1120.688592] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1120.689654] do_syscall_64+0x33/0x40 [ 1120.690417] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1120.691469] RIP: 0033:0x7fd4717f2b19 [ 1120.692230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1120.695967] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1120.697519] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1120.698966] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1120.700436] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1120.701890] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1120.703348] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:42:11 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:11 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xb300, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:42:11 executing program 3: r0 = fork() capset(0x0, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:42:11 executing program 0: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x20, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x1081, &(0x7f0000000280)={0x0, 0x0, 0x40}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000800000/0x800000)=nil, &(0x7f0000000180), &(0x7f00000003c0)) io_uring_register$IORING_UNREGISTER_BUFFERS(r1, 0xb, 0x20000300, 0x3d) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x2, 0x4, 0x0, 0x7f, 0x0, 0x8, 0x20394, 0xf, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, @perf_config_ext={0x9, 0x5}, 0x51104, 0xfffffffffffff837, 0x7, 0x8, 0xd0ea, 0x2, 0x5, 0x0, 0x4, 0x0, 0x3}, 0xffffffffffffffff, 0x2, r0, 0x18) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/schedstat\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x6c2fb2b8) 03:42:11 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 38) [ 1120.811054] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:42:11 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xa00, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:11 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:11 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xf000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1120.913509] FAULT_INJECTION: forcing a failure. [ 1120.913509] name failslab, interval 1, probability 0, space 0, times 0 [ 1120.915903] CPU: 1 PID: 8095 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1120.917300] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1120.918985] Call Trace: [ 1120.919546] dump_stack+0x107/0x167 [ 1120.920292] should_fail.cold+0x5/0xa [ 1120.921068] ? create_object.isra.0+0x3a/0xa20 [ 1120.921998] should_failslab+0x5/0x20 [ 1120.922770] kmem_cache_alloc+0x5b/0x310 [ 1120.923609] create_object.isra.0+0x3a/0xa20 [ 1120.924509] kmemleak_alloc_percpu+0xa0/0x100 [ 1120.925425] pcpu_alloc+0x4e2/0x1240 [ 1120.926202] __percpu_counter_init+0x10d/0x2d0 [ 1120.927145] io_uring_alloc_task_context+0xcc/0x6a0 [ 1120.928160] ? io_sqe_buffer_register+0x13d0/0x13d0 [ 1120.929175] ? lock_downgrade+0x6d0/0x6d0 [ 1120.930024] ? do_raw_spin_lock+0x121/0x260 [ 1120.930900] ? rwlock_bug.part.0+0x90/0x90 [ 1120.931779] __io_uring_add_tctx_node+0x2c6/0x520 [ 1120.932753] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1120.933797] ? __alloc_fd+0x2b8/0x630 [ 1120.934565] io_uring_setup+0x2018/0x2a40 [ 1120.935399] ? wait_for_completion_io+0x270/0x270 [ 1120.936348] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1120.937372] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1120.938414] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1120.939456] do_syscall_64+0x33/0x40 [ 1120.940214] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1120.941252] RIP: 0033:0x7fd4717f2b19 [ 1120.942008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1120.945726] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1120.947274] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1120.948733] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1120.950182] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1120.951645] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1120.953091] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:42:11 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1120.991088] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:42:26 executing program 7: ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000340)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB='\x00'/16]) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000300), 0x90101, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x248e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r3 = openat2(r2, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x444002, 0x2}, 0x18) r4 = eventfd(0x5) fcntl$dupfd(0xffffffffffffffff, 0x0, r4) utimes(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={{}, {0x77359400}}) mount$cgroup(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)={[{@subsystem='freezer'}]}) r5 = openat$random(0xffffffffffffff9c, &(0x7f0000000280), 0x561001, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r5, {0x4}}, './file0\x00'}) fsmount(r1, 0x1, 0x71) r6 = fsmount(r3, 0x1, 0x4) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000052c00)={0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r6, 0x81f8943c, &(0x7f0000052e00)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000053000)={0x376, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7, r8}], 0x6, "5c83c9bf8af498"}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000001c00)) mount$cgroup(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), 0x2812020, &(0x7f0000000400)={[{@name={'name', 0x3d, '/dev/snapshot\x00'}}, {@cpuset_v2_mode}, {}, {@none}, {@cpuset_v2_mode}, {@xattr}, {@noprefix}, {@clone_children}, {@subsystem='hugetlb'}], [{@fsname={'fsname', 0x3d, '/dev/zero\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '.(+-^'}}, {@obj_role={'obj_role', 0x3d, '^('}}]}) syz_open_dev$mouse(&(0x7f00000004c0), 0x1, 0x432000) 03:42:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 39) 03:42:26 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) pipe2(&(0x7f0000000480), 0xd5884b98eddc93b4) pipe2(&(0x7f0000000480), 0x0) 03:42:26 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x30000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:42:26 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1800, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:26 executing program 0: fsetxattr$security_selinux(0xffffffffffffffff, 0x0, &(0x7f0000000140)='system_u:object_r:chkpwd_exec_t:s0\x00', 0x23, 0x2) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f00000000c0)={0x0, 0x0, [0x5, 0x0, 0x6]}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() fstatfs(0xffffffffffffffff, &(0x7f0000000640)=""/129) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, 0xffffffffffffffff, 0x800, 0x0) r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=0xc) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000001e00)={0x10b8, 0x1e, 0x0, 0x70bd26, 0x25dfdbfd, {0x1}, [@nested={0x8, 0x17, 0x0, 0x1, [@typed={0x4, 0x5e}]}, @generic="f324f7e45c7b4162edf93222f0ff36850a379e9d92f9ee443c655482ad64dfd5586d42852143", @nested={0x1073, 0x5e, 0x0, 0x1, [@generic="b6817ecba2db2109b7bb905b9ee2c63661c611825be0659e659ea3d054d7523ee82b8fc964f57c583db04ad2929d28cbb48d41aaa65787c85bc00edc10c43880e7368f3a9605379db85acd72b01e407e70498d", @typed={0x8, 0x82, 0x0, 0x0, @fd}, @generic="dbcaef8b7b052a10fc2c0635522bf086b410d81eb6de392914302c1dcff4aeb68e45850b0e8ad53b9c3442710300753a80f1b9df7481a6b24d2f9eb62e0f31422a91c0185148761306e75c86d2f7464ab200261a34345479ab76c053c486eeab2d0a55ce8eba9f2e9c0a18bcec5f550e6a0da88a4dc8303b0afdb25ffa314e942f4367f9cab6a0977bc33d438639b4a72936c8ed328ab93f709df5ed62d3913ae5fa40de3843fb826139cf0def354cf085782f40f577f83acfa7d6d0e43879a1b6891fa650838c3808304e0dc899b3945feff8e3f79915bc4b5163b1fd01177d7a31c1a08a746c4270af67c3b898117ac04b1d1e449cf91db2e65e28119655997316297e6a9bf9469e3792e80c59096a17c0d70d31f3f6f91b0801bef3ef858eb93e469f00a06c48cc6805f1104278c249329c05f35f77b701f2c27dac871f5447357d60f1a3abc37ca18c2cf55ac8e2959df8cb93873e9664949f23b0f98a08f7d994d55c5d961a8088b2166a0a7bcb740c796f8d4b2287d4ff814548370d932d07847aa70a4b8d64f63e891d0241bceda4dbccafd346d31880645732a2fa7a464419988bab54c8f86fccc3aceecab979e3960f581a4f67a8545dc6f14bb08e5373726262e6772ec0d9de746e773267e5f3ef7429fde86b0e619e9093e9ddaacbcac1645b691008789e07e52fc9a4f39f84e87c30e6124f08a6102ed53af4f1e05eb1bcc115f1d070f1ce89b8dafb4a16cb54dac83d2e966f69eb1f29b7ff60f1df1c971b0d04bb319cf0374e2d858bc557f7a06c72508b884bd84e7f41a837f6610a62ec86d89aacc1c641f199361fc7bfb78e7949b02eefad5efa08b949a3ac842873d0be973bc36ac9f24ea07f3f18cff74bb39586aa4baca6820b19c00910fa1887f96287bebc17718446be728d85e6e7f9fc4dbc99bc03ad6d984f456c4dadbd2d1525e74cbb7507374f79ecac7b6c5f4eccdf25ff3eb8c290499a99f8c4cfb224c9f849eb71c1114a26475a1b9bfcfec02b9321822b7239d8a6bd0c61ab4decba2aca95632e4ba424ca479106e093b8f3ef15a980a66e8c69b9c0038aeddf6221bf2c687489d7b40064212b796a109fa734b94fc07846c2b3c2317cb2d43572a45d547636c7bd77b3b9dd4c5e50eac3133031ca500c954ded3965ab00bc87f78114d9b4c13bf00e90e691bb688314804efee5a48a800ae9d8d84632a936f13d212a728f4e6582966a531124606483925967c6b7b243c529bce2d42f397e5f6ff7eb20de5312509eb6c483db0a3cadff0be7701988b07e941d0b6613b9c30247d89ca710393a492fa2c86031da09467951b454bb4be05b98b730da81e4851041bbab63f9a587f1cf2d9bc4650e043d3e3f70eb801debf207598133db87232077a5ca772086786afc56dbe779f90687199b8e709daee493a3d7c6c5c2d74bf92b439e43dda1f07231385884797d6d84eebb3c0f9311c8e69ea64b15af7eeddd72028dabe8109a56bb312af49961a5c4a99ca145c08497654e0b9d96871729114e1f7d403942ee147b7cb6dd594a84a50328672729bd684b1fe3cbda839cc734d04264f0b6147c4f94a1b3d49049758acc055f5909feb851a2bf225372163f811bae676b82e94f33fc77ea675ff49075ffdc6a3cab679eeb9e1ef76cbbd26c4610eb92c00ac64977bf85b74286da797a91c0224dd600e79843385c1104de5f31ba490f4c8f7eb5aa4ee758af1a99b37d5cf551320e44512e73da465cce76081dc537a2f7aa3c345c774e17f4c1606e0a1a73f28710dd8925d895a62153c7a7c3b42fc175bc5923eccaf350b3723e43aa48f822c4421b5ab2037bd3f27c3e4c20a9b8b385fa04d3da30c4eda6304b7aeb9e9e95ae2d1382d32f61ee375544af927ed46636a9efd03c8a19532f9d67abe1043e3426c1dfb17b7e353db9684629e7c7c354d09bb2951c4c8305f754edac67db04fcb3b02e5b3e0256d32f86647ee82e2a5ad590d0bb30055b9c6eb2c20003944bdf31bb8e7f9c2136dd95681c7c88f714b51ffde657ad7b85afb3d53ee7ec950fd1364b8bd0334f97cbeaebbcccb69cbc32b19c3b827d03974980716962f28b2110c6ffd343df6730bb87e998f8237548152f862195f0e4375d22660a240728ada8bc805abac87a83b42aad8563b5e3b61b03c14a26b9c8a0f6d8fc5d0d201469837dc19db5bca4facdd297f74f8566f45c1c6aca0d29e09f403800817b8b5f1aa333a3e6f7da34b2f7c92d536cf1906915b634a67e7e2a0b4867305ccbc82e0d4404e48e82731451de1606e961d725a38111c8b152e2b3d6b9b637d5cb18a203d2e8e2649833c29898b57542cb1f6968b0e4c34a85166f2d4a6c912c282884d0701a5a28360a3ba3f12485dbd34e22128c1874aaa3fa19d81436e0edc27fb15f3cdedc663276914760324f9d73b82ff9ff874bc7da65d5026b5b33614699bcfb153cb0548d243d25ebbb97b1eb7da0f28c93af4e07405651981b7c7a0ef8ffdf84c096250c330edca418f5d25034f3ba6db282c9d1794e31c53a0527fff4750504f104a8e26af124b1fab65c8fc76a23b513fc774803a4fcaae76b4b75ab7ab7276a61bbf9800326fb0eaf099e41c302124e6fd7436e284ba6b9299b5e866583f02594becc5613d02c9c2fd71f7ff8ef83015e087a4c66650550544a94aacf4867c42d2264565d86c836f583f575d05689cdecb53ec9f7b03ec900f02d69bdff17ddf8461eb5775d64a0b040bea7fceb0619092a65c1238fd28f8b30bdd88d57384df82525212f56927c7d09d48942062fd89172827efa963eb520fc044ebc2badafb6a605dcbba831f2c0b24974c316d1a50c6c859280da939d7e97b580c87f2448222eea287734e70037f802050db5fe82a7edd388b9bd8f7957dcbfe643c4f1b83e53fd2111191bb1f6d2dd9cb0a8b7a02d8625e5023ba52364194e1ae97beab4e64056af345f849380646eeaf38fe6ae8bf6acddb861496118d411c7ee6bbe92a829a0bef2dd76543e8c51413d8087b16fbb7894f609a929fa3cf734e97c6d449e13c51e4734379d48a3cffa9e2b64d18f3a4b44f59dbfc8b7700f558f74892cb4e48f727bef796b1d6ce2bed2d2b64c8476c549c0c0c594fc7c09edb441efeba78c9d791302a5d878ed08e27b0e6801ff4a08d9f7e90dc9524922778d15ee123d29a64516934bb3f7eb1b6db76c1071fa3cbc740a0615c21ee8dace4433312bcd4376c03572fe187952e6d892559898f3c52904008c6bc7edf978b4644a94dbe8d96464cf19efde17ca94eedf434c3d7f18b8d3237d754f123d6b9a98c5e468f4baab620aedf73cd55096ee0d750e9a03ed81ad01cc7b010d8e5d6ec977507dd3982ababa5d7a3e33690804815b1e405c7aa3eef0b7177c7b3d81c64741718b59522669b9a8046086890461589e8f69bbe617691af11ba3e9bd4f49b2c596c68d88bb4f6af0ac6fd256b1d257a1c2f804f753b8be22a8a3077bf34842c3f74a0a50cdd91aed5df46b1cfc01dd38424df422d804de1952fa220c97d82ae3d3962463a06660bf1f024c48bef2cd16e3dbc87bf39df6545d4ca42455d86dcf4a08b719f134d26fa6c503dd90d7b94b4d3b5532059a5007018a49372a732fcba390be19e6595a9209e9d1c283bbba9422254e6b585ffb0dcf10da1b19511a8df303e385f5747b556f35015cb12eb1696bf1d47a4c2c3c9e8b75d48ad05f6d31be30c9ee16f8e1e9ccb2fa10936b23c8faf76ba720e47749d7d11bf34f4cc873145c93599cb5080b690e4f59da316fffe19e127f3729a45ecc6979d4a3eddc425376a912964bc99f859c0858a742d8987322bd396674b0b351c443e31da03e16336b22a4b545953577e63059bd30c8c975670682e4c3e3c31657316350e57d4a7ce161b940203816b69b9df20735048fb562d06fa795042088d7725c9d4e67574397bf58ee6f8d70c07ab987e328ab231bcf7f7d62b1f49803a3420ccb4519a837f5c7f3ac189cf5e07a77521aa68298cca2dbc7f2dd42675b5b32f33910d0a8a65f4ff4b16ef347c1c6fcf689d0be2afeee3fa0faff7a91188e1edc2af662e29539354b3b819e3ab704c7ba6262b405cab1f5f2f216854cb0baac72c4f7b5b8a3e2d0cf0bf0fe6728ee9cb0e22f8f15b093744c2cbf327e5b7c4bbbf372f75467d658bee142179b9ba1ba0fc3b063ebdd56642abf981744a0932a65c671ba281547bae8f320d12af2852d4ce79ffb5c568fe5c693a5fdadb2f224b12004723955ceb92cec9e6ce8239ce036c5a8840db338c778235b1154b9a058ec3bb9fb9a5643ea8cbe1186b08f5a2d242ef5ef2950488e1210ad913614c8f6accf26eba36d261f4c567c9f518c6fbf3e0da87d5bf62b17a0f88b31eeef03860e2a458a552ef0057c2d539d6169a8a3f1e60727b3836edb4292a7c3509466eb51cff69f0933b60731d4cc6e21561b6cafb4e342af1dea6b3ae58b899fc5013bf22e922d579689cadb4b4ca98e36827c2f2d7f8cd8ddf14d282f07fdcd77030ab501fcbc8318941969c0a815a2b45cd9fde9a4dc63453b50a5ea1ee1a211702c8a6e31e2211ba6447a23a081e4f79ba3bed1ea39b42081eedbcc6b69a8fc0d787d99b0120fb8eae9817b9cb166bc024cfee38f0354d8684ef15591fc38529c718423a2ebd7835d4a5ec3ecfa97f0c1f8002f14526fbc137d51006fc5d774d33d4bc56c0b239472ec4357a6e3091c4421b3dd98ef600a73a904103a3fb6a9bed30f248bf2f93c57e557c030a1e88a8df58d442ed43fb8ff60ac1231732639dc04413f4e5e6b4a43c6cab11f1884cb4deece797a19bbd8b3336ae2c96572c4992737f4cd8c79a4e5de1753818069193c535698b02bfafa7150bdb88eb305ea6876b640fe2732382de5fe97234fbf9373f99385bf27bb71583413693a392e30d33803f44c86719c7b868b26885998a7d82b8fec2337acd310993691a8ed329ea30e68b587a3dc97f050facbcad2929698bd5aac29c5c3a32d361641ad1a0ce307bd3f71dbe36a2a31272f336c2d98da0cac3434878dc82de88709f6db319b2a1b27bf71e93d68b776fb7171d19ab85da22025ebc1c962b37a3880e9555396fb41f641b74fd2452fc39f95a27c22635389f499b7a899a63204d009b3d2855b88e27a304740c82b82a38b1fbe98e10380670133362f77afb3d955d77843552c4cc1fabdf4641e87e1f7ff8ae6821bf2e284d835df712983a5bb85d6a38570706ca04b7d9b220659ebffed7e1056ef1dae8d5a5dbe68b2aba1146f77a65a73e3267ec5c98a25c95a71788909dfd75b904a9c82ece736fba45c07b56c17af281e99e3ca59211a7bcd369debe5833a3723b41bd33ce7425f80cee5198002c9974a95a14dbf5769acde57bc97f6bf5750cf68bc05a6e34d3e29a67bd6114d150f3e0806961a6517a8a86f7262aaaa77bf2837ced9f9a9ab9e5de9a651c7dcdb7a96c5d51fb9d5fdd0824c9cfcb41d9abc0f984840dad1bba4aaae7db4f5269fb57500c40d183ba37f1d037c6294f6ad69761d81e3a94599b0843e00f48c8e846f56d6beb2c6a042520c21a01dad7d5b4c72716e74d855e4c528fa8afc0fc42638c4b0b693fcc1d26b66db8a134507446dfafd612e90ab7062be594bac00af837c29f9b3cf99ab1dd3fdee68de2197bede3e30144d3e44a4e1a10ea4e26cd3454a202a71d476ba74afa08a3a1f09ee9718425aec39630a4c15753f865aa4733740218c2bd2133a0f7498aeb4e4b1a351892bbe8f34d3", @typed={0x14, 0x70, 0x0, 0x0, @ipv6=@remote}]}]}, 0x10b8}, 0x1, 0x0, 0x0, 0x4000}, 0x80) fsetxattr$security_capability(r3, &(0x7f0000000000), &(0x7f00000005c0)=@v3={0x3000000, [{0x2, 0x9}, {0x5, 0xfffffff9}], r4}, 0x18, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000000700)={0x1378, 0x37, 0x2, 0x70bd27, 0x25dfdbfc, {0x17}, [@generic="dbbc2b06251536c91c79f362334fd65a59382d4fe4db7967766ab606", @nested={0x2c, 0x4, 0x0, 0x1, [@typed={0xc, 0x28, 0x0, 0x0, @u64=0x57}, @typed={0x8, 0x8b, 0x0, 0x0, @ipv4=@multicast2}, @typed={0x14, 0x486, 0x0, 0x0, @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}}]}, @nested={0x4, 0x1a}, @typed={0x8, 0x3b, 0x0, 0x0, @fd}, @nested={0x130e, 0x82, 0x0, 0x1, [@typed={0x14, 0x34, 0x0, 0x0, @ipv6=@loopback}, @generic="361a09ba1c977ae7790ab9d24c8ad4f3b7c041ba1d3a4f3f11ab1fc68baf81599bd770c8fc4618d1916091ed2d773915b36824933c8004f6bf52ca974d344343172b4de3a30edbc22595485c8df0bebc5c0e8920cabd8f9f3806cac4e7ec41ad1a747813c89c2acfb431732f220549e1f47708219659d36c03ba611d143ac3b0841ca9cfcca8dc7cfc24dba5097ef4f27c2522cb63609651ba5fcc268ac5fbfd5c", @typed={0xc, 0x86, 0x0, 0x0, @u64=0xf6e}, @typed={0x4, 0x48}, @typed={0xc, 0x6c, 0x0, 0x0, @u64=0x1}, @generic="fb25c41479d8b5b48a41284da6838c443712daebf2ba2d532996bb60e0c19829c3b2e6370bed2c811070ab732655aedc3027ee67fe30b4e4a7d2b4d7c4d1cb03d6ba1b8dfd4cd1279b51486fbec287b8f06cf950f7cd7634897d20c18408875fc53d26e2aac6150dccf0653245a3345a360e0eda61824b59aa58c1a4e00b8aa416b8b420a8a9da61dd89108d2c1a1b2d71ac6d69a6e14b0114f6bf85139070dd4292d09ecffc4ffb6617211156b9f8fbff11a170c75bd3f63ee89055c8aca791227840dcd89494784aaef4bbf1e6bfc085e295b4e81e5c0a5abad933857d856726fe235696a3", @generic="c1a27ade522e07b74c53dae211092e875d0c421f3896b23358a4b81ab2a20eca742d9a07c569faf5cb9aa6a0ca149a4d7cbdf9df2f94e26d7ca4b725aff39ca774534bfd1866b1f55e141f4008476622c423f2c2b874b12e05e49aaec205cf1162d4a81c4dd9238b221d2069c158e3bdae1987d1b286a7485c2dedfa14d6ba9de69dc256f6bebfdf3b624d596453d657d6cbc21f6ca157a4376269e3a8be44f864c8a5e5c64c7c00eab8d64de5f61ce1378c31311c66b60479620ce0619ca8ff037a916dd9bbd775b925361abb4044b6e06b45ae73a9b6710f30aaf77872f0cc013557c7de5fe396bd3eecc78cba1f4cc989bfda3c01bac40f67337571dcf35243732d1c715f2660282b0b757b4665b82d1d4d9452a05989ffadd76735643c1cdb3d386a9e88a4411f18447432572489855d9c75f0f7068f51d001c03d45142961f825ff3ab41c1961440d81a430fda83591eac1aaec674a5a0e11fbfa68dd5204e0bbec8ea691a8dcb102db75e63ddf6d731fafc433d4484f3797f91f75e324e6fbbf0b5ef6beb9224720a82768005058477e83ee1f8172c6726d3a85e66447034af118ce48d17f929e609a978d6616ad3c8d77b1ca22361c78b6231e0d916e2aa64af4b8d55623fdc95ad95695262520c5fe9af53881159c9cd0fc2fc90c351c13b1e9e3cee0c47fea912c42d11c498ea515625282769c4adde796a1ed97a95c56b5daf569726632790e15c173f1ea11c986bd8d4fa1b931c6fa08c577ad7cd93f73078c4da06b2a7074333b2ba224ac3005e51130ab1d82fcf0d9088aa1d37d404f8234b17de92405b8201d48a0cf03947ea285a1db1a3cb8dbb12e8154be4baf703df0b1a4b39e35f0220428f03b5e4600f38340daea4c94ccb57d84b0b10d087be518be28a0e3f5d8610eb9c35fe2dfdaef9f41643a5dda6ccf9bc31074a3a44496e9a014e086e6b27682eb09286af50daa8d7f77d7642c4d229f679fc8eb5558da50d55545543de2777c02ca3f87b178fc7b5f1db251eac36fb011330cc3e31bf458b418bc77e9f535500621e300de331d8a3b721727e9cd3aeb87c98112338bdcaece836155212bcd8cbecfcf358e88d140ac6decc93e5970b26973f465a2375f7965c55bdf67e1b6480a2d8ee81feee7b143bfaf9bd567eda52cf8a35a03f8e345f5c6695c6ec37c9328f76a5c3c1a8b83ef758c51587b2afc119ae34330b1ef01ac020346482d57f8933982dc9944c2dd493aa361759d25874144cb7997b19f7c2882f9029109fe0ca20d350fa97d6cdd1f4e7a71e4b616a622e2255807df15a3bb5ac67f6b5b1100986c45068e65ef8251eb6fef98e2adde603e0d0925e29b501e2853886608c309dc460c3c0a041d0e251ea57deb3601ed5f27b03b47bcd7f3391840f97192ebd8b0618c5341660914da26df2ee4237b1bb44d242ef2f702665cba04b5878365c7519e77bda0aa3ca6d1059fd90c444ada1e2cf975808340a796cf6bb52418b006d88f94b9633c2c98fa7a61f7af641080543f4aa29908d1b591073f9a2d01aabfc176864970664b66bb9210474304646a2bd154c1111610f4f656a8055f6e3c9eedfcacadc9ee3f3ea36533ca4050f2cea61012c150a0d0107eb56513d6a8d8512965f1fc7e7cc2cf274504f5f36b12a9ad758b765e2bb21d5a08727f2a05d45e47f2e6bad6aa64b77fd6977e5b1c8a925457b7f576cb55a0260589a5dfbbe6d6cf9c9c540a1865dc2a0975e8541b8547b98e5415b8ef1ddc37c5019b554d44bbb1bf099016365c185774761a66412eafe825053098d750aa29baadc6e15ba66624ddb8193b9c8482dd331e3103aa23cd661a89cc167bfa11fc175adcbb83c04ca55eb4abee7dfea0c44920567993c9c139e45277d45894e0b0b6f14aede4b417a1384029d5b7920c28a92f286767ec31894288b9d44c1519e91ce731731091223afa07e349e357bd62e220e75fcf20a511e2614ee42968a403fe449babf798fcfc35f832b0375114d02e503a7bc34d0549cdc0f4f461c1b89591a173b870ff3aa118d1c891e9afa193e659cbfb5401e6f92b35166bc5ac10b9831cdfabb2151ecbd633503939a89fdbca66fe420542281b9a153405a9958d5e240b07f253282755ef9efd9224cc3c2ab137e6516bf3679ed61711702cda18731df3e1767741c71b2e2b9396875aa19598a945a88f3a06a532e6defbd7eda3aa31bc8539c6b3ff13735693d13489202fa1944513bd7120745699fb68c67037b9044291e9656b7923c63893ddde6c6e0790e5d66e68006964c5663220d81defc72d5fb7accd2e3ecf0000296310f3e61f89f6f376bdebaf4f34708766898aed8ccd9844ff0fd5f934a69bc58b10c1621f65f5f3ffbc77ed3c46d7923a81ede31b0fc87d3c25830f7bcf17305a40c87d4aa6d8e5771dda2a0cf5dae3dfa1dea5f83becb93937f3efe3a5d8ff04ab044f75ec4d5d309e80bb2ede9884f10a4a275541de3da71b576c8e0c9793b1c878bcd3621afe7204fdd69de165fc29444226459d3161eb26ca3b5a8491edbcd4e359ee0a9c4ffe000a961ed324a25eec2881a61e3d89008f6509a24286f1f761b418ac201911a1bf0e6d8e67880e83ee10c1e6303dea92577823df7ee7b032c4dec8ab2f1ea9d31714549f29f6d06b2d889529b456c73115cf25461ddfa2cfa45afa22e65f6261cf9a945858cc16a45e22f0fe7965b277370a900d03df5f04642a4f37ad2312d8c8d10fdd871d701e20f1721910b0e3d8b4d318257d6fad49cd8e168d4b372fe429570c510489eb7d705ab19932d74cf50840142514d823c6365e408818234b8959dd05d245f4bc286c50084dba87f854c89b7df0271048bb431e1a55a57c5901f420a13a4e018cf572800e4e74d5d26e713f9eef6ea9f6e6d8e6d50d9f692cb6ec0dc466909afcb368e59cdd0bea4801141ed56c52245edb078c044b0d1d808f43b781a3b8768b9a8cee123cb7270b64c9e7635c2c651a33502b3b721d168e5686bf16faf68f57dc0ddd51e69f11952014de3083cbbc8d57c5cf1e2ed3f9fe566c1c74572dfbda7abd48052bdf6c982815cfae08afec9d4b2e7e519293bf786fe9577ee7a6ff4825759ce353793e0c774342f4d5151afb4f8a8ff802ffe71f4bd91d38dd8cb0908566bc5643ec02e4fd1367270c512decfc7156793a8f254e09e0b88f48969b3fad5124eb0d205c225a5f5312ab6d0a7fcdeacf6f6e43ae87b5cbb6d8c3c8b94bcaa9263a291d23b87e84049c71518ad89326f0cbb4275a4df0499c4b94c9518898c47ede11f958a264a9dcf0693e8f9fa8b8b85b892a681ae782cf4cb405d61568252ee145294ac49ce6af458d3a4b27531249c17556b69a10629f8445c1298e5f757670d9a47e02b521c1199a8be44c2cbf67cb5c82ee0f952aaafd03a76d1b798047763c6c5cfa8dbb75beb6de1ef23c2ed5f42545f00d5836825e1590bd6f8c5cef6582cf7d52d0e70c37fdce57320d043d4812722212238b98e21dcce68529d720b8ad58c619341afe6455bc2e7f34df61df3da24f64b397a8c07fd968d24b1e6155f3a0419d851471c59328f5a0a3d7a05b98313234eb2b6e3199c8de28a0bf5ce97f1e26863c89e3dc553375031858bfb385614d08e2d69055a0fa3cfccc266f89fd8c734f56305ec2606dec18bff60506f73444e2fc41aeae355efbb80cf8c005151123bde382ffc074c54e925887408487c1834bb9bc88e9948fc6419ad42097364b29250c4f018ff2eeb80f66464a840f42d034eec2e528aa358797b4115c44d746cbf023b4001750270548230584928359ecec3e453c18772c6ab87f2a4011ac4d5154d73f9adf8a7babf0bfb7976282995ed4d88ffe062d8c26333fea5623e72307432602bb1badda5a3d4bf8f64f8ba7571c85508f56915197a83c7de48dbea93b78798345b06f6c77b300ca6ff3e8b319b186dc93586c92701b153fbbf3d5d73daa782e204446b3c32db32fb75ee9673d725f5ac1c16805c3fb6ad5af03a088454a1b4afd9ca7cee7396d239faa1923da7d300ec0a658fbac9a69e3e2132753579f414f535a1c40ddc9a2dc672e49c399d888995bc3882d11183b7fc269a1aa7a02cfbd59f93b13eb93fe8a9fd5be9098196fa99b9558447750d4e5255b7d68e535decbb24f6739d4304f6c6ce66e4060b272f300b51c273c6e6e52e7c9bcce1e88d3ed8aca53c254bdcbc8ecb56763e761b777c3dfa0b3090b6636287106009b13f59aa9999112d852f3a6b6b2a6d6339d6dd0ffbfc31af6d3be926e32bbe8a1e5d8fa0f4534af44d3d712710ad3aeb794affce15b402ddc030fef2ff2c36605e99992149027c3c57e205388ce66f8e9613611103d112d39ed05d4e865b7af80718c5ebe177e9785f8daccb4eca6efecf9e1c40a7d7510a03257cf78934a5bc05f91a2d453cf4e9c5072093e7a445a8843cab080ed22fb697d88fec5e74d704ad5616c76b0f6fe312971fb3248cbeeb35cd85f13f9f3780fb8b96d149d6131e0ef4acd6bfb03455c3647d9eb1c90c24ae1768c7ae8ad62f2e028107281f791fd443472b4757b6bb995f6aed66e8b3f19d7455bd71f5a1a03ee92eb5f23019188f3b0b806b6ce59c36f51b0bb38b4d7358ad6dbc353ce19a98d6350ea8df971c757516ee850e6c96319d94225f28ca8d4df2a151386729e67c3fe17231d5724038ed349db6cd6ec1e9cbaa752b18b213ade799798411d4df7046876766ff16d3b0f63f12dbe186b6b85e5fb23730c0ecc06c21bb44f691640c275bf597295e167657d27747ae9ecc3a0fcc7c36046640d473c24fa40e63f69b2902dfc135281040171eaf5c7a1e6281cad3f5daf4e8ae2aa2f232edeb6baf99bff21fed3d01039cfa6d5fcbac7dab17ddb59182dc03baf11fe0a73c4f6b0dfc51a29ed1370e7618c30cae696288b2b94bc8f3fbc44916a86dd90363da38c84f514b81877190541e9949f54133246ad027832c11eb499abf79c4b4e5efa46a99855760c38a0990c1355892a2a8da249f9fad03659cd5923394b522305772337d16bc10be1c0aa30a7cdb5e06749c65c328cebcd8b813e86ba0597297c1fdff784d3e31858b22635307923302a54f59feaab1f291c46250ba9e063b1f0d80e3f2918542ede5caef3a401d161e9feadea17d4e6ca2d214c7516615e82b5a8c6f0d3902bb986c64b4ea6d950b42203abbe890518fb630b3be33a12822806f4dad32ef195a5145ecffc6f08ee3bad753cb2d467b30da4c2bc0a1b93b15372ca680d094c54ec6389819b40b3d25e4212930051ce59a4316df92b2c3cb1b709919109b39382768c2c8f67ccf354402c3cd4b6f5f14700e366cd621a48a798488b41fe66708ccf22509589f5c4074651a3567df07240939cfbeb7a83a0cf71d78c7f83710a6c512eebcb9d58acffc79e7030b82d80412f9721da817602a5d43a824db4ee1eec0ece1c093237730b4df8d5e34f48358e1bcd30e7b00b0b3c76ff43fd83033a95ac228d0d7d5c17c8b398b93c27186b3d46bb86318e1eb91458d3876671e82ff804215224db49603dca59a1c662aa7ae2dd45a8012ac83e7292d16ffbb026007c88edd1474b462c3f4040715f60b92a1409b1232ad5be8bbd3da4c4b5fe2894c126a3862a228842082b3c5f8e080ad00fb533c796c8d864ae1245827c46907ecb6cf6b371fa9d16317858f0baaeb6f3f131c5170f3996f02132f7e7356fb516ef1ad1f3a09c09f0456260233cbfdabf88ba905effa6870038cc3d01831c", @typed={0xa, 0x59, 0x0, 0x0, @str='b?)\\+/'}, @generic="9c63c3161557b806802f4f2d20df0ac268c801ce82c16a483e7f7ba4bf41c7bb663cfa0694366604a18df77dd371ef7a7cb047c8ae3bcd2abbf10d93da771f0765b7d85bd3997ba19a", @generic="d4fc838560d8dfe0e08ab9ea38994b358e933b8f6bdd32a3eb6f9ce6c70fe65b462998ce12dcf02ca9dd30194eb088780e58f3655f17cfd690eda63c52aecdd30f5eee47effc4184e6c5bdd3034f6199358a967c7e153da22919d016f140064ba97a2e783196ac0d1f3f376c33c4e8a04b98069095137f41852bcfa833990ad7682494dd8dfebb2fba43b72cc831450b2eaceb4411fa3f595a5f7bded102d5eaf0be90c1fcaf88b35c0590f72c6b6ba8c278d65525262244cf280f793ee1ea1714e77b2016ff7e0cbdaea044487e96c0baf0025b57f2bec6d6c9130e9fbc70ede552dec2a7e0c09bd6060df38424fe02ea259fda461909f4c876da3e5b74"]}]}, 0x1378}, 0x1, 0x0, 0x0, 0x1}, 0x10000000) signalfd(0xffffffffffffffff, 0x0, 0x0) bind$bt_hci(r1, &(0x7f00000001c0)={0x1f, 0xffffffffffffffff, 0x1}, 0x6) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000001a80)=ANY=[@ANYBLOB="c40000001d00210ccde40000000000000400020014001180c09801a7b0c7dba09475f251c743092f0800310043e6cf345f13be85938dbd3913a46302edb2e322cd66cc442c68a36bda4e6af86dcddc5fc726a06e32d3cc6b633ce331fbd5a88c7e712b7b3e1d8d5ee632000000000000000000", @ANYRES32, @ANYBLOB="92001a800400060011fd3bb1fa80a9d9d95ba408f1ad9097c895c82a43e862c68793e352239e2067998400a69fc652d7549f5a0c4237c2f1442ecbcc5cbfed07b57d0bf090db819175680025353750ec4120c199e860e73a7fea9ffc20c49013e215f6f31b21436d50bbc7686dcdba308d470de03d765429a675a193c40000000000000000ca9b4e3fb2080080002847e1c553dbd103", @ANYRES32], 0xc4}, 0x1, 0x0, 0x0, 0x20008880}, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) 03:42:26 executing program 3: r0 = fork() capset(0x0, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:42:26 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1135.772151] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1135.786946] FAULT_INJECTION: forcing a failure. [ 1135.786946] name failslab, interval 1, probability 0, space 0, times 0 [ 1135.789596] CPU: 0 PID: 8116 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1135.790989] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1135.792680] Call Trace: [ 1135.793220] dump_stack+0x107/0x167 [ 1135.793965] should_fail.cold+0x5/0xa [ 1135.794746] ? io_uring_alloc_task_context+0x4a3/0x6a0 [ 1135.795829] should_failslab+0x5/0x20 [ 1135.796602] kmem_cache_alloc_trace+0x55/0x320 [ 1135.797538] io_uring_alloc_task_context+0x4a3/0x6a0 [ 1135.798565] ? io_sqe_buffer_register+0x13d0/0x13d0 [ 1135.799589] ? lock_downgrade+0x6d0/0x6d0 [ 1135.800432] ? do_raw_spin_lock+0x121/0x260 [ 1135.801338] ? rwlock_bug.part.0+0x90/0x90 [ 1135.802200] __io_uring_add_tctx_node+0x2c6/0x520 [ 1135.803203] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1135.804273] ? __alloc_fd+0x2b8/0x630 [ 1135.805062] io_uring_setup+0x2018/0x2a40 [ 1135.805910] ? wait_for_completion_io+0x270/0x270 [ 1135.806887] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1135.807946] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1135.808998] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1135.810045] do_syscall_64+0x33/0x40 [ 1135.810814] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1135.811863] RIP: 0033:0x7fd4717f2b19 [ 1135.812614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1135.816333] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1135.817867] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1135.819305] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1135.820744] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1135.822181] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1135.823642] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 1135.836443] cgroup: Invalid name [ 1135.844566] netlink: 148 bytes leftover after parsing attributes in process `syz-executor.0'. 03:42:26 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1135.858080] cgroup: Invalid name 03:42:26 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x34000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:42:26 executing program 7: ioctl$F2FS_IOC_START_ATOMIC_WRITE(0xffffffffffffffff, 0xf501, 0x0) pidfd_send_signal(0xffffffffffffffff, 0x10, &(0x7f0000000100)={0x28}, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000080)={0x0, 0x2}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000000)={0x0, 0x0, "dfdf99", 0x7}) stat(&(0x7f0000000440)='.\x00', &(0x7f0000001c00)) ioctl$sock_bt_hci(r0, 0x800448d4, &(0x7f0000000040)="bc11d3") syz_open_dev$tty1(0xc, 0x4, 0x1) unshare(0x48020200) 03:42:26 executing program 3: r0 = fork() capset(&(0x7f0000000000), &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:42:26 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 40) 03:42:26 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1f00, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1136.092423] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:42:26 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:26 executing program 3: r0 = fork() capset(&(0x7f0000000000), &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) [ 1136.180298] FAULT_INJECTION: forcing a failure. [ 1136.180298] name failslab, interval 1, probability 0, space 0, times 0 [ 1136.182808] CPU: 1 PID: 8150 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1136.184217] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1136.185936] Call Trace: [ 1136.186484] dump_stack+0x107/0x167 [ 1136.187243] should_fail.cold+0x5/0xa [ 1136.188054] ? create_object.isra.0+0x3a/0xa20 [ 1136.189011] should_failslab+0x5/0x20 [ 1136.189795] kmem_cache_alloc+0x5b/0x310 [ 1136.190630] create_object.isra.0+0x3a/0xa20 [ 1136.191554] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1136.192592] kmem_cache_alloc_trace+0x151/0x320 [ 1136.193543] io_uring_alloc_task_context+0x4a3/0x6a0 [ 1136.194577] ? io_sqe_buffer_register+0x13d0/0x13d0 [ 1136.195619] ? lock_downgrade+0x6d0/0x6d0 [ 1136.196462] ? do_raw_spin_lock+0x121/0x260 [ 1136.197335] ? rwlock_bug.part.0+0x90/0x90 [ 1136.198201] __io_uring_add_tctx_node+0x2c6/0x520 [ 1136.199174] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1136.200264] ? __alloc_fd+0x2b8/0x630 [ 1136.201048] io_uring_setup+0x2018/0x2a40 [ 1136.201897] ? wait_for_completion_io+0x270/0x270 [ 1136.202869] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1136.203936] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1136.204995] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1136.206051] do_syscall_64+0x33/0x40 [ 1136.206820] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1136.207914] RIP: 0033:0x7fd4717f2b19 [ 1136.208695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1136.212468] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1136.214050] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1136.215545] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1136.217005] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1136.218457] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1136.219941] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 1138.039839] Bluetooth: hci0: command 0x0401 tx timeout [ 1140.087784] Bluetooth: hci0: command 0x0401 tx timeout 03:42:41 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x80000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:42:41 executing program 7: syz_emit_ethernet(0x92, &(0x7f0000000000)={@link_local, @local, @val={@void, {0x8100, 0x5, 0x0, 0x4}}, {@ipv4={0x800, @icmp={{0x19, 0x4, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, {[@timestamp_prespec={0x44, 0x4c, 0xf3, 0x3, 0x6, [{@private=0xa010102, 0x6}, {@dev={0xac, 0x14, 0x14, 0x42}, 0x2}, {@broadcast, 0x8}, {@broadcast, 0xfffff001}, {@loopback, 0x8001}, {@broadcast, 0x1000}, {@multicast2, 0x7}, {@empty, 0x9}, {@remote, 0x3ff}]}, @timestamp_prespec={0x44, 0x4}]}}, @redirect={0x3, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @loopback}}}}}}, 0x0) 03:42:41 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:41 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) pipe2(&(0x7f0000000480), 0xd5884b98eddc93b4) [ 1151.358921] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:42:41 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 41) 03:42:41 executing program 0: sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000002e40)={0x109c, 0x0, 0x200, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_TID_CONFIG={0x31c, 0x11d, 0x0, 0x1, [{0x4}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}, {0x50, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x64}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x9b}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x2}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0x298, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x7f}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x258, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x60, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x60, 0x36, 0x6, 0x16, 0x48, 0x30, 0x2, 0x3e, 0x1, 0x36, 0x1b, 0x12, 0x24, 0x2, 0x16]}, @NL80211_TXRATE_HT={0x30, 0x2, [{0x2}, {0x5, 0x4}, {0x5, 0x4}, {0x1, 0x5}, {0x0, 0x7}, {0x7, 0x2}, {0x7, 0x5}, {0x0, 0x8}, {0x6, 0x1}, {0x3, 0x7}, {0x4, 0x6}, {0x6, 0x4}, {0x4, 0xa}, {0x6, 0x8}, {0x7, 0x7}, {0x7, 0x5}, {0x6, 0x1}, {0x2, 0x8}, {0x0, 0x3}, {0x7, 0x4}, {0x0, 0x5}, {0x5, 0x6}, {0x7, 0x6}, {0x2, 0x6}, {0x0, 0x1}, {0x4, 0x5}, {0x4, 0x3}, {0x0, 0x8}, {0x4, 0x9}, {0x2, 0x8}, {0x2, 0x1}, {0x1, 0x4}, {0x3, 0x2}, {0x5, 0x1}, {0x6, 0x8}, {0x2, 0x3}, {0x2, 0x2}, {0x7}, {0x0, 0x8}, {0x3, 0x4}, {0x4, 0x5}, {0x7, 0x8}, {0x1, 0x3}, {0x1, 0x6}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x697ce25bad5be1e0}]}, @NL80211_BAND_5GHZ={0x80, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x8, 0xaa83, 0x1000, 0x8001, 0x6, 0x8, 0x3]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x1a, 0x2, [{0x6, 0x6}, {0x0, 0x1}, {0x6}, {0x7, 0x3}, {0x2, 0x8}, {0x2, 0x3}, {0x0, 0x9}, {0x7, 0x4}, {0x4, 0x1}, {0x1, 0xa}, {0x0, 0x8}, {0x5, 0x6}, {0x4, 0x7}, {0x1, 0x1}, {0x7, 0x6}, {0x6, 0x7}, {0x0, 0x2}, {0x3, 0x4}, {0x0, 0x6}, {0x0, 0x1}, {0x3, 0x2}, {0x6, 0x1}]}, @NL80211_TXRATE_HT={0x20, 0x2, [{0x1, 0x7}, {0x7}, {0x4, 0x7}, {0x4, 0xa}, {0x1, 0x2}, {0x1, 0x4}, {0x4, 0x9}, {0x1, 0x8}, {0x5, 0x9}, {0x0, 0x2}, {0x5, 0x9}, {0x1, 0x1}, {0x5, 0x7}, {0x5}, {0x3, 0x1}, {0x0, 0x2}, {0x3, 0x8}, {0x2, 0x3}, {0x0, 0xa}, {0x7, 0x3}, {0x0, 0x2}, {0x3, 0x6}, {0x4, 0x8}, {0x6, 0x2}, {0x7, 0x1}, {0x3, 0x4}, {0x0, 0x3}, {0x0, 0x7}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x3, 0x4, 0x0, 0x8, 0x9, 0x6, 0xfc]}}]}, @NL80211_BAND_2GHZ={0x54, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x9, 0x1, [0xb, 0x16, 0x3, 0x18, 0x4]}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x48, 0x30, 0x3, 0x6c, 0x6, 0x1, 0x16, 0x12, 0x60, 0x5, 0x3, 0x42, 0x5, 0x1, 0x6c, 0x24, 0x60, 0x4, 0x6c, 0x6c, 0x1]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x6, 0x1, 0x4, 0x9, 0x40, 0x0, 0x44]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x2, 0x8001, 0x0, 0xbce0, 0x6, 0x1, 0x9]}}]}, @NL80211_BAND_60GHZ={0x24, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x24, 0xb, 0x18, 0x4, 0x24, 0x6, 0x18, 0x18, 0x4, 0x36, 0x3, 0xc, 0x4f94f95a1e72ee2e, 0x4e, 0x36, 0x46, 0x9, 0x4, 0xb, 0x12, 0x3, 0x2, 0x24, 0x2, 0x1b, 0xc, 0x0]}]}, @NL80211_BAND_60GHZ={0x6c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x6, 0x3, 0x0, 0x7938, 0x6, 0x7, 0x44a]}}, @NL80211_TXRATE_LEGACY={0x23, 0x1, [0x36, 0x2, 0x5, 0x2, 0x6c, 0x60, 0x2, 0xc, 0x4, 0x6c, 0x0, 0x3, 0x5, 0x18, 0x4, 0x2, 0xea3d8babaf189833, 0x1, 0xb, 0x6, 0xb, 0x4, 0x4, 0x16, 0x24, 0x36, 0x26, 0x0, 0x16, 0x36, 0x12]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x1, 0x8, 0x0, 0x4000, 0x4, 0x1000, 0x9]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x800, 0x100, 0x8, 0x81, 0x800, 0x6, 0x0, 0x7]}}]}, @NL80211_BAND_2GHZ={0x90, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x1a, 0x2, [{0x1, 0x6}, {0x5, 0x1}, {0x5, 0x6}, {0x7, 0x4}, {0x5, 0x5}, {0x4, 0x4}, {}, {0x0, 0x6}, {0x1, 0x1}, {0x6, 0x1}, {0x6, 0x1}, {0x4, 0x7}, {0x6, 0x9}, {0x5, 0x6}, {0x1, 0x4}, {0x6, 0xa}, {0x7, 0x4}, {0x6, 0x9}, {0x0, 0x5}, {0x3, 0x4}, {0x2, 0x5}, {0x2, 0x6}]}, @NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x40, 0x3, 0x3, 0xfeff, 0x101, 0x1f, 0x428, 0x1991]}}, @NL80211_TXRATE_HT={0x4d, 0x2, [{0x6, 0x3}, {0x1, 0x1}, {0x0, 0x6}, {0x1, 0x3}, {0x3, 0x8}, {0x4, 0x1}, {0x7}, {0x0, 0x1}, {0x6, 0x1}, {0x0, 0xa}, {0x4, 0x8}, {0x0, 0x4}, {0x1, 0x6}, {0x4, 0x8}, {0x6, 0x2}, {0x2, 0x6}, {0x5, 0x7}, {0x0, 0x5}, {}, {0x7, 0x3}, {0x0, 0x2}, {0x0, 0xa}, {0x4, 0x9}, {0x4, 0x7}, {0x3, 0x5}, {0x6}, {0x7, 0x1}, {0x2, 0xa}, {0x0, 0x8}, {0x3, 0x3}, {0x6, 0x2}, {0x6, 0x4}, {0x7, 0x8}, {0x0, 0x1}, {0x0, 0x5}, {0x1, 0x8}, {0x3}, {0x4, 0x8}, {0x7, 0x2}, {0x0, 0xa}, {0x4, 0xa}, {0x7, 0x9}, {0x0, 0x8}, {0x5, 0xa}, {0x4, 0x9}, {0x1, 0x8}, {0x2, 0x3}, {0x5, 0x5}, {0x6, 0x2}, {0x7, 0x5}, {0x0, 0x1}, {0x7, 0x8}, {0x6, 0x3}, {0x4, 0x1}, {0x7, 0x7}, {0x2, 0x8}, {0x6, 0x7}, {0x6, 0x3}, {0x0, 0x7}, {0x2, 0x3}, {0x7, 0x5}, {0x1, 0x5}, {0x6, 0x4}, {0x6, 0x5}, {0x1, 0x7}, {0x4, 0x6}, {0x4, 0x2}, {0x7, 0x3}, {0x2, 0x8}, {0x6, 0x6}, {0x3, 0x7}, {0x0, 0x9}, {0x5, 0x8}]}]}]}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xa73}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xff}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x1d}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x45}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x74}]}]}, @NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x8d}]}]}, @NL80211_ATTR_TID_CONFIG={0x9e0, 0x11d, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x1d}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xa7}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x44}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x63}]}, {0x38, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xb3}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x28}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x6d}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x9}]}, {0x50, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x8a}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7f}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xc5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x2f}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xdf}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7f664c9f}]}, {0x400, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x6}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x65}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x18000000}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xc5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x3b8, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x64, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x17, 0x2, [{0x5, 0x6}, {0x0, 0x6}, {0x3, 0x7}, {0x0, 0x3}, {0x1, 0x6}, {0x0, 0xa}, {0x4, 0x3}, {0x3, 0x9}, {0x6, 0x6}, {0x1, 0x5}, {0x0, 0x7}, {0x1, 0x7}, {0x0, 0x7}, {0x2, 0x5}, {0x1, 0x6}, {0x2, 0x8}, {0x7, 0x9}, {0x1, 0x7}, {0x5, 0x6}]}, @NL80211_TXRATE_HT={0xd, 0x2, [{0x0, 0x3}, {0x7, 0x5}, {0x1, 0x7}, {0x1, 0xa}, {0x0, 0x9}, {0x7, 0x2}, {0x1, 0x8}, {0x3}, {0x5, 0x4}]}, @NL80211_TXRATE_LEGACY={0x17, 0x1, [0x1b, 0x2, 0x36, 0x18, 0x1, 0x16, 0x24, 0x5, 0x36, 0x2, 0x5, 0x18, 0x6c, 0x354f224685675eb0, 0x18, 0x0, 0x9, 0x6f, 0x0]}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0xb, 0x18, 0x60, 0x1b, 0x16, 0xe, 0x24, 0x30, 0xb, 0x24, 0x2, 0x1b, 0x6c, 0x36, 0x60, 0x6, 0xc, 0x6c, 0x48, 0x18, 0x36, 0x1b, 0x4, 0x6, 0x2c355e0660dd1a0b, 0xb, 0x60, 0x48]}]}, @NL80211_BAND_5GHZ={0x78, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x654, 0x7ff, 0x3, 0x3f, 0x8, 0x5, 0x5, 0x1f93]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x1, 0x5b04, 0x5, 0x6, 0x3f, 0xb7b4, 0x7]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4000, 0x4, 0x200, 0x5, 0x9, 0xde6a, 0x5, 0x1]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x93, 0x6, 0x8, 0x400, 0x40, 0x3, 0x7, 0x2]}}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x1b, 0x6c, 0x5, 0x48, 0x24, 0x1, 0x9, 0x18, 0x30, 0x12, 0x12, 0x18, 0x6, 0x1, 0x3, 0x60, 0x48, 0x24, 0x3, 0xb, 0x24, 0xb, 0x1, 0xb, 0x30, 0x2, 0xb, 0x1b, 0x5]}]}, @NL80211_BAND_5GHZ={0x98, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x39, 0x2, [{0x6, 0x6}, {0x1, 0x5}, {0x2, 0x3}, {0x3, 0x7}, {0x2, 0x7}, {0x4, 0x9}, {0x1, 0x1}, {0x4, 0x7}, {0x3, 0x1}, {0x0, 0x4}, {0x3, 0x8}, {0x5}, {0x0, 0x7}, {0x1}, {0x4, 0xa}, {0x1, 0x4}, {0x4, 0x8}, {0x6, 0x8}, {0x0, 0x9}, {0x2, 0x3}, {0x6, 0x4}, {0x6, 0x1}, {0x4, 0x6}, {0x4, 0x3}, {0x0, 0xa}, {0x7, 0x7}, {0x6, 0x6}, {0x7, 0x5}, {0x7, 0xa}, {0x5, 0x6}, {0x2, 0x4}, {0x6, 0x8}, {0x3, 0x1}, {0x0, 0xa}, {0x4, 0x6}, {0x5}, {0x5, 0x9}, {}, {0x7, 0x1}, {0x2}, {0x4}, {0x1}, {0x3}, {0x7, 0x5}, {0x5, 0x3}, {0x3, 0x5}, {0x0, 0x2}, {0x5, 0x9}, {0x5}, {0x1, 0x2}, {0x6, 0x9}, {0x0, 0x8}, {0x0, 0x4}]}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x5c, 0xc, 0x18, 0x5, 0x1, 0x30]}, @NL80211_TXRATE_HT={0x4a, 0x2, [{0x5, 0x2}, {0x0, 0x1}, {0x6, 0x6}, {0x7, 0xa}, {0x1, 0x2}, {0x4, 0x2}, {0x6}, {0x7, 0x1}, {0x6, 0x9}, {0x7}, {0x5, 0x1}, {0x0, 0x4}, {0x4, 0x6}, {0x1, 0x1}, {0x6}, {0x3, 0x2}, {0x0, 0x8}, {0x3, 0x4}, {}, {0x7}, {0x4, 0x9}, {0x5, 0x8}, {0x7, 0xa}, {0x6, 0x1}, {0x6}, {0x3, 0xa}, {0x5, 0x2}, {0x5}, {0x3, 0x1}, {0x1, 0x5}, {0x4, 0x2}, {0x1, 0x4}, {0x3}, {0x4, 0x6}, {0x6, 0x1}, {0x5, 0x3}, {0x2}, {0x1}, {0x5, 0x1}, {0x3, 0x7}, {0x1, 0x4}, {0x4, 0x8}, {0x4, 0x6}, {0x3, 0x8}, {0x6, 0x6}, {0x4, 0x6}, {0x4, 0x4}, {0x2, 0x5}, {0x2, 0x5}, {0x3, 0x3}, {0x6, 0x3}, {0x2, 0x1}, {0x0, 0x3}, {0x0, 0x9}, {0x3, 0x4}, {0x7, 0x2}, {0x4, 0x3}, {0x6, 0x7}, {0x4, 0x8}, {0x1, 0x9}, {0x0, 0x6}, {0x0, 0xa}, {0x4, 0x7}, {0x4}, {0x0, 0x5}, {0x2, 0x3}, {0x7}, {0x1, 0x7}, {0x3, 0x8}, {0x2, 0xa}]}]}, @NL80211_BAND_2GHZ={0x88, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x10, 0x1, [0x16, 0x30, 0x30, 0x1, 0x4, 0x48, 0x6c, 0x16, 0x6c, 0x9, 0xd, 0x4]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x4b, 0x2, [{0x1}, {0x7, 0x4}, {0x0, 0x7}, {0x6, 0x3}, {0x3}, {0x0, 0x1}, {0x4, 0x4}, {0x1, 0xa}, {0x6, 0x5}, {0x5}, {0x6, 0x5}, {0x6, 0x6}, {0x0, 0x6}, {0x6, 0x6}, {0x1, 0x7}, {0x7, 0xa}, {0x3, 0xa}, {0x5, 0x7}, {0x0, 0x5}, {0x7, 0x3}, {0x1, 0x1}, {0x1, 0x9}, {0x5, 0xa}, {0x5, 0x4}, {0x7, 0x5}, {0x1, 0x5}, {0x5, 0x8}, {0x1, 0x7}, {0x7, 0x7}, {0x5, 0x9}, {0x7, 0x7}, {0x6, 0x5}, {0x5, 0x7}, {0x3, 0x5}, {0x3, 0x1}, {0x1}, {0x0, 0x1}, {0x0, 0x7}, {0x3, 0x9}, {0x3, 0x7}, {0x4, 0xa}, {0x0, 0x2}, {0x1, 0x7}, {0x5, 0x9}, {0x1, 0x4}, {0x3, 0x3}, {0x4, 0x7}, {0x5, 0x5}, {0x0, 0x5}, {0x5, 0x3}, {0x0, 0x7}, {0x1, 0x8}, {0x3, 0xa}, {0x2, 0xa}, {0x4, 0x7}, {0x5, 0x7}, {0x5, 0x3}, {0x5, 0x3}, {0x1, 0x5}, {0x4, 0xa}, {0x4}, {0x1, 0x8}, {0x0, 0x2}, {0x4, 0x9}, {0x1}, {0x4, 0x8}, {0x5, 0x1}, {0x3, 0x6}, {0x3, 0x4}, {0x7, 0x2}, {0x3, 0x5}]}, @NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x4, 0x2, 0x12, 0x12, 0x60, 0x18, 0x3, 0x4a, 0x5, 0x6, 0x12, 0x12, 0x60, 0x2, 0xb, 0x54, 0x3, 0x48, 0x3, 0x36, 0x6c, 0x6, 0x24, 0x6c, 0x6, 0x5, 0x5]}]}, @NL80211_BAND_60GHZ={0x3c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x8000, 0x7, 0x37, 0xfffe, 0x3006, 0x6, 0x9]}}, @NL80211_TXRATE_HT={0x23, 0x2, [{0x0, 0x9}, {0x6, 0x3}, {0x3, 0x2}, {0x4, 0x2}, {0x2, 0xa}, {0x0, 0x4}, {0x4, 0x6}, {0x6, 0xa}, {0x7, 0x2}, {0x0, 0x2}, {0x1, 0x6}, {0x0, 0x9}, {0x6, 0x4}, {0x7}, {0x1, 0x3}, {0x6, 0x2}, {0x2, 0x1}, {0x7, 0x9}, {0x2, 0x2}, {0x5, 0x3}, {0x7, 0x8}, {0x7, 0xa}, {0x1, 0x7}, {0x0, 0x8}, {0x0, 0x7}, {0x4, 0x7}, {0x7, 0x2}, {0x0, 0x2}, {0x5, 0x3}, {0x3}, {0x0, 0x7}]}]}, @NL80211_BAND_60GHZ={0x78, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x28, 0x2, [{0x6, 0x7}, {0x2, 0x3}, {0x0, 0x5}, {0x0, 0xa}, {0x6, 0xa}, {0x5, 0x9}, {0x5, 0x3}, {0x1, 0xa}, {0x5, 0x1}, {0x6, 0x2}, {0x4, 0xa}, {0x3, 0x9}, {0x1, 0x6}, {0x7, 0x4}, {0x1, 0x2}, {0x4, 0x8}, {0x2, 0x6}, {0x2, 0x8}, {0x3, 0x4}, {0x1, 0x6}, {0x1, 0x8}, {0x0, 0x4}, {0x3}, {0x1}, {0x1, 0x8}, {0x1, 0x9}, {0x2, 0x2}, {0x3, 0x4}, {0x3, 0x9}, {0x0, 0x8}, {0x5, 0x2}, {0x0, 0x7}, {0x6, 0x5}, {0x3, 0x4}, {0x0, 0x7}, {0x3, 0x1}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x2, 0x5, 0x0, 0x3, 0x81, 0x6]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x400, 0x3, 0x200, 0xe9c, 0x8, 0x6, 0x40]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xff81, 0x8, 0xff9c, 0x5, 0x40, 0x7, 0x1, 0xd3b]}}]}, @NL80211_BAND_2GHZ={0x9c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4b, 0x2, [{0x4, 0x3}, {0x3, 0x4}, {0x4, 0x1}, {0x3, 0x5}, {0x6, 0x7}, {0x5, 0x2}, {0x3, 0xa}, {0x7, 0x4}, {0x7, 0x6}, {0x2, 0xa}, {0x5, 0x2}, {0x0, 0x7}, {0x3, 0xa}, {0x5, 0x4}, {0x1, 0x5}, {0x0, 0x9}, {0x7, 0xa}, {0x2, 0x7}, {0x2, 0x5}, {0x4, 0x3}, {0x7, 0x2}, {0x3, 0x4}, {0x4}, {0x5, 0x5}, {0x5, 0x6}, {0x6, 0x3}, {0x4, 0x1}, {0x5, 0x1}, {0x4, 0x8}, {0x0, 0x9}, {0x5, 0x5}, {0x5, 0x2}, {0x1, 0x2}, {0x6, 0x1}, {0x4, 0x1}, {0x0, 0xa}, {0x7, 0x8}, {0x2, 0x9}, {0x7, 0x5}, {0x7, 0x4}, {0x1, 0x9}, {0x2, 0x3}, {0x5, 0x2}, {0x1, 0x2}, {0x1, 0x3}, {0x0, 0x8}, {0x2, 0x1}, {0x3, 0x5}, {0x6}, {0x6, 0x5}, {}, {0x7, 0x6}, {0x2, 0x1}, {0x0, 0x3}, {0x2, 0x2}, {0x6, 0xa}, {0x6, 0x1}, {0x1, 0xa}, {0x6, 0x7}, {0x0, 0x2}, {0x3, 0x3}, {0x2, 0x9}, {0x0, 0x1}, {0x0, 0x1}, {0x5, 0x3}, {0x3, 0x1}, {0x6, 0x2}, {0x1}, {0x6, 0x3}, {0x6}, {0x5, 0x4}]}, @NL80211_TXRATE_HT={0x4a, 0x2, [{0x3, 0x6}, {0x5, 0x6}, {0x1, 0x8}, {0x1, 0x7}, {0x6}, {0x4}, {0x3, 0x3}, {0x0, 0x4}, {0x2, 0xa}, {0x1, 0xa}, {0x0, 0xa}, {0x7, 0x2}, {0x0, 0x9}, {0x3, 0x7}, {0x3, 0x3}, {0x0, 0x9}, {0x6, 0x2}, {0x0, 0x4}, {0x0, 0x5}, {0x6, 0x5}, {0x0, 0x7}, {0x6, 0x1}, {0x0, 0x8}, {0x1, 0xa}, {0x3, 0x1}, {0x1, 0x9}, {0x1, 0x2}, {0x5, 0x4}, {0x5, 0x4}, {0x7, 0x3}, {0x2}, {0x2, 0x5}, {0x4, 0x5}, {0x3, 0xa}, {0x5, 0x4}, {0x6, 0x1}, {0x1, 0xa}, {0x0, 0x5}, {0x4, 0x2}, {0x3, 0x4}, {0x5, 0x7}, {0x1, 0x8}, {0x1, 0x8}, {0x5}, {0x0, 0x5}, {0x6, 0xa}, {0x1}, {0x6, 0x6}, {0x4, 0x5}, {0x6, 0x5}, {0x6, 0x2}, {0x6, 0x3}, {0x1, 0x7}, {0x6, 0x3}, {0x4}, {0x3, 0x3}, {0x0, 0x5}, {0x2, 0xa}, {0x6, 0x9}, {0x1, 0x3}, {0x7, 0x1}, {0x2, 0x9}, {0x3, 0x2}, {0x1, 0x2}, {0x7, 0x4}, {0x5, 0x7}, {0x1, 0x6}, {0x1}, {0x0, 0x5}, {0x2, 0x8}]}]}, @NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0xffff, 0x40, 0x5, 0x1ff, 0x6, 0xf47, 0x5]}}]}, @NL80211_BAND_60GHZ={0x50, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x1a, 0x2, [{0x0, 0x6}, {0x1, 0x2}, {0x6, 0x9}, {0x0, 0x1}, {0x0, 0x5}, {0x3, 0x3}, {0x3}, {0x1, 0x4}, {0x4, 0x1}, {0x2, 0x4}, {0x1, 0x8}, {0x2, 0x2}, {0x0, 0x6}, {0x7, 0x9}, {0x3, 0x8}, {0x0, 0x4}, {0x6, 0x6}, {0x4, 0x5}, {0x7, 0x7}, {0x3, 0x7}, {0x2, 0x5}, {0x6, 0xa}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x27, 0x2, [{0x3, 0x5}, {0x5, 0x1}, {0x6, 0x8}, {0x2}, {0x7, 0xa}, {0x7, 0x9}, {0x7, 0x2}, {0x3, 0x5}, {0x4, 0x9}, {0x1, 0x7}, {0x3, 0x2}, {0x2, 0x5}, {0x1, 0x2}, {0x5, 0x1}, {0x6, 0x12}, {0x1, 0x6}, {0x1, 0x3}, {0x7, 0x2}, {0x2, 0x1}, {0x0, 0x9}, {0x1, 0xa}, {0x0, 0x1}, {0x0, 0x5}, {0x2, 0x5}, {0x7, 0x5}, {0x7, 0x9}, {0x7, 0x1}, {0x2, 0x3}, {0x6, 0x7}, {0x1, 0x2}, {0x5, 0xa}, {0x7, 0x3}, {0x0, 0x3}, {0x3, 0x5}, {0x5, 0x6}]}]}]}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}]}, {0x4c4, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xd8}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xdb}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x4a8, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xac, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x36, 0x2, [{0x1, 0x9}, {0x0, 0x2}, {0x6, 0x6}, {0x3, 0x6}, {0x2, 0x7}, {0x3, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x6, 0x2}, {0x6, 0xa}, {0x1, 0x5}, {}, {0x0, 0x4}, {0x7, 0x9}, {0x0, 0x9}, {0x6, 0x3}, {0x7, 0x7}, {0x4, 0xa}, {0x0, 0x3}, {0x2, 0x6}, {0x7, 0x4}, {0x3, 0xa}, {0x7, 0x7}, {0x2, 0x8}, {0x4, 0x2}, {0x7, 0xa}, {0x4, 0x9}, {0x6, 0x2}, {0x2, 0x7}, {0x3, 0x3}, {0x3, 0x7}, {0x0, 0x8}, {0x2, 0x4}, {0x3, 0x8}, {0x0, 0x6}, {0x7, 0x7}, {0x3, 0x8}, {0x6, 0x3}, {0x7, 0x8}, {0x3, 0x4}, {0x2, 0x4}, {0x0, 0x3}, {0x6, 0x8}, {0x3, 0xa}, {0x5, 0x1}, {0x2, 0x2}, {0x1}, {0x5, 0x6}, {0x1, 0x7}]}, @NL80211_TXRATE_HT={0xa, 0x2, [{0x0, 0x5}, {0x4, 0x7}, {0x2, 0x5}, {0x2, 0x3}, {0x3, 0xa}, {0x7, 0x7}]}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x1b, 0x16, 0x60, 0x12, 0x1b, 0x36, 0x4, 0x6c, 0x9, 0x18, 0x6c, 0x6c, 0x1b, 0x12, 0xc, 0x4]}, @NL80211_TXRATE_HT={0x15, 0x2, [{0x0, 0x3}, {0x4, 0xa}, {0x0, 0xa}, {0x4}, {0x0, 0x8}, {0x1, 0x5}, {0x3, 0x4}, {0x1, 0x4}, {0x2}, {0x7, 0x9}, {0x2, 0x9}, {0x1, 0x8}, {0x5, 0x2}, {0x1, 0x1}, {0x4, 0x7}, {0x1, 0x5}, {0x0, 0x8}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x2f, 0x2, [{0x2}, {0x1}, {0x6, 0x3}, {0x4}, {0x2, 0x5}, {0x7, 0x9}, {0x6, 0xa}, {0x5, 0xa}, {0x5, 0xb}, {0x1, 0x4}, {0x0, 0x9}, {0x6, 0x4}, {0x3, 0x7}, {0x3, 0xa}, {0x0, 0x6}, {0x4}, {0x5, 0x6}, {0x4, 0x1}, {0x5, 0x1}, {0x3, 0x6}, {0x2, 0xa}, {0x3, 0x1}, {0x7, 0x8}, {0x3, 0x1}, {0x7, 0x2}, {0x3, 0xa}, {0x1, 0x9}, {0x3, 0x3}, {0x2, 0x2}, {0x3, 0x7}, {0x5, 0x8}, {0x0, 0x2}, {0x5, 0x3}, {0x1, 0x4}, {0x6, 0x7}, {0x0, 0x7}, {0x2}, {0x1, 0x2}, {0x4, 0x6}, {0x5, 0x9}, {0x7, 0x6}, {0x3, 0x2}, {0x1, 0x8}]}]}, @NL80211_BAND_6GHZ={0x24, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xc, 0x1, [0x30, 0x1, 0x3, 0x3, 0xb, 0xb, 0x6, 0x18]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x0, 0x8, 0x6, 0x4931, 0x0, 0x400, 0xf1]}}]}, @NL80211_BAND_60GHZ={0x94, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1e, 0x1, [0x6, 0x1, 0x16, 0x24, 0x3, 0x60, 0x0, 0x6c, 0x0, 0x1b, 0x1, 0x1, 0xc, 0x6c, 0x6c, 0x5, 0x60, 0x3, 0xc, 0x9, 0xc, 0x30, 0x1, 0x30, 0x1b, 0x48]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x8, 0x3, 0x3f4d, 0x5, 0x5, 0xff, 0x7b9b]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8724, 0x0, 0x1, 0x4, 0x7, 0x8b, 0x200, 0x7]}}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0x6c, 0x16, 0x60, 0x75, 0xaa4a1476b8f56fb4, 0x24, 0x5, 0x16]}, @NL80211_TXRATE_LEGACY={0x12, 0x1, [0x18, 0x48, 0x6, 0x48, 0x18, 0x18, 0x6, 0x60, 0x60, 0x2, 0x36, 0x30, 0x6, 0x16]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x4, 0xcb2, 0x9, 0x6, 0xfff8, 0x100, 0x800]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x400, 0xb2, 0x3, 0x3a27, 0x4, 0x6, 0x100, 0x2]}}]}, @NL80211_BAND_60GHZ={0x28, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x1b, 0x1, [0xb, 0x2, 0xc, 0x6c, 0x12, 0xb, 0x1, 0x6c, 0x6, 0x5, 0x16, 0x18, 0x36, 0x0, 0x3, 0x4, 0x9, 0xb, 0xc, 0x5, 0x6c, 0x30, 0x6c]}]}, @NL80211_BAND_5GHZ={0xe4, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x6d28, 0x6, 0xbd, 0x6ba0, 0x200, 0xc58, 0xfff7]}}, @NL80211_TXRATE_HT={0x3b, 0x2, [{0x7, 0x8}, {0x7}, {0x7, 0x4}, {0x3, 0x6}, {0x1, 0x6}, {0x4, 0x6}, {0x0, 0x3}, {0x5, 0x9}, {0x7}, {0x1, 0x2}, {0x6, 0x6}, {0x1, 0x6}, {0x6, 0x8}, {0x5, 0x1}, {0x1, 0x8}, {0x3, 0x9}, {0x5, 0x3}, {0x1, 0xa}, {0x2, 0x1}, {0x0, 0x8}, {0x6, 0x6}, {0x4, 0x9}, {0x3, 0xa}, {0x1, 0x9}, {0x0, 0xa}, {0x6, 0x9}, {0x4, 0x6}, {0x6, 0x4}, {0x4, 0x5}, {0x3, 0x5}, {0x7, 0x1}, {0x1, 0x9}, {0x5, 0xa}, {0x3, 0x1}, {0x0, 0x7}, {0x6, 0x4}, {0x2, 0x6}, {0x0, 0x2}, {0x6, 0xa}, {0x0, 0x9}, {0x0, 0x6}, {0x2, 0x6}, {0x5, 0x7}, {0x7, 0x9}, {0x5, 0x3}, {0x1, 0x8}, {0x1}, {0x6, 0x3}, {0x7, 0x1}, {0x1, 0x8}, {0x0, 0x6}, {0x7, 0x5}, {0x1, 0x8}, {0x3, 0x9}, {0x3, 0x6}]}, @NL80211_TXRATE_LEGACY={0x1b, 0x1, [0x2, 0x1b, 0x18, 0x45, 0x24, 0x4, 0x30, 0x1, 0x3, 0x1, 0x24, 0x6, 0x2, 0x36, 0x30, 0x75, 0x4, 0x2, 0x9, 0xc, 0x9, 0x48, 0x36]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x1, 0x81, 0x64, 0xfff8, 0x8, 0x0, 0xe0e7]}}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x16, 0x2, 0x24, 0x30, 0x36, 0x2, 0x18, 0x4, 0x64, 0xc336d9bfdd368dba, 0x2, 0xc, 0x12, 0xb, 0x658bbe6ad087170, 0x18, 0x3, 0x1a, 0x6, 0x6, 0x30, 0x16, 0x2, 0x18, 0x6c, 0x60, 0x60, 0x4, 0x60]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x401, 0x1, 0x0, 0xff, 0x5, 0x2, 0x4, 0x5]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0xc, 0x2, 0x16, 0x24, 0xc, 0x36]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x90, 0x0, 0x21, 0x1ff, 0x8, 0x3ff, 0x9, 0x3]}}]}, @NL80211_BAND_60GHZ={0x10c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x23, 0x1, [0x4, 0x1b, 0x36, 0x30, 0x1b, 0x9, 0x36, 0xb, 0xf, 0x50, 0xb, 0x30, 0x5a, 0x48, 0x4, 0xb, 0x18, 0xa, 0x5, 0x6, 0x6, 0xc, 0x3, 0x12, 0x60, 0x0, 0x16, 0x36, 0x4, 0x9, 0x30]}, @NL80211_TXRATE_HT={0x29, 0x2, [{0x2, 0xa}, {0x6, 0x2}, {0x4, 0x8}, {0x6, 0x5}, {0x3, 0x4}, {0x0, 0x5}, {0x1}, {0x4, 0x8}, {0x5, 0x1}, {0x1, 0x9}, {0x2, 0x6}, {0x1, 0xa}, {0x3, 0x1}, {0x0, 0x1}, {0x5, 0x9}, {0x5}, {0x1, 0x3}, {0x3}, {0x5, 0x4}, {0x2, 0x6}, {0x5, 0xa}, {0x7}, {0x1}, {0x0, 0xa}, {0x3, 0x7}, {0x2, 0x7}, {0x0, 0x7}, {0x2, 0x6}, {0x1, 0x7}, {}, {0x3, 0x5}, {0x1, 0x8}, {0x1, 0x7}, {0x7, 0x6}, {0x6, 0x2}, {0x2, 0x9}, {0x2, 0x9}]}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x30, 0x24, 0x60, 0xc, 0x6c, 0x16, 0x6c, 0x5, 0x6, 0x60, 0x6c, 0x3, 0xc, 0x30, 0x36, 0x16]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x42, 0x2, [{0x5, 0x7}, {0x2, 0xa}, {0x6, 0x9}, {0x2, 0x6}, {0x7, 0x9}, {0x2, 0x5}, {0x7, 0x1c}, {0x4, 0x2}, {0x4, 0xa}, {0x0, 0x2}, {0x5, 0x7}, {0x2, 0x9}, {0x0, 0x6}, {0x0, 0x1}, {0x7, 0xa}, {0x3}, {0x2, 0x8}, {0x3, 0x4}, {0x5, 0xa}, {0x4}, {0x5, 0x1}, {0x2, 0x2}, {0x3}, {0x5, 0x8}, {0x6, 0x8}, {0x5, 0x2}, {0x2, 0x2}, {0x1, 0x8}, {0x7, 0x7}, {0x1, 0x8}, {0x6}, {0x4, 0x3}, {0x7, 0x6}, {0x4, 0x9}, {0x6, 0x7}, {0x6, 0x4}, {0x7, 0x8}, {0x7, 0x9}, {0x6, 0x2}, {0x3, 0x1}, {0x3}, {0x5, 0x7}, {0x1}, {0x3, 0xa}, {0x0, 0x6}, {0x0, 0x1}, {0x1, 0x8}, {0x4, 0x5}, {0x5}, {0x6, 0x6}, {0x1}, {0x7, 0x2}, {0x4, 0x1}, {0x0, 0xa}, {0x4, 0xa}, {0x2, 0x6}, {0x0, 0x7}, {0x1, 0x2}, {0x6, 0x5}, {0x7, 0xa}, {0x7, 0x6}, {0x5, 0x2}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x6, 0x24, 0x2, 0xb, 0xc, 0x16, 0x48, 0xb, 0xc, 0x12, 0x2, 0x16, 0x9, 0x24, 0x0, 0x6, 0x1b, 0x6c, 0x4, 0x24, 0x18, 0x4, 0x24, 0x24, 0xc, 0x16, 0x48, 0x12, 0x0, 0x6c, 0x24, 0x1]}, @NL80211_TXRATE_HT={0xe, 0x2, [{0x4, 0x6}, {0x4, 0xa}, {0x6}, {0x7, 0x9}, {0x3, 0x3}, {0x5, 0x7}, {0x6, 0xa}, {0x1, 0x5}, {0x3, 0x6}, {0x4, 0x5}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x5, 0x401, 0x4, 0x6, 0x6, 0xd705, 0xc0eb]}}]}, @NL80211_BAND_6GHZ={0x54, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x8000, 0x85, 0xe552, 0x3, 0xb79, 0x81, 0x8]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x7fff, 0x5, 0x8, 0x5, 0x20, 0xc1, 0x63f4]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8000, 0x6d64, 0x40, 0xd209, 0x9, 0x7fff, 0xa0, 0x1]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0xabd, 0xfff, 0x81, 0x40, 0x0, 0x4, 0x401]}}]}, @NL80211_BAND_60GHZ={0x94, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x49, 0x2, [{0x3, 0x5}, {0x1, 0x2}, {0x3, 0x6}, {0x0, 0x9}, {0x7, 0x8}, {0x6, 0x1}, {0x3, 0x5}, {0x1, 0x8}, {0x4, 0x5}, {}, {0x4, 0x9}, {0x2, 0xa}, {0x4, 0x3}, {0x1, 0x2}, {0x4, 0x6}, {0x0, 0x3}, {0x7, 0x7}, {0x1, 0x9}, {0x7, 0xa}, {0x5, 0x3}, {0x1, 0x9}, {0x4, 0x6}, {0x7, 0x1}, {0x4, 0x5}, {0x2, 0x4}, {0x2, 0x6}, {0x4, 0x1}, {0x2, 0x3}, {0x2, 0x6}, {0x7, 0x5}, {0x7, 0x6}, {0x4, 0x7}, {0x6, 0x5}, {0x3, 0x2}, {0x3, 0x6}, {0x1, 0x3}, {0x2, 0x4}, {0x2, 0x6}, {0x1, 0x3}, {0x2, 0x4}, {0x4, 0xa}, {0x1, 0x1}, {0x7, 0x6}, {0x4, 0x4}, {0x3, 0x3}, {0x3, 0x9}, {0x4, 0x4}, {0x5, 0xa}, {0x1, 0x1}, {0x1, 0x8}, {0x0, 0x8}, {0x0, 0x3}, {0x0, 0x9}, {0x1, 0x6}, {0x2, 0x8}, {0x0, 0x5}, {0x5, 0x6}, {0x0, 0x7}, {0x2, 0x5}, {0x6, 0x1}, {0x6, 0x1}, {0x0, 0x9}, {0x2, 0x1}, {0x4, 0x8}, {0x6, 0x7}, {0x7, 0x1}, {0x0, 0x2}, {0x2, 0x7}, {0x1, 0x8}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x2]}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0xb, 0x9, 0x4, 0x6, 0x48, 0x6c, 0x2, 0x6c, 0x16, 0x30, 0x3, 0x18, 0x2, 0x0, 0x60, 0x5, 0x3, 0x6, 0x48, 0x12, 0x48, 0x16, 0x36, 0x48, 0x48, 0x1b, 0x18, 0x4, 0x30, 0x5]}]}, @NL80211_BAND_5GHZ={0x40, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x7, 0x1, [0x4, 0x16, 0x3a]}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x1]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0xe, 0x1, [0x1b, 0xb, 0x1e, 0x48, 0xb, 0x9, 0x30, 0x30, 0x1b, 0x6c]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x74, 0x4, 0x7fff, 0x5527, 0x3, 0x4, 0x9, 0x4d]}}]}]}]}]}, @NL80211_ATTR_TID_CONFIG={0x20, 0x11d, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}]}, @NL80211_ATTR_TID_CONFIG={0x35c, 0x11d, 0x0, 0x1, [{0x48, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x79}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x16c8}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x40}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}]}, {0x204, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x1e4, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_60GHZ={0x74, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x0, 0x98, 0x3, 0x9, 0xd1, 0x7, 0x4]}}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0x9, 0x4]}, @NL80211_TXRATE_HT={0x2c, 0x2, [{0x5, 0xa}, {0x0, 0x5}, {0x1, 0x8}, {0x0, 0x2}, {0x2, 0xa}, {0x6, 0x5}, {0x3, 0x2}, {0x1, 0x6}, {0x7, 0x2}, {0x7, 0x8}, {0x7, 0xa}, {0x5, 0xa}, {0x0, 0xc}, {0x1, 0x4}, {0x5, 0x6}, {0x1}, {0x7, 0xa}, {0x4}, {0x4, 0x2}, {0x2, 0x7}, {0x6, 0x5}, {0x3, 0x2}, {0x2, 0x3}, {0x0, 0xa}, {0x2, 0x1}, {0x1, 0x5}, {0x7, 0x7}, {0x2, 0xa}, {0x3}, {0x0, 0x3}, {0x7, 0x6}, {0x6, 0x7}, {0x0, 0xa}, {0x3, 0x1}, {0x4, 0x7}, {0x4, 0x1}, {0x5, 0x4}, {0x7, 0x5}, {0x2, 0x2}, {0x0, 0x9}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xf9, 0x6, 0x6, 0x4, 0x9, 0x1000, 0x101, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x40f, 0x9, 0x93, 0x401, 0x5, 0x7]}}]}, @NL80211_BAND_6GHZ={0x24, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x1, 0x30, 0xb, 0x12, 0x1, 0x12, 0x48, 0x3, 0x9, 0x48, 0x36, 0xa6, 0x16, 0x3, 0x0, 0x2, 0x36, 0x12, 0x5, 0x16, 0x60, 0x3, 0x60, 0x60, 0x30]}]}, @NL80211_BAND_2GHZ={0x20, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x3, 0xff81, 0xa68, 0x4e2, 0x5d98, 0x4, 0x3ff]}}, @NL80211_TXRATE_HT={0x8, 0x2, [{0x2, 0x6}, {}, {0x4, 0x5}, {0x4, 0x2}]}]}, @NL80211_BAND_2GHZ={0x7c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x1b, 0x10, 0x24, 0x1, 0x78, 0x2, 0x60, 0x6c, 0x6, 0x2, 0x9, 0x51, 0x1, 0x60, 0x1]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x6, 0xfff, 0x3f, 0x3, 0x800, 0x6a, 0x6330]}}, @NL80211_TXRATE_HT={0x23, 0x2, [{0x1, 0xa}, {0x7, 0xa}, {0x6, 0x4}, {0x2, 0xa}, {0x1, 0x2}, {0x5, 0x3}, {0x4, 0x7}, {0x4, 0x4}, {0x5, 0x2}, {0x2, 0x1}, {0x4, 0x5}, {0x3, 0xa}, {0x7, 0x9}, {0x4, 0x4}, {0x6}, {0x0, 0x6}, {0x7, 0x4}, {0x0, 0x7}, {0x5, 0x3}, {0x4, 0x1}, {0x1, 0x1}, {0x7, 0x7}, {0x2, 0xa}, {0x3, 0x4}, {0x1, 0x7}, {0x4, 0x3}, {0x7, 0x8}, {0x0, 0x6}, {0x2, 0x1}, {0x6, 0x2}, {0x3, 0x3}]}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0x2, 0x5a, 0x18, 0x4, 0x2, 0x0, 0xc, 0x36]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0xf, 0x2, [{0x0, 0x8}, {0x7, 0xa}, {0x1, 0x9}, {0x5, 0x9}, {0x3, 0x5}, {0x6, 0xa}, {0x6, 0x1}, {0x1}, {0x4, 0x4}, {0x7, 0x4}, {0x7, 0x5}]}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_60GHZ={0x94, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4c, 0x2, [{0x6, 0x4}, {0x1, 0x6}, {0x0, 0x5}, {}, {0x0, 0x4}, {0x6, 0x9}, {0x3, 0x2}, {0x2, 0x5}, {0x6, 0x5}, {0x6, 0x5}, {0x4, 0xa}, {0x4, 0x5}, {0x0, 0x3}, {0x0, 0x6}, {0x3, 0x9}, {0x1, 0x4}, {0x4, 0x9}, {0x5, 0x9}, {0x1}, {0x1, 0xa}, {0x0, 0xa}, {0x4, 0x5}, {0x2, 0x8}, {0x4, 0x4}, {0x3, 0x1}, {0x5, 0x9}, {0x0, 0x7}, {0x0, 0xa}, {0x2, 0x1}, {0x0, 0x8}, {0x5, 0x8}, {0x5, 0x7}, {0x1, 0x5}, {0x0, 0x2}, {0x4, 0x6}, {0x3, 0x9}, {0x3, 0x1}, {0x6, 0x2}, {0x1, 0x8}, {0x0, 0x5}, {0x3, 0x1}, {0x0, 0x9}, {0x3, 0x8}, {0x1, 0x2}, {0x3, 0x5}, {0x6, 0xa}, {0x1, 0x3}, {0x3, 0x2}, {0x3, 0x4}, {0x4, 0x8}, {0x4, 0x7}, {0x0, 0x5}, {0x3, 0x3}, {0x1, 0x6}, {0x0, 0x1}, {0x3, 0x8}, {0x4, 0x1}, {0x3, 0x4}, {0x0, 0x3}, {0x2, 0x2}, {0x3, 0x3}, {0x1, 0x5}, {0x7, 0xa}, {0x1, 0x6}, {0x2, 0x7}, {0x2, 0xa}, {0x6, 0x7}, {0x2, 0x2}, {0x7, 0x3}, {0x6, 0x3}, {}, {0x6, 0x7}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0xa1d5, 0x101, 0xf7f, 0x1000, 0x7, 0x4, 0x2]}}, @NL80211_TXRATE_HT={0xe, 0x2, [{0x1, 0xa}, {0x5, 0x1}, {0x0, 0x9}, {0x2, 0x1}, {0x1, 0x2}, {0x4, 0xa}, {0x0, 0x3}, {0x7, 0x1}, {0x5, 0x4}, {0x2, 0x9}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x0, 0xfff, 0x6, 0x7f, 0x5, 0x3ff, 0x9]}}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0x1b, 0x4, 0x6, 0x48, 0x6c, 0x5, 0x5, 0xc]}]}]}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x49}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}]}, {0x4c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xc}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x32}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x1f}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xffffffffffffd6d3}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x7e}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xa1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xc}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x3}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xcf}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x2c, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x28, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x93, 0x101, 0x3a, 0x3, 0x9a9c, 0x3, 0x5, 0x1ff]}}]}]}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x6}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x50}]}]}]}, 0x109c}, 0x1, 0x0, 0x0, 0x20040890}, 0x4041) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001280)=@updsa={0x160, 0x10, 0x1, 0x0, 0x0, {{@in6=@mcast2, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc69de45660031e0d}, {@in=@empty, 0x0, 0x32}, @in=@multicast1, {}, {}, {0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0x2}, [@algo_aead={0x70, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x120, 0x80, "976ae46d07d1812fd0664e95dee18314b91df2e10ff98153074f6a02e3550c030000001b"}}]}, 0x160}, 0x1, 0x0, 0x0, 0x800}, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, 0x0}, 0x0) r2 = msgget(0x3, 0x202) msgrcv(r2, &(0x7f0000000000)={0x0, ""/30}, 0x26, 0x0, 0x3000) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000240)={0x0, 0x0}) [ 1151.381663] FAULT_INJECTION: forcing a failure. [ 1151.381663] name failslab, interval 1, probability 0, space 0, times 0 [ 1151.382979] CPU: 0 PID: 8169 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1151.383762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1151.384707] Call Trace: [ 1151.385010] dump_stack+0x107/0x167 [ 1151.385432] should_fail.cold+0x5/0xa [ 1151.385883] ? io_wq_create+0xeb/0xc00 [ 1151.386330] should_failslab+0x5/0x20 [ 1151.386778] __kmalloc+0x72/0x390 [ 1151.387179] io_wq_create+0xeb/0xc00 [ 1151.387622] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1151.388201] ? io_sqe_buffer_register+0x13d0/0x13d0 [ 1151.388773] ? io_apoll_task_func+0x2d0/0x2d0 [ 1151.389287] ? __io_req_find_next+0x300/0x300 [ 1151.389827] ? do_raw_spin_lock+0x121/0x260 [ 1151.390330] ? rwlock_bug.part.0+0x90/0x90 [ 1151.390841] __io_uring_add_tctx_node+0x2c6/0x520 [ 1151.391391] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1151.392014] ? __alloc_fd+0x2b8/0x630 [ 1151.392462] io_uring_setup+0x2018/0x2a40 [ 1151.392968] ? wait_for_completion_io+0x270/0x270 [ 1151.393553] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1151.394164] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1151.394766] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1151.395384] do_syscall_64+0x33/0x40 [ 1151.395824] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1151.396428] RIP: 0033:0x7fd4717f2b19 [ 1151.396877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1151.399022] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1151.399915] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1151.400742] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1151.401581] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1151.402407] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1151.403229] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x0, 0x6, 0x4, 0x2, 0x0, 0xfffffffffffffff7, 0x10808, 0x7, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x4, @perf_bp={&(0x7f0000000180), 0x1}, 0x100, 0x80000001, 0x10001, 0x6, 0xffff, 0xff, 0x70b6, 0x0, 0x4, 0x0, 0xb6}, r3, 0x1, r0, 0xc) msgsnd(r2, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x8, 0x0) 03:42:41 executing program 3: r0 = fork() capset(&(0x7f0000000000), &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:42:41 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:41 executing program 7: sendmsg$NL802154_CMD_NEW_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x90, 0x0, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@NL802154_ATTR_SEC_LEVEL={0x4c, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x1}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x7f}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x8}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0xee}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x4}]}, @NL802154_ATTR_SEC_LEVEL={0x14, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x6}]}, @NL802154_ATTR_SEC_LEVEL={0x1c, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x1}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) syz_emit_ethernet(0xf2, &(0x7f0000000040)={@random="0df4b71197dc", @broadcast, @val={@void}, {@ipv6={0x86dd, @generic={0x0, 0x6, "cd8964", 0xb8, 0x0, 0x0, @local, @private0, {[@dstopts={0x0, 0x16, '\x00', [@generic={0x0, 0x9c, "a7d658ec6c1dcb93ff30c2e3da720e3f50f6da1b93eea95cc69f99015ba6928dd353be91e210fc9b51bec4063452f9d78876a65dc32cb56d11577409d5a76353e92d18d51131b9f3109908dcd3172121f464b115a28545b561667059bbfa6a8d5ce7e9153ec4bf4be64dfa00510940c049a2726ff85d1e574401475cbc4095acf62c972acd685bea1fd2d85f00b0e1fb16f5484b1489b8ded153e28a"}, @hao={0xc9, 0x10, @empty}]}]}}}}}, 0x0) r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000280), 0x40000, 0x0) write$tun(r0, &(0x7f00000002c0)={@val={0x0, 0x88b5}, @val={0x2, 0x80, 0x2, 0x5, 0x6, 0x8}, @mpls={[{0xffff}], @ipv4=@generic={{0x1a, 0x4, 0x0, 0x7, 0xdf, 0x64, 0x0, 0x2, 0x2f, 0x0, @rand_addr=0x64010102, @rand_addr=0x64010100, {[@timestamp_prespec={0x44, 0x14, 0x52, 0x3, 0x5, [{@remote, 0x200}, {@broadcast, 0x1}]}, @timestamp_addr={0x44, 0x14, 0xc5, 0x1, 0x5, [{@loopback}, {@broadcast, 0x3}]}, @ssrr={0x89, 0x17, 0xdc, [@multicast2, @loopback, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010102]}, @ssrr={0x89, 0xf, 0x38, [@broadcast, @loopback, @private=0xa010101]}, @ra={0x94, 0x4, 0x1}]}}, "25adc73b56cfeca3d2e430adce3603270ccf3850c17cdef285a9c7fe5d91532bb7b24d680750506ef4038d748e614363b3765b6e4611df034ee14d1cd222ef1245cf20b4a500ebebf818c19fb93d8d695e67dec7eabbe3b82308e165e3ace2766d511ad8ed77cd5bdbc2f3426964fb307b480837e3e84a"}}}, 0xf1) 03:42:41 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x400300, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:42:41 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2e00, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:41 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, 0x0) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) [ 1151.548302] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:42:57 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:42:57 executing program 7: ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000080)=0x2) ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0x4) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = open_tree(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x8001) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$inet6_MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, 0x0, 0x0) ioctl$sock_bt_hci(r2, 0x800448d2, &(0x7f0000000080)) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000008000000002", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00ile0\x00\x00\x00\x00\x00\x00\x00\x00\x00']) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x109000, 0x0) r4 = epoll_create(0x9) dup3(r3, r4, 0x80000) ioctl$sock_SIOCADDDLCI(r1, 0x8980, &(0x7f00000001c0)={'vlan1\x00', 0x7}) write$bt_hci(0xffffffffffffffff, 0x0, 0x7) wait4(0x0, &(0x7f0000000100), 0x40000000, &(0x7f00000003c0)) clone3(&(0x7f0000000200)={0x44004100, 0x0, &(0x7f00000000c0), 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) 03:42:57 executing program 0: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x110) getsockopt$IP_SET_OP_GET_FNAME(r0, 0x1, 0x53, &(0x7f0000000040)={0x8, 0x7, 0x0, 'syz1\x00'}, &(0x7f0000000080)=0x2c) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f00000000c0)={'security\x00', 0x5d, "10947277bf05a989a075f18ebc80331b68974f4a316783a05301e5b5c29171633d1f1961e2e3accb81d40cf07939e2f939cd39d8da0b91357ed9a7166562b5120281dcf206053a00a7991e39443e292e4c31fbd62aadc976ce6a4c3158"}, &(0x7f0000000180)=0x81) poll(&(0x7f00000001c0)=[{0xffffffffffffffff, 0x5}, {r0, 0x4}, {r0, 0x2008}, {r0, 0x2}, {r0, 0x1}], 0x5, 0x20) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000200)={'ah\x00'}, &(0x7f0000000240)=0x1e) setsockopt(r0, 0x1f, 0x3ff, &(0x7f0000000280), 0x0) getsockopt$IPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x43, &(0x7f00000002c0)={'icmp\x00'}, &(0x7f0000000300)=0x1e) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000340)={0x0, 0x0}, &(0x7f0000000380)=0xc) r3 = syz_open_procfs(r1, &(0x7f00000003c0)='cpuset\x00') r4 = signalfd4(r3, &(0x7f0000000400)={[0x5]}, 0x8, 0xa021ced8b53e0f1f) getsockopt$EBT_SO_GET_INFO(r4, 0x0, 0x80, &(0x7f0000000440)={'nat\x00', 0x0, 0x0, 0x0, [0x8, 0x5, 0x4, 0xa9, 0x2, 0x3]}, &(0x7f00000004c0)=0x78) r5 = syz_mount_image$ext4(&(0x7f0000000500)='ext3\x00', &(0x7f0000000540)='./file0\x00', 0x4, 0x2, &(0x7f0000000740)=[{&(0x7f0000000580)="50b67e43303a220d308a7f8d44648321b18b4561a2cdbc42ff26a4692d23a0fc17eb9381ebb5771bbe7100b3023dd7e3fac088c71409678b3191df69c938811a2580d5f99485d316519ae027fad3e922b9db92d5e1bfadf2fcf57904365a7a8a43bf828dfe07ff9bdded15fde5d9320982eefb456ece01103f3e395faf7fc3b8c45bacf2b6243d56538068707bd4a03e71a1d294b5a8dcd908aac14a2d6378a7373ac67e5f6574e19e237d61bdbc41476b94d5771dfa932edf6bfae4482d0eb6cab5abf931fe4a42378ec4c04cf3688b70b46313ebe8452d7365d37398daac7c0ef1910151c007f21227c3af786817f49a1873", 0xf3, 0x8}, {&(0x7f0000000680)="f6c91ae25746a23d5fa1027b4219f25853223009759eb34b3fee3704943bdfe3b4719fde42c4bcde878aa9a65794a2b58bf4bca58f225eeb4375790edc969d8488095b903a9413281d995b86802790da1a7fdfbac63e9b599b3d91e3d0057dd43a3429e088abb42a3fd0f5fa2190d6a9c0fad8434bf4c425b9bc5b38dfdaa76e2394d78cf0986c3701fec74ac10815793fe1f9ceb808f7ed89f923b2fa68041df736dbc706f8a7673ffd0360916ceeab61b3ee8a8be43f86", 0xb8, 0x2}], 0x0, &(0x7f0000000780)={[{@data_ordered}, {@prjquota}, {@grpid}, {@jqfmt_vfsv0}, {@data_ordered}], [{@fowner_eq={'fowner', 0x3d, r2}}, {@measure}, {@obj_role={'obj_role', 0x3d, 'ah\x00'}}]}) fcntl$addseals(r5, 0x409, 0x4) getsockopt$inet6_int(r0, 0x29, 0x50, &(0x7f0000000800), &(0x7f0000000840)=0x4) fsetxattr$security_capability(r0, &(0x7f0000000880), &(0x7f00000008c0)=@v1={0x1000000, [{0x80, 0x800}]}, 0xc, 0x7) syz_open_dev$vcsa(&(0x7f0000000900), 0xfff, 0x0) r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000940), 0xc0000, 0x0) setsockopt$inet_pktinfo(r6, 0x0, 0x8, &(0x7f0000000980)={0x0, @local, @remote}, 0xc) sendto(r6, &(0x7f00000009c0)="646d2d7f60ac30c50e7913", 0xb, 0x4000, &(0x7f0000000a00)=@pptp={0x18, 0x2, {0x2, @multicast1}}, 0x80) readv(r3, &(0x7f0000003d00)=[{&(0x7f0000000a80)=""/123, 0x7b}, {&(0x7f0000000b00)=""/4096, 0x1000}, {&(0x7f0000001b00)=""/99, 0x63}, {&(0x7f0000001b80)=""/167, 0xa7}, {&(0x7f0000001c40)=""/4096, 0x1000}, {&(0x7f0000002c40)=""/4096, 0x1000}, {&(0x7f0000003c40)=""/37, 0x25}, {&(0x7f0000003c80)=""/112, 0x70}], 0x8) 03:42:57 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xf0ffff, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:42:57 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:57 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 42) 03:42:57 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, 0x0) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:42:57 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2f00, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1167.111008] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1167.141505] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 1167.151037] FAULT_INJECTION: forcing a failure. [ 1167.151037] name failslab, interval 1, probability 0, space 0, times 0 [ 1167.153378] CPU: 0 PID: 8217 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1167.154745] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1167.156453] Call Trace: [ 1167.157004] dump_stack+0x107/0x167 [ 1167.157769] should_fail.cold+0x5/0xa [ 1167.158550] ? io_wq_create+0xeb/0xc00 [ 1167.159353] should_failslab+0x5/0x20 [ 1167.160144] __kmalloc+0x72/0x390 [ 1167.160868] io_wq_create+0xeb/0xc00 [ 1167.161636] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1167.162677] ? io_sqe_buffer_register+0x13d0/0x13d0 [ 1167.163691] ? io_apoll_task_func+0x2d0/0x2d0 [ 1167.164612] ? __io_req_find_next+0x300/0x300 [ 1167.165515] ? do_raw_spin_lock+0x121/0x260 [ 1167.166403] ? rwlock_bug.part.0+0x90/0x90 [ 1167.167260] __io_uring_add_tctx_node+0x2c6/0x520 [ 1167.168263] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1167.169312] ? __alloc_fd+0x2b8/0x630 [ 1167.170103] io_uring_setup+0x2018/0x2a40 [ 1167.170945] ? wait_for_completion_io+0x270/0x270 [ 1167.171947] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1167.171987] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1167.172005] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1167.172030] do_syscall_64+0x33/0x40 [ 1167.172050] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1167.172063] RIP: 0033:0x7fd4717f2b19 03:42:57 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x3000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:57 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:42:57 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x1000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1167.172083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1167.172093] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1167.172114] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1167.172125] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1167.172136] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1167.172147] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1167.172158] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:42:57 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 43) [ 1167.254374] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:42:57 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, 0x0) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) [ 1167.277379] FAULT_INJECTION: forcing a failure. [ 1167.277379] name failslab, interval 1, probability 0, space 0, times 0 [ 1167.279881] CPU: 0 PID: 8235 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1167.281274] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1167.282935] Call Trace: [ 1167.283470] dump_stack+0x107/0x167 [ 1167.284247] should_fail.cold+0x5/0xa [ 1167.285022] ? io_wq_create+0x6ef/0xc00 [ 1167.285845] should_failslab+0x5/0x20 [ 1167.286625] kmem_cache_alloc_node_trace+0x59/0x340 [ 1167.287660] io_wq_create+0x6ef/0xc00 [ 1167.288463] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1167.289498] ? io_sqe_buffer_register+0x13d0/0x13d0 [ 1167.290515] ? io_apoll_task_func+0x2d0/0x2d0 [ 1167.291422] ? __io_req_find_next+0x300/0x300 [ 1167.292344] ? do_raw_spin_lock+0x121/0x260 [ 1167.293214] ? rwlock_bug.part.0+0x90/0x90 [ 1167.294088] __io_uring_add_tctx_node+0x2c6/0x520 [ 1167.295058] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1167.296133] ? __alloc_fd+0x2b8/0x630 [ 1167.296913] io_uring_setup+0x2018/0x2a40 [ 1167.297766] ? wait_for_completion_io+0x270/0x270 [ 1167.298742] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1167.299817] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1167.300877] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1167.301937] do_syscall_64+0x33/0x40 [ 1167.302696] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1167.303745] RIP: 0033:0x7fd4717f2b19 [ 1167.304511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1167.308258] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1167.309836] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1167.311299] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1167.312774] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1167.314233] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1167.315689] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:42:57 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x2000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:42:57 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c) setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000000), 0x4) ftruncate(0xffffffffffffffff, 0x1000003) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 03:42:57 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1167.348082] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:43:11 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:11 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:43:11 executing program 3: fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(0x0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:43:11 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) syz_io_uring_setup(0x5f6, &(0x7f00000002c0)={0x0, 0x1281}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r2 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) syz_io_uring_submit(r6, r1, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f00000001c0)={0xa0, 0x0, &(0x7f0000000180)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x3) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x40010, r2, 0xb5ee9000) close(0xffffffffffffffff) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e20, 0x7, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x5, @local}, 0x1c) r7 = socket$packet(0x11, 0x3, 0x300) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, 0x0) setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x8000}, 0x4) r8 = gettid() perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xa100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext={0x0, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x40000000}, r8, 0xfffffffffffffffe, r5, 0x0) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) 03:43:11 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x3300, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:11 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x3000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:43:11 executing program 0: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fcntl$setlease(r0, 0x400, 0x1) lremovexattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)=@random={'security.', '\x00'}) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @private2, 0x7}, 0x1c) [ 1181.357305] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:43:11 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 44) [ 1181.387885] FAULT_INJECTION: forcing a failure. [ 1181.387885] name failslab, interval 1, probability 0, space 0, times 0 [ 1181.389256] CPU: 1 PID: 8269 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1181.390040] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1181.390983] Call Trace: [ 1181.391301] dump_stack+0x107/0x167 [ 1181.391732] should_fail.cold+0x5/0xa [ 1181.392191] ? create_object.isra.0+0x3a/0xa20 [ 1181.392713] should_failslab+0x5/0x20 [ 1181.393151] kmem_cache_alloc+0x5b/0x310 [ 1181.393625] ? io_wq_create+0x114/0xc00 [ 1181.394079] create_object.isra.0+0x3a/0xa20 [ 1181.394578] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1181.395156] kmem_cache_alloc_node_trace+0x16d/0x340 [ 1181.395743] io_wq_create+0x6ef/0xc00 [ 1181.396192] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1181.396771] ? io_sqe_buffer_register+0x13d0/0x13d0 [ 1181.397337] ? io_apoll_task_func+0x2d0/0x2d0 [ 1181.397855] ? __io_req_find_next+0x300/0x300 [ 1181.398392] ? do_raw_spin_lock+0x121/0x260 [ 1181.398911] ? rwlock_bug.part.0+0x90/0x90 [ 1181.399423] __io_uring_add_tctx_node+0x2c6/0x520 [ 1181.400013] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1181.400643] ? __alloc_fd+0x2b8/0x630 [ 1181.401083] io_uring_setup+0x2018/0x2a40 [ 1181.401579] ? wait_for_completion_io+0x270/0x270 [ 1181.402154] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1181.402772] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1181.403393] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1181.404013] do_syscall_64+0x33/0x40 [ 1181.404442] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1181.405047] RIP: 0033:0x7fd4717f2b19 [ 1181.405491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1181.407649] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1181.408564] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1181.409405] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1181.410253] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1181.411095] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1181.411932] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:43:11 executing program 3: fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(0x0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:43:11 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:11 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x4000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:43:11 executing program 7: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1181.486195] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:43:11 executing program 0: r0 = syz_io_uring_setup(0x1081, &(0x7f0000000280)={0x0, 0xe47f, 0x0, 0x0, 0x1b3}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000800000/0x800000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000000040)=0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000580)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f00000001c0)=@in}, 0x0) bind$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) io_uring_enter(r0, 0x76d7, 0x0, 0x0, 0x0, 0x0) 03:43:11 executing program 3: fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(0x0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:43:11 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:11 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x3a00, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:11 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1195.884098] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:43:26 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x0, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:43:26 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x0) r1 = fsopen(&(0x7f00000000c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000000)="fec16210336d9f15c3f8400da3694e40385168dc10f8961e29124019f32e47787236a0e855ee8464b55fe708ef42b431889a61e2e1fac8c5d0ed57ccd35f1bedc03e0129cf02acb9595142c9c51b62a981907b0a776e02fd", 0x58}], 0x1) 03:43:26 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 45) 03:43:26 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x5000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:43:26 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000005c0)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$inet6(r0, &(0x7f0000000200)={&(0x7f0000000040)={0xa, 0x4e22, 0x4, @private2, 0x1}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000080)="7175aa7a4539dbb8fa2215398a88a07cfe2f5700e506c1063e6fd3435d673a1cbb57c4b9e9ae849d5bbd21eb4ae55135255b96ef5370e50f4a7f726cf43a0b7e63cc312679aff2915d2d05a1aac3b802a27f1c816723b01f00ceb374f202f518c16316cb2c411db8cfef002c2704519bb19d8177cf42c2472d94254a07df5decf2771c5bd6e3ab129f20ba95c34ed8339a269f3b03333dce35c0d3f1ec44ee8b68a1f5730c6091fe1ebd976ad7666f59f96fcd339eb6a4f7dd1e75510cbcb2d8a1392db002f3ee0c0ee7cb4880b352f1df9b44da3b0659b816bc160a37b12e58a9b7148d89f5dc989321db48fed3984d", 0xf0}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="1400000000000000290000003e0000000100000000000000a1531c244bb366d20a2a9b95e615c898626e781264906b50ff198afe3d4b87ab9f6363f6927d7c4f58793ab1d5ec33d8ff90a992bf40dc4001fbb731cdb1368f424c5394aa7413187dae9cd2e8b60f1981fb4eadf1e5a972fd468d80f1f843b7761a26462c9e513dcaf9ac58306c4a367595430e5f0c78bfa6fa90db871af895c75bf700"/169], 0x18}, 0x800) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) 03:43:26 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:43:26 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x4000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:26 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:26 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x6000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1195.920803] FAULT_INJECTION: forcing a failure. [ 1195.920803] name failslab, interval 1, probability 0, space 0, times 0 [ 1195.923301] CPU: 1 PID: 8314 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1195.924686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1195.926312] Call Trace: [ 1195.926839] dump_stack+0x107/0x167 [ 1195.927565] should_fail.cold+0x5/0xa [ 1195.928330] ? create_object.isra.0+0x3a/0xa20 [ 1195.929238] should_failslab+0x5/0x20 [ 1195.929990] kmem_cache_alloc+0x5b/0x310 [ 1195.930797] ? io_wq_create+0x114/0xc00 [ 1195.931587] create_object.isra.0+0x3a/0xa20 [ 1195.932473] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1195.933484] kmem_cache_alloc_node_trace+0x16d/0x340 [ 1195.934496] io_wq_create+0x6ef/0xc00 [ 1195.935263] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1195.936282] ? io_sqe_buffer_register+0x13d0/0x13d0 [ 1195.937263] ? io_apoll_task_func+0x2d0/0x2d0 [ 1195.938146] ? __io_req_find_next+0x300/0x300 [ 1195.939034] ? do_raw_spin_lock+0x121/0x260 [ 1195.939894] ? rwlock_bug.part.0+0x90/0x90 [ 1195.940751] __io_uring_add_tctx_node+0x2c6/0x520 [ 1195.941083] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1195.941699] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1195.941721] ? __alloc_fd+0x2b8/0x630 [ 1195.944363] io_uring_setup+0x2018/0x2a40 [ 1195.945202] ? wait_for_completion_io+0x270/0x270 [ 1195.946159] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1195.947190] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1195.948232] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1195.949258] do_syscall_64+0x33/0x40 [ 1195.950003] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1195.951021] RIP: 0033:0x7fd4717f2b19 [ 1195.951761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1195.955411] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1195.956942] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1195.958343] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1195.959742] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1195.961153] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1195.962556] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:43:26 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x7000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:43:26 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x0, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) [ 1195.992908] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:43:26 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x4200, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:26 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:26 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x8000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1196.066405] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1196.073970] cgroup: fork rejected by pids controller in /syz3 03:43:41 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0xfe, 0x0, 0x0, 0xca1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:43:41 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x400000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:41 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x0, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:43:41 executing program 7: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x4000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:41 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:41 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x9000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:43:41 executing program 0: r0 = socket$inet(0x2, 0x3, 0xff) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000000)="b683ae40f3fdac402b21fa055e4299bd37dddcc878d124b8", 0x18}], 0x1, &(0x7f0000000200)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @broadcast}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev, @multicast1}}}], 0x40}, 0x0) 03:43:41 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 46) [ 1211.242037] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1211.260306] FAULT_INJECTION: forcing a failure. [ 1211.260306] name failslab, interval 1, probability 0, space 0, times 0 [ 1211.262739] CPU: 0 PID: 8454 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1211.264194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1211.265964] Call Trace: [ 1211.266524] dump_stack+0x107/0x167 [ 1211.267310] should_fail.cold+0x5/0xa [ 1211.268119] ? create_object.isra.0+0x3a/0xa20 [ 1211.269109] should_failslab+0x5/0x20 [ 1211.269919] kmem_cache_alloc+0x5b/0x310 [ 1211.270747] create_object.isra.0+0x3a/0xa20 [ 1211.271634] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1211.272675] kmem_cache_alloc_trace+0x151/0x320 [ 1211.273617] __io_uring_add_tctx_node+0x15c/0x520 [ 1211.274602] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1211.275654] ? __alloc_fd+0x2b8/0x630 [ 1211.276441] io_uring_setup+0x2018/0x2a40 [ 1211.277284] ? wait_for_completion_io+0x270/0x270 [ 1211.278253] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1211.279296] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1211.280346] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1211.281412] do_syscall_64+0x33/0x40 [ 1211.282181] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1211.283212] RIP: 0033:0x7fd4717f2b19 [ 1211.284002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1211.287699] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1211.289241] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1211.290675] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1211.292109] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1211.293553] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1211.294985] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:43:41 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:41 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x80ffff, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:41 executing program 7: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x4200, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:41 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xa000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1211.402588] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:43:41 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1020}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x71, 0xe1, 0x3, 0x1f, 0x0, 0x1, 0x4000, 0x5, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x100, 0x1, @perf_config_ext={0x9, 0x4}, 0x2, 0x100000000, 0x800, 0x6, 0x5, 0x9a0, 0xcc5, 0x0, 0x9, 0x0, 0x9}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xff, 0x3a, 0x8, 0x1c, 0x0, 0x1ff, 0x0, 0x4, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7cc3, 0x2, @perf_bp={&(0x7f0000000040), 0x4}, 0x30, 0x1f, 0x40, 0x7, 0x4, 0xffffffff, 0x1000, 0x0, 0x1, 0x0, 0x10000}, 0x0, 0x9, r1, 0x9) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r3, r2, 0x800, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(0xffffffffffffffff, r4, 0x800, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r4, 0x6611) openat(r2, &(0x7f00000001c0)='./file0\x00', 0x82000, 0xa23e025cf494534b) execveat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', &(0x7f0000000380)=[&(0x7f0000000240), &(0x7f0000000280)='^([\x00', &(0x7f00000002c0)='\x00', &(0x7f0000000300)='.^\\\x00', &(0x7f0000000340)='\x00'], &(0x7f0000000400)=[&(0x7f00000003c0)='\x00'], 0x400) connect$inet6(r0, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) inotify_init() setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000000)=0x8, 0x4) pipe2(0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x7ffff000, 0x0) 03:43:41 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 47) 03:43:41 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:41 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, 0x0, &(0x7f0000000080)=0x1) [ 1211.546446] FAULT_INJECTION: forcing a failure. [ 1211.546446] name failslab, interval 1, probability 0, space 0, times 0 [ 1211.549143] CPU: 0 PID: 8573 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1211.550546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1211.552193] Call Trace: [ 1211.552749] dump_stack+0x107/0x167 [ 1211.553481] should_fail.cold+0x5/0xa [ 1211.554243] ? xas_alloc+0x336/0x440 [ 1211.554987] should_failslab+0x5/0x20 [ 1211.555746] kmem_cache_alloc+0x5b/0x310 [ 1211.556568] ? stack_trace_consume_entry+0x160/0x160 [ 1211.557577] xas_alloc+0x336/0x440 [ 1211.558289] xas_create+0x34a/0x10d0 [ 1211.559045] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1211.560088] xas_store+0x8c/0x1c40 [ 1211.560832] __xa_store+0x164/0x2d0 [ 1211.561557] ? xa_delete_node+0x280/0x280 [ 1211.562389] ? trace_hardirqs_on+0x5b/0x180 [ 1211.563253] xa_store+0x31/0x50 [ 1211.563913] __io_uring_add_tctx_node+0x1cf/0x520 [ 1211.564885] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1211.565925] ? __alloc_fd+0x2b8/0x630 [ 1211.566695] io_uring_setup+0x2018/0x2a40 [ 1211.567532] ? wait_for_completion_io+0x270/0x270 [ 1211.568503] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1211.569533] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1211.570573] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1211.571605] do_syscall_64+0x33/0x40 [ 1211.572353] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1211.573397] RIP: 0033:0x7fd4717f2b19 [ 1211.574144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1211.577790] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1211.579301] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1211.580724] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1211.582138] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1211.583549] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1211.584973] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:43:59 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 48) 03:43:59 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:59 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r0) sendmsg$NL80211_CMD_SET_MAC_ACL(r0, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x30, r3, 0x200, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0xfff, 0x69}}}}, [@NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x48000) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)={0x28, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_TX_RATES={0xc, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x8, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4, 0x3}]}]}]}, 0x28}}, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000600)={&(0x7f00000004c0)=ANY=[@ANYBLOB="30010000", @ANYRES16=r6, @ANYBLOB="000427bd7000fddbdf251b000000080001004e00000008009a000000000007002100616100000800010023000000ec0022803c00008008000200070000000800070008000000080003000100000008000100bcfa00000800070000000080080005000100000008000500ff0700001c00008008000700050000000800040089ffffff08000700200000001c0000800800020000010000080006000800000008000100010000004c00008008000500da0000000800070001040000080006002202000008000700feffffff080003007207000008000500050000000800030018000000080005000300000008000200090000001400008008000400790e0000080004000800000014000080080004000400000008000500080d0000080001007000"/298], 0x130}, 0x1, 0x0, 0x0, 0x4000}, 0x90) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x2c, r2, 0x5, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r4}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x97b}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}]]}, 0x2c}}, 0x0) sendmsg$NL80211_CMD_GET_POWER_SAVE(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x20, r2, 0x2, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xd98, 0x44}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4004}, 0x4000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xebf, 0x0, @perf_config_ext={0x1000000}, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x4f, &(0x7f0000000000)={@broadcast, @dev, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, {[@timestamp_addr={0x44, 0x4, 0xda}]}}, {{0x3, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x18, 0x0, 0xfc00, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x3, 0x2}, @window={0x3, 0x3}, @eol, @sack={0x5, 0x22, [0x1, 0x1, 0x5, 0x5, 0xffffffff, 0x5, 0x5, 0xffffffff]}, @sack={0x5, 0x1a, [0x10000, 0x3ff, 0x0, 0x401, 0x0, 0x7]}]}}}}}}}, 0x0) clone3(&(0x7f0000000200)={0x44004100, 0x0, &(0x7f00000000c0), &(0x7f0000000100), {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:43:59 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000140)={0x0, 0xfffffffffffffff8, 0x7fffffff}) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:43:59 executing program 7: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mount$cgroup(0x0, 0x0, &(0x7f0000000100), 0x180010, 0x0) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file2\x00') r1 = creat(&(0x7f0000000200)='./file1\x00', 0x2) chroot(&(0x7f0000000280)='./file2\x00') r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, r2) r4 = openat(r1, &(0x7f0000001a00)='./file1\x00', 0x42, 0x4) io_setup(0x5, &(0x7f0000000040)=0x0) io_submit(r5, 0x1, &(0x7f00000008c0)=[&(0x7f0000000200)={0x0, 0x0, 0x5, 0x0, 0x0, r4, 0x0}]) unlink(&(0x7f0000000340)='./file2\x00') sendfile(r2, r3, 0x0, 0x100000001) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f0000000300)={{0x1, 0x1, 0x18, r0, {0x1f}}, './file0\x00'}) ioctl$RNDADDTOENTCNT(r6, 0x40045201, &(0x7f0000000380)=0x9) 03:43:59 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:43:59 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xf000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:43:59 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, 0x0, &(0x7f0000000080)=0x1) [ 1229.486179] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:43:59 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x48000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1229.545448] FAULT_INJECTION: forcing a failure. [ 1229.545448] name failslab, interval 1, probability 0, space 0, times 0 [ 1229.547785] CPU: 1 PID: 8689 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1229.549188] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1229.550878] Call Trace: [ 1229.551415] dump_stack+0x107/0x167 [ 1229.552167] should_fail.cold+0x5/0xa [ 1229.552940] ? create_object.isra.0+0x3a/0xa20 [ 1229.553880] should_failslab+0x5/0x20 [ 1229.554655] kmem_cache_alloc+0x5b/0x310 [ 1229.555486] create_object.isra.0+0x3a/0xa20 [ 1229.556391] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1229.557449] kmem_cache_alloc+0x159/0x310 [ 1229.558297] xas_alloc+0x336/0x440 [ 1229.559034] xas_create+0x34a/0x10d0 [ 1229.559805] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1229.560885] xas_store+0x8c/0x1c40 [ 1229.561624] __xa_store+0x164/0x2d0 [ 1229.562381] ? xa_delete_node+0x280/0x280 [ 1229.563227] ? trace_hardirqs_on+0x5b/0x180 [ 1229.564127] xa_store+0x31/0x50 [ 1229.564817] __io_uring_add_tctx_node+0x1cf/0x520 [ 1229.565791] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1229.566850] ? __alloc_fd+0x2b8/0x630 [ 1229.567630] io_uring_setup+0x2018/0x2a40 [ 1229.568487] ? wait_for_completion_io+0x270/0x270 [ 1229.569468] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1229.570522] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1229.571578] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1229.572649] do_syscall_64+0x33/0x40 [ 1229.573406] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1229.574440] RIP: 0033:0x7fd4717f2b19 [ 1229.575195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1229.578935] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1229.580484] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1229.581946] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1229.583406] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1229.584906] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1229.586360] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:43:59 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1229.636918] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:44:00 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:44:00 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:44:00 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 49) 03:44:00 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, 0x0, &(0x7f0000000080)=0x1) 03:44:00 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x4c000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1229.814192] FAULT_INJECTION: forcing a failure. [ 1229.814192] name failslab, interval 1, probability 0, space 0, times 0 [ 1229.816650] CPU: 0 PID: 8818 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1229.818036] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1229.819711] Call Trace: [ 1229.820251] dump_stack+0x107/0x167 [ 1229.821008] should_fail.cold+0x5/0xa [ 1229.821785] ? xas_alloc+0x336/0x440 [ 1229.822549] should_failslab+0x5/0x20 [ 1229.823320] kmem_cache_alloc+0x5b/0x310 [ 1229.824144] xas_alloc+0x336/0x440 [ 1229.824885] xas_create+0x34a/0x10d0 [ 1229.825653] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1229.826710] xas_store+0x8c/0x1c40 [ 1229.827442] __xa_store+0x164/0x2d0 [ 1229.828179] ? xa_delete_node+0x280/0x280 [ 1229.829036] ? trace_hardirqs_on+0x5b/0x180 [ 1229.829913] xa_store+0x31/0x50 [ 1229.830584] __io_uring_add_tctx_node+0x1cf/0x520 [ 1229.831172] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1229.831555] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1229.834135] ? __alloc_fd+0x2b8/0x630 [ 1229.834919] io_uring_setup+0x2018/0x2a40 [ 1229.835766] ? wait_for_completion_io+0x270/0x270 [ 1229.836746] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1229.837788] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1229.838849] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1229.839895] do_syscall_64+0x33/0x40 [ 1229.840668] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1229.841705] RIP: 0033:0x7fd4717f2b19 [ 1229.842487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1229.846200] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1229.847736] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1229.849177] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1229.850615] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1229.852046] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1229.853495] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:44:00 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:44:00 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x68000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:44:00 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x3000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1229.942580] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:44:00 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:44:15 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040), &(0x7f0000000080)=0x1) [ 1245.408922] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1245.418527] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=65280 sclass=netlink_xfrm_socket pid=8953 comm=syz-executor.7 03:44:15 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:44:15 executing program 0: nanosleep(&(0x7f0000000180)={0x77359400}, &(0x7f00000001c0)) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_PROTOCOLS(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r0) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000b40), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_INTERFACE(r0, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000bc0)={0x14, r1, 0x1}, 0x14}}, 0x0) sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r1, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan0\x00'}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000881}, 0x48010) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(0x0, r2) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000000c0), r2) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000e00), r3) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000080)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000e80)={&(0x7f00000003c0)={0x1c, r4, 0x939f0c73e17edec1, 0x0, 0x0, {0x2a}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000240)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_GET_INTERFACE(r2, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x38, r1, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x8000) syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @local}, @redirect={0x5, 0x3, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @remote}, "48ed01b536ca3d00"}}}}}, 0x0) 03:44:15 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x300, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:44:15 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x6c000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:44:15 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 50) 03:44:15 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x4000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:44:15 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="b800000000ffffffff000000000000000000000000ff02000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRESOCT, @ANYBLOB="00000000005d009694981c30de7294b500000000000000000000000000000000000068a1f7414d18b1490000000000d5878c9779e91200000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000009484cdd5814c14ede966ba9b66a393bdb9b976270b1390385e4634ab8ee9b708148eae67828cb973124239a5520bcd594316ad7a0a8d948e5b7556912dfc28f98a4877c320e175eeb7dd732dae6136c6afb01807e3741b0c4d356590c0b4cbe47c5e993df6ac07c84359e250f69fe6d7a3c276f89cc62e0c08fdd3300834da1328b47a29a2cf4d297ce91f3a31e07b31ef19e98c7af97c5faa99968b9f042674fb0d568d8b722107cf5740dd1bfd6018a6bc695bfbc903dca1dc4760e21392cd4e654a5496f564db3a774ac7c20041a67132f6f64de265fb4587c1bd21f406bcf19ffbb9c371ea"], 0xb8}}, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='maps\x00') socket$nl_generic(0x10, 0x3, 0x10) ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(0xffffffffffffffff, 0xf504, 0x0) pread64(r1, &(0x7f0000001100)=""/4095, 0xfff, 0x0) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x400) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0xb4, 0x0, 0x10, 0x70bd25, 0x25dfdbfd, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0xffffffc0}, {0x6, 0x11, 0xaf}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xffff3b06}, {0x6, 0x11, 0x3ff}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x1}, {0x6, 0x11, 0x8001}}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4000}, 0x40) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'syz_tun\x00'}) sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x12020012}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x54, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x4}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e21}]}, 0x54}, 0x1, 0x0, 0x0, 0x40040040}, 0x20000000) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000500)={'ip6tnl0\x00', 0x0, 0x2b, 0xff, 0x0, 0x0, 0x59, @empty, @private2, 0x20, 0x1, 0x20, 0x6}}) sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000500)={&(0x7f0000000980)=ANY=[@ANYBLOB="20010000", @ANYRES16=0x0, @ANYBLOB="00032abd7000fedbdf250200000008000100", @ANYRES32=0x0, @ANYBLOB="0401028038000100240001006d636173745f72656a6f69dfc48cba756e7400000000000000b9c0e723725e000000000000000500030003000000080004001800000084000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b00000054000400040004400200000000001f071f00000005007fff7c240000e00305020300000008000004050000005e001f0200d62b36900a324435304af5c2158d2d5e000000090080060500000000000005ff016e007f00fffe00020000a60801020200000044000100240001006270665f686173685f66756e630000000000000000aa00000000000000000000050003000b000000140004000200f80602000000030008fa01000000caaf8856bcce7cb899950c8624c42a69a66febaac9a734d05381a39cfe69deef8d826ecc9efcc436dd6c61c6198a6656b24324d44448092f5f624b1cad45cff0d186d9560b09ff8a6014ea8eb180676cc2658a633e5e293ecec1b1a8bca55ae4c0dbe875114ed0e678f61b8fe0d41188db6a38736ad8dd6893147db65f5fc75c0a94fdfa3779360797209b95628e4e0ab9405d53c2d29fc192930b0fed90500f68747017d9516c12d3"], 0x120}}, 0x24) setresuid(0xffffffffffffffff, r3, 0x0) setresuid(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) [ 1245.426820] FAULT_INJECTION: forcing a failure. [ 1245.426820] name failslab, interval 1, probability 0, space 0, times 0 [ 1245.428212] CPU: 1 PID: 8949 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1245.429033] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1245.430010] Call Trace: [ 1245.430331] dump_stack+0x107/0x167 [ 1245.430778] should_fail.cold+0x5/0xa [ 1245.431241] ? create_object.isra.0+0x3a/0xa20 [ 1245.431796] should_failslab+0x5/0x20 [ 1245.432252] kmem_cache_alloc+0x5b/0x310 [ 1245.432741] ? mark_held_locks+0x9e/0xe0 [ 1245.433278] create_object.isra.0+0x3a/0xa20 [ 1245.433813] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1245.434418] kmem_cache_alloc+0x159/0x310 [ 1245.434922] xas_alloc+0x336/0x440 [ 1245.435346] xas_create+0x34a/0x10d0 [ 1245.435830] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1245.436463] xas_store+0x8c/0x1c40 [ 1245.436932] __xa_store+0x164/0x2d0 [ 1245.437380] ? xa_delete_node+0x280/0x280 [ 1245.437908] ? trace_hardirqs_on+0x5b/0x180 [ 1245.438455] xa_store+0x31/0x50 [ 1245.438877] __io_uring_add_tctx_node+0x1cf/0x520 [ 1245.439514] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1245.440197] ? __alloc_fd+0x2b8/0x630 [ 1245.440703] io_uring_setup+0x2018/0x2a40 [ 1245.441236] ? wait_for_completion_io+0x270/0x270 [ 1245.441832] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1245.442492] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1245.443176] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1245.443864] do_syscall_64+0x33/0x40 [ 1245.444346] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1245.445029] RIP: 0033:0x7fd4717f2b19 [ 1245.445512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1245.447900] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1245.448854] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1245.449738] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1245.450605] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1245.451473] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1245.452346] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 1245.488035] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=65280 sclass=netlink_xfrm_socket pid=8965 comm=syz-executor.7 03:44:15 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0xa00, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:44:15 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x74000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1245.567352] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:44:16 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1800, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:44:16 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 51) 03:44:16 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x8, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x8204c, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffc}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x5, 0x0) bind$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) listen(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) 03:44:16 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040), &(0x7f0000000080)=0x1) 03:44:16 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x6000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:44:16 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x7a000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:44:16 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xa000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1245.772150] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1245.780863] FAULT_INJECTION: forcing a failure. [ 1245.780863] name failslab, interval 1, probability 0, space 0, times 0 [ 1245.783671] CPU: 0 PID: 9084 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1245.785457] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1245.787610] Call Trace: [ 1245.788301] dump_stack+0x107/0x167 [ 1245.789272] should_fail.cold+0x5/0xa [ 1245.790263] ? xas_alloc+0x336/0x440 [ 1245.791237] should_failslab+0x5/0x20 [ 1245.792222] kmem_cache_alloc+0x5b/0x310 [ 1245.793306] xas_alloc+0x336/0x440 [ 1245.794234] xas_create+0x34a/0x10d0 [ 1245.795219] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1245.796584] xas_store+0x8c/0x1c40 [ 1245.797388] __xa_store+0x164/0x2d0 [ 1245.798344] ? xa_delete_node+0x280/0x280 [ 1245.799249] ? trace_hardirqs_on+0x5b/0x180 [ 1245.800189] xa_store+0x31/0x50 [ 1245.800926] __io_uring_add_tctx_node+0x1cf/0x520 [ 1245.801969] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1245.803092] ? __alloc_fd+0x2b8/0x630 [ 1245.803932] io_uring_setup+0x2018/0x2a40 [ 1245.804852] ? wait_for_completion_io+0x270/0x270 [ 1245.805889] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1245.807007] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1245.808131] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1245.809262] do_syscall_64+0x33/0x40 [ 1245.810068] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1245.811169] RIP: 0033:0x7fd4717f2b19 [ 1245.811973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1245.815912] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1245.817554] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1245.819083] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1245.820607] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1245.822483] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1245.824328] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 1260.643731] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1260.662220] FAULT_INJECTION: forcing a failure. [ 1260.662220] name failslab, interval 1, probability 0, space 0, times 0 [ 1260.664065] CPU: 1 PID: 9098 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1260.665127] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1260.666424] Call Trace: [ 1260.666838] dump_stack+0x107/0x167 [ 1260.667412] should_fail.cold+0x5/0xa [ 1260.668009] ? create_object.isra.0+0x3a/0xa20 [ 1260.668728] should_failslab+0x5/0x20 [ 1260.669335] kmem_cache_alloc+0x5b/0x310 [ 1260.669970] ? mark_held_locks+0x9e/0xe0 [ 1260.670602] create_object.isra.0+0x3a/0xa20 [ 1260.671276] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1260.672050] kmem_cache_alloc+0x159/0x310 [ 1260.672727] xas_alloc+0x336/0x440 [ 1260.673301] xas_create+0x34a/0x10d0 [ 1260.673920] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1260.674747] xas_store+0x8c/0x1c40 [ 1260.675342] __xa_store+0x164/0x2d0 [ 1260.675919] ? xa_delete_node+0x280/0x280 [ 1260.676587] ? trace_hardirqs_on+0x5b/0x180 [ 1260.677300] xa_store+0x31/0x50 [ 1260.677835] __io_uring_add_tctx_node+0x1cf/0x520 [ 1260.678607] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1260.679460] ? __alloc_fd+0x2b8/0x630 [ 1260.680080] io_uring_setup+0x2018/0x2a40 [ 1260.680758] ? wait_for_completion_io+0x270/0x270 [ 1260.681543] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1260.682363] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1260.683211] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1260.683998] do_syscall_64+0x33/0x40 [ 1260.684585] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1260.685406] RIP: 0033:0x7fd4717f2b19 [ 1260.685993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1260.688972] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 03:44:31 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480), 0x0) pipe2(&(0x7f0000000480), 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:44:31 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 52) 03:44:31 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040), &(0x7f0000000080)=0x1) 03:44:31 executing program 7: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffff, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0xa) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0000008d60ccddc073134ba9a1b4791e987cbec17aefa550ab219351b25a30ebd3ed5d89122b1a4c4a6fa88c85c86eda9e84c7e8bc8569d5a9e40200000000000000f6f95138c527fc0dfa6d8005f39145c7ecbb9f31073e3d95bc3cc05ff8f33947f6f77a8c065b5f6c3c299a355a0c2299dd50f62c86441e804dac2725816390cdd6cc669c3ebf8d7cbfd73ffbf3d8f36a200d87f9a57178699eee95837463b696572b", @ANYRES16=r1], 0x2c}}, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000080)=0x1000) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1}, 0x1b) syncfs(r2) creat(&(0x7f0000000040)='./file0\x00', 0x0) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r3, 0x8, 0x0, 0x8000) write$9p(r3, &(0x7f00000000c0)="0fb865562069ab2f32beb83e263962827b00d7d8b791e504b65c5ed26e6688d67a9796c1aedca0de65d21b4796fd1b3df0ccedf9739e29f6b965de85433255da7945b7a842ba5fa3dbe88cd26fc9b1b807bc2d59e5a9f2c2bdaccdb839190141ba0151232669cb02b3b076251c024d73f501a54d959dac7cdb3fc324ab47f2a3e1ef12691eac5cab96860e948ea4", 0x8e) r4 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/packet\x00') dup3(r5, r4, 0x0) getsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f00000003c0), &(0x7f0000000400)=0x4) r6 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r3, 0x80286722, &(0x7f0000000000)={&(0x7f00000002c0)=""/228, 0xe4, 0x0, 0x66}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x20, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0xffffffffffff7fff, 0x1002, 0x0, 0x7, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syncfs(r6) 03:44:31 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x9effffff, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:44:31 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x18000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:44:31 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x8003, 0x7, @dev={0xfe, 0x80, '\x00', 0x35}, 0x6}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000001900)=[{{&(0x7f00000000c0)={0xa, 0x4e21, 0x0, @remote, 0x1}, 0x1c, 0x0}}], 0x1, 0x0) 03:44:31 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1260.690386] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1260.691562] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1260.692710] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1260.693804] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1260.694916] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:44:31 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) pipe2(&(0x7f0000000480), 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:44:31 executing program 0: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0x4, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="19a250c8df3ec18c2120f2b2e95d5057ab51ef20efda4fb05868e1f71a37a7404d10777683fde82b0f72eeba91d6d489fa130f347419bcff9268030857817fb365df4017139c5d147da16e93c3b877a0780cf41d29619b4f6493ad4fdacf21d99eab94a4cc045f9a9e0a9c4d106a6c0fd9040052f3a1f73692d14642f58b4eaf707a42908106584a44", 0x89, 0x72}], 0x34022, &(0x7f0000000280)={[{@nonumtail}, {@nonumtail}, {@shortname_mixed}, {@fat=@dos1xfloppy}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@iocharset={'iocharset', 0x3d, 'cp874'}}], [{@euid_lt}, {@appraise_type}]}) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000340)={@id={0x2, 0x0, @d}, 0x40, 0x0, '\x00', @b}) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000440)={0x80, 0x2, 0x4, 0x7fffffff, 0x9, [{0x0, 0xffff, 0x6, '\x00', 0x28a}, {0x4, 0x7, 0x1, '\x00', 0x800}, {0x1, 0x7, 0x32d, '\x00', 0x2003}, {0x3ff, 0x101, 0x4, '\x00', 0x80}, {0x4e, 0x3, 0xfffffffffffffe2c, '\x00', 0x1201}, {0xfffffffffffffff9, 0x400, 0x6, '\x00', 0x1}, {0x8, 0x8, 0x46883201, '\x00', 0x201}, {0x7fff, 0x5, 0x5, '\x00', 0x8}, {0x100, 0x401, 0xfbe, '\x00', 0x2380}]}) chdir(&(0x7f0000000000)='./file1\x00') openat(r0, &(0x7f0000000400)='./file1\x00', 0x1, 0x8) mount(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, 0x0) 03:44:31 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xb3000000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:44:31 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1260.736118] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:44:31 executing program 1: fchmod(0xffffffffffffffff, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000000000066"]) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:44:31 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1f000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:44:31 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xf0ffffff, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:44:31 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x80ffff, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:44:31 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 53) [ 1260.882354] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1260.964520] FAULT_INJECTION: forcing a failure. [ 1260.964520] name failslab, interval 1, probability 0, space 0, times 0 [ 1260.966427] CPU: 1 PID: 9239 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1260.967459] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1260.968739] Call Trace: [ 1260.969165] dump_stack+0x107/0x167 [ 1260.969714] should_fail.cold+0x5/0xa [ 1260.970306] ? xas_alloc+0x336/0x440 [ 1260.970893] should_failslab+0x5/0x20 [ 1260.971482] kmem_cache_alloc+0x5b/0x310 [ 1260.972114] xas_alloc+0x336/0x440 [ 1260.972665] xas_create+0x34a/0x10d0 [ 1260.973258] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1260.974051] xas_store+0x8c/0x1c40 [ 1260.974619] __xa_store+0x164/0x2d0 [ 1260.975172] ? xa_delete_node+0x280/0x280 [ 1260.975797] ? trace_hardirqs_on+0x5b/0x180 [ 1260.976451] xa_store+0x31/0x50 [ 1260.976949] __io_uring_add_tctx_node+0x1cf/0x520 [ 1260.977677] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1260.978466] ? __alloc_fd+0x2b8/0x630 [ 1260.979051] io_uring_setup+0x2018/0x2a40 [ 1260.979678] ? wait_for_completion_io+0x270/0x270 [ 1260.980401] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1260.981191] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1260.981979] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1260.982751] do_syscall_64+0x33/0x40 [ 1260.983313] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1260.984087] RIP: 0033:0x7fd4717f2b19 [ 1260.984655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1260.987429] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1260.988571] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1260.989650] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1260.990714] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1260.991791] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1260.992862] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:44:48 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xfffff000, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:44:48 executing program 0: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400000000ffff00000000000000000007"], 0x14}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x46400, 0x0) finit_module(r1, &(0x7f00000002c0)='\x00', 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) r2 = io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) dup2(r2, r0) ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, &(0x7f0000000380)={'ip6_vti0\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x4, 0x3, 0x0, 0x7ef3, 0x70, @private1, @local, 0x20, 0x8000, 0x1ff, 0xbf7}}) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x50, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x1, 0x1}}}}, [@NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0xe4}, @NL80211_ATTR_STA_PLINK_STATE={0x5}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x3}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x1f}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5}, @NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x3}]}, 0x50}, 0x1, 0x0, 0x0, 0x48854}, 0x0) ioctl$TUNSETLINK(r0, 0x400454cd, 0x308) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14) r3 = dup3(r1, r2, 0x0) ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000300)={'nr0\x00'}) socket$inet6_udp(0xa, 0x2, 0x0) r4 = socket$inet(0x2, 0xa, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x100000001}, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r4, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) 03:44:48 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 54) 03:44:48 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x20000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:44:48 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1278.256304] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:44:48 executing program 7: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffff, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0xa) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0000008d60ccddc073134ba9a1b4791e987cbec17aefa550ab219351b25a30ebd3ed5d89122b1a4c4a6fa88c85c86eda9e84c7e8bc8569d5a9e40200000000000000f6f95138c527fc0dfa6d8005f39145c7ecbb9f31073e3d95bc3cc05ff8f33947f6f77a8c065b5f6c3c299a355a0c2299dd50f62c86441e804dac2725816390cdd6cc669c3ebf8d7cbfd73ffbf3d8f36a200d87f9a57178699eee95837463b696572b", @ANYRES16=r1], 0x2c}}, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000080)=0x1000) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1}, 0x1b) syncfs(r2) creat(&(0x7f0000000040)='./file0\x00', 0x0) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) fallocate(r3, 0x8, 0x0, 0x8000) write$9p(r3, &(0x7f00000000c0)="0fb865562069ab2f32beb83e263962827b00d7d8b791e504b65c5ed26e6688d67a9796c1aedca0de65d21b4796fd1b3df0ccedf9739e29f6b965de85433255da7945b7a842ba5fa3dbe88cd26fc9b1b807bc2d59e5a9f2c2bdaccdb839190141ba0151232669cb02b3b076251c024d73f501a54d959dac7cdb3fc324ab47f2a3e1ef12691eac5cab96860e948ea4", 0x8e) r4 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/packet\x00') dup3(r5, r4, 0x0) getsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f00000003c0), &(0x7f0000000400)=0x4) r6 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r3, 0x80286722, &(0x7f0000000000)={&(0x7f00000002c0)=""/228, 0xe4, 0x0, 0x66}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x20, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0xffffffffffff7fff, 0x1002, 0x0, 0x7, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syncfs(r6) 03:44:48 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, 0x0) 03:44:48 executing program 1: fchmod(0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1278.284512] device veth0_vlan entered promiscuous mode [ 1278.292953] FAULT_INJECTION: forcing a failure. [ 1278.292953] name failslab, interval 1, probability 0, space 0, times 0 [ 1278.295554] CPU: 1 PID: 9255 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1278.297077] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1278.298918] Call Trace: [ 1278.299501] dump_stack+0x107/0x167 [ 1278.300322] should_fail.cold+0x5/0xa [ 1278.301171] ? create_object.isra.0+0x3a/0xa20 [ 1278.302216] should_failslab+0x5/0x20 [ 1278.303059] kmem_cache_alloc+0x5b/0x310 [ 1278.303981] ? mark_held_locks+0x9e/0xe0 [ 1278.304882] create_object.isra.0+0x3a/0xa20 [ 1278.305891] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1278.307040] kmem_cache_alloc+0x159/0x310 [ 1278.307969] xas_alloc+0x336/0x440 [ 1278.308774] xas_create+0x34a/0x10d0 [ 1278.309622] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1278.310802] xas_store+0x8c/0x1c40 [ 1278.311605] __xa_store+0x164/0x2d0 [ 1278.312427] ? xa_delete_node+0x280/0x280 [ 1278.313374] ? trace_hardirqs_on+0x5b/0x180 [ 1278.314348] xa_store+0x31/0x50 [ 1278.315108] __io_uring_add_tctx_node+0x1cf/0x520 [ 1278.316217] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1278.317415] ? __alloc_fd+0x2b8/0x630 [ 1278.318308] io_uring_setup+0x2018/0x2a40 [ 1278.319263] ? wait_for_completion_io+0x270/0x270 [ 1278.320368] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1278.321557] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1278.322763] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1278.323946] do_syscall_64+0x33/0x40 [ 1278.324803] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1278.325979] RIP: 0033:0x7fd4717f2b19 [ 1278.326828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1278.331034] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1278.332763] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1278.334393] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1278.336021] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1278.337651] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1278.339249] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:44:48 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xffffff7f, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:44:48 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1278.397572] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:44:48 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1278.444339] device veth0_vlan entered promiscuous mode 03:44:48 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2e000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:44:48 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x3000000, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:45:06 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xffffff9e, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:45:06 executing program 0: mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(r0, &(0x7f0000000280)=ANY=[], 0xfdef) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r3, r2, 0x800, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) sendto(r3, &(0x7f00000004c0)="991bde66649a54f93fd78c6d226e98ca9c3070833818d2d47dce7c59b7346ffa14e55aec95422441b6ba8eaa08f2cdb11df4a5fc4c3106991f9230e5bb813f22b1c17ce966a0bb530f125426389c602f3fbfc3ad01c655b06870ff660e87bf3b1a8bff804250b3fcb57a530f87a1ecddd002d5b7b1f675c986d13f82476430f5dcb537760e6cbe19d274c7584badf431c6ddbe63ca6607f56c921cc434aec149560302cd660fe8ee6b2d3f91ce746432820eff952bb90f2ed39d7c94f799aea6d55c0b", 0xc3, 0x4, 0x0, 0x0) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000140)={0x0, {}, 0x0, {}, 0x0, 0x1, 0x0, 0x0, "4fa2f8201eed6e500c32342a227989f18a88ab65bad4c23a441d66f462f1df77bc777d160562da8c50431b2a204f36c6ed27b00215909d75417aa68c9029c5fd", "176764fe8c2ff71a1633d53dafbecd823af97cf5831be9a6fed5449e9f77dd92"}) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r5, r4, 0x800, 0x0) perf_event_open(&(0x7f0000000280)={0x5, 0x80, 0x35, 0x7, 0x20, 0xee, 0x0, 0x200, 0x112084, 0x8, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7fffffff, 0x2, @perf_bp={&(0x7f00000000c0), 0xe}, 0x820, 0x7fff, 0xfe25, 0x5, 0x1000000081, 0x1800, 0x9, 0x0, 0x5, 0x0, 0x6}, 0x0, 0xb, r4, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x81, 0x80000001}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="644c73616c6c2880c4f7dc2a51c92198cca4076415e642451be4009f80dfce17a6fa19902644a47dccf840db7e454e8df380489bdbb151a6de5180261747d0f7f43a4b988f24f2838e91c94614c5086b21805705a1792e3e2a602394f687c71a97a79e5c849a4838512f14680596c84884a131afdecf6bd3ae0400000000000000dba322d901bf65f600a56fcea87570a0716e7ec289554f16141104dbcffbd1ba60fd56fd7bed87923d41bd7f0e660dcfa82851c1425015136d33a63010e479dff06cb30500000086cd5a45665f2a6bd0431c7bac5d41b59a1209939fc3f375fa69a8a1eb8613ba00"/249]) [ 1295.693301] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:45:06 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, 0x0) 03:45:06 executing program 1: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:45:06 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 55) 03:45:06 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2f000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:45:06 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:45:06 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}, {0x0}], 0x2}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) syz_io_uring_setup(0x3c8c, &(0x7f0000000040)={0x0, 0xfffffffd, 0x8, 0x8000000, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)) pipe2(&(0x7f00000000c0), 0x0) ftruncate(0xffffffffffffffff, 0x1000004) socketpair$unix(0x1, 0x0, 0x0, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r8, r7, 0x800, 0x0) sendmsg$unix(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000080)}, {&(0x7f0000000180)="0baf5a51c4d7e066af989dcf010acf14bc1c4f54ed66912161b288e3e40c9dc2449c0008047cdd109e98378648e78a4a7515e659b044e64431afb4ac72c6596f4c6a6e126d749b70d221d15b74", 0x4d}, {&(0x7f0000000480)="c59f56354d0781c76db0682c38fbdf32c06d369f65fef88ab32f97eedd816a12e129136d03471e3ffccde3c0045c099ac3f9c1134f22ade8fee32283112461177b3226894d1907c8db26d144302551f5a00c693d68a7fbf1a8cb050b9619ef7d38f568c2a8c25a51d8d4e277194d2ec601bc4611bdabe05e4570e694b8b3d746b0919d11dcad391334a5f15649ef24990fea0f411921c1a168bcb4a050c9e40dfdc2550539c0e23e76949fac862bdf675f", 0xb1}], 0x3, 0x0, 0x0, 0x8000}, 0x8080) io_uring_enter(r0, 0x58ab, 0x0, 0x3, 0x0, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r9) [ 1295.751391] FAULT_INJECTION: forcing a failure. [ 1295.751391] name failslab, interval 1, probability 0, space 0, times 0 [ 1295.753627] CPU: 0 PID: 9392 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1295.754954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1295.756541] Call Trace: [ 1295.757056] dump_stack+0x107/0x167 [ 1295.757766] should_fail.cold+0x5/0xa [ 1295.758508] ? xas_alloc+0x336/0x440 [ 1295.759231] should_failslab+0x5/0x20 [ 1295.759979] kmem_cache_alloc+0x5b/0x310 [ 1295.760762] xas_alloc+0x336/0x440 [ 1295.761462] xas_create+0x34a/0x10d0 [ 1295.762206] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1295.763222] xas_store+0x8c/0x1c40 [ 1295.763913] __xa_store+0x164/0x2d0 [ 1295.764597] ? xa_delete_node+0x280/0x280 [ 1295.765398] ? trace_hardirqs_on+0x5b/0x180 [ 1295.766225] xa_store+0x31/0x50 [ 1295.766861] __io_uring_add_tctx_node+0x1cf/0x520 [ 1295.767772] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1295.768757] ? __alloc_fd+0x2b8/0x630 [ 1295.769511] io_uring_setup+0x2018/0x2a40 [ 1295.770298] ? wait_for_completion_io+0x270/0x270 [ 1295.771207] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1295.772189] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1295.773180] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1295.774186] do_syscall_64+0x33/0x40 [ 1295.774894] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1295.775862] RIP: 0033:0x7fd4717f2b19 [ 1295.776566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1295.780127] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1295.781629] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1295.782973] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1295.784356] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1295.785707] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1295.787111] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:45:06 executing program 1: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:45:06 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0xa000000, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:45:06 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xfffffff0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:45:06 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 56) 03:45:06 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x30000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:45:06 executing program 1: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1295.938803] EXT4-fs (loop0): Unrecognized mount option "dLsall(€Ä÷Ü*QÉ!˜Ì¤dæBEä" or missing value [ 1295.961038] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:45:06 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, 0x0) 03:45:06 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x18000000, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1295.987020] FAULT_INJECTION: forcing a failure. [ 1295.987020] name failslab, interval 1, probability 0, space 0, times 0 [ 1295.988931] CPU: 0 PID: 9514 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1295.990096] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1295.991507] Call Trace: [ 1295.991957] dump_stack+0x107/0x167 [ 1295.992584] should_fail.cold+0x5/0xa [ 1295.993235] ? create_object.isra.0+0x3a/0xa20 [ 1295.994033] should_failslab+0x5/0x20 [ 1295.994680] kmem_cache_alloc+0x5b/0x310 [ 1295.995379] ? mark_held_locks+0x9e/0xe0 [ 1295.996067] create_object.isra.0+0x3a/0xa20 [ 1295.996813] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1295.997650] kmem_cache_alloc+0x159/0x310 [ 1295.998359] xas_alloc+0x336/0x440 [ 1295.998964] xas_create+0x34a/0x10d0 [ 1295.999585] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1296.000469] xas_store+0x8c/0x1c40 [ 1296.001080] __xa_store+0x164/0x2d0 [ 1296.001701] ? xa_delete_node+0x280/0x280 [ 1296.002405] ? trace_hardirqs_on+0x5b/0x180 [ 1296.003138] xa_store+0x31/0x50 [ 1296.003693] __io_uring_add_tctx_node+0x1cf/0x520 [ 1296.004511] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1296.005396] ? __alloc_fd+0x2b8/0x630 [ 1296.006059] io_uring_setup+0x2018/0x2a40 [ 1296.006764] ? wait_for_completion_io+0x270/0x270 [ 1296.007581] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1296.008447] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1296.009322] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1296.010193] do_syscall_64+0x33/0x40 [ 1296.010823] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1296.011681] RIP: 0033:0x7fd4717f2b19 [ 1296.012306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1296.015367] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1296.016646] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1296.017842] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1296.019034] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1296.020223] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1296.021408] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:45:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0xffffffff, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:45:22 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 57) 03:45:22 executing program 7: perf_event_open(&(0x7f0000001d80)={0x2, 0xbf, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa93}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x682102, 0x124) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) syz_open_dev$usbmon(&(0x7f00000000c0), 0x5, 0x200000) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, r1, {0xee00, 0xffffffffffffffff}}, './file0\x00'}) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) sendfile(r2, r3, 0x0, 0x9) 03:45:22 executing program 0: mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(r0, &(0x7f0000000280)=ANY=[], 0xfdef) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r3, r2, 0x800, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) sendto(r3, &(0x7f00000004c0)="991bde66649a54f93fd78c6d226e98ca9c3070833818d2d47dce7c59b7346ffa14e55aec95422441b6ba8eaa08f2cdb11df4a5fc4c3106991f9230e5bb813f22b1c17ce966a0bb530f125426389c602f3fbfc3ad01c655b06870ff660e87bf3b1a8bff804250b3fcb57a530f87a1ecddd002d5b7b1f675c986d13f82476430f5dcb537760e6cbe19d274c7584badf431c6ddbe63ca6607f56c921cc434aec149560302cd660fe8ee6b2d3f91ce746432820eff952bb90f2ed39d7c94f799aea6d55c0b", 0xc3, 0x4, 0x0, 0x0) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000140)={0x0, {}, 0x0, {}, 0x0, 0x1, 0x0, 0x0, "4fa2f8201eed6e500c32342a227989f18a88ab65bad4c23a441d66f462f1df77bc777d160562da8c50431b2a204f36c6ed27b00215909d75417aa68c9029c5fd", "176764fe8c2ff71a1633d53dafbecd823af97cf5831be9a6fed5449e9f77dd92"}) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r5, r4, 0x800, 0x0) perf_event_open(&(0x7f0000000280)={0x5, 0x80, 0x35, 0x7, 0x20, 0xee, 0x0, 0x200, 0x112084, 0x8, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7fffffff, 0x2, @perf_bp={&(0x7f00000000c0), 0xe}, 0x820, 0x7fff, 0xfe25, 0x5, 0x1000000081, 0x1800, 0x9, 0x0, 0x5, 0x0, 0x6}, 0x0, 0xb, r4, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x81, 0x80000001}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="644c73616c6c2880c4f7dc2a51c92198cca4076415e642451be4009f80dfce17a6fa19902644a47dccf840db7e454e8df380489bdbb151a6de5180261747d0f7f43a4b988f24f2838e91c94614c5086b21805705a1792e3e2a602394f687c71a97a79e5c849a4838512f14680596c84884a131afdecf6bd3ae0400000000000000dba322d901bf65f600a56fcea87570a0716e7ec289554f16141104dbcffbd1ba60fd56fd7bed87923d41bd7f0e660dcfa82851c1425015136d33a63010e479dff06cb30500000086cd5a45665f2a6bd0431c7bac5d41b59a1209939fc3f375fa69a8a1eb8613ba00"/249]) 03:45:22 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) 03:45:22 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)) 03:45:22 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x33000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:45:22 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0xf5ffffff, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1312.104944] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1312.114372] FAULT_INJECTION: forcing a failure. [ 1312.114372] name failslab, interval 1, probability 0, space 0, times 0 [ 1312.116764] CPU: 1 PID: 9539 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1312.118120] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1312.119788] Call Trace: [ 1312.120336] dump_stack+0x107/0x167 [ 1312.121079] should_fail.cold+0x5/0xa [ 1312.121857] ? xas_alloc+0x336/0x440 [ 1312.122615] should_failslab+0x5/0x20 [ 1312.123382] kmem_cache_alloc+0x5b/0x310 [ 1312.124225] xas_alloc+0x336/0x440 [ 1312.124930] xas_create+0x34a/0x10d0 [ 1312.125716] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1312.126771] xas_store+0x8c/0x1c40 [ 1312.127497] __xa_store+0x164/0x2d0 [ 1312.128223] ? xa_delete_node+0x280/0x280 [ 1312.129083] ? trace_hardirqs_on+0x5b/0x180 [ 1312.129962] xa_store+0x31/0x50 [ 1312.130636] __io_uring_add_tctx_node+0x1cf/0x520 [ 1312.131650] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1312.132710] ? __alloc_fd+0x2b8/0x630 [ 1312.133476] io_uring_setup+0x2018/0x2a40 [ 1312.134340] ? wait_for_completion_io+0x270/0x270 [ 1312.135304] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1312.136360] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1312.137401] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1312.138446] do_syscall_64+0x33/0x40 [ 1312.139192] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1312.140207] RIP: 0033:0x7fd4717f2b19 [ 1312.140952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1312.144628] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1312.146153] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1312.147570] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1312.148978] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1312.150411] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1312.151825] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:45:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:45:22 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) 03:45:22 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0xfeffffff, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1312.205058] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:45:22 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x3a000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:45:22 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x2, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1312.302290] EXT4-fs (loop0): Unrecognized mount option "dLsall(€Ä÷Ü*QÉ!˜Ì¤dæBEä" or missing value 03:45:22 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) 03:45:22 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)) 03:45:22 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 58) [ 1312.362949] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:45:22 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0xffff8000, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:45:22 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) [ 1312.445649] FAULT_INJECTION: forcing a failure. [ 1312.445649] name failslab, interval 1, probability 0, space 0, times 0 [ 1312.448036] CPU: 0 PID: 9666 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1312.449452] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1312.451141] Call Trace: [ 1312.451691] dump_stack+0x107/0x167 [ 1312.452432] should_fail.cold+0x5/0xa [ 1312.453197] ? create_object.isra.0+0x3a/0xa20 [ 1312.454150] should_failslab+0x5/0x20 [ 1312.454944] kmem_cache_alloc+0x5b/0x310 [ 1312.455795] ? mark_held_locks+0x9e/0xe0 [ 1312.456670] create_object.isra.0+0x3a/0xa20 [ 1312.457540] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1312.458593] kmem_cache_alloc+0x159/0x310 [ 1312.459430] xas_alloc+0x336/0x440 [ 1312.460156] xas_create+0x34a/0x10d0 [ 1312.460915] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1312.461987] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1312.463064] xas_store+0x8c/0x1c40 [ 1312.463818] ? lock_acquire+0x1b9/0x470 [ 1312.464638] __xa_store+0x164/0x2d0 [ 1312.465402] ? xa_delete_node+0x280/0x280 [ 1312.466268] ? trace_hardirqs_on+0x5b/0x180 [ 1312.467200] xa_store+0x31/0x50 [ 1312.467858] __io_uring_add_tctx_node+0x1cf/0x520 [ 1312.468860] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1312.469946] ? __alloc_fd+0x2b8/0x630 [ 1312.470747] io_uring_setup+0x2018/0x2a40 [ 1312.471570] ? wait_for_completion_io+0x270/0x270 [ 1312.472576] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1312.473648] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1312.474694] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1312.475771] do_syscall_64+0x33/0x40 [ 1312.476512] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1312.477586] RIP: 0033:0x7fd4717f2b19 [ 1312.478354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1312.482144] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1312.483733] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1312.485229] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1312.486727] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1312.488225] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1312.489712] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:45:43 executing program 0: mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(r0, &(0x7f0000000280)=ANY=[], 0xfdef) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r3, r2, 0x800, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) sendto(r3, &(0x7f00000004c0)="991bde66649a54f93fd78c6d226e98ca9c3070833818d2d47dce7c59b7346ffa14e55aec95422441b6ba8eaa08f2cdb11df4a5fc4c3106991f9230e5bb813f22b1c17ce966a0bb530f125426389c602f3fbfc3ad01c655b06870ff660e87bf3b1a8bff804250b3fcb57a530f87a1ecddd002d5b7b1f675c986d13f82476430f5dcb537760e6cbe19d274c7584badf431c6ddbe63ca6607f56c921cc434aec149560302cd660fe8ee6b2d3f91ce746432820eff952bb90f2ed39d7c94f799aea6d55c0b", 0xc3, 0x4, 0x0, 0x0) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000140)={0x0, {}, 0x0, {}, 0x0, 0x1, 0x0, 0x0, "4fa2f8201eed6e500c32342a227989f18a88ab65bad4c23a441d66f462f1df77bc777d160562da8c50431b2a204f36c6ed27b00215909d75417aa68c9029c5fd", "176764fe8c2ff71a1633d53dafbecd823af97cf5831be9a6fed5449e9f77dd92"}) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r5, r4, 0x800, 0x0) perf_event_open(&(0x7f0000000280)={0x5, 0x80, 0x35, 0x7, 0x20, 0xee, 0x0, 0x200, 0x112084, 0x8, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7fffffff, 0x2, @perf_bp={&(0x7f00000000c0), 0xe}, 0x820, 0x7fff, 0xfe25, 0x5, 0x1000000081, 0x1800, 0x9, 0x0, 0x5, 0x0, 0x6}, 0x0, 0xb, r4, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x81, 0x80000001}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="644c73616c6c2880c4f7dc2a51c92198cca4076415e642451be4009f80dfce17a6fa19902644a47dccf840db7e454e8df380489bdbb151a6de5180261747d0f7f43a4b988f24f2838e91c94614c5086b21805705a1792e3e2a602394f687c71a97a79e5c849a4838512f14680596c84884a131afdecf6bd3ae0400000000000000dba322d901bf65f600a56fcea87570a0716e7ec289554f16141104dbcffbd1ba60fd56fd7bed87923d41bd7f0e660dcfa82851c1425015136d33a63010e479dff06cb30500000086cd5a45665f2a6bd0431c7bac5d41b59a1209939fc3f375fa69a8a1eb8613ba00"/249]) 03:45:43 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x3, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:45:43 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x42000000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:45:43 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0xfffffff5, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:45:43 executing program 7: ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f00000000c0)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(0xffffffffffffffff, 0x40189429, &(0x7f0000000080)={0x0, 0x5, 0x2}) r0 = io_uring_setup(0xd54, &(0x7f0000000bc0)) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000d00)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, 0x0, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, 0x0, 0x4801) creat(&(0x7f0000000040)='./file0\x00', 0x0) open_by_handle_at(0xffffffffffffffff, 0x0, 0x0) pipe(0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000180), 0x4) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0x5, 0x3, 0x40, 0xee, 0x0, 0x4, 0x2c100, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0xfffffff8, 0x2, @perf_config_ext={0x200, 0x400}, 0x820, 0x5, 0x9, 0xb, 0x2, 0x78, 0x0, 0x0, 0x80000000, 0x0, 0x80000001}, 0x0, 0xc, 0xffffffffffffffff, 0x8) setsockopt$inet6_tcp_int(r1, 0x6, 0x22, &(0x7f0000000280)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000b00)={@in={{0x2, 0x4e20, @multicast1}}, 0x0, 0x0, 0x23, 0x0, "91e05f77921609657a90c5b172eb47bfda35bff8788568b642bcea87a9be8237d130f84d84cf2c4771e1577906db7d0a3950d134e7dd5364f81a0dbb613cf332bb280e8e4d1ffc0d10e3d55e172d5235"}, 0xd8) creat(&(0x7f0000000040)='./file0\x00', 0x0) 03:45:43 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) 03:45:43 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 59) 03:45:43 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)) [ 1332.892958] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1332.910632] FAULT_INJECTION: forcing a failure. [ 1332.910632] name failslab, interval 1, probability 0, space 0, times 0 [ 1332.913005] CPU: 1 PID: 9779 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1332.914384] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1332.916108] Call Trace: [ 1332.916700] dump_stack+0x107/0x167 [ 1332.917520] should_fail.cold+0x5/0xa [ 1332.918377] ? xas_alloc+0x336/0x440 [ 1332.919214] should_failslab+0x5/0x20 [ 1332.920062] kmem_cache_alloc+0x5b/0x310 [ 1332.920974] xas_alloc+0x336/0x440 [ 1332.921771] xas_create+0x34a/0x10d0 [ 1332.922626] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1332.923795] xas_store+0x8c/0x1c40 [ 1332.924606] __xa_store+0x164/0x2d0 [ 1332.925422] ? xa_delete_node+0x280/0x280 [ 1332.926390] ? trace_hardirqs_on+0x5b/0x180 [ 1332.927363] xa_store+0x31/0x50 [ 1332.928125] __io_uring_add_tctx_node+0x1cf/0x520 [ 1332.929200] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1332.930385] ? __alloc_fd+0x2b8/0x630 [ 1332.931251] io_uring_setup+0x2018/0x2a40 [ 1332.932193] ? wait_for_completion_io+0x270/0x270 [ 1332.933269] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1332.934450] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1332.935608] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1332.936764] do_syscall_64+0x33/0x40 [ 1332.937596] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1332.938743] RIP: 0033:0x7fd4717f2b19 [ 1332.939572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1332.943662] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1332.945345] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1332.946938] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1332.948515] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1332.950115] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1332.951697] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:45:43 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) 03:45:43 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x4, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1332.985408] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:45:43 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:45:43 executing program 7: r0 = accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f00000000c0), 0x0) getpeername$inet6(r0, &(0x7f0000000180), &(0x7f00000001c0)=0x1c) mount$9p_unix(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x20004, &(0x7f0000000500)=ANY=[@ANYRESHEX, @ANYBLOB=',obj_type=&&,uid<', @ANYRESDEC, @ANYBLOB="a2e2b598bcecd58121713ef707"]) r1 = mq_open(&(0x7f00000003c0)='ext4\x00', 0x40, 0x21, &(0x7f0000000400)={0x6, 0x7, 0x80000001, 0x9}) close_range(r1, r0, 0x2) r2 = perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) signalfd(r2, &(0x7f0000000380)={[0x2]}, 0x8) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, 0x0) r3 = syz_open_dev$vcsu(&(0x7f0000000200), 0xbb9, 0x204040) recvfrom(r3, &(0x7f0000000240)=""/93, 0x5d, 0x0, &(0x7f0000000300)=@llc={0x1a, 0x30d, 0x0, 0x40, 0x0, 0x3f}, 0x80) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_QGROUP_LIMIT(0xffffffffffffffff, 0x8030942b, &(0x7f0000000a80)={0x1f, {0x0, 0x20, 0x8, 0x800, 0x2cd9}}) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x1) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6432addcb7d5c4151500"]) 03:45:43 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:45:43 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0) 03:45:43 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x5, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:45:43 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xf5ffffff, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1333.077603] EXT4-fs (loop7): Unrecognized mount option "d2­Ü·ÕÄ" or missing value [ 1333.105564] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1333.133227] EXT4-fs (loop0): Unrecognized mount option "dLsall(€Ä÷Ü*QÉ!˜Ì¤dæBEä" or missing value 03:45:59 executing program 0: mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(r0, &(0x7f0000000280)=ANY=[], 0xfdef) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r3, r2, 0x800, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) sendto(r3, &(0x7f00000004c0)="991bde66649a54f93fd78c6d226e98ca9c3070833818d2d47dce7c59b7346ffa14e55aec95422441b6ba8eaa08f2cdb11df4a5fc4c3106991f9230e5bb813f22b1c17ce966a0bb530f125426389c602f3fbfc3ad01c655b06870ff660e87bf3b1a8bff804250b3fcb57a530f87a1ecddd002d5b7b1f675c986d13f82476430f5dcb537760e6cbe19d274c7584badf431c6ddbe63ca6607f56c921cc434aec149560302cd660fe8ee6b2d3f91ce746432820eff952bb90f2ed39d7c94f799aea6d55c0b", 0xc3, 0x4, 0x0, 0x0) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000140)={0x0, {}, 0x0, {}, 0x0, 0x1, 0x0, 0x0, "4fa2f8201eed6e500c32342a227989f18a88ab65bad4c23a441d66f462f1df77bc777d160562da8c50431b2a204f36c6ed27b00215909d75417aa68c9029c5fd", "176764fe8c2ff71a1633d53dafbecd823af97cf5831be9a6fed5449e9f77dd92"}) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r5, r4, 0x800, 0x0) perf_event_open(&(0x7f0000000280)={0x5, 0x80, 0x35, 0x7, 0x20, 0xee, 0x0, 0x200, 0x112084, 0x8, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7fffffff, 0x2, @perf_bp={&(0x7f00000000c0), 0xe}, 0x820, 0x7fff, 0xfe25, 0x5, 0x1000000081, 0x1800, 0x9, 0x0, 0x5, 0x0, 0x6}, 0x0, 0xb, r4, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x81, 0x80000001}, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="644c73616c6c2880c4f7dc2a51c92198cca4076415e642451be4009f80dfce17a6fa19902644a47dccf840db7e454e8df380489bdbb151a6de5180261747d0f7f43a4b988f24f2838e91c94614c5086b21805705a1792e3e2a602394f687c71a97a79e5c849a4838512f14680596c84884a131afdecf6bd3ae0400000000000000dba322d901bf65f600a56fcea87570a0716e7ec289554f16141104dbcffbd1ba60fd56fd7bed87923d41bd7f0e660dcfa82851c1425015136d33a63010e479dff06cb30500000086cd5a45665f2a6bd0431c7bac5d41b59a1209939fc3f375fa69a8a1eb8613ba00"/249]) 03:45:59 executing program 7: r0 = syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x40002, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000d5f4655fd5f4655f0100ffff53ef010001000000d4f4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000000380)="000000000000000000426b81ed0900ac5d6d8d66d52a0c010000e40b0974ca6a3a", 0x21, 0x4e0}, {&(0x7f00000000c0)="020000000300000004", 0x9}, {&(0x7f0000000040)="ed41000000100000d4f4655fd5f4655fd5f4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f0000013a00)) mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0x100) chdir(&(0x7f0000000140)='./file0\x00') 03:45:59 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:45:59 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xfeffffff, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:45:59 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 60) 03:45:59 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0) 03:45:59 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) (fail_nth: 1) 03:45:59 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x6, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1348.967160] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1348.995870] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 1349.013835] EXT4-fs (loop7): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1349.015870] EXT4-fs (loop7): group descriptors corrupted! 03:45:59 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x7, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:45:59 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0) [ 1349.026024] FAULT_INJECTION: forcing a failure. [ 1349.026024] name failslab, interval 1, probability 0, space 0, times 0 [ 1349.028390] CPU: 1 PID: 9943 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1349.029784] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1349.031451] Call Trace: [ 1349.031997] dump_stack+0x107/0x167 [ 1349.032743] should_fail.cold+0x5/0xa [ 1349.033535] ? ___slab_alloc+0x155/0x700 [ 1349.034377] ? create_object.isra.0+0x3a/0xa20 [ 1349.035310] should_failslab+0x5/0x20 [ 1349.036082] kmem_cache_alloc+0x5b/0x310 [ 1349.036900] create_object.isra.0+0x3a/0xa20 [ 1349.037801] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1349.038861] kmem_cache_alloc+0x159/0x310 [ 1349.039718] xas_alloc+0x336/0x440 [ 1349.040453] xas_create+0x34a/0x10d0 [ 1349.041233] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1349.042318] xas_store+0x8c/0x1c40 [ 1349.043070] __xa_store+0x164/0x2d0 [ 1349.043814] ? xa_delete_node+0x280/0x280 [ 1349.044668] ? trace_hardirqs_on+0x5b/0x180 [ 1349.045557] xa_store+0x31/0x50 [ 1349.046251] __io_uring_add_tctx_node+0x1cf/0x520 [ 1349.047242] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1349.048310] ? __alloc_fd+0x2b8/0x630 [ 1349.049099] io_uring_setup+0x2018/0x2a40 [ 1349.049954] ? wait_for_completion_io+0x270/0x270 [ 1349.050949] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1349.052016] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1349.053090] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1349.054148] do_syscall_64+0x33/0x40 [ 1349.054923] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1349.055972] RIP: 0033:0x7fd4717f2b19 [ 1349.056737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1349.060495] RSP: 002b:00007fd46ed47108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1349.062055] RAX: ffffffffffffffda RBX: 00007fd471906020 RCX: 00007fd4717f2b19 [ 1349.063516] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1349.064972] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1349.066447] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1349.067901] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 1349.076139] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:45:59 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1349.230264] EXT4-fs (loop0): Unrecognized mount option "dLsall(€Ä÷Ü*QÉ!˜Ì¤dæBEä" or missing value 03:46:15 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xffff8000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:46:15 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x0, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:46:15 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, 0x0, 0x4000) ftruncate(r0, 0x1000003) dup2(r0, r1) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) fsetxattr$security_capability(r0, &(0x7f0000000040), &(0x7f0000000080)=@v2, 0x14, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000100)={0x4, 0x65, 0x4, 0x3, 0x1f}) open(&(0x7f00000000c0)='./file0\x00', 0x2e142, 0x0) r3 = syz_open_dev$vcsa(&(0x7f0000000140), 0x80000001, 0x212801) r4 = syz_io_uring_setup(0x21, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180), &(0x7f0000002a40)) r5 = eventfd(0x0) io_uring_register$IORING_REGISTER_EVENTFD(r4, 0x4, &(0x7f0000000140)=r5, 0x1) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r5, @ANYBLOB="00000000000000002e2f66696f9a5d07"]) write$binfmt_elf64(r5, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x4, 0x1, 0x2e, 0x7, 0x2, 0x6, 0x38a5751c, 0x16a, 0x40, 0x205, 0x3ff, 0x4, 0x38, 0x2, 0x4, 0x4, 0x5}, [{0x70000000, 0xffff0000, 0xfffffffffffffffd, 0x262, 0x1c8, 0x6, 0x7bc551e6, 0x3}, {0x2, 0xffffffc1, 0x100000000, 0x1, 0x80000000, 0x86d5, 0x9, 0x7}], "107cb2be78a7d30522a0208d1f24600e60b43c077471005dabc0cd74cdce7929c396ed44f02facbc0c0fb7ef297bc2626634724bf121d69e95fd9663f8786c6bb2e49af0e6fd7cbf8a35cf3ddfe5db40aac36c89e83d16695111a577853c814d0c558ad5f327ae2bebbc755f17431bdec141887707bfba6a", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x728) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0xc0709411, &(0x7f0000000180)=ANY=[@ANYRES64=0x0, @ANYBLOB="000000000000000007000000000000000800000000000000000000000000000000000000000000000000000000000000190c000000800000000000000000000000000043820000000000000000000000010000000000000006000000000000001800"/128]) lseek(r3, 0x10001, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x44a02, 0x0, 0x0, 0x7, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_script(r1, &(0x7f0000000300)={'#! ', './file0', [], 0xd}, 0xb) 03:46:15 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 61) 03:46:15 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r0, &(0x7f0000000080)=[{{&(0x7f0000000000)={0x2, 0x4e20, @local}, 0xfffffffffffffed4, 0x0, 0x0, 0x0, 0xfffffffffffffee7}}, {{&(0x7f0000001140)={0x2, 0x4e22, @broadcast}, 0x10, 0x0}}], 0x2, 0x4000800) r1 = socket$inet_udplite(0x2, 0x2, 0x88) connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e20, @empty}, 0x10) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) setsockopt$sock_timeval(r4, 0x1, 0x42, &(0x7f0000000140)={0x77359400}, 0x10) tee(r3, r2, 0x800, 0x0) setsockopt$inet_int(r2, 0x0, 0x31, &(0x7f0000000040), 0x4) 03:46:15 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:46:15 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:46:15 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x8, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1365.262585] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:46:15 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x0, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:46:15 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x9, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:46:15 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1365.307483] FAULT_INJECTION: forcing a failure. [ 1365.307483] name failslab, interval 1, probability 0, space 0, times 0 [ 1365.308768] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1365.309980] CPU: 0 PID: 10065 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1365.309995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1365.314304] Call Trace: [ 1365.314915] dump_stack+0x107/0x167 [ 1365.315729] should_fail.cold+0x5/0xa [ 1365.316562] ? xas_alloc+0x336/0x440 [ 1365.317388] should_failslab+0x5/0x20 [ 1365.318233] kmem_cache_alloc+0x5b/0x310 [ 1365.319144] xas_alloc+0x336/0x440 [ 1365.319931] xas_create+0x34a/0x10d0 [ 1365.320757] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1365.321923] xas_store+0x8c/0x1c40 [ 1365.322747] __xa_store+0x164/0x2d0 [ 1365.323557] ? xa_delete_node+0x280/0x280 [ 1365.324482] ? trace_hardirqs_on+0x5b/0x180 [ 1365.325444] xa_store+0x31/0x50 [ 1365.326183] __io_uring_add_tctx_node+0x1cf/0x520 [ 1365.327276] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1365.328415] ? __alloc_fd+0x2b8/0x630 [ 1365.329274] io_uring_setup+0x2018/0x2a40 [ 1365.330199] ? wait_for_completion_io+0x270/0x270 [ 1365.331278] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1365.332415] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1365.333572] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1365.334731] do_syscall_64+0x33/0x40 [ 1365.335558] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1365.336684] RIP: 0033:0x7fd4717f2b19 [ 1365.337541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1365.342199] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1365.344120] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1365.345925] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1365.347719] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1365.349504] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1365.351300] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 1365.365096] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:46:15 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xa, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:46:15 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xfffffff5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:46:15 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xf, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1365.430351] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:46:15 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x48, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:46:15 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 62) 03:46:15 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xfffffffe, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:46:15 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x0, 0x0, 0x0, {@in6=@private1={0xfc, 0x1, '\x00', 0x1}}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1365.506611] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:46:15 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000000c0)={'wpan0\x00', 0x0}) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES32=r1, @ANYBLOB="000226bd7000fbdbdf25070000000c0017000203aaaaaaaaaaaa08000300", @ANYRES32=r2, @ANYBLOB="0339db100c8864b8fd3af5bb38212a7ae8f00ee08a"], 0x28}, 0x1, 0x0, 0x0, 0x48084}, 0x40010) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000000), r5) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000006c0), 0xffffffffffffffff) [ 1365.550277] FAULT_INJECTION: forcing a failure. [ 1365.550277] name failslab, interval 1, probability 0, space 0, times 0 [ 1365.551560] CPU: 1 PID: 10170 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1365.552323] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1365.553235] Call Trace: [ 1365.553526] dump_stack+0x107/0x167 [ 1365.553935] should_fail.cold+0x5/0xa [ 1365.554365] ? create_object.isra.0+0x3a/0xa20 [ 1365.554887] should_failslab+0x5/0x20 [ 1365.555322] kmem_cache_alloc+0x5b/0x310 [ 1365.555771] ? mark_held_locks+0x9e/0xe0 [ 1365.556221] create_object.isra.0+0x3a/0xa20 [ 1365.556712] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1365.557279] kmem_cache_alloc+0x159/0x310 [ 1365.557755] xas_alloc+0x336/0x440 [ 1365.558148] xas_create+0x34a/0x10d0 [ 1365.558565] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1365.559140] xas_store+0x8c/0x1c40 [ 1365.559547] __xa_store+0x164/0x2d0 [ 1365.559961] ? xa_delete_node+0x280/0x280 [ 1365.560406] ? trace_hardirqs_on+0x5b/0x180 [ 1365.560894] xa_store+0x31/0x50 [ 1365.561248] __io_uring_add_tctx_node+0x1cf/0x520 [ 1365.561788] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1365.562354] ? __alloc_fd+0x2b8/0x630 [ 1365.562815] io_uring_setup+0x2018/0x2a40 [ 1365.563292] ? wait_for_completion_io+0x270/0x270 [ 1365.563836] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1365.564394] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1365.564978] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1365.565530] do_syscall_64+0x33/0x40 [ 1365.565952] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1365.566508] RIP: 0033:0x7fd4717f2b19 [ 1365.566932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1365.568888] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1365.569742] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1365.570561] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1365.571367] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1365.572186] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1365.572986] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:46:30 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) r1 = getpid() capset(&(0x7f00000000c0)={0x63a2cfe04880a321, r1}, &(0x7f0000000100)={0x2462, 0x8, 0x2, 0x101, 0x7fff, 0x1f}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000140)={0x0, 0x0}) capget(&(0x7f00000001c0)={0x20071026, r2}, &(0x7f0000000200)={0x6, 0x80000000, 0x7fff, 0x3, 0x5, 0x200}) 03:46:30 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x4c, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:46:30 executing program 7: setsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, 0x0, 0x0) getsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, &(0x7f00000010c0)=0x1f, &(0x7f0000001100)=0x2) r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter6\x00') pread64(r1, &(0x7f0000000080)=""/4095, 0xfff, 0x303) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter6\x00') r3 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', 0x0, 0x0, 0x7, &(0x7f0000000040)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b0000008000000018000000c20500002b02", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000e58ca12e13a240e2b1a22f8d07e8e55f010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="030000000400000005", 0x9, 0x800}, {0x0, 0x0, 0x1000000000c00}, {&(0x7f0000010d00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040020", 0x1d, 0x1480}, {&(0x7f0000012000)="504d4d00504d4dff", 0x8, 0x10000}], 0x0, &(0x7f0000001080)=ANY=[@ANYRESOCT, @ANYRESDEC=r1, @ANYRES16=r2, @ANYRES64]) r4 = getpgrp(0x0) ptrace(0x10, r4) kcmp(0x0, r4, 0x1, r0, r3) clone3(&(0x7f00000013c0)={0x80000000, &(0x7f0000001140), &(0x7f0000001180), &(0x7f00000011c0), {0x3c}, &(0x7f0000001200)=""/140, 0x8c, &(0x7f00000012c0)=""/147, &(0x7f0000001380)=[r4], 0x1, {r2}}, 0x58) fcntl$setown(0xffffffffffffffff, 0x8, r4) waitid(0x0, r4, 0x0, 0x8, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/cgroup.procs\x00', &(0x7f0000000180)={0x0, 0x0, 0x1}, 0x18) [ 1379.664205] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:46:30 executing program 0: syz_mount_image$vfat(0x0, 0x0, 0x0, 0xa, &(0x7f00000015c0)=[{&(0x7f0000000140)="d6", 0x1, 0x80000001}, {&(0x7f0000000080)=':&', 0x2, 0xffffffff}, {&(0x7f00000000c0)="9fc65a9b1d96264622ae81d2111093e92e97ce41c18f2ec74ac867a3e6224c0997f86ac08aaa078b2851594c791ac573f7f4ab8157caf60658c37001d326b45278d5c5435a66ce8c5398297beaacbb16f213d7850e877d", 0x57, 0x7}, {&(0x7f0000000180)="0b974c877ec43d8a9f8a6d00bc23036999d210e92a2deefc42085058c36210c8416661d0b789509c1a0bb70a7e8609ef80ef2b35fcba42106f615b1428c4b7e714f72ce2bdc9b387ef3d7ab5a17d0f102e9afca4ce1e7c2a843ea9c36512e83fcbcaab810a764d144a8465f3b4c4ebf484fea310185e215367676c46ec6815d332a7b1549f126277514dbd3df8d4159096ad7c05e3f97033030a7ae0c6b1e6b5f52c", 0xa2, 0x4}, {&(0x7f0000000540)="26027a389b102e239e6549698bd46020135a035271225e4b3533bf5e4e92c99c2018cf04f620f274a671f5c8781d2e628faef11c78a4cc68885df8a379d9246a1b2101a1aced89cce0921cb08d74966501ebc5c41c2a3b7202b346667c27abe77d84a45f01dcf2e445d2ad96b6871359e0aa452df8bf0673340a94d31a3d346d18f0ed8f188fea2d2a87f0d5ffc19563e693416c97fdfe901308453b56a254e99c496f19de50b23244e677e47dd03cb536c714bcefe8e6f5c5793ab0b0b15fdff71d48a0ebf33365b26b31bcfc0aed6b9537d84449daf1d50a032eb2b8eeec1d9e2778ac096b762ad93b6444360aa7062b30d16c9fcbaa170160a515ffd2c44b7d8c19d6ac442e25786415fee3558f5fe783232d9dc0865acb38297510875f57b3cb8069142b569647f1549809948e0e34d5569238759e3647954bfbc61c2b63b4915b8576574e4cd7aac142fb585ce3813cb24e140e28e06ba6edb8ce249bdd88af6d97d62cbd24a1998288270c56733245eb48452328fb7c3e3d6e21608e9e82310492a61284796b29b5152be4333ac6dc61ef623f443ca6004c342f669022b77fbcbd5643b8148327dfca49de1f966fd2e966d9815b4a7ecc653b21086fc723378338bf5882b905aea3689eadf368304fe1abb0b3359ac78323ba0c9825f8229fb55f4d395be1004000e9f5c85e4d78b34f3d63f07f6d56bcf82df7bdfae580e1d24f7baffa4514a62ec392295603f540f22bbeeb0ff9d0fa6f8c4cf8a014c4da37e819914585fedb50879664eec7c3fab8e97fe75dfe479c9167fb81e5dbcc71ce2aa7c80c4bb34c78456cfa2036de94580c6b2c4d7be5d267e571e93e83e5fc744e5e4332c746b410788d2e44ae378b02deba3478f25860f7d01bf1a9778b0249e2683898ce6d7107b58b4fc21d4d744e7c36737b0dd763cc2fef4f4f4f5cc87d0dddec0b24cfc3b0daa8c6cb910d7c43d8e791b6bac8ca8d5cf2f5c69c1a1431eb43cc66a11c2c621bc235624f7169647bf7c6ccb6c39982bea5d21b0c591ddef93b9be16021b759237ca2fb0c8c640b4d5c4bc96ee9467b578c49b2fb96e8cc2e8d1623c354cea176fe347331ac949dc13762a4bfbe4f56df74f1084d203ee0de1ff251c26502b66b963963354b9d1f81c20a6650892c8e087683828dee3ca7c154f5123739ace0c771a288110c9dde6df652e00dac5961781730459dc2f76b04509a52c6e0fbd14a3b004826060929110ee59dfdff6f2a21ffed86f87ab8f5160911cbc0e4acf90164a900dd4de1948158076fdf64b96dcdd2b7b277afa8f9c5d485c052b798a6c7874b33d18b0e16921c06cd76cbbd7b7ffe44a354417b141905a5b657544a53b5684968f8e2065c760e6bc8e2e05a9a837b51d3e48176fb0b8e7b4038e079afada2d90de1e8ba0d41397fd887606eeb88890cc4b38b4822629014604d95c911c535abe022cd804fa5afe961a18fb90ac27e6dfb966830cd5d1ab91baa6e61b7f48d685a399c01e99192548c184688bdc303bc3286d501fc6cba1dec6790891684d0d4d0fb403e790ab2d46368f332dad8856c8708f2deec5a1df097f5b4da1df3a16d333bdeb52329ef609423c14f871d42db150d013ef242a2536a9bd94ff7c186edb449f232a174fe670f125c7613f4834a85cc4e1b0b3c4a6453222bddfed9c7f3ed910c07b564f12201a6241e7e17b0c6ce19cd005d75d54fcd142bdb3509ad43f2dbdf435acf4e7e980eb84c1a6ea712c0f3fb2be9c5aea63a3554e71026d33e6e2058cff2327f0988179caca89ffdf22869a965c8ea2d44a3a84a1148944e559ed230cf2109f447cf2818232504bafb48fb36fe6b9272158a7ecdf2d5ccf8e0bd6d00ccabc423e770df44f01f5cc7a874b3577bfb242d73b5aed09fab3966ffc8beeae04f58b8848cd6ad0ce0a2ce82cf66e30c6d0721d597b73794a8d80df89d349d8fa024bcc1b055440bba91e5aabb5379bf93421b4123f92578ba1e56a51161ab20c0b44d09a3f3c868586d44087ba38699f3f569109e49be3d3d85970b5b916a2d89018e2a72ff7b8d55160a0d91b089770b06ff43e8e1a1f669b918f9ecd523f6116b5a734ccd8455fd35f6343b6d93d55a64e0193e7cbbb14e7e18a7ef0ed58fad41cd1d869eeec1b5e3de86b51dc95295c6b7405b40b0427430ea30c3b478c0f7e5f1fbba6f65c69047d8f2a9df4e45e927afab9e23726bd98e4d23f42a0192757afe3af86bd86876501dcbc43ee3fbd83a3f631f5058f49ec235d4895d6d64bc34a305fb161cbb2835462bb354070c43df6d19d2229fbfd2164eaea49ce733b21cf08377277141572645098f05646aedbbded86b1fb7fbff47fa3fe4585562502597a8596a82e23bbedb882be663a78d7ad23970347ddfec28421403bbe200a4a6c9cc79917b9816c3f11f144e705787a6f2261f26da9981f7833d486f65aca0fb669366aa312913ab952e06ed131539b4bfc50f261c7b168323ab7d2e9f354959cbf02c9bf2cea6d1c99d743e2ae1cbf7a62040b17ced9b7cd6cc17c1257eb786e9b8e6805f2e5a25f6b94991b4d535cd34be0fe54a9bcf3e8acbce8823a81437a547b957708cda80a00e16ef56eb582320386f4c52e98f498e8cec1d0ed52d5743c87bbbfd01939bb45e3e33c2364eea7847ad46276550778ae5fde323281638273d41ea45c5c38c1296a9db9b53c524327b01451a460e4f0702768fd2102f10a24eb8b00fd658c7ef6ff23bd350867d984c562a0a2e1ca2bda34716c7b20046ff5e101e405e81baab117be7c74f07c67b6184b026237124bb8f53b2de117b4468a27b6431942b66a23f91c12ff8efbc3c8a8d8c22eb476a50a690b10ed3c986bd63b8d88e75e95a8c9e4e04c8922bb36a6a39ebd930543ddd252ede6bb3e25a221820bc3ed203a58a677ca0383084b6cad19a8876c8e7721ee28e6c88c6419040818c933b48d0c672c638625d7e0df551e3c37408be0bf227901cec7f032c2541a7d75e0e07cc6dd044aab66fa39ce5979f082bfe71317dcb7813b7f3ba1b3fe533b6120cb8ad286933c54c280c4fc6e3c660b4551f5410af06c1ab6e10cdc35e2ae6daad91962b1bcb415a8baa4a6e74c29f11a4ad998d9b78cc609f90842a83936373e5326362cd70f74e230a926e5fd181afdd1374cf6850ae631a796bf749f389f5f27e4ab62d4b95b81dcbcc5a1dd4c1325f31db25a68697e624801e876496f50f6e5daa22f27c8cf3599b4e9cc02e9736b77a9d2b6f8f5a30046d39f57fe3fcb584f0f3465cf1739f36f259d580423ffa55c0c987e2d2d7e24dd92ceb4a317bcbb18a747ca125d0a182c17a005550a7a90f51cbf472f0f4d797a7d8d9e57e7fb643ae90d48f9cce46cd4bfbd2468258534ca984a239e705cf34262a859e7e1f685a589727361509c88d29884ffef51801aedcf737f438bce8f53d44f50d9c1dd1412f9ff51fc6f61796c634edfcce7739c33cdb25b808e94f30b8018d36ef7e9d1237484eecdaac8e96ee7afc7130d98ad936aaed47cb541b763a42b9aba1bcc775a19f8666122b49b6e09e9e734b38a43b00ce51b8a4db67c84cdc6fa8d584d109b7f8ca9499c16a36aafeb6d3bbc0ff3e8bff68c63a9253a659e14dfbd04cd8943835493dea7721800c33b456039422d8f514afd6b0a352b0b237c277fca6718e80276cc6749406da3c966975d7be9eb7f9f4c42331d7de754c4737630e28361ef8ac5893c0f5bc6ac25a42431f6958e798ec6dfabe7b39faafa51eeb663e97264f4f0e0ab5883e00b9ddf4573806963041cbb50ac582918eceb9c9d08a8853497fa36afe2c9a1a67023296d9d111258f4d21c7853bb2751ac3ec7594d32d864090a9ab6a62be59f2cc9d992d3f1b7c0f44b514c700919f49b22e602f2743e643865e13200d177c28c600257f0c5511e6cab14f8d27bd9a5983a3fcc95926e535d22ce91df9fe661212ba513248e6287fa345944361fa61fabad4814a372ea632a1eecdd9be88b65d38c8411f7c802aeb08089e9aeb4d919beb047da7e0f986a123ac42fa6b69c01e7d0c5496392f06a269a6cdf35d5ab986f9c3fbff6ae72cfb611be741af25307ac3e80765fb44dfb1bc241be7edf1fa2aa3b7da253fd4ee48dade495e6e5db12c548426602a619357efd631e1e197d6182ca42726d303b720a4be6ddada66045308cf0f19783398a51573155af20432c13fdc1814588855d41f21b16353827fc1169532f7ed27792fc532e3927032f37f1d523c174da875d5a66bec2ad0c81ec9d1012d554829f1c23bbe534cdcf50db96cbc0dc29ddd964185bfd115843e54608d70a0cb4093e92210f8e4f207492e1e14a0f140b0e5f860c8f1326feff0914f75b746b224c108dddc8e36982dd9fff0a0f273e2db43f5cc8b8f6eb0c6340372398a77c9df8434876f7564e7d5d3310cfbecb5291a0a38be9b343a67b4c8916384af97b6c06a25b8fbc9e121d402cb8a5b11e3d8b2d3d918e60561065f0f71065d580edeba62ade35d89b4f902c00d646316fc22079bef147e5c9ca676e77212af951afee471bab01569e29eb2b9dc509a40321e41ae5191516d07d650af6ff51b811f377eb16fedc08d1c6fdf8d7c2f6634819936854dc87ed43c991baf32ac5c12aa741ee3d9b7a15b76b1ac6256ed839ad2b7de9c727065a5bc7fe6f65d0fec0295dfd4c26de3634d450cc8fa59174d030573f8c6d479ccbb6246b0603cfbbcadcd315b2df43c15dcb832018f39437dd6e76ef50b058e3cf0af43b0aa01c6f0c6727f37ed29c07eda1d966e608e87153653d1efc5b907b358925ee53ce544c74c1efd0f438adc0330779c6116c34b3805facee5679cc6a6c8a2a0a98a6004529c316058ddbfe22184a04c54f1ab5d0adb00eed74103d08fa0842063c3de8a70b7ac36510e3e59ba4c4ffa002f6d6bd6aa9585e5116d1cccfdab91c3e233a039a2a62e63215f0db56d55f4c74ad913adf5a75f0c6cfa49cc09eb8acc91b9d0b48c95abfacadc3d9fb0b61d31f1c75f5083387d78d5047e760e365018b1b55fbc92b34aeb774288e47b00af8419b89dec0417ed6729968c0514b1988f48bb70ad80fbf39b72f699acaf4ed378a3df594ef8c51ad9d0039ba8010789fb20580b45aa2b3097e7ce404c8f3c8c39bd646e82fe890f5cce2faf7f4ff0a1d4c2c11cf7b5019464d9e7caff974b9aa8145af9e5b98ccfe308a352cd36a0678cf26538037fb71f90ed457955dc61cf79a97a01f6c57f0da44ea94a71903566815863e4e882a4e0730cc87346f4875af394cfd97726e1c7408accda8ef5b404c29193f21b6e6056ef0ac969e5ae1e7f948e6d8eb11c7a59023c3a45131674b4033950376cbbd361c2b95057d38003ed4adaf51de7b1af9d47eade5b9a3b572c05a40477f56a821def33861ae858ade809f40150a0efb0f5f83d0893f6eb51505ef40ed41e0c3c959ed616571a218390260c7821a42e193178e93b756de9486a82ab503c6bf86de3feb388a4f61eb2b3ec520ddba517620acc0a5834e6090f238396cd507117dd5dd2c9b292fdc45bb99b2ed90e1ffd29fa5b3853b38562defbfae41017a7b2ebe8fcd845b82f8669a1f6c536e30eebedad2a967b816a051f11797b6f6bc86944b6face0e27258f26a3c710df791b3b5394a52d137ccbd8536d96d8d897259524f10acb66d00b0591151a85ddccf7163d45be8cd17032874ec80af593bf2be37dd337c11e5bcab363c9a6ae975b136daaaba2c68adff758a066b02965", 0x1000, 0xae}, {&(0x7f0000000240)="a8e936575c7310db218bef672e5d4f531793e970cb3c943af3461d1316584bbd014ce0189a3807bbcac66b48019820e26005ac5021e0dc2cae3ada14fc5527da262307795b4a0aa0c0a476e6b90331feb32d6fcb65a2b1c96d59624e810e933dafe6b8933d3b33b955880544866956b8a7ae5deb01569e868f1bf1c56d52d1ff62d435579fda3d5e106ccdc4b9ff73eeba361064c14ed07b8e", 0x99, 0x1}, {&(0x7f0000000300)="10a69158cedee9f1695179a1852a7d8e761631fb65882cd72e1dd0b86d8df713141673fb81f1d2be51b26407f9ad1d3406ab6d1d0880bee14baf35ce330306264c9357c87185f78985aaf02121e00c90ebff1ae52209937fddb74d1db76b39d0d47fb393fb8003dc8cb65a288a7860d28e5ceef8e9f0652b4981e2df72f8c6340135137eff38cb46576ea01f50519e5fd47601e352eb6f74779e272e0251f0f46364f3f62a16fdc4dd5dd821fedbb0c1167d500c1e60c1ff0b42c16619401d1956601678bf67f352", 0xc8, 0x3ff}, {&(0x7f0000000400)="003717884b0f52c5921da41b9dc070da2b3e83f7797843b5a84d69aea8c83fe9ab3eb803ef16a957", 0x28, 0x80000001}, {&(0x7f0000001540)="eafcb6ce297693f145e88fed2cbdd21fca14ef9b2e5a0947af4b6b38bc7a52d2cfcc293f974cd558182cf0c1407c76f2126de0920979703c9a61e03f664dba6f4c63e33f63cdcc385d6064af85702b6ba5d143e0f0bff3ca61ebf03008321f11a3e1f50182afbb314cf34bcbe7", 0x6d, 0x3f}, {&(0x7f0000000440)="72b0a765f3f1496bd82072087ec7bc5d4287c7a16c4368f8bc50fe1d7392f8f729d541d7e16fac68", 0x28, 0x438}], 0x100000, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84000) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) fsconfig$FSCONFIG_SET_PATH(r1, 0x3, &(0x7f0000000000)='[\x82*(\x00', &(0x7f0000000040)='./file0\x00', 0xffffffffffffffff) 03:46:30 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:46:30 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0xffffffff, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:46:30 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 63) 03:46:30 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1379.731264] FAULT_INJECTION: forcing a failure. [ 1379.731264] name failslab, interval 1, probability 0, space 0, times 0 [ 1379.733780] CPU: 1 PID: 10223 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1379.735227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1379.736911] Call Trace: [ 1379.737453] dump_stack+0x107/0x167 [ 1379.738203] should_fail.cold+0x5/0xa [ 1379.738999] ? xas_alloc+0x336/0x440 [ 1379.739776] should_failslab+0x5/0x20 [ 1379.740552] kmem_cache_alloc+0x5b/0x310 [ 1379.741381] xas_alloc+0x336/0x440 [ 1379.742116] xas_create+0x34a/0x10d0 [ 1379.742908] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1379.743981] xas_store+0x8c/0x1c40 [ 1379.744725] __xa_store+0x164/0x2d0 [ 1379.745476] ? xa_delete_node+0x280/0x280 [ 1379.746334] ? trace_hardirqs_on+0x5b/0x180 [ 1379.747240] xa_store+0x31/0x50 03:46:30 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1379.747923] __io_uring_add_tctx_node+0x1cf/0x520 [ 1379.749027] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1379.750099] ? __alloc_fd+0x2b8/0x630 [ 1379.750909] io_uring_setup+0x2018/0x2a40 [ 1379.751768] ? wait_for_completion_io+0x270/0x270 [ 1379.752755] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1379.753816] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1379.754895] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1379.755958] do_syscall_64+0x33/0x40 [ 1379.756722] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1379.757772] RIP: 0033:0x7fd4717f2b19 [ 1379.758536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1379.762310] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1379.763876] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1379.765339] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1379.766817] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1379.768282] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1379.769742] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:46:30 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x28, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}}, 0x28}}, 0x0) 03:46:30 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x68, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:46:30 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1800, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1379.873196] audit: type=1400 audit(1700538390.277:118): avc: denied { checkpoint_restore } for pid=10207 comm="syz-executor.7" capability=40 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 03:46:30 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0800eeff07000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) 03:46:30 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1379.947452] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:46:30 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x28, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}}, 0x28}}, 0x0) 03:46:46 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 64) 03:46:46 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:46:46 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x28, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}}, 0x28}}, 0x0) 03:46:46 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x6c, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:46:46 executing program 3: r0 = fork() r1 = fork() ptrace$setopts(0x4200, r1, 0x4a9, 0xa) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)={0x0, 0xfffffffc}) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:46:46 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x12}, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) mq_notify(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x22, 0x2, @thr={0x0, &(0x7f0000000140)="dcac8a119da33f39fc1fa1c9"}}) mlockall(0x1) 03:46:46 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:46:46 executing program 7: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000080), 0x8008, &(0x7f0000000100)) r0 = syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0}, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000080)=@IORING_OP_READ_FIXED={0x4, 0x1, 0x2000, @fd_index=0x7, 0x7f, 0x6, 0x8001, 0x1e, 0x1, {0x2}}, 0x9b) [ 1396.566269] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:46:47 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x74, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1396.627739] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:46:47 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:46:47 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) (fail_nth: 1) 03:46:47 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x46842, 0x0) [ 1396.663563] FAULT_INJECTION: forcing a failure. [ 1396.663563] name failslab, interval 1, probability 0, space 0, times 0 [ 1396.665984] CPU: 1 PID: 10370 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1396.667409] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1396.669096] Call Trace: [ 1396.669637] dump_stack+0x107/0x167 [ 1396.670382] should_fail.cold+0x5/0xa 03:46:47 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x7a, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1396.671193] ? xas_alloc+0x336/0x440 [ 1396.672017] should_failslab+0x5/0x20 [ 1396.672787] kmem_cache_alloc+0x5b/0x310 [ 1396.673615] xas_alloc+0x336/0x440 [ 1396.674337] xas_create+0x34a/0x10d0 [ 1396.675118] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1396.676180] xas_store+0x8c/0x1c40 [ 1396.676915] __xa_store+0x164/0x2d0 [ 1396.677655] ? xa_delete_node+0x280/0x280 [ 1396.678505] ? trace_hardirqs_on+0x5b/0x180 [ 1396.679724] xa_store+0x31/0x50 [ 1396.680538] __io_uring_add_tctx_node+0x1cf/0x520 [ 1396.681686] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1396.682966] ? __alloc_fd+0x2b8/0x630 [ 1396.683886] io_uring_setup+0x2018/0x2a40 [ 1396.684880] ? wait_for_completion_io+0x270/0x270 [ 1396.686022] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1396.687262] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1396.688501] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1396.689730] do_syscall_64+0x33/0x40 [ 1396.690618] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1396.691841] RIP: 0033:0x7fd4717f2b19 [ 1396.692729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1396.696891] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1396.698437] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1396.699900] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1396.701348] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1396.702792] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1396.704261] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 1396.725726] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1396.730181] FAULT_INJECTION: forcing a failure. [ 1396.730181] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1396.732585] CPU: 0 PID: 10383 Comm: syz-executor.1 Not tainted 5.10.200 #1 [ 1396.734001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1396.735706] Call Trace: [ 1396.736241] dump_stack+0x107/0x167 [ 1396.736988] should_fail.cold+0x5/0xa [ 1396.737773] _copy_from_user+0x2e/0x1b0 [ 1396.738592] __copy_msghdr_from_user+0x91/0x4b0 [ 1396.739550] ? __ia32_sys_shutdown+0x80/0x80 [ 1396.740449] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1396.741523] ? __lock_acquire+0xbb1/0x5b00 [ 1396.742400] sendmsg_copy_msghdr+0xa1/0x160 [ 1396.743288] ? do_recvmmsg+0x6d0/0x6d0 [ 1396.744085] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1396.745143] ? SOFTIRQ_verbose+0x10/0x10 [ 1396.745976] ? lock_downgrade+0x6d0/0x6d0 [ 1396.746838] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1396.747911] ? SOFTIRQ_verbose+0x10/0x10 [ 1396.748746] ___sys_sendmsg+0xc6/0x170 [ 1396.749560] ? sendmsg_copy_msghdr+0x160/0x160 [ 1396.750494] ? __fget_files+0x26d/0x4c0 [ 1396.751313] ? lock_downgrade+0x6d0/0x6d0 [ 1396.752160] ? find_held_lock+0x2c/0x110 [ 1396.752997] ? __fget_files+0x296/0x4c0 [ 1396.753827] ? __fget_light+0xea/0x290 [ 1396.754617] __sys_sendmsg+0xe5/0x1b0 [ 1396.755404] ? __sys_sendmsg_sock+0x40/0x40 [ 1396.756279] ? rcu_read_lock_any_held+0x75/0xa0 [ 1396.757222] ? fput_many+0x2f/0x1a0 [ 1396.757966] ? ksys_write+0x1a9/0x260 [ 1396.758730] ? __ia32_sys_read+0xb0/0xb0 [ 1396.759567] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1396.760624] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1396.761662] ? trace_hardirqs_on+0x5b/0x180 [ 1396.762548] do_syscall_64+0x33/0x40 [ 1396.763328] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1396.764415] RIP: 0033:0x7fe5aaa4cb19 [ 1396.765174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1396.768925] RSP: 002b:00007fe5a7fc2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1396.770480] RAX: ffffffffffffffda RBX: 00007fe5aab5ff60 RCX: 00007fe5aaa4cb19 [ 1396.771963] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 1396.773439] RBP: 00007fe5a7fc21d0 R08: 0000000000000000 R09: 0000000000000000 [ 1396.774902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1396.776355] R13: 00007ffe868c648f R14: 00007fe5a7fc2300 R15: 0000000000022000 03:46:47 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffff, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1410.805269] FAULT_INJECTION: forcing a failure. [ 1410.805269] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1410.807699] CPU: 0 PID: 10499 Comm: syz-executor.1 Not tainted 5.10.200 #1 [ 1410.809105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1410.810789] Call Trace: [ 1410.811340] dump_stack+0x107/0x167 [ 1410.812082] should_fail.cold+0x5/0xa [ 1410.813091] _copy_from_user+0x2e/0x1b0 [ 1410.813903] iovec_from_user+0x141/0x400 [ 1410.814729] __import_iovec+0x67/0x590 [ 1410.815521] ? __ia32_sys_shutdown+0x80/0x80 [ 1410.816404] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1410.817462] import_iovec+0x83/0xb0 [ 1410.818199] sendmsg_copy_msghdr+0x131/0x160 [ 1410.819094] ? do_recvmmsg+0x6d0/0x6d0 [ 1410.819878] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1410.820932] ? lock_downgrade+0x6d0/0x6d0 [ 1410.821774] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1410.822822] ? SOFTIRQ_verbose+0x10/0x10 [ 1410.823659] ___sys_sendmsg+0xc6/0x170 [ 1410.824447] ? sendmsg_copy_msghdr+0x160/0x160 [ 1410.825367] ? __fget_files+0x26d/0x4c0 [ 1410.826169] ? lock_downgrade+0x6d0/0x6d0 [ 1410.827011] ? find_held_lock+0x2c/0x110 [ 1410.827838] ? __fget_files+0x296/0x4c0 [ 1410.828645] ? __fget_light+0xea/0x290 [ 1410.829434] __sys_sendmsg+0xe5/0x1b0 [ 1410.830200] ? __sys_sendmsg_sock+0x40/0x40 [ 1410.831072] ? rcu_read_lock_any_held+0x75/0xa0 [ 1410.832011] ? fput_many+0x2f/0x1a0 [ 1410.832744] ? ksys_write+0x1a9/0x260 [ 1410.833516] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1410.834576] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1410.835627] ? trace_hardirqs_on+0x5b/0x180 [ 1410.836509] do_syscall_64+0x33/0x40 [ 1410.837254] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1410.838277] RIP: 0033:0x7fe5aaa4cb19 [ 1410.839030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1410.842684] RSP: 002b:00007fe5a7fc2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1410.844210] RAX: ffffffffffffffda RBX: 00007fe5aab5ff60 RCX: 00007fe5aaa4cb19 [ 1410.845650] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 1410.847082] RBP: 00007fe5a7fc21d0 R08: 0000000000000000 R09: 0000000000000000 [ 1410.848504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1410.849935] R13: 00007ffe868c648f R14: 00007fe5a7fc2300 R15: 0000000000022000 03:47:01 executing program 0: clock_settime(0x4, 0x0) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) futex(&(0x7f0000000040), 0x80, 0x2, &(0x7f0000000100)={r0, r1+60000000}, &(0x7f0000000140)=0x1, 0x2) r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xfffffffa}}, './file0\x00'}) bind$802154_raw(0xffffffffffffffff, &(0x7f0000000000)={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0102}}}, 0x14) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) ppoll(&(0x7f0000000180), 0x0, &(0x7f0000000240)={r3, r4+60000000}, &(0x7f0000000280), 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r2, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x4c}], 0x1}}], 0x7ffff000, 0x0) 03:47:01 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xb3, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:47:01 executing program 3: r0 = gettid() capset(&(0x7f0000000000)={0x19980330, r0}, &(0x7f0000000040)) capset(&(0x7f0000000000)={0x20071026, r0}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xc711}) r1 = fcntl$getown(0xffffffffffffffff, 0x9) syz_io_uring_setup(0x33f7, &(0x7f0000000100)={0x0, 0x609b, 0x33ddda6fdfb2c1ef, 0x0, 0x109}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000200)=@IORING_OP_FALLOCATE={0x11, 0x4, 0x0, @fd_index=0x3, 0xfffffffffffffffa, 0x0, 0x7d, 0x0, 0x1}, 0x69) capset(&(0x7f0000000080)={0x20080522, r1}, &(0x7f00000000c0)={0x6, 0xffffff88, 0xe28, 0x10001, 0x7f, 0xac}) 03:47:01 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:01 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:01 executing program 7: syz_emit_ethernet(0xc61, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbbbbbbbbbbbbbb81004a0086dd60001d000c273aff20010000000000000000000000000002ff020000000000000000000000000001860090780004000000000000000000000021955d69800fd4d91c935e5da9c34e8b085691cea01578fbbe4c03b8315d548389953a6cca9e61b99fa217c3fad4fdffe14e47b6b5c3b9c9ccc4659e6174c054481d76dc2e1f2dcb2af4f5cdccda76121087f3c469393f99d2a76be44cd19575b8c88c3bd9da010000004634f5083c2537f64cfb816278757f66254b2634a69361b321b3fff322e7c047fe281ce234b980b10b365cf67d53ebedb4f7d64f31e184b586f7c32c20c556ec2209d4c8da0e3116e2030d05265ffacb3194c99007d3381997061346c070ad40419ff6d087300bfcf1b97492d0cf35af3f76b41d63e3788d0a2ec0cfd6b6866eed80957fa143fa366ca02d5a4602394921184367a1038b6697021f1700000000000f311c1c5f30690bec8e72033c866a73eb26f3ae5e2774b32ed67dffea2d4b08a36dab1da3177e671c1151de6c95ac83c4b86abbaddce466e4fb0fce1c126765d56317b4cc2550c30862b02c3c4ca7b3cb67b07f522f86ecfe9e3448e94fb01210bc80392b35e76a1604ffdad8874b8e945857e90042d6f045fbb9940015683ff6cba5a042d30ed204fc61fd79299beddf84b5dff27ae963f4fd32cc3fd9fe4ae8887852dba81747700671f81053be5764d6a30d71d014466c298a52843e80716b442b76d0390c96eaad8cd8fcc99c754dce884acecb6877861412a3477306183e175be590a99e9eb3154d016a0e17a491714d170ba0152d52e67966353caf7fd955eeb224e4c3c742d41ee97eb09d7504c68d77206fe21e7a263625b49ed385e541f744b6001c29e70acf91761cb9196e139e3fdfe1c00205ba9571433c766ab1fa285a39f9a91e8dcf6954dfb2845c66ba88ba43dbd6a14929d1318f2709a27f5dfcdd0b38da5af0a28b214ea330a5b719bd30372c0bd524cfc5228761fb76925cbfb369a02457de445e1d03b0947265a8716f46c450a90d001c5f5618c44eb199e6ceb0c692a78408663923c2d4e2b569ee4b3c7942972f07a0b9d9c64f198cd7f55f6ca0d01db4375f34705f661337183734b2cce24659add4d2d1434bdc35bb7f604ed546f328fcfafedc6b37203c7ccba8737cf05c3381f01ab19697ac11d6d1a9f6e2ed4d9e4fd3b6000c2562be125b4ef57aa156e9edd9f095b240b1542a66addad202b7fe724b26048591ab58997ed9be66ab128bac885947c859a0792903d945895b81fdaad47889c9dcf30176f12550aaebc88548bd70ebd936c440ae4ec1c73cd82f5903da3778fd5de60b57011338cd0b4db609f829c6e4b0cf8d8e8a73ff6bc7e071a12bdbc6d005f9bbf6f82a3353749cd516d4aebcee781c11be806f8edc04c2ede6e1cf1d0260a3640442916e0b2debe6b543c7d38807d7f087f0a0fcb0b69414466c9883e230cdc51c7756ff1600a9e746ea3b3014ca5b6ff49bb35687233d571f1f735d81a186cd2647e28755bd13c853c43caee57400aff1d854f154a4097c261c3dd38135728b1fc03efabe97e6986cfb10104aeb581791f0ee247237a7bbfd2ac6c666cdad21e1ea41cf5a58dccfa32445c1a69ae9e7d60a3d83d9c494f95cf6ac87f28f3815f50835eeeb5cf85c4c901fc71f606fd5ed20f08f13c0dee0cdf8b0ea77d402609bc2bd70504790f26ee65771f1802888972d354af1e679615549d80b87e6b5892200ceaf75d679da9afc64d570ef93c9244bd8dcb8b0da565dd01889928fc145e3ef0f96987f8420e9c4ec08f85d5145ef2591359fb0e505a4e67af3de5e2ba6b6a97801f82649f0d4fad538a7390e11233a7a069389655159b5310081bdd85c8b53f1cc1ad6d5d73dedcf3af028268e335f6aa55c37737cb79e01b5f07da40750abb21b406e30e1728588dda39ee9a9ea53319d61d2cefed0a1adddf2904406ec63c132704f6d633a5e799c0c59f5aa1be0c7ac077a94589a4b97c1b102cd6ad8f1bcd31b85d66acb06ec8e743f2e88e8ac9b55044abc5d82af4f32236d55e9774409dd68035591207e4cda5025afd56352c130bc764c1684193ff1efca3e8e34aab9e2d34b2e42bbf6c2010e602c3ee5bbfd7983ee6042b78dfddbc6953f3db4edd1219a299bb48c2211c6d85457fe1d12481260cff7817dd0cf44497625ed041e5e5e40ec67eefdceac5fa4aeebba3129a8e3c9d898eb1bafc0a53ea1f5050a4e6ece7a305f7b2608721f789dcf96ddfae2ced0ddc3bbb80d0bd29a938c2ad0c5ce75d2471e28bf7e728abcc76d2bf8f0a762d2d583774d0a096a0d706406214152489d0aba15e90bd2c1a84eff38a1a0ba4956aea68d82aebbfa3e93261bf1fd671c6a1a43e81dd6f97c35b1b2be432de311772401fc8608d96ec3e6cb4e4827a75aecebe2295893bf991d7b85e7d966687c150fbe53bbe744b2a8fe4690c0a4221b899846ef3ac9dbe68bd9b11599712da4a667458a38677db490477522471aa9e8d67c4badd3d6541c3b356b2d5da57ce4e1780968ac3d0c899bdbb4f2c0db83995a694f45ba4dbc38d5d9344659380eba00d81eba43b232e780843095d16a1a50e22b267e5587bd4c3e9104ae3ae3b285ec907a4e55fdad7fa516042fecd97c5061fa6e26b84cc20e3a7250e8e86e23d470f29f891bc557712243b1a41c8288409c47e6d1035c13ca1b0c537f80ab8b8c936dd5202b85e47b51e8ac2364215a7b5ca2c353dd96fb871f8beaf9d9b9026af548237fa80674820fe67d0cad90b6a17ac5082cbbeab2ca0670b12a6181724b9b99d9cb8272f9b13584510c9da86271875129961ef1e03bd28a8ce859438906554549177cd2109125f5f2f4bfcf5ecfe370ad3292d9ce5c2208778a911fe3716782e4e737092ae7f9175dae4ab01745810c4010a616467fa8c6318b03003367d41c3c9b73fc09b2fad6e89473981dc9b8795b0c1a8569bfe45c4bc6d40f1f072103c64f1a0a14df5d056a59063801c5ceff004a45d77b7d4fe95f7b55d9dd9aaec03b5b8ea74a90bb9a16fed4a39f4c7d54bc782107e10732c882529a218cd6ae6bc216317e821b3d3a85f14f1688866e623db3e3e63ef28724833fb08ff21f4ad2750b71065679f9a948b16705b1f312581bf9021f537f8b79f3ee70b3b2f7f4c26312e6d0d3be9dc718ff2a9a221305e5ef877210f4a86d2fc2e432b99a5fd8a3bc43d9060fb7344ec03e9b1886b7e966bc6e197858196a93b9d9c00d1886763d5c9814bc32611bbc25f31078f949dae498f3a68bc5112bacc05bf5db70bc679d96d95696510f5a8e510a3c1899a59567c3a4e0fe347030af67300a95e03873a04fd758c7593f1401978032016dc48306e53e5882b751ece6a0450df8f9dd496759010dab3f50be10aed17a12f41803fe05f5a94bdf1f6aefe07037e35e9f259c0eff2a53ee628c635d53bdb4726e02d5e9189deecbc0ad42e9bfd5019c7417e9b093b19166e4088b536f182ce0541ab8f82e58341591eb4991311f8bd921e6b1e137bf599175c33c1e0f70f8f44e3fda94676ffa9beecaf04699aab527b680da051b0d568b4690195227068d35f6029cf79adad48d2e431f489af79e827cff0de565748efa68ffe8a0676976af924c7e691883c78738d2cde6877483c394e2b3b01a66a03dfa957db85e04574cf80e9133b4cb37d1239ae777aa4dc61feeeade7e3f76f18f5a6622a426ff6865c3a820d3e1b126237c488c8c299f1572d54767ed1d488269b0694995ebf6253e7aea89780018532be816ef9bb1d1ae79c935409979f2b2fed9f65284530855ad161881a928859413d3bed72a3263dcbb9472c8240422b1cd28c6179beff7d7c76a731733f56a2c0eb5ce6806a949f6c78f14551387d5a2c4d12b024865d4bfd85775a22a033ea061c33e458fb831fccfa3b902f1c5e6f115d8294fe295af333c9618be8de9024b48126b145902b7f8ac7fc878a7c0a0304e87d78cd0b09fa89294d51b06e885c80d86e2f2d6111a1c6ea354af9150e856852400ebcc11229796c97ad23b222b5b48aa295861eb179fb7259ccad40dbadaee06725a2512c2d47d0954a74d98b8cf0afaed20fb643418efdb0005b9e79ee4873f386d7f9ca2985f4dbadf5b94a90d94955c29a58ac766e2a6188062ce966963857668f9d7ca6a530e30f8e47a7727222e885d828ee9e98d20b6675901f0dfd328d556575c33d0a13f9a58067d86d902b90f675da9e8f0b410d2cd1941a1aa7ccdc67c3981bb3d0fcb8d1a4bbcd2b4c12fc10b728048325efdf383a254562d03ed279b984d6ca46bd178a31a8eb3b1b2c21b130fb8974ca7537fc8513e7a682f519ebf84722f974cc637c1a6ff9db6c13ad169bdf03b79ca7846b652c542163ed0c3000246090e6bae7ee916004a844550157534762eae628702487db761e712810b9ec695dba932bec16b57ca9400"/3197], 0x0) write$tun(0xffffffffffffffff, &(0x7f0000000d00)={@void, @void, @ipv6=@icmpv6={0x7, 0x6, "79691d", 0x1b3, 0x3a, 0x0, @local, @mcast2, {[@dstopts={0x3c, 0x2, '\x00', [@hao={0xc9, 0x10, @private1={0xfc, 0x1, '\x00', 0x1}}]}, @dstopts={0x32, 0xa, '\x00', [@pad1, @calipso={0x7, 0x50, {0x3, 0x12, 0x7c, 0x3, [0x0, 0x4, 0x91a, 0x2, 0x42d5, 0x1, 0x7fff, 0xffffffffd440b9ef, 0xe]}}]}, @srh={0x1d, 0xa, 0x4, 0x5, 0x9, 0x8, 0x3, [@private1={0xfc, 0x1, '\x00', 0x1}, @private1, @local, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}]}], @time_exceed={0x3, 0x1, 0x0, 0x3, '\x00', {0x9, 0x6, "e629b2", 0x7f, 0x82, 0x0, @private0, @empty, [@fragment={0x4, 0x0, 0x8, 0x0, 0x0, 0x6, 0x65}, @routing={0x89, 0xa, 0x0, 0x5, 0x0, [@private1, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @loopback, @mcast1, @empty]}], "3a04913f7141a6b8bb751749d7951da4eee2dce0a15eadfca44f9c52b058c0d726f8e2bc3211ca58360a664257b1b791ae1db96765e763e7d7a5d4de14a8aa3470355cd991c9d554d74774"}}}}}, 0x1db) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000c80)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) write$tun(r0, &(0x7f0000000cc0)={@void, @val={0x1, 0x0, 0x80, 0x0, 0x7ff}, @mpls={[{0x100}, {0x7f}, {0x4}], @generic="92d3bf3fb998ddf8b8be7d11f401fae682a48668845337113e23a71d"}}, 0x32) 03:47:01 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) (fail_nth: 2) 03:47:01 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 65) 03:47:01 executing program 7: ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1f, "77004a6efdff000100000000cdab000245b00f", 0x1}) ioctl$VT_WAITACTIVE(0xffffffffffffffff, 0x5607) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) r1 = socket$inet(0x2, 0xa, 0x0) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/class/devlink', 0x0, 0x0) ioctl$TUNSETLINK(r3, 0x400454cd, 0x537) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) sendfile(r2, r3, &(0x7f0000000180)=0x401, 0x7) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF2(r4, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "816647419ed58bbd11c2e92b71a86cbf313b9d"}) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000140)={0x0, r4, 0x1, 0x4, 0x3, 0x1000100}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000100)={'batadv_slave_1\x00'}) ioctl$VT_GETMODE(0xffffffffffffffff, 0x5601, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x840}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup3(r1, r0, 0x0) [ 1410.898266] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1410.901535] FAULT_INJECTION: forcing a failure. [ 1410.901535] name failslab, interval 1, probability 0, space 0, times 0 [ 1410.903870] CPU: 0 PID: 10543 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1410.905284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1410.907019] Call Trace: [ 1410.907560] dump_stack+0x107/0x167 [ 1410.908309] should_fail.cold+0x5/0xa [ 1410.909075] ? xas_alloc+0x336/0x440 [ 1410.909825] should_failslab+0x5/0x20 [ 1410.910599] kmem_cache_alloc+0x5b/0x310 [ 1410.911427] xas_alloc+0x336/0x440 [ 1410.912147] xas_create+0x34a/0x10d0 [ 1410.912914] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1410.913965] xas_store+0x8c/0x1c40 [ 1410.914700] __xa_store+0x164/0x2d0 [ 1410.915450] ? xa_delete_node+0x280/0x280 [ 1410.916308] ? trace_hardirqs_on+0x5b/0x180 [ 1410.917183] xa_store+0x31/0x50 [ 1410.917853] __io_uring_add_tctx_node+0x1cf/0x520 [ 1410.918823] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1410.919874] ? __alloc_fd+0x2b8/0x630 [ 1410.920644] io_uring_setup+0x2018/0x2a40 [ 1410.921477] ? wait_for_completion_io+0x270/0x270 [ 1410.922445] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1410.923501] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1410.924547] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1410.925576] do_syscall_64+0x33/0x40 [ 1410.926312] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1410.927335] RIP: 0033:0x7fd4717f2b19 [ 1410.928071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1410.931700] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1410.933204] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1410.934623] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1410.936089] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1410.937545] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1410.939009] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:47:01 executing program 3: r0 = fork() tkill(r0, 0x30) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) [ 1410.957513] ieee802154 phy0 wpan0: encryption failed: -22 03:47:01 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:01 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:01 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xf0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:47:01 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1411.051907] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:47:01 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:01 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x300, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1411.160572] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1411.724279] ieee802154 phy0 wpan0: encryption failed: -22 03:47:19 executing program 7: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:19 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x500, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:47:19 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) (fail_nth: 3) 03:47:19 executing program 0: pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) r2 = openat(r0, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x21) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r3, &(0x7f0000000100)=ANY=[], 0xfdef) ioctl$EXT4_IOC_GET_ES_CACHE(r2, 0xc020662a, &(0x7f0000000340)={0x0, 0x7fffffff, 0x5}) [ 1429.030886] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:47:19 executing program 3: fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)={0x0, 0x7f}) r0 = gettid() capset(&(0x7f0000000000)={0x19980330, r0}, &(0x7f0000000040)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000140)=0x0) fcntl$setown(0xffffffffffffffff, 0x8, r1) migrate_pages(r0, 0x5, &(0x7f0000000100)=0x9, &(0x7f0000000080)=0x1) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r3, r2, 0x800, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) pidfd_getfd(r3, 0xffffffffffffffff, 0x0) r4 = gettid() r5 = io_uring_setup(0x670f, &(0x7f0000000180)={0x0, 0x6efd, 0x0, 0x3, 0x178}) read(r5, &(0x7f0000000200)=""/233, 0xe9) syz_io_uring_setup(0x5db7, &(0x7f0000000300)={0x0, 0xeb2, 0x20, 0x0, 0x187}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000380), &(0x7f00000003c0)) capset(&(0x7f0000000000)={0x19980330, r4}, &(0x7f0000000040)) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, &(0x7f00000000c0)=r4) [ 1429.039768] FAULT_INJECTION: forcing a failure. 03:47:19 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 66) [ 1429.039768] name failslab, interval 1, probability 0, space 0, times 0 [ 1429.042182] CPU: 1 PID: 10743 Comm: syz-executor.1 Not tainted 5.10.200 #1 [ 1429.043554] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1429.045179] Call Trace: [ 1429.045713] dump_stack+0x107/0x167 [ 1429.046453] should_fail.cold+0x5/0xa [ 1429.047239] ? __alloc_skb+0x6d/0x5b0 [ 1429.048017] should_failslab+0x5/0x20 [ 1429.048788] kmem_cache_alloc_node+0x55/0x330 [ 1429.049695] __alloc_skb+0x6d/0x5b0 [ 1429.050458] netlink_sendmsg+0x998/0xdf0 [ 1429.051316] ? netlink_unicast+0x7f0/0x7f0 [ 1429.052177] ? netlink_unicast+0x7f0/0x7f0 [ 1429.053032] __sock_sendmsg+0x154/0x190 [ 1429.053837] ____sys_sendmsg+0x70d/0x870 [ 1429.054659] ? sock_write_iter+0x3d0/0x3d0 [ 1429.055513] ? do_recvmmsg+0x6d0/0x6d0 [ 1429.056301] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1429.057357] ? lock_downgrade+0x6d0/0x6d0 [ 1429.058200] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1429.059276] ? SOFTIRQ_verbose+0x10/0x10 [ 1429.060102] ___sys_sendmsg+0xf3/0x170 [ 1429.060888] ? sendmsg_copy_msghdr+0x160/0x160 [ 1429.061818] ? lock_downgrade+0x6d0/0x6d0 [ 1429.062671] ? find_held_lock+0x2c/0x110 [ 1429.063520] ? __fget_files+0x296/0x4c0 [ 1429.064338] ? __fget_light+0xea/0x290 [ 1429.065138] __sys_sendmsg+0xe5/0x1b0 [ 1429.065918] ? __sys_sendmsg_sock+0x40/0x40 [ 1429.066782] ? rcu_read_lock_any_held+0x75/0xa0 [ 1429.067747] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1429.068807] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1429.069838] ? trace_hardirqs_on+0x5b/0x180 [ 1429.070708] do_syscall_64+0x33/0x40 [ 1429.071496] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1429.072523] RIP: 0033:0x7fe5aaa4cb19 [ 1429.073291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1429.076995] RSP: 002b:00007fe5a7fc2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1429.078527] RAX: ffffffffffffffda RBX: 00007fe5aab5ff60 RCX: 00007fe5aaa4cb19 [ 1429.080010] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 1429.081433] RBP: 00007fe5a7fc21d0 R08: 0000000000000000 R09: 0000000000000000 [ 1429.082874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1429.084308] R13: 00007ffe868c648f R14: 00007fe5a7fc2300 R15: 0000000000022000 03:47:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x600, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1429.115725] FAULT_INJECTION: forcing a failure. [ 1429.115725] name failslab, interval 1, probability 0, space 0, times 0 [ 1429.117305] CPU: 0 PID: 10753 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1429.118201] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1429.119302] Call Trace: [ 1429.119649] dump_stack+0x107/0x167 [ 1429.120133] should_fail.cold+0x5/0xa [ 1429.120636] ? ___slab_alloc+0x155/0x700 [ 1429.121169] ? create_object.isra.0+0x3a/0xa20 [ 1429.121781] should_failslab+0x5/0x20 [ 1429.122281] kmem_cache_alloc+0x5b/0x310 [ 1429.122817] create_object.isra.0+0x3a/0xa20 [ 1429.123397] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1429.124066] kmem_cache_alloc+0x159/0x310 [ 1429.124620] xas_alloc+0x336/0x440 [ 1429.125105] xas_create+0x34a/0x10d0 [ 1429.125628] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1429.126327] xas_store+0x8c/0x1c40 [ 1429.126824] __xa_store+0x164/0x2d0 [ 1429.127329] ? xa_delete_node+0x280/0x280 [ 1429.127894] ? trace_hardirqs_on+0x5b/0x180 [ 1429.128480] xa_store+0x31/0x50 [ 1429.128929] __io_uring_add_tctx_node+0x1cf/0x520 [ 1429.129563] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1429.130269] ? __alloc_fd+0x2b8/0x630 [ 1429.130777] io_uring_setup+0x2018/0x2a40 [ 1429.131347] ? wait_for_completion_io+0x270/0x270 [ 1429.131992] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1429.132690] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1429.133395] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1429.134098] do_syscall_64+0x33/0x40 [ 1429.134600] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1429.135289] RIP: 0033:0x7fd4717f2b19 [ 1429.135799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1429.138280] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1429.139307] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1429.140243] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1429.141204] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1429.142153] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1429.143092] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 1429.147144] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:47:19 executing program 7: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r1, &(0x7f0000000300)="af", 0x1, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) lseek(r0, 0x0, 0x4) ioctl$EVIOCSABS3F(0xffffffffffffffff, 0x401845ff, &(0x7f0000000040)={0x0, 0x7, 0x7, 0x7, 0x7, 0x3f}) ioctl$BLKFRASET(r0, 0x1264, &(0x7f00000000c0)=0xde6) 03:47:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:19 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) (fail_nth: 4) 03:47:19 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x700, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1429.268501] FAULT_INJECTION: forcing a failure. [ 1429.268501] name failslab, interval 1, probability 0, space 0, times 0 [ 1429.270983] CPU: 0 PID: 10865 Comm: syz-executor.1 Not tainted 5.10.200 #1 [ 1429.272397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1429.274090] Call Trace: [ 1429.274637] dump_stack+0x107/0x167 [ 1429.275418] should_fail.cold+0x5/0xa [ 1429.276196] ? create_object.isra.0+0x3a/0xa20 [ 1429.277123] should_failslab+0x5/0x20 [ 1429.277896] kmem_cache_alloc+0x5b/0x310 [ 1429.278726] create_object.isra.0+0x3a/0xa20 [ 1429.279620] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1429.280649] kmem_cache_alloc_node+0x169/0x330 [ 1429.281578] __alloc_skb+0x6d/0x5b0 [ 1429.282323] netlink_sendmsg+0x998/0xdf0 [ 1429.283148] ? netlink_unicast+0x7f0/0x7f0 [ 1429.284022] ? netlink_unicast+0x7f0/0x7f0 [ 1429.284876] __sock_sendmsg+0x154/0x190 [ 1429.285678] ____sys_sendmsg+0x70d/0x870 [ 1429.286499] ? sock_write_iter+0x3d0/0x3d0 [ 1429.287371] ? do_recvmmsg+0x6d0/0x6d0 [ 1429.288164] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1429.289224] ? lock_downgrade+0x6d0/0x6d0 [ 1429.290064] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1429.291123] ? SOFTIRQ_verbose+0x10/0x10 [ 1429.291955] ___sys_sendmsg+0xf3/0x170 [ 1429.292744] ? sendmsg_copy_msghdr+0x160/0x160 [ 1429.293680] ? lock_downgrade+0x6d0/0x6d0 [ 1429.294524] ? find_held_lock+0x2c/0x110 [ 1429.295371] ? __fget_files+0x296/0x4c0 [ 1429.296183] ? __fget_light+0xea/0x290 [ 1429.296980] __sys_sendmsg+0xe5/0x1b0 [ 1429.297747] ? __sys_sendmsg_sock+0x40/0x40 [ 1429.298623] ? rcu_read_lock_any_held+0x75/0xa0 [ 1429.299588] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1429.300643] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1429.301676] ? trace_hardirqs_on+0x5b/0x180 [ 1429.302551] do_syscall_64+0x33/0x40 [ 1429.303388] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1429.304631] RIP: 0033:0x7fe5aaa4cb19 [ 1429.305528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1429.309973] RSP: 002b:00007fe5a7fc2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1429.311808] RAX: ffffffffffffffda RBX: 00007fe5aab5ff60 RCX: 00007fe5aaa4cb19 [ 1429.313518] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 1429.315250] RBP: 00007fe5a7fc21d0 R08: 0000000000000000 R09: 0000000000000000 [ 1429.316689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1429.317795] R13: 00007ffe868c648f R14: 00007fe5a7fc2300 R15: 0000000000022000 03:47:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:19 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 67) [ 1429.358624] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:47:19 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040)={0x0, 0x0, 0x5}) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:47:19 executing program 7: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1429.425130] FAULT_INJECTION: forcing a failure. [ 1429.425130] name failslab, interval 1, probability 0, space 0, times 0 [ 1429.427185] CPU: 0 PID: 10875 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1429.428415] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1429.429874] Call Trace: [ 1429.430357] dump_stack+0x107/0x167 [ 1429.431008] should_fail.cold+0x5/0xa [ 1429.431698] ? xas_alloc+0x336/0x440 [ 1429.432348] should_failslab+0x5/0x20 [ 1429.433011] kmem_cache_alloc+0x5b/0x310 [ 1429.433717] xas_alloc+0x336/0x440 [ 1429.434334] xas_create+0x34a/0x10d0 [ 1429.435002] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1429.435960] xas_store+0x8c/0x1c40 [ 1429.436607] __xa_store+0x164/0x2d0 [ 1429.437258] ? xa_delete_node+0x280/0x280 [ 1429.438005] ? trace_hardirqs_on+0x5b/0x180 [ 1429.438781] xa_store+0x31/0x50 [ 1429.439382] __io_uring_add_tctx_node+0x1cf/0x520 [ 1429.440242] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1429.441193] ? __alloc_fd+0x2b8/0x630 [ 1429.441882] io_uring_setup+0x2018/0x2a40 [ 1429.442628] ? wait_for_completion_io+0x270/0x270 [ 1429.443507] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1429.444439] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1429.445381] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1429.446327] do_syscall_64+0x33/0x40 [ 1429.446992] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1429.447927] RIP: 0033:0x7fd4717f2b19 [ 1429.448593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1429.451900] RSP: 002b:00007fd46ed68108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1429.453264] RAX: ffffffffffffffda RBX: 00007fd471905f60 RCX: 00007fd4717f2b19 [ 1429.454527] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1429.455821] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1429.457087] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1429.458351] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:47:19 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x900, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:47:19 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) (fail_nth: 5) [ 1429.500201] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1429.553368] FAULT_INJECTION: forcing a failure. [ 1429.553368] name failslab, interval 1, probability 0, space 0, times 0 [ 1429.555882] CPU: 1 PID: 10949 Comm: syz-executor.1 Not tainted 5.10.200 #1 [ 1429.557262] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1429.558908] Call Trace: [ 1429.559451] dump_stack+0x107/0x167 [ 1429.560242] should_fail.cold+0x5/0xa [ 1429.561060] should_failslab+0x5/0x20 [ 1429.561849] __kmalloc_node_track_caller+0x74/0x3b0 [ 1429.562873] ? netlink_sendmsg+0x998/0xdf0 [ 1429.563749] __alloc_skb+0xb1/0x5b0 [ 1429.564512] netlink_sendmsg+0x998/0xdf0 [ 1429.565346] ? netlink_unicast+0x7f0/0x7f0 [ 1429.566222] ? netlink_unicast+0x7f0/0x7f0 [ 1429.567090] __sock_sendmsg+0x154/0x190 [ 1429.567936] ____sys_sendmsg+0x70d/0x870 [ 1429.568776] ? sock_write_iter+0x3d0/0x3d0 [ 1429.569654] ? do_recvmmsg+0x6d0/0x6d0 [ 1429.570444] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1429.571533] ? lock_downgrade+0x6d0/0x6d0 [ 1429.572386] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1429.573451] ? SOFTIRQ_verbose+0x10/0x10 [ 1429.574292] ___sys_sendmsg+0xf3/0x170 [ 1429.575084] ? sendmsg_copy_msghdr+0x160/0x160 [ 1429.576019] ? lock_downgrade+0x6d0/0x6d0 [ 1429.576863] ? find_held_lock+0x2c/0x110 [ 1429.577695] ? __fget_files+0x296/0x4c0 [ 1429.578510] ? __fget_light+0xea/0x290 [ 1429.579328] __sys_sendmsg+0xe5/0x1b0 [ 1429.580117] ? __sys_sendmsg_sock+0x40/0x40 [ 1429.581007] ? rcu_read_lock_any_held+0x75/0xa0 [ 1429.581980] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1429.583054] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1429.584117] ? trace_hardirqs_on+0x5b/0x180 [ 1429.585011] do_syscall_64+0x33/0x40 [ 1429.585791] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1429.586851] RIP: 0033:0x7fe5aaa4cb19 [ 1429.587634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1429.591427] RSP: 002b:00007fe5a7fc2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1429.593006] RAX: ffffffffffffffda RBX: 00007fe5aab5ff60 RCX: 00007fe5aaa4cb19 [ 1429.594492] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 1429.595989] RBP: 00007fe5a7fc21d0 R08: 0000000000000000 R09: 0000000000000000 [ 1429.597458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1429.598928] R13: 00007ffe868c648f R14: 00007fe5a7fc2300 R15: 0000000000022000 03:47:33 executing program 0: r0 = creat(&(0x7f00000001c0)='./cgroup/cgroup.procs\x00', 0x0) open_by_handle_at(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="04000000000000000000003985ad5d58f3fee3832a1f6ac3485ed432a29d6e03385d528d6ddcab77c3abea827b8a33d2ec29f33f5341bc796dba45f3295e03388e6223c0f1f963689f46c5d7c19a1c3d104fa163311ce9f0003fabfda539d2ea9b51a0beeff386851f65a7c095614c52bf4258ee069030ac14c95bff248aa7174930c330a804315244da7a9188ea3c42018ef074ada0e67038acdb1a1550bcae99aae4eb3d50b1"], 0x0) setsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x65, &(0x7f0000000200)=0x6, 0x4) socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="ffa22106351700002e2f661c696c653000"]) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) r4 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, &(0x7f0000000500)='ramY\xab\xef\x11\xf6\x9e\x8dE\x83\xc4is\x00b[_W\x8f\x8bB8T\x9a\xf0;ugYe?\xb4\x03nT\x1c\xff\xdad\xb3>\xf0\xde\n\x8b\xbd\xfb\xa7\xdc\xc9\xb5\xb6\x95\xbb\xe5l\xdc\xb2\xa4\xa7)\xbei W\xe8\xbdSQ\x9cc\xaf@\xbc u\x11wL\xe2=\x8e\xb8\xe8\x8b\x96\xfe\xf6z\xd4\xf1\x00\xbe\x15\x89>\xff\xf0}\xe5\xa4\x81\x92\x99\x82O\x1asu\xbf\x0e\xe1\xd3\xa2\x1a\xfb;\x8cR\xd1\xd63\xf0]\x88\xfekEp\x98N\x1e\xc4S\x0f\xd78TpH\xa2\x96[\xe7\x8c\xd6Tc\xb86\xae=\xac\x96\xd4*l\xce>\xf6\xa4\xe3H($\xd4\xefg\x825\xd5\xb4g~\xd3P\xe7\x8f\xba\xd7\x99\xb95L\x92\xff\xa9\x9an\xdf\xe6\xd9\x9cH\\\xf3\xb3w\xe2\x98Ge\xb1\x88', &(0x7f00000000c0)="03", 0x1) pread64(r4, &(0x7f0000000400)=""/255, 0xff, 0x7eb9) dup(0xffffffffffffffff) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000000c0)=0xfde, 0x9) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000100)=0x2000) read(0xffffffffffffffff, &(0x7f0000000040)=""/2, 0x2) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00'}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000240)=0xc) sendmmsg$inet(r1, &(0x7f0000002040)=[{{&(0x7f0000000380)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f00000003c0)="db9c", 0xffe7}], 0x1, &(0x7f0000000600)=ANY=[@ANYBLOB="14000000000000000000000007000000c4048f01000000001c00ed0fc7a0d15bff03000081c90e6ddc0000080000000000000000000094b52725654f359fc95b767c0bef18a241dbc0bbd489417a96253b321e060d6f45ae6d0ba7c7b8d6d3522fb41e09a9fcd3eb272d0a8ebbcc2c8bd7476b529c31b503c07befa8f69c9d488e509caa86149a6d919c3f442096529b5156cd621ed49a8d46710d36ae179f26d937412e7d39f021bca7f4867788a34a716c9b961fe280d29220113906739554c7baf3fb693553e7685efa4a9e455e40c6a083d47e3207de616623eb25", @ANYRES32=r3], 0x38}}], 0x1, 0x0) 03:47:33 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5ffffff, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:33 executing program 7: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x17, 0x10001) openat(0xffffffffffffffff, 0x0, 0x290200, 0x99) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0xffffffffffffff65, 0x0, 0x0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = creat(0x0, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r5, r4, 0x800, 0x0) close_range(r5, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r5, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'}) r6 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) pwrite64(r6, &(0x7f00000000c0), 0x17, 0x10001) renameat2(0xffffffffffffffff, 0x0, r3, 0x0, 0x4) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="2c736d61636b66736861743d7766646e6f2c7375626a5f747970653d5e262c7065726d69745f646970656374696f2c6673636f6e706578743d756e636f6e66696e65645f752c7375626a5f757365723d397000653d7266646e6f2c000cf9525262b9c407936648ae664366d344ce184dc5ef1df4828636e9649166697bd54e0500000000000200000025a25a46481b7f00"/160]) 03:47:33 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xa00, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1443.502856] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:47:33 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 68) 03:47:33 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:33 executing program 3: prctl$PR_PAC_RESET_KEYS(0x36, 0x6) r0 = fork() capset(&(0x7f00000000c0)={0x20080522}, &(0x7f00000001c0)={0xfffffffd, 0x100000, 0x0, 0x28a000}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000005e80)) r1 = gettid() capset(&(0x7f0000000000)={0x19980330, r1}, &(0x7f0000000040)) capget(&(0x7f0000000180)={0x20080522, r1}, &(0x7f0000000100)={0xd0b, 0x7, 0x6, 0x8, 0x4}) openat$procfs(0xffffffffffffff9c, &(0x7f0000005a40)='/proc/consoles\x00', 0x0, 0x0) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000580)=0xc) clock_gettime(0x0, &(0x7f0000006240)={0x0, 0x0}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000005fc0)=[{{&(0x7f0000000600)=@abs, 0x6e, &(0x7f0000001b40)=[{&(0x7f0000000680)=""/94, 0x5e}, {&(0x7f0000000700)=""/180, 0xb4}, {&(0x7f00000007c0)=""/192, 0xc0}, {&(0x7f0000000880)=""/4096, 0x1000}, {&(0x7f0000001880)=""/169, 0xa9}, {&(0x7f0000001940)=""/185, 0xb9}, {&(0x7f0000001a00)=""/98, 0x62}, {&(0x7f0000001a80)=""/147, 0x93}], 0x8, &(0x7f0000001bc0)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x68}}, {{&(0x7f0000001c40), 0x6e, &(0x7f0000001d00)=[{&(0x7f0000001cc0)=""/39, 0x27}], 0x1, &(0x7f0000001e00)=[@cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58}}, {{&(0x7f0000001e80)=@abs, 0x6e, &(0x7f0000001d40)=[{&(0x7f0000001f00)=""/147, 0x93}, {&(0x7f0000001fc0)=""/194, 0xc2}], 0x2, &(0x7f00000020c0)=[@rights={{0x10}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x60}}, {{&(0x7f0000002140)=@abs, 0x6e, &(0x7f0000003280)=[{&(0x7f00000021c0)=""/26, 0x1a}, {&(0x7f0000002200)=""/50, 0x32}, {&(0x7f0000002240)=""/14, 0xe}, {&(0x7f0000002280)=""/4096, 0x1000}], 0x4, &(0x7f00000032c0)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c}}], 0x78}}, {{&(0x7f0000003340)=@abs, 0x6e, &(0x7f0000003440)=[{&(0x7f00000033c0)=""/118, 0x76}], 0x1}}, {{&(0x7f0000003480)=@abs, 0x6e, &(0x7f0000003680)=[{&(0x7f0000003500)=""/148, 0x94}, {&(0x7f00000035c0)=""/154, 0x9a}], 0x2, &(0x7f00000036c0)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xb8}}, {{&(0x7f0000003780)=@abs, 0x6e, &(0x7f0000003a40)=[{&(0x7f0000003800)=""/76, 0x4c}, {&(0x7f0000003880)=""/87, 0x57}, {&(0x7f0000003900)=""/239, 0xef}, {&(0x7f0000003a00)=""/29, 0x1d}], 0x4, &(0x7f0000003a80)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x58}}, {{&(0x7f0000003b00)=@abs, 0x6e, &(0x7f0000004280)=[{&(0x7f0000003b80)=""/245, 0xf5}, {&(0x7f0000003c80)=""/215, 0xd7}, {&(0x7f0000003d80)=""/38, 0x26}, {&(0x7f0000003dc0)=""/195, 0xc3}, {&(0x7f0000003ec0)=""/175, 0xaf}, {&(0x7f0000003f80)=""/34, 0x22}, {&(0x7f0000003fc0)=""/246, 0xf6}, {&(0x7f00000040c0)=""/4, 0x4}, {&(0x7f0000004100)=""/178, 0xb2}, {&(0x7f00000041c0)=""/135, 0x87}], 0xa, &(0x7f0000004340)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x138}}, {{&(0x7f0000004480)=@abs, 0x6e, &(0x7f0000005600)=[{0xfffffffffffffffc}, {&(0x7f0000004500)=""/4096, 0x1000}, {&(0x7f0000005500)=""/54, 0x36}, {&(0x7f0000005540)=""/147, 0x93}], 0x4, &(0x7f0000005640)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x110}}, {{&(0x7f0000005780)=@abs, 0x6e, &(0x7f0000005ec0)=[{&(0x7f0000005800)=""/87, 0x57}, {&(0x7f0000005880)=""/225, 0xe1}, {&(0x7f0000005980)=""/190, 0xbe}, {&(0x7f0000005a40)}, {&(0x7f0000005a80)=""/152, 0x98}, {&(0x7f0000005b40)=""/208, 0xd0}, {&(0x7f0000005c40)=""/60, 0x3c}, {&(0x7f0000005c80)=""/228, 0xe4}, {&(0x7f0000005d80)=""/203, 0xcb}, {&(0x7f0000005e80)}], 0xa, &(0x7f0000005f80)=[@cred={{0x1c}}], 0x20}}], 0xa, 0x0, &(0x7f0000006280)={r4, r5+60000000}) rt_sigqueueinfo(r6, 0x3d, &(0x7f00000062c0)={0x3d, 0xfffffff9, 0x5}) fsetxattr$security_capability(r2, &(0x7f0000000000), &(0x7f00000005c0)=@v3={0x3000000, [{0x2, 0x9}, {0x5, 0xfffffff9}], r3}, 0x18, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000240)={0x320, 0x41, 0x200, 0x70bd2c, 0x25dfdbfb, {0xd}, [@typed={0xc, 0x8b, 0x0, 0x0, @u64=0x2}, @nested={0x139, 0x2e, 0x0, 0x1, [@typed={0x2a, 0x5a, 0x0, 0x0, @binary="2cf20b7c353c86d4b5bcca9d2d9d47357489e07fd5fc4da33384227c9f7a65d29b76d618ce38"}, @generic="d6cab2b3254af311fba8f4b66e04e9aa447b2be487b85cdb412805b58cb541eca48732f8dd3e2a0e257b268b33f29fa1d8797d57ebf2b041e1f3c94fc12bb67d3a2337283614578490b51418490153b824e7a04494e40fb2f694bb14dc3558ad0e26c2d4272bf4d3ffd0d12fe4ec50a28d43da96ce681999eb8c6b5afbf236ccbe9843fc89a02b8826bd5d86d8dcd03b063018b2cd48ff534ea73ed19a5cbe8e60ac9c1fc812152ea159", @generic, @typed={0x8, 0x49, 0x0, 0x0, @ipv4=@multicast1}, @generic="bef787ade9e33446aa781292a24d761a7ec24c4b8a758535342f0fc9dfcc664988c382d2dae88ecdf7b7", @generic="90a790914c9b679e4bb3ef267e39aac16826d629f8ab9bef84371054ca974dee0f09fa2b8df00fac6086aaaab9"]}, @typed={0x8, 0x83, 0x0, 0x0, @uid=r3}, @nested={0x9a, 0x86, 0x0, 0x1, [@generic="eb5366b02cc1ef2e9c095c84de64eb7f1ffa195a9e8589aaee128814e6a4fb395aa7475127b2ebfce4aaf8bef4a54c2f6d1a63de724adab5e1f78ddb5fd842dc5a356906060923ddf356f7baa1e58c7f67d35773700a98632ad14c59bf6d6948dc042902164fbb74c437d7de7e507f25c41c551be4bd665e90ad8e8efdfdab4a0b51754539250d5208d842dd9b25f2c24c259b4899fb"]}, @nested={0xc, 0x82, 0x0, 0x1, [@typed={0x8, 0x4f, 0x0, 0x0, @u32=0x5}]}, @generic="3f8a15212495a6ee25f7001854a87db5ffebb1862555742093b13e16483bb29aaa28549e835e8f4e7f807a50cf5870ca16ff8cd23531d046b429278fbbb60b9aec008511aba4f5b4ed69b98f2e4cd071cefc3e0b9d48a264d6612517486c6e6259858425ee1c82707c7a243069a7a7b290a5993921d6bb84444c85d515ce0c9e8960ea6dedead6da0fe214401a6c5ed87a16c1841854b5e12fb6dd3bd1eefb5979c15a0e8b0cd7b8161e18594f7c9ae31ada693d18cc1e29e88a86aee6d6e90a83cd65c2d3860f051962c0cbb39f9bf5b501a30a028a34b87f82303ff30b", @nested={0x2c, 0x5d, 0x0, 0x1, [@typed={0xa, 0x2e, 0x0, 0x0, @str='!\\:&-\x00'}, @typed={0x8, 0x4f, 0x0, 0x0, @pid=r1}, @typed={0xc, 0x7c, 0x0, 0x0, @u64=0x100}, @typed={0x8, 0x4, 0x0, 0x0, @u32=0x7}]}, @typed={0x5, 0x79, 0x0, 0x0, @str='\x00'}]}, 0x320}, 0x1, 0x0, 0x0, 0x40804}, 0x2040000) accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000140), 0x80000) 03:47:33 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) (fail_nth: 6) [ 1443.556374] FAULT_INJECTION: forcing a failure. [ 1443.556374] name failslab, interval 1, probability 0, space 0, times 0 [ 1443.559137] CPU: 0 PID: 11004 Comm: syz-executor.1 Not tainted 5.10.200 #1 [ 1443.560737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1443.562427] Call Trace: [ 1443.562982] dump_stack+0x107/0x167 [ 1443.563748] should_fail.cold+0x5/0xa [ 1443.564548] ? create_object.isra.0+0x3a/0xa20 [ 1443.565478] should_failslab+0x5/0x20 [ 1443.566266] kmem_cache_alloc+0x5b/0x310 [ 1443.567104] create_object.isra.0+0x3a/0xa20 [ 1443.568029] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1443.569073] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 1443.570129] ? netlink_sendmsg+0x998/0xdf0 [ 1443.571007] __alloc_skb+0xb1/0x5b0 [ 1443.571784] netlink_sendmsg+0x998/0xdf0 [ 1443.572620] ? netlink_unicast+0x7f0/0x7f0 [ 1443.573496] ? netlink_unicast+0x7f0/0x7f0 [ 1443.574367] __sock_sendmsg+0x154/0x190 [ 1443.575177] ____sys_sendmsg+0x70d/0x870 [ 1443.576025] ? sock_write_iter+0x3d0/0x3d0 [ 1443.576889] ? do_recvmmsg+0x6d0/0x6d0 [ 1443.577691] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1443.578766] ? lock_downgrade+0x6d0/0x6d0 [ 1443.579622] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1443.580685] ? SOFTIRQ_verbose+0x10/0x10 [ 1443.581518] ___sys_sendmsg+0xf3/0x170 [ 1443.582317] ? sendmsg_copy_msghdr+0x160/0x160 [ 1443.583256] ? lock_downgrade+0x6d0/0x6d0 [ 1443.584121] ? find_held_lock+0x2c/0x110 [ 1443.584967] ? __fget_files+0x296/0x4c0 [ 1443.585789] ? __fget_light+0xea/0x290 [ 1443.586591] __sys_sendmsg+0xe5/0x1b0 [ 1443.587370] ? __sys_sendmsg_sock+0x40/0x40 [ 1443.588274] ? rcu_read_lock_any_held+0x75/0xa0 [ 1443.589243] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1443.590311] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1443.591365] ? trace_hardirqs_on+0x5b/0x180 [ 1443.592256] do_syscall_64+0x33/0x40 [ 1443.593018] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1443.593163] FAULT_INJECTION: forcing a failure. [ 1443.593163] name failslab, interval 1, probability 0, space 0, times 0 [ 1443.594056] RIP: 0033:0x7fe5aaa4cb19 [ 1443.594079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1443.594090] RSP: 002b:00007fe5a7fc2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1443.602383] RAX: ffffffffffffffda RBX: 00007fe5aab5ff60 RCX: 00007fe5aaa4cb19 [ 1443.603839] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 1443.605285] RBP: 00007fe5a7fc21d0 R08: 0000000000000000 R09: 0000000000000000 [ 1443.606731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1443.608188] R13: 00007ffe868c648f R14: 00007fe5a7fc2300 R15: 0000000000022000 [ 1443.609667] CPU: 1 PID: 11010 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1443.611097] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1443.612789] Call Trace: [ 1443.613332] dump_stack+0x107/0x167 [ 1443.614086] should_fail.cold+0x5/0xa [ 1443.614871] ? create_object.isra.0+0x3a/0xa20 [ 1443.615820] should_failslab+0x5/0x20 [ 1443.616600] kmem_cache_alloc+0x5b/0x310 [ 1443.617430] ? mark_held_locks+0x9e/0xe0 [ 1443.618268] create_object.isra.0+0x3a/0xa20 [ 1443.619164] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1443.620224] kmem_cache_alloc+0x159/0x310 [ 1443.621081] xas_alloc+0x336/0x440 [ 1443.621814] xas_create+0x34a/0x10d0 [ 1443.622598] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1443.623682] xas_store+0x8c/0x1c40 [ 1443.624424] __xa_store+0x164/0x2d0 [ 1443.625165] ? xa_delete_node+0x280/0x280 [ 1443.626026] ? trace_hardirqs_on+0x5b/0x180 [ 1443.626920] xa_store+0x31/0x50 [ 1443.627613] __io_uring_add_tctx_node+0x1cf/0x520 [ 1443.628599] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1443.629661] ? __alloc_fd+0x2b8/0x630 [ 1443.630453] io_uring_setup+0x2018/0x2a40 [ 1443.631320] ? wait_for_completion_io+0x270/0x270 [ 1443.632310] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1443.633369] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1443.634435] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1443.635512] do_syscall_64+0x33/0x40 [ 1443.636275] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1443.637321] RIP: 0033:0x7fd4717f2b19 03:47:33 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xf00, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1443.638076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1443.641992] RSP: 002b:00007fd46ed47108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1443.643570] RAX: ffffffffffffffda RBX: 00007fd471906020 RCX: 00007fd4717f2b19 [ 1443.645142] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1443.646613] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1443.648075] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1443.649537] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:47:34 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000040), 0x3}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000000)={0x0, 0x4, 0xfffffffffffffffd, 0xfffffffffffffff7}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x800448d4, &(0x7f0000000080)) syz_open_dev$tty1(0xc, 0x4, 0x1) clock_gettime(0x0, &(0x7f00000000c0)) unshare(0x48020200) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) kcmp(0xffffffffffffffff, 0x0, 0x0, r1, r0) [ 1443.691843] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:47:34 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:34 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:34 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 69) 03:47:34 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x4800, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:47:34 executing program 3: fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) r0 = gettid() migrate_pages(r0, 0x440db7ad, &(0x7f0000000040)=0x5, &(0x7f00000000c0)=0x1) [ 1443.882417] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:47:34 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:34 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff8000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1443.926201] FAULT_INJECTION: forcing a failure. [ 1443.926201] name failslab, interval 1, probability 0, space 0, times 0 [ 1443.928585] CPU: 1 PID: 11129 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1443.930015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1443.931741] Call Trace: [ 1443.932290] dump_stack+0x107/0x167 [ 1443.933051] should_fail.cold+0x5/0xa [ 1443.933851] ? create_object.isra.0+0x3a/0xa20 [ 1443.934804] should_failslab+0x5/0x20 [ 1443.935596] kmem_cache_alloc+0x5b/0x310 [ 1443.936430] ? mark_held_locks+0x9e/0xe0 [ 1443.937262] create_object.isra.0+0x3a/0xa20 [ 1443.938158] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1443.939192] kmem_cache_alloc+0x159/0x310 [ 1443.940063] xas_alloc+0x336/0x440 [ 1443.940790] xas_create+0x34a/0x10d0 [ 1443.941559] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1443.942624] xas_store+0x8c/0x1c40 [ 1443.943363] __xa_store+0x164/0x2d0 [ 1443.944116] ? xa_delete_node+0x280/0x280 [ 1443.944967] ? trace_hardirqs_on+0x5b/0x180 [ 1443.945852] xa_store+0x31/0x50 [ 1443.946526] __io_uring_add_tctx_node+0x1cf/0x520 [ 1443.947532] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1443.948596] ? __alloc_fd+0x2b8/0x630 [ 1443.949376] io_uring_setup+0x2018/0x2a40 [ 1443.950230] ? wait_for_completion_io+0x270/0x270 [ 1443.951209] ? __do_sys_io_uring_enter+0x1920/0x1920 [ 1443.952267] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1443.953329] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1443.954383] do_syscall_64+0x33/0x40 [ 1443.955141] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1443.956198] RIP: 0033:0x7fd4717f2b19 [ 1443.956964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1443.960721] RSP: 002b:00007fd46ed47108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1443.962294] RAX: ffffffffffffffda RBX: 00007fd471906020 RCX: 00007fd4717f2b19 [ 1443.963769] RDX: 0000000020ffc000 RSI: 0000000020000080 RDI: 0000000000003a75 [ 1443.965254] RBP: 0000000020000080 R08: 0000000020000100 R09: 0000000020000100 [ 1443.966731] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000100 [ 1443.968211] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:47:34 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x4c00, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:47:34 executing program 7: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, 0xffffffffffffffff, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x1010, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000000, 0x11, 0xffffffffffffffff, 0x10000000) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 03:47:34 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) (fail_nth: 7) [ 1444.049368] FAULT_INJECTION: forcing a failure. [ 1444.049368] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1444.051930] CPU: 1 PID: 11176 Comm: syz-executor.1 Not tainted 5.10.200 #1 [ 1444.053318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1444.054992] Call Trace: [ 1444.055537] dump_stack+0x107/0x167 [ 1444.056278] should_fail.cold+0x5/0xa [ 1444.057053] _copy_from_iter_full+0x201/0xa60 [ 1444.057981] ? __virt_addr_valid+0x128/0x350 [ 1444.058867] ? __check_object_size+0x319/0x440 [ 1444.059814] netlink_sendmsg+0x879/0xdf0 [ 1444.060632] ? netlink_unicast+0x7f0/0x7f0 [ 1444.061496] ? netlink_unicast+0x7f0/0x7f0 [ 1444.062346] __sock_sendmsg+0x154/0x190 [ 1444.063145] ____sys_sendmsg+0x70d/0x870 [ 1444.063968] ? sock_write_iter+0x3d0/0x3d0 [ 1444.064812] ? do_recvmmsg+0x6d0/0x6d0 [ 1444.065601] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1444.066661] ___sys_sendmsg+0xf3/0x170 [ 1444.067451] ? sendmsg_copy_msghdr+0x160/0x160 [ 1444.068369] ? lock_downgrade+0x6d0/0x6d0 [ 1444.069210] ? finish_task_switch+0x126/0x5d0 [ 1444.070111] ? lock_downgrade+0x6d0/0x6d0 [ 1444.070951] ? __fget_files+0x296/0x4c0 [ 1444.071776] ? __fget_light+0xea/0x290 [ 1444.072576] __sys_sendmsg+0xe5/0x1b0 [ 1444.073337] ? __sys_sendmsg_sock+0x40/0x40 [ 1444.074209] ? io_schedule_timeout+0x140/0x140 [ 1444.075140] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1444.076192] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1444.077235] ? trace_hardirqs_on+0x5b/0x180 [ 1444.078105] do_syscall_64+0x33/0x40 [ 1444.078861] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1444.079892] RIP: 0033:0x7fe5aaa4cb19 [ 1444.080650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1444.084338] RSP: 002b:00007fe5a7fc2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1444.085840] RAX: ffffffffffffffda RBX: 00007fe5aab5ff60 RCX: 00007fe5aaa4cb19 [ 1444.087261] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 1444.088675] RBP: 00007fe5a7fc21d0 R08: 0000000000000000 R09: 0000000000000000 [ 1444.090086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1444.091502] R13: 00007ffe868c648f R14: 00007fe5a7fc2300 R15: 0000000000022000 [ 1444.096155] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:47:34 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff5, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:34 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 70) 03:47:34 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:34 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x6800, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:47:34 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000000c0)=0x0) capset(&(0x7f0000000100)={0x20071026, r1}, &(0x7f0000000140)={0x96de, 0x6, 0x9, 0x9b26, 0x0, 0x694e}) [ 1444.256599] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1444.273274] FAULT_INJECTION: forcing a failure. [ 1444.273274] name failslab, interval 1, probability 0, space 0, times 0 [ 1444.275731] CPU: 1 PID: 11249 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1444.276985] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1444.278464] Call Trace: [ 1444.278939] dump_stack+0x107/0x167 [ 1444.279618] should_fail.cold+0x5/0xa [ 1444.280311] ? create_object.isra.0+0x3a/0xa20 [ 1444.281134] should_failslab+0x5/0x20 [ 1444.281820] kmem_cache_alloc+0x5b/0x310 [ 1444.282618] create_object.isra.0+0x3a/0xa20 [ 1444.283397] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1444.284381] kmem_cache_alloc+0x159/0x310 [ 1444.285141] vm_area_dup+0x78/0x290 [ 1444.285842] ? lock_acquire+0x197/0x470 [ 1444.286558] ? create_object.isra.0+0x3ad/0xa20 [ 1444.287466] ? mark_lock+0xf5/0x2df0 [ 1444.288187] ? __lock_acquire+0x1657/0x5b00 [ 1444.289017] ? lock_chain_count+0x20/0x20 [ 1444.289814] ? mark_lock+0xf5/0x2df0 [ 1444.290509] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1444.291497] ? mark_lock+0xf5/0x2df0 [ 1444.292179] ? kmem_cache_alloc+0x2a6/0x310 [ 1444.292969] ? vm_area_alloc+0x110/0x110 [ 1444.293715] ? __lock_acquire+0x1657/0x5b00 [ 1444.294526] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1444.295489] ? SOFTIRQ_verbose+0x10/0x10 [ 1444.296229] ? vmacache_find+0x55/0x2a0 [ 1444.296958] __split_vma+0xa8/0x570 [ 1444.297626] __do_munmap+0x365/0x1260 [ 1444.298329] ? lock_release+0x680/0x680 [ 1444.299067] mmap_region+0x776/0x1590 [ 1444.299782] ? get_unmapped_area+0x2f0/0x420 [ 1444.300591] do_mmap+0xcdb/0x11e0 [ 1444.301239] vm_mmap_pgoff+0x198/0x1f0 [ 1444.301963] ? randomize_page+0xb0/0xb0 [ 1444.302692] ? __fget_files+0x296/0x4c0 [ 1444.303450] ksys_mmap_pgoff+0x41c/0x560 [ 1444.304200] ? find_mergeable_anon_vma+0x250/0x250 [ 1444.305096] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1444.306047] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1444.306986] do_syscall_64+0x33/0x40 [ 1444.307676] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1444.308607] RIP: 0033:0x7fd4717f2b62 [ 1444.309281] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1444.312613] RSP: 002b:00007fd46ed680f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1444.314038] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1444.315392] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020ffb000 [ 1444.316738] RBP: 0000000020ffb000 R08: 0000000000000007 R09: 0000000000000000 [ 1444.318102] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 [ 1444.319464] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:47:49 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:49 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 71) 03:47:49 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) setpgid(r0, r0) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:47:49 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x6c00, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:47:49 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) (fail_nth: 8) 03:47:49 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000080)={@remote}, 0x14) r1 = socket$inet6(0xa, 0x80000, 0x10000) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r3, r2, 0x800, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) pipe(&(0x7f00000014c0)={0xffffffffffffffff}) getpeername(r4, &(0x7f0000000580)=@xdp={0x2c, 0x0, 0x0}, &(0x7f0000000280)=0xfffffffffffffec0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r4, 0x89fb, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000500)={'ip6tnl0\x00', r5, 0x2b, 0xff, 0x0, 0x5, 0x59, @empty, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x20, 0x8000, 0x20, 0x6}}) setsockopt$inet6_mreq(r3, 0x29, 0x1c, &(0x7f0000000040)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, r5}, 0x14) r6 = dup2(r1, r1) setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f00000001c0)={@empty}, 0x14) r7 = gettid() capset(&(0x7f0000000000)={0x19980330, r7}, &(0x7f0000000040)) r8 = syz_open_procfs(r7, &(0x7f0000000000)='net/anycast6\x00') preadv(r8, &(0x7f00000003c0)=[{&(0x7f00000000c0)=""/243, 0xf3}], 0x1, 0x9, 0x0) 03:47:49 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1458.953615] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1458.959397] FAULT_INJECTION: forcing a failure. [ 1458.959397] name failslab, interval 1, probability 0, space 0, times 0 [ 1458.961826] CPU: 0 PID: 11372 Comm: syz-executor.1 Not tainted 5.10.200 #1 [ 1458.963230] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1458.964897] Call Trace: [ 1458.965434] dump_stack+0x107/0x167 [ 1458.966181] should_fail.cold+0x5/0xa [ 1458.966953] ? __alloc_skb+0x6d/0x5b0 [ 1458.967751] should_failslab+0x5/0x20 [ 1458.968525] kmem_cache_alloc_node+0x55/0x330 [ 1458.969436] __alloc_skb+0x6d/0x5b0 [ 1458.970181] netlink_ack+0x1ed/0xab0 [ 1458.970938] ? netlink_sendmsg+0xdf0/0xdf0 [ 1458.971807] ? __mutex_lock+0x4fe/0x10b0 [ 1458.972629] ? lock_acquire+0x197/0x470 [ 1458.973431] ? netlink_deliver_tap+0xf4/0xcd0 [ 1458.974336] netlink_rcv_skb+0x348/0x430 [ 1458.975160] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1458.976187] ? netlink_ack+0xab0/0xab0 [ 1458.976992] ? netlink_deliver_tap+0x1c4/0xcd0 [ 1458.977922] xfrm_netlink_rcv+0x6b/0x90 [ 1458.978724] netlink_unicast+0x549/0x7f0 [ 1458.979552] ? netlink_attachskb+0x870/0x870 [ 1458.980446] ? __virt_addr_valid+0x128/0x350 [ 1458.981348] netlink_sendmsg+0x90f/0xdf0 [ 1458.982173] ? netlink_unicast+0x7f0/0x7f0 [ 1458.983038] ? netlink_unicast+0x7f0/0x7f0 [ 1458.983905] __sock_sendmsg+0x154/0x190 [ 1458.984708] ____sys_sendmsg+0x70d/0x870 [ 1458.985532] ? sock_write_iter+0x3d0/0x3d0 [ 1458.986389] ? do_recvmmsg+0x6d0/0x6d0 [ 1458.987183] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1458.988257] ? lock_downgrade+0x6d0/0x6d0 [ 1458.989098] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1458.990154] ? SOFTIRQ_verbose+0x10/0x10 [ 1458.990983] ___sys_sendmsg+0xf3/0x170 [ 1458.991779] ? sendmsg_copy_msghdr+0x160/0x160 [ 1458.992707] ? lock_downgrade+0x6d0/0x6d0 [ 1458.993548] ? find_held_lock+0x2c/0x110 [ 1458.994376] ? __fget_files+0x296/0x4c0 [ 1458.995190] ? __fget_light+0xea/0x290 [ 1458.996000] __sys_sendmsg+0xe5/0x1b0 [ 1458.996772] ? __sys_sendmsg_sock+0x40/0x40 [ 1458.997637] ? rcu_read_lock_any_held+0x75/0xa0 [ 1458.998594] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1458.999655] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1459.000689] ? trace_hardirqs_on+0x5b/0x180 [ 1459.001562] do_syscall_64+0x33/0x40 [ 1459.002314] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1459.003344] RIP: 0033:0x7fe5aaa4cb19 [ 1459.004111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1459.007807] RSP: 002b:00007fe5a7fc2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1459.009339] RAX: ffffffffffffffda RBX: 00007fe5aab5ff60 RCX: 00007fe5aaa4cb19 [ 1459.010774] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 1459.012220] RBP: 00007fe5a7fc21d0 R08: 0000000000000000 R09: 0000000000000000 [ 1459.013650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1459.015080] R13: 00007ffe868c648f R14: 00007fe5a7fc2300 R15: 0000000000022000 [ 1459.052939] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:47:49 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x7400, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:47:49 executing program 0: mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x3}, 0x11010}, 0x0, 0x1, 0xffffffffffffffff, 0x8) r0 = pkey_alloc(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0) pkey_mprotect(&(0x7f0000fed000/0x13000)=nil, 0x13000, 0x0, r0) chdir(&(0x7f0000000040)='./file0\x00') mount$cgroup(0x0, 0x0, &(0x7f0000000100), 0x180010, 0x0) r1 = perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file2\x00') ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1, {0x9}}, './file0\x00'}) r2 = creat(&(0x7f0000000200)='./file1\x00', 0x2) chroot(&(0x7f0000000280)='./file2\x00') r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, r3) r4 = openat(r2, &(0x7f0000001a00)='./file1\x00', 0x42, 0x108) io_setup(0x5, &(0x7f0000000040)=0x0) chroot(&(0x7f0000000440)='./file2\x00') io_submit(r5, 0x1, &(0x7f00000008c0)=[&(0x7f0000000200)={0x0, 0x0, 0x5, 0x0, 0x0, r4, 0x0}]) openat$incfs(r4, &(0x7f0000000300)='.pending_reads\x00', 0xc6000, 0x8) 03:47:49 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) (fail_nth: 9) [ 1459.068138] FAULT_INJECTION: forcing a failure. [ 1459.068138] name failslab, interval 1, probability 0, space 0, times 0 [ 1459.069445] CPU: 1 PID: 11371 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1459.070216] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1459.071149] Call Trace: [ 1459.071462] dump_stack+0x107/0x167 [ 1459.071884] should_fail.cold+0x5/0xa [ 1459.072307] ? anon_vma_clone+0xdc/0x590 [ 1459.072763] should_failslab+0x5/0x20 [ 1459.073183] kmem_cache_alloc+0x5b/0x310 [ 1459.073634] anon_vma_clone+0xdc/0x590 [ 1459.074096] __split_vma+0x17c/0x570 [ 1459.074518] __do_munmap+0x365/0x1260 [ 1459.074956] ? lock_release+0x680/0x680 [ 1459.075396] mmap_region+0x776/0x1590 [ 1459.075840] ? get_unmapped_area+0x2f0/0x420 [ 1459.076332] do_mmap+0xcdb/0x11e0 [ 1459.076728] vm_mmap_pgoff+0x198/0x1f0 [ 1459.077176] ? randomize_page+0xb0/0xb0 [ 1459.077623] ? __fget_files+0x296/0x4c0 [ 1459.078078] ksys_mmap_pgoff+0x41c/0x560 [ 1459.078533] ? find_mergeable_anon_vma+0x250/0x250 [ 1459.079086] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1459.079714] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1459.080313] do_syscall_64+0x33/0x40 [ 1459.080747] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1459.081339] RIP: 0033:0x7fd4717f2b62 [ 1459.081769] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1459.083899] RSP: 002b:00007fd46ed680f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1459.084777] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1459.085595] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020ffb000 [ 1459.086410] RBP: 0000000020ffb000 R08: 0000000000000007 R09: 0000000000000000 [ 1459.087232] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 [ 1459.088070] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:47:49 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x7a00, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:47:49 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x3a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:47:49 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mknodat(r1, &(0x7f0000000180)='./file0\x00', 0x20, 0x9) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) copy_file_range(r4, 0x0, r0, 0x0, 0x10001, 0x0) setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000040), 0x4) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x10000, 0x10b) r6 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) ioctl$SIOCGSTAMP(r6, 0x8906, &(0x7f0000000140)) fcntl$setstatus(r6, 0x4, 0x6000) perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ioctl$FS_IOC_GETFLAGS(r2, 0x80086601, &(0x7f00000001c0)) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x42, 0x0, 0xffffffff, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00') mknodat$loop(r7, &(0x7f0000000040)='./file0\x00', 0x0, 0x1) sendfile(r0, r5, 0x0, 0x20d315) [ 1459.139940] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1459.266300] FAULT_INJECTION: forcing a failure. [ 1459.266300] name failslab, interval 1, probability 0, space 0, times 0 [ 1459.268627] CPU: 0 PID: 11497 Comm: syz-executor.1 Not tainted 5.10.200 #1 [ 1459.270019] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1459.271683] Call Trace: [ 1459.272226] dump_stack+0x107/0x167 [ 1459.272968] should_fail.cold+0x5/0xa [ 1459.273741] ? create_object.isra.0+0x3a/0xa20 [ 1459.274667] should_failslab+0x5/0x20 [ 1459.275434] kmem_cache_alloc+0x5b/0x310 [ 1459.276270] create_object.isra.0+0x3a/0xa20 [ 1459.277158] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1459.278193] kmem_cache_alloc_node+0x169/0x330 [ 1459.279121] __alloc_skb+0x6d/0x5b0 [ 1459.279896] netlink_ack+0x1ed/0xab0 [ 1459.280654] ? netlink_sendmsg+0xdf0/0xdf0 [ 1459.281510] ? __mutex_lock+0x4fe/0x10b0 [ 1459.282334] ? lock_acquire+0x197/0x470 [ 1459.283148] ? netlink_deliver_tap+0xf4/0xcd0 [ 1459.284068] netlink_rcv_skb+0x348/0x430 [ 1459.284898] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1459.285907] ? netlink_ack+0xab0/0xab0 [ 1459.286715] ? netlink_deliver_tap+0x1c4/0xcd0 [ 1459.287665] xfrm_netlink_rcv+0x6b/0x90 [ 1459.288470] netlink_unicast+0x549/0x7f0 [ 1459.289297] ? netlink_attachskb+0x870/0x870 [ 1459.290194] ? __virt_addr_valid+0x128/0x350 [ 1459.291099] netlink_sendmsg+0x90f/0xdf0 [ 1459.291938] ? netlink_unicast+0x7f0/0x7f0 [ 1459.292809] ? netlink_unicast+0x7f0/0x7f0 [ 1459.293674] __sock_sendmsg+0x154/0x190 [ 1459.294488] ____sys_sendmsg+0x70d/0x870 [ 1459.295313] ? sock_write_iter+0x3d0/0x3d0 [ 1459.296174] ? do_recvmmsg+0x6d0/0x6d0 [ 1459.296963] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1459.298010] ? lock_downgrade+0x6d0/0x6d0 [ 1459.298856] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1459.299926] ? SOFTIRQ_verbose+0x10/0x10 [ 1459.300755] ___sys_sendmsg+0xf3/0x170 [ 1459.301538] ? sendmsg_copy_msghdr+0x160/0x160 [ 1459.302456] ? lock_downgrade+0x6d0/0x6d0 [ 1459.303305] ? find_held_lock+0x2c/0x110 [ 1459.304147] ? __fget_files+0x296/0x4c0 [ 1459.304967] ? __fget_light+0xea/0x290 [ 1459.305762] __sys_sendmsg+0xe5/0x1b0 [ 1459.306533] ? __sys_sendmsg_sock+0x40/0x40 [ 1459.307408] ? rcu_read_lock_any_held+0x75/0xa0 [ 1459.308373] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1459.309450] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1459.310485] ? trace_hardirqs_on+0x5b/0x180 [ 1459.311358] do_syscall_64+0x33/0x40 [ 1459.312123] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1459.313156] RIP: 0033:0x7fe5aaa4cb19 [ 1459.313902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1459.317696] RSP: 002b:00007fe5a7fc2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1459.319214] RAX: ffffffffffffffda RBX: 00007fe5aab5ff60 RCX: 00007fe5aaa4cb19 [ 1459.320713] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 1459.322194] RBP: 00007fe5a7fc21d0 R08: 0000000000000000 R09: 0000000000000000 [ 1459.323655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1459.325085] R13: 00007ffe868c648f R14: 00007fe5a7fc2300 R15: 0000000000022000 03:48:03 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 72) 03:48:03 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:48:03 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) (fail_nth: 10) 03:48:03 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000b40)=ANY=[@ANYBLOB="e404000012000101"], 0x4e4}}, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r1, &(0x7f00000012c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001280)={&(0x7f0000001240)={0x14, 0x0, 0x8, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x0) 03:48:03 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:48:03 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f0000000080)=0x90, 0x4) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) getsockopt$inet6_tcp_buf(r0, 0x6, 0x0, &(0x7f0000000300)=""/149, &(0x7f0000000180)=0x95) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e23, 0x10001, @remote}}, 0x0, 0x0, 0x22, 0x0, "a1434d16d913534f654ed1777e0a7fa3773400322e1767bc90d79831007ef1d09975e0560005000000000000009a14bbfd1f96f212529c00"}, 0xd8) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000002ec0), 0x4) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x43, &(0x7f0000000400)={0x0, 0x2710}, 0x10) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @empty, 0xff}, 0x1c) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0) sendmsg$inet6(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000480)="cf9dbee20f07df6d99c406bbaced3c112fdf2fb684ad0fc85ffda6880b4717b8d0b0f5140ad7c455674cef90da6a2d94b9adbc0851b12ded579911dc5c6a36800b75cc39485f1238310ee27dcce46fff08625594e75aa2d58fcca6edb78c79ab6bdaebffde021c8df816bd2352529f2b437c20f45919e14630df4b897fd2e5154c4afdacb83582f0bd68b4d554138f8804c2552f09289949f4e9eefe39a944dff2c811df4d39d48b202e", 0xaa}], 0x1}, 0x10044001) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffdffffffffffff, 0xffffffffffffffff, 0x0) recvfrom$inet6(r0, &(0x7f0000001e00)=""/4096, 0x1000, 0xcd08, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000440)={'wg1\x00'}) ioctl$AUTOFS_IOC_PROTOVER(0xffffffffffffffff, 0x80049363, &(0x7f0000000140)) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000007180)={'syztnl1\x00', &(0x7f0000007100)={'sit0\x00', 0x0, 0x29, 0x1f, 0x1, 0x7, 0x0, @remote, @local, 0x40, 0x10, 0x9, 0x400}}) syz_io_uring_setup(0x7399, 0x0, &(0x7f0000ff6000/0xa000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), 0x0) [ 1473.531013] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:48:03 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) tkill(0xffffffffffffffff, 0x3d) 03:48:03 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xb300, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1473.560231] netlink: 1220 bytes leftover after parsing attributes in process `syz-executor.7'. [ 1473.563110] netlink: 1220 bytes leftover after parsing attributes in process `syz-executor.7'. [ 1473.567882] FAULT_INJECTION: forcing a failure. [ 1473.567882] name failslab, interval 1, probability 0, space 0, times 0 [ 1473.570412] CPU: 0 PID: 11516 Comm: syz-executor.1 Not tainted 5.10.200 #1 [ 1473.571959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1473.573849] Call Trace: [ 1473.574492] dump_stack+0x107/0x167 [ 1473.575382] should_fail.cold+0x5/0xa [ 1473.576347] should_failslab+0x5/0x20 [ 1473.577272] __kmalloc_node_track_caller+0x74/0x3b0 [ 1473.578398] ? netlink_ack+0x1ed/0xab0 [ 1473.579262] __alloc_skb+0xb1/0x5b0 [ 1473.580098] netlink_ack+0x1ed/0xab0 [ 1473.580922] ? netlink_sendmsg+0xdf0/0xdf0 [ 1473.581846] ? __mutex_lock+0x4fe/0x10b0 [ 1473.582753] ? lock_acquire+0x197/0x470 [ 1473.583624] ? netlink_deliver_tap+0xf4/0xcd0 [ 1473.584646] netlink_rcv_skb+0x348/0x430 [ 1473.585539] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1473.586642] ? netlink_ack+0xab0/0xab0 [ 1473.587513] ? netlink_deliver_tap+0x1c4/0xcd0 [ 1473.588553] xfrm_netlink_rcv+0x6b/0x90 [ 1473.589425] netlink_unicast+0x549/0x7f0 03:48:03 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xf000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1473.590342] ? netlink_attachskb+0x870/0x870 [ 1473.591484] ? __virt_addr_valid+0x128/0x350 [ 1473.592490] netlink_sendmsg+0x90f/0xdf0 [ 1473.593392] ? netlink_unicast+0x7f0/0x7f0 [ 1473.594355] ? netlink_unicast+0x7f0/0x7f0 [ 1473.595312] __sock_sendmsg+0x154/0x190 [ 1473.596202] ____sys_sendmsg+0x70d/0x870 [ 1473.597090] ? sock_write_iter+0x3d0/0x3d0 [ 1473.597988] ? do_recvmmsg+0x6d0/0x6d0 [ 1473.598829] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1473.599971] ? lock_downgrade+0x6d0/0x6d0 [ 1473.600873] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1473.601993] ? SOFTIRQ_verbose+0x10/0x10 [ 1473.602874] ___sys_sendmsg+0xf3/0x170 [ 1473.603707] ? sendmsg_copy_msghdr+0x160/0x160 [ 1473.604735] ? lock_downgrade+0x6d0/0x6d0 [ 1473.605643] ? find_held_lock+0x2c/0x110 [ 1473.605879] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1473.606543] ? __fget_files+0x296/0x4c0 [ 1473.608739] ? __fget_light+0xea/0x290 [ 1473.609600] __sys_sendmsg+0xe5/0x1b0 [ 1473.610439] ? __sys_sendmsg_sock+0x40/0x40 [ 1473.611390] ? rcu_read_lock_any_held+0x75/0xa0 [ 1473.612425] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1473.613550] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1473.614639] ? trace_hardirqs_on+0x5b/0x180 [ 1473.615572] do_syscall_64+0x33/0x40 [ 1473.616389] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1473.617481] RIP: 0033:0x7fe5aaa4cb19 [ 1473.618289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1473.622273] RSP: 002b:00007fe5a7fc2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1473.623905] RAX: ffffffffffffffda RBX: 00007fe5aab5ff60 RCX: 00007fe5aaa4cb19 [ 1473.625420] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 1473.626934] RBP: 00007fe5a7fc21d0 R08: 0000000000000000 R09: 0000000000000000 [ 1473.628467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1473.629985] R13: 00007ffe868c648f R14: 00007fe5a7fc2300 R15: 0000000000022000 [ 1473.638472] FAULT_INJECTION: forcing a failure. [ 1473.638472] name failslab, interval 1, probability 0, space 0, times 0 [ 1473.640271] CPU: 1 PID: 11506 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1473.641367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1473.642696] Call Trace: [ 1473.643137] dump_stack+0x107/0x167 [ 1473.643723] should_fail.cold+0x5/0xa [ 1473.644344] ? create_object.isra.0+0x3a/0xa20 [ 1473.645081] should_failslab+0x5/0x20 [ 1473.645690] kmem_cache_alloc+0x5b/0x310 [ 1473.646347] create_object.isra.0+0x3a/0xa20 [ 1473.647055] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1473.647869] kmem_cache_alloc+0x159/0x310 [ 1473.648545] anon_vma_clone+0xdc/0x590 [ 1473.649180] __split_vma+0x17c/0x570 [ 1473.649777] __do_munmap+0x365/0x1260 [ 1473.650425] ? lock_release+0x680/0x680 [ 1473.651101] mmap_region+0x776/0x1590 [ 1473.651762] ? get_unmapped_area+0x2f0/0x420 [ 1473.652503] do_mmap+0xcdb/0x11e0 [ 1473.653099] vm_mmap_pgoff+0x198/0x1f0 [ 1473.653755] ? randomize_page+0xb0/0xb0 [ 1473.654405] ? __fget_files+0x296/0x4c0 [ 1473.655082] ksys_mmap_pgoff+0x41c/0x560 [ 1473.655760] ? find_mergeable_anon_vma+0x250/0x250 [ 1473.656586] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1473.657461] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1473.658327] do_syscall_64+0x33/0x40 [ 1473.658944] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1473.659784] RIP: 0033:0x7fd4717f2b62 [ 1473.660411] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1473.663487] RSP: 002b:00007fd46ed680f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1473.664783] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1473.665969] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020ffb000 [ 1473.667092] RBP: 0000000020ffb000 R08: 0000000000000007 R09: 0000000000000000 [ 1473.668223] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 [ 1473.669353] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:48:04 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x30000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1473.764233] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1487.313253] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:48:17 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 73) 03:48:17 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) (fail_nth: 11) 03:48:17 executing program 7: r0 = syz_io_uring_setup(0x4c9f, &(0x7f00000002c0), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000240)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[0xffffffffffffffff], 0x1}, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter6\x00') sendmsg$FOU_CMD_ADD(r4, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)={0x64, 0x0, 0x400, 0xffffffff, 0x25dfdbfd, {}, [@FOU_ATTR_LOCAL_V6={0x14, 0x7, @mcast1}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e21}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @private1}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e24}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e23}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e22}, @FOU_ATTR_TYPE={0x5, 0x4, 0x2}]}, 0x9}}, 0x24000811) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2a36}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x7cae, &(0x7f0000001080)={0x0, 0x8fbb, 0x8, 0x0, 0x19c, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000001100), &(0x7f0000001140)) 03:48:17 executing program 0: r0 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000440)={0x0, "9b55f610ffe7b9856842eb69443042b20caac33d7dda6ec6986b177fa13c2bd2c68577ea852c8bb47f31ee549b6a921e231ef07ee0f7fca620564faeeeafa440"}, 0x48, 0x0) getsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x24, &(0x7f00000004c0)={@multicast1, @broadcast}, &(0x7f0000000500)=0x8) r2 = add_key(&(0x7f0000000800)='encrypted\x00', &(0x7f0000000840)={'syz', 0x1}, 0x0, 0x0, r0) add_key$keyring(&(0x7f0000000580), &(0x7f00000005c0)={'syz', 0x1}, 0x0, 0x0, r2) r3 = add_key$user(&(0x7f0000000a40), &(0x7f00000002c0)={'syz', 0x1}, &(0x7f0000000300)="a3", 0x1, 0xfffffffffffffffe) add_key$keyring(&(0x7f0000000640), &(0x7f0000000680)={'syz', 0x3}, 0x0, 0x0, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000000)=@keyring={'key_or_keyring:', r3, 0xa}) add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000000000000102030405060708090a0b0c0d0e0f101112131415161718191a1bc4451e1f202122232425262728292a2b32333435363723c8081953e7c5383b3a3b3c3d3e3f4000000000000039d34cae8924ff6867f6775e2d794800817471c2ad1e87330f37fe70dd122e7d27071bd38a5ce9bb816b06d8e40862d5c5fdf69dd4929514ca95de8866e238e9130624fcc9e6fa617ed24b8834d0a4427d65ee66017ebb5caeda5a04e0d7c5e6d86d6dba99818675cff2d929c1dc68c8ab04c760547a8c54e9d5c4ea9663028bc8fbf99010ea9cd020fc040cc437af36e67df9866d03ff4c304895622499084f2299dc8ad6181e3032ac5d93a6567b0d428f5d773f55d9423d396251db3dc67931"], 0x48, r0) getsockopt$IPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x43, &(0x7f0000000400)={'HL\x00'}, &(0x7f0000000600)=0x1e) r4 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, 0x0) request_key(&(0x7f0000000080)='cifs.spnego\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000180)='\x00', r4) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x8, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x1, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000000ac0)={0x17412c500, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = add_key$keyring(&(0x7f0000000040), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000000)=@keyring={'key_or_keyring:', 0x0, 0xa}) r6 = add_key$keyring(&(0x7f0000000040), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r6, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000000)=@keyring={'key_or_keyring:', 0x0, 0xa}) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f00000003c0)='rxrpc_s\x00', &(0x7f0000000540)=@chain={'key_or_keyring:', r6}) add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000280)={'fscrypt:', @desc1}, &(0x7f0000000340)={0x0, "bb28002c96a039fcddd45cffc621c01d5213d3c3af63c2d48fe0e83d0fd174c399628e2b43a92319dcf0b2a0b657b8348f6f05551af8db90e08998b743ce35c5", 0x16}, 0x48, r1) 03:48:17 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:48:17 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:48:17 executing program 3: r0 = fork() setpgid(r0, r0) perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x6b, 0xd3, 0x4, 0x7, 0x0, 0xfffffffffffffff6, 0x8040, 0xe, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x4, @perf_bp={&(0x7f0000000180), 0x4}, 0x8084, 0xffffffff, 0x400, 0x9, 0xfffffffffffffffd, 0x8, 0x2, 0x0, 0x0, 0x0, 0x9}, r0, 0xd, 0xffffffffffffffff, 0x8) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000000c0)=0x0) rt_tgsigqueueinfo(r1, r0, 0x28, &(0x7f0000000100)={0xd, 0x4, 0x1}) 03:48:17 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x34000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1487.333405] FAULT_INJECTION: forcing a failure. [ 1487.333405] name failslab, interval 1, probability 0, space 0, times 0 [ 1487.336864] CPU: 0 PID: 11650 Comm: syz-executor.1 Not tainted 5.10.200 #1 [ 1487.338285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1487.339973] Call Trace: [ 1487.340527] dump_stack+0x107/0x167 [ 1487.341279] should_fail.cold+0x5/0xa [ 1487.342061] ? create_object.isra.0+0x3a/0xa20 [ 1487.343000] should_failslab+0x5/0x20 [ 1487.343777] kmem_cache_alloc+0x5b/0x310 [ 1487.344638] create_object.isra.0+0x3a/0xa20 [ 1487.345538] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1487.346578] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 1487.347606] ? netlink_ack+0x1ed/0xab0 [ 1487.348415] __alloc_skb+0xb1/0x5b0 [ 1487.349168] netlink_ack+0x1ed/0xab0 [ 1487.349933] ? netlink_sendmsg+0xdf0/0xdf0 [ 1487.350800] ? __mutex_lock+0x4fe/0x10b0 [ 1487.351632] ? lock_acquire+0x197/0x470 [ 1487.352467] ? netlink_deliver_tap+0xf4/0xcd0 [ 1487.353386] netlink_rcv_skb+0x348/0x430 [ 1487.354225] ? copy_to_user_tmpl.part.0+0x610/0x610 [ 1487.355250] ? netlink_ack+0xab0/0xab0 [ 1487.356066] ? netlink_deliver_tap+0x1c4/0xcd0 [ 1487.357006] xfrm_netlink_rcv+0x6b/0x90 [ 1487.357818] netlink_unicast+0x549/0x7f0 [ 1487.358652] ? netlink_attachskb+0x870/0x870 [ 1487.359549] ? __virt_addr_valid+0x128/0x350 [ 1487.360467] netlink_sendmsg+0x90f/0xdf0 [ 1487.361305] ? netlink_unicast+0x7f0/0x7f0 [ 1487.362187] ? netlink_unicast+0x7f0/0x7f0 [ 1487.363052] __sock_sendmsg+0x154/0x190 [ 1487.363866] ____sys_sendmsg+0x70d/0x870 [ 1487.364716] ? sock_write_iter+0x3d0/0x3d0 [ 1487.365576] ? do_recvmmsg+0x6d0/0x6d0 [ 1487.366374] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1487.367442] ? lock_downgrade+0x6d0/0x6d0 [ 1487.368305] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1487.369372] ? SOFTIRQ_verbose+0x10/0x10 [ 1487.370205] ___sys_sendmsg+0xf3/0x170 [ 1487.371002] ? sendmsg_copy_msghdr+0x160/0x160 [ 1487.371946] ? lock_downgrade+0x6d0/0x6d0 [ 1487.372803] ? find_held_lock+0x2c/0x110 [ 1487.373648] ? __fget_files+0x296/0x4c0 [ 1487.374478] ? __fget_light+0xea/0x290 [ 1487.375279] __sys_sendmsg+0xe5/0x1b0 [ 1487.376071] ? __sys_sendmsg_sock+0x40/0x40 [ 1487.376951] ? rcu_read_lock_any_held+0x75/0xa0 [ 1487.377919] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1487.378987] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1487.380040] ? trace_hardirqs_on+0x5b/0x180 [ 1487.380928] do_syscall_64+0x33/0x40 [ 1487.381689] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1487.382733] RIP: 0033:0x7fe5aaa4cb19 [ 1487.383496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1487.387241] RSP: 002b:00007fe5a7fc2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1487.388796] RAX: ffffffffffffffda RBX: 00007fe5aab5ff60 RCX: 00007fe5aaa4cb19 [ 1487.390255] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 1487.391705] RBP: 00007fe5a7fc21d0 R08: 0000000000000000 R09: 0000000000000000 [ 1487.393179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1487.394638] R13: 00007ffe868c648f R14: 00007fe5a7fc2300 R15: 0000000000022000 [ 1487.400426] FAULT_INJECTION: forcing a failure. [ 1487.400426] name failslab, interval 1, probability 0, space 0, times 0 [ 1487.402723] CPU: 0 PID: 11654 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1487.404167] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1487.405853] Call Trace: [ 1487.406389] dump_stack+0x107/0x167 [ 1487.407137] should_fail.cold+0x5/0xa [ 1487.407918] ? vm_area_alloc+0x1c/0x110 [ 1487.408739] should_failslab+0x5/0x20 [ 1487.409511] kmem_cache_alloc+0x5b/0x310 [ 1487.410345] vm_area_alloc+0x1c/0x110 [ 1487.411118] mmap_region+0x819/0x1590 [ 1487.411912] ? get_unmapped_area+0x2f0/0x420 [ 1487.412815] do_mmap+0xcdb/0x11e0 [ 1487.413542] vm_mmap_pgoff+0x198/0x1f0 [ 1487.414344] ? randomize_page+0xb0/0xb0 [ 1487.415157] ? __fget_files+0x296/0x4c0 [ 1487.415980] ksys_mmap_pgoff+0x41c/0x560 [ 1487.416832] ? find_mergeable_anon_vma+0x250/0x250 [ 1487.417835] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1487.418899] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1487.419954] do_syscall_64+0x33/0x40 [ 1487.420721] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1487.421760] RIP: 0033:0x7fd4717f2b62 [ 1487.422518] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1487.426255] RSP: 002b:00007fd46ed470f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1487.427813] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1487.429294] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020ffb000 [ 1487.430771] RBP: 0000000020ffb000 R08: 0000000000000007 R09: 0000000000000000 [ 1487.432252] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 [ 1487.433717] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:48:17 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffff00000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:48:17 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x80000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1487.466418] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:48:17 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pread64(0xffffffffffffffff, &(0x7f0000000080)=""/3, 0x3, 0x20) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001a00110700000000000000000a000200c03f2a96775788f4a99ece08b66c6157b900d456e0ded53fd953c2a3dd836098a4e5a2471bda8f338e4c0e3ce06273a71d21d907774b4d34f3e486d5219df93fd5a5ccbd42d48fd38814509169d36f0881498fe1cedce71887acf79937ab0af36a0625642a8c7fcf3c2753277abd9ef52d5c23bbc1c62be63ae4c59b4b52"], 0x14}}, 0x0) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22, 0x3, @mcast2}, 0x1c) r3 = perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x4, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0xfff, 0x4, @perf_config_ext={0x2, 0x9}, 0x2101, 0x3, 0x65b, 0x0, 0x2, 0x8, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x3) socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)=0xba, 0x4) r4 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000140), 0x40000, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r6, r5, 0x800, 0x0) connect$inet(r5, &(0x7f0000000200)={0x2, 0x4e23, @private=0xa010101}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000880)=ANY=[@ANYBLOB="010000000101000418000008", @ANYRES32]) sendfile(0xffffffffffffffff, r3, &(0x7f00000000c0)=0x1, 0x6) 03:48:17 executing program 0: ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000080)=0x2) getpgid(0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, @perf_config_ext={0x0, 0x8000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa418b6d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00'}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$inet6_MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, &(0x7f0000000180)={{0xa, 0x0, 0x3, @mcast2}, {0xa, 0x4e20, 0x80, @private2}, 0x0, [0xb95, 0x81, 0x2, 0x6, 0x9, 0x0, 0x2, 0x5]}, 0x5c) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000140)={0x0, 0x9, "e35957"}) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r3, r2, 0x800, 0x0) bind$bt_hci(r2, &(0x7f00000002c0)={0x1f, 0x0, 0x2}, 0x6) ioctl$sock_bt_hci(r1, 0x800448d2, &(0x7f0000000080)) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000f0000200", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000280)=0x1) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ptrace(0x10, 0x0) waitid(0x0, 0x0, &(0x7f0000000300), 0x41000004, &(0x7f0000000540)) open(&(0x7f0000000380)='./file0\x00', 0x400, 0x44) wait4(0x0, &(0x7f0000000100), 0x40000000, &(0x7f00000003c0)) clone3(&(0x7f0000000200)={0x44004100, 0x0, &(0x7f00000000c0), 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:48:33 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 74) [ 1503.160692] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:48:33 executing program 0: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)={'filter\x00', 0x4, [{}, {}, {}, {}]}, 0x68) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x4, 0x7fff, 0x7f, 0x4}) ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0xf507, 0x0) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000040)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0x5, 0x0, 0x0, 0x8000]}, &(0x7f0000000140)=0x78) r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000180)={0xc29, 0xffffff75, 0x6d33be76, 0x6, 0x1}, 0x14) r2 = syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0xa0d800, 0x0) r3 = socket$netlink(0x10, 0x3, 0x4) setresuid(0x0, 0x0, 0x0) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) fcntl$dupfd(r4, 0x0, r4) bind$netlink(r3, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc) r5 = socket$inet_tcp(0x2, 0x1, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r6, 0x29, 0x0, &(0x7f00000007c0)="3f7623c0fd5713364c901d3cbce75250", 0x10) setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4) connect$inet(r5, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) symlinkat(&(0x7f0000000100)='./file0\x00', r2, 0x0) 03:48:33 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x400300, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:48:33 executing program 7: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) write$P9_RREADLINK(r0, &(0x7f0000000040)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400028001000270000004f801", 0x17}, {0x0, 0x0, 0x10001}], 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6e66732c00dcc5f608bf6d27b8167d039ff00270fddf415c294d8901c78d4725f022f1401694975cde9370975d7548da49cafc822a9b638fd0f4493db63d44595238ee449b1f8260c9da2de0d8cc3df4df3bf68fbc1e6ecbb2ba28eff9401b2045281d2d72c982e8d454710abd0bd5076e1f0bc0cd8104a1a454e54a1a87552272bb33bd67d3fbe0edf06b3d0000"]) write$P9_RMKNOD(r0, &(0x7f0000000080)={0x14, 0x13, 0x1, {0x40, 0x1, 0x8}}, 0x14) 03:48:33 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) (fail_nth: 12) 03:48:33 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:48:33 executing program 3: r0 = fork() r1 = gettid() capset(&(0x7f0000000000)={0x19980330, r1}, &(0x7f0000000040)) capset(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)={0x0, 0xffffffff, 0x6, 0x0, 0x3ff}) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x4000000000000008, &(0x7f0000000080)=0x1) 03:48:33 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1503.215378] FAULT_INJECTION: forcing a failure. [ 1503.215378] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1503.217774] CPU: 0 PID: 11792 Comm: syz-executor.1 Not tainted 5.10.200 #1 [ 1503.219189] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1503.220881] Call Trace: [ 1503.221432] dump_stack+0x107/0x167 [ 1503.222187] should_fail.cold+0x5/0xa [ 1503.222985] _copy_to_user+0x2e/0x180 [ 1503.223779] simple_read_from_buffer+0xcc/0x160 [ 1503.224759] proc_fail_nth_read+0x198/0x230 [ 1503.225638] ? proc_sessionid_read+0x230/0x230 [ 1503.226563] ? security_file_permission+0x24e/0x570 [ 1503.227573] ? perf_trace_initcall_start+0x101/0x380 [ 1503.228630] ? proc_sessionid_read+0x230/0x230 [ 1503.229557] vfs_read+0x228/0x580 [ 1503.230274] ksys_read+0x12d/0x260 [ 1503.231011] ? vfs_write+0xa70/0xa70 [ 1503.231777] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1503.232879] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1503.233931] do_syscall_64+0x33/0x40 [ 1503.234695] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1503.235744] RIP: 0033:0x7fe5aa9ff69c [ 1503.236511] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1503.240254] RSP: 002b:00007fe5a7fc2170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1503.241797] RAX: ffffffffffffffda RBX: 000000000000003c RCX: 00007fe5aa9ff69c [ 1503.243241] RDX: 000000000000000f RSI: 00007fe5a7fc21e0 RDI: 0000000000000004 [ 1503.244709] RBP: 00007fe5a7fc21d0 R08: 0000000000000000 R09: 0000000000000000 [ 1503.246156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1503.247155] FAULT_INJECTION: forcing a failure. [ 1503.247155] name failslab, interval 1, probability 0, space 0, times 0 [ 1503.247599] R13: 00007ffe868c648f R14: 00007fe5a7fc2300 R15: 0000000000022000 [ 1503.251364] CPU: 1 PID: 11783 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1503.252777] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1503.254441] Call Trace: [ 1503.254983] dump_stack+0x107/0x167 [ 1503.255726] should_fail.cold+0x5/0xa [ 1503.256515] ? create_object.isra.0+0x3a/0xa20 [ 1503.257440] should_failslab+0x5/0x20 [ 1503.258208] kmem_cache_alloc+0x5b/0x310 [ 1503.259041] create_object.isra.0+0x3a/0xa20 [ 1503.259932] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1503.260981] kmem_cache_alloc+0x159/0x310 [ 1503.261829] vm_area_alloc+0x1c/0x110 [ 1503.262592] mmap_region+0x819/0x1590 [ 1503.263386] ? get_unmapped_area+0x2f0/0x420 [ 1503.264307] do_mmap+0xcdb/0x11e0 [ 1503.265026] vm_mmap_pgoff+0x198/0x1f0 [ 1503.265839] ? randomize_page+0xb0/0xb0 [ 1503.266648] ? __fget_files+0x296/0x4c0 [ 1503.267478] ksys_mmap_pgoff+0x41c/0x560 [ 1503.268320] ? find_mergeable_anon_vma+0x250/0x250 [ 1503.269329] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1503.270382] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1503.271428] do_syscall_64+0x33/0x40 [ 1503.272186] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1503.273324] RIP: 0033:0x7fd4717f2b62 [ 1503.274078] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1503.277792] RSP: 002b:00007fd46ed680f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1503.279318] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1503.280760] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020ffb000 [ 1503.282191] RBP: 0000000020ffb000 R08: 0000000000000007 R09: 0000000000000000 [ 1503.283618] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 [ 1503.285065] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:48:33 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xf0ffff, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1503.382276] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:48:33 executing program 7: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000340)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/module/drm', 0x412100, 0x18) bind$unix(r1, &(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e) chdir(&(0x7f0000000040)='./file0\x00') r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x100000001) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/schedstat\x00', 0x0, 0x0) read(0xffffffffffffffff, &(0x7f0000019340)=""/102384, 0x18ff0) io_uring_setup(0x0, &(0x7f0000000bc0)={0x0, 0x66f8, 0x8, 0x0, 0xfffffffe}) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, 0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) ppoll(0x0, 0x0, &(0x7f0000000400), &(0x7f0000000440)={[0x4]}, 0x8) openat(r4, 0x0, 0x440, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/hid', 0x4040, 0x20) write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000140)=ANY=[@ANYBLOB="000017020007002e2f66696c6530"], 0x10) r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0, 0x98) signalfd(r0, &(0x7f0000000180)={[0xfffffffffffffffb]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r2, r5, 0x0, 0x80000001) 03:48:33 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 75) 03:48:33 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:48:33 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:48:33 executing program 0: r0 = eventfd2(0x4, 0x80001) preadv2(r0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/243, 0xf3}, {&(0x7f0000000140)=""/42, 0x2a}, {&(0x7f0000000180)=""/108, 0x6c}], 0x3, 0x800, 0x3, 0x14) read$eventfd(r0, &(0x7f0000000000), 0x8) 03:48:33 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x1000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:48:33 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:48:33 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1503.577017] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1503.591596] FAULT_INJECTION: forcing a failure. [ 1503.591596] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1503.594201] CPU: 1 PID: 11909 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1503.595646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1503.597382] Call Trace: [ 1503.597929] dump_stack+0x107/0x167 [ 1503.598685] should_fail.cold+0x5/0xa [ 1503.599483] __alloc_pages_nodemask+0x182/0x600 [ 1503.600471] ? memtype_seq_stop+0x20/0x20 [ 1503.601347] ? pat_pagerange_is_ram+0xa8/0x140 [ 1503.602271] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 1503.603506] alloc_pages_current+0x187/0x280 [ 1503.604426] pte_alloc_one+0x16/0x1a0 [ 1503.605205] __pte_alloc+0x1d/0x330 [ 1503.605961] remap_pfn_range+0xacb/0x1010 [ 1503.606863] ? apply_to_existing_page_range+0x40/0x40 [ 1503.607912] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1503.608996] io_uring_mmap+0x398/0x530 [ 1503.609788] mmap_region+0xb5a/0x1590 [ 1503.610713] do_mmap+0xcdb/0x11e0 [ 1503.611445] vm_mmap_pgoff+0x198/0x1f0 [ 1503.612263] ? randomize_page+0xb0/0xb0 [ 1503.613097] ? __fget_files+0x296/0x4c0 [ 1503.613924] ksys_mmap_pgoff+0x41c/0x560 [ 1503.614757] ? find_mergeable_anon_vma+0x250/0x250 [ 1503.615789] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1503.616857] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1503.617912] do_syscall_64+0x33/0x40 [ 1503.618671] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1503.619733] RIP: 0033:0x7fd4717f2b62 [ 1503.620499] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1503.624245] RSP: 002b:00007fd46ed680f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1503.625780] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1503.627220] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020ffb000 [ 1503.628679] RBP: 0000000020ffb000 R08: 0000000000000007 R09: 0000000000000000 [ 1503.630119] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 [ 1503.631561] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:48:34 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000140)={0x1, r1}) r2 = gettid() capset(&(0x7f0000000000)={0x19980330, r2}, &(0x7f0000000040)) ptrace(0x10, r2) 03:48:34 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:48:34 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x2000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:48:34 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1503.774568] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:48:49 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x2, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:48:49 executing program 0: pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}]}, 0x5c}}, 0x0) 03:48:49 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) r2 = syz_io_uring_setup(0x2bd8, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1e7}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000240)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000140)=""/204, 0xcc}, 0x0) io_uring_enter(r2, 0x5c33, 0x0, 0x0, 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000001, 0x12, r1, 0x8000000) syz_io_uring_submit(r5, 0x0, 0x0, 0x0) getsockopt$sock_int(r0, 0x1, 0x2b, &(0x7f0000000040), &(0x7f0000000280)=0x4) 03:48:49 executing program 3: r0 = fork() capset(&(0x7f00000000c0)={0x20080522}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x5, 0x800005}) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:48:49 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x3000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:48:49 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:48:49 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 76) 03:48:49 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1519.101425] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1519.106796] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.106942] FAULT_INJECTION: forcing a failure. [ 1519.106942] name failslab, interval 1, probability 0, space 0, times 0 [ 1519.107942] blk_update_request: I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1519.109384] CPU: 0 PID: 12052 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1519.111379] Buffer I/O error on dev sr0, logical block 0, async page read [ 1519.112167] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1519.112172] Call Trace: [ 1519.112189] dump_stack+0x107/0x167 [ 1519.112207] should_fail.cold+0x5/0xa [ 1519.115980] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.116119] ? ptlock_alloc+0x1d/0x70 [ 1519.117251] blk_update_request: I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1519.117718] ? ptlock_alloc+0x1d/0x70 [ 1519.117732] should_failslab+0x5/0x20 [ 1519.117749] kmem_cache_alloc+0x5b/0x310 [ 1519.119742] Buffer I/O error on dev sr0, logical block 1, async page read [ 1519.120137] ptlock_alloc+0x1d/0x70 [ 1519.121126] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.121378] pte_alloc_one+0x68/0x1a0 [ 1519.122842] blk_update_request: I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1519.123172] __pte_alloc+0x1d/0x330 [ 1519.124252] Buffer I/O error on dev sr0, logical block 2, async page read [ 1519.124664] remap_pfn_range+0xacb/0x1010 [ 1519.126860] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.127095] ? apply_to_existing_page_range+0x40/0x40 [ 1519.128538] blk_update_request: I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1519.128923] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1519.128942] io_uring_mmap+0x398/0x530 [ 1519.128956] mmap_region+0xb5a/0x1590 [ 1519.130029] Buffer I/O error on dev sr0, logical block 3, async page read [ 1519.130568] do_mmap+0xcdb/0x11e0 [ 1519.132780] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.133199] vm_mmap_pgoff+0x198/0x1f0 [ 1519.134035] blk_update_request: I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1519.134389] ? randomize_page+0xb0/0xb0 [ 1519.135821] Buffer I/O error on dev sr0, logical block 4, async page read [ 1519.136222] ? __fget_files+0x296/0x4c0 [ 1519.137501] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.137775] ksys_mmap_pgoff+0x41c/0x560 [ 1519.137797] ? find_mergeable_anon_vma+0x250/0x250 [ 1519.139846] blk_update_request: I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1519.140255] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1519.141670] Buffer I/O error on dev sr0, logical block 5, async page read [ 1519.142076] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1519.142093] do_syscall_64+0x33/0x40 [ 1519.142111] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1519.143344] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.143596] RIP: 0033:0x7fd4717f2b62 [ 1519.143613] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1519.144697] blk_update_request: I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1519.145670] RSP: 002b:00007fd46ed680f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1519.146757] Buffer I/O error on dev sr0, logical block 6, async page read [ 1519.147461] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1519.147472] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020ffb000 [ 1519.148792] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.148906] RBP: 0000000020ffb000 R08: 0000000000000007 R09: 0000000000000000 [ 1519.148918] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 [ 1519.150035] blk_update_request: I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1519.150594] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 1519.170833] Buffer I/O error on dev sr0, logical block 7, async page read [ 1519.172841] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.174002] blk_update_request: I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 7 prio class 0 [ 1519.176065] Buffer I/O error on dev sr0, logical block 0, async page read [ 1519.177525] Buffer I/O error on dev sr0, logical block 1, async page read [ 1519.179096] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.180232] blk_update_request: I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1519.209658] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.210688] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.211616] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.212616] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.219232] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.220210] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.221171] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.222139] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.223109] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.224087] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.225108] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.225828] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.226512] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.227233] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.227942] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.229334] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.230946] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.232486] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.234037] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.235557] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.237092] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.238573] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 03:48:49 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x3, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1519.249468] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.252890] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.256076] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.260972] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.263200] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.265333] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.268898] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.270565] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.272076] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.273546] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.274915] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.276273] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 03:48:49 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x4000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1519.293538] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1519.295509] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1519.296934] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1519.298247] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 ff e0 00 00 40 00 [ 1519.300210] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.301543] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.302996] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.304287] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.305623] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.306959] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.308296] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.309597] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.310982] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.312271] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.313744] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.315024] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.316313] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.317614] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.318926] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.320600] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.321948] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.323240] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.324649] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.325934] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.327384] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.328773] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.330040] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.331321] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.332655] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.333941] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.335244] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.336547] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.337876] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.339166] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.340479] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.341793] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.343114] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.344395] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.345768] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.347026] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.348322] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.349618] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.350933] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.352216] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.353548] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.354887] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.356175] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.357489] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.358838] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.360159] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.361466] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.362794] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.364121] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.365435] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.366811] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.368140] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.369483] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.370856] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.372149] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.373442] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.374827] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.376111] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.377425] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 03:48:49 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1519.378776] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.380588] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.381899] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.383203] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.384511] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.385876] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.389952] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.391246] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.392675] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.394207] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.394887] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1519.395502] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.398323] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.399615] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.400958] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.402262] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.403586] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.405047] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.407260] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.408942] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.410629] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.412178] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.413762] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.415273] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.416826] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.418291] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.419839] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.421316] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.422875] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.424344] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.425879] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.427363] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.428906] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.430368] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.431920] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.433428] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.434948] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.436467] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.438021] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.439525] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.441081] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.442586] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.444072] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.445635] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.447170] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.448652] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.450228] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.451853] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.453373] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.454915] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.456502] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.457964] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.459331] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.460668] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.462051] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.463376] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.464782] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.466114] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.467467] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.468827] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.470195] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.471532] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.472927] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.474278] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.475632] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.476991] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.478354] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.479758] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.481086] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.482432] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.483871] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.485246] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.486582] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.487922] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.490889] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.492224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.493598] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.494943] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.496502] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.497896] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.499231] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.500613] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.501947] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.503276] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.504625] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.507085] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.508482] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.510106] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.514310] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.519272] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.520650] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.522453] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.523829] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.525191] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.526645] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.527988] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.529369] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.530799] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.532139] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.533494] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.534883] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.536221] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.537600] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.538990] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.540355] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.541806] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.543139] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.544499] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.545868] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.547191] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.548573] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.549969] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.551330] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.553916] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.555295] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.556621] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.557971] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.559300] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.560691] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.562096] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.563456] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.564878] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.566192] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.567985] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.569357] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.570687] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.572099] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.573462] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.575919] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.577265] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.578577] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.579934] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.581262] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.582620] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.584028] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.585390] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.586829] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.588187] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.589538] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.593517] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.594910] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.596898] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.598250] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.600014] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.601401] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.602768] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.604090] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.605459] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.606875] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.608186] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.609543] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.610910] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.612218] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.613608] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.614944] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.616273] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.617613] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.619131] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.620517] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.621888] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.623282] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.624642] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.626022] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.627366] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.628806] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.630148] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.631545] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.632958] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.634294] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.635659] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.637042] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.638351] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.656784] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1519.659111] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1519.660785] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1519.662246] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 01 00 00 00 00 02 00 [ 1519.664057] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.665656] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.666957] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.668613] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.669908] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.672348] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.673783] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.675366] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.676744] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.678021] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.679308] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.680629] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.681919] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.683224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.684515] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.685854] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.687160] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.688494] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.689844] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.691125] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.692448] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.695335] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.696658] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.698114] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.699437] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.700828] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.702134] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.703421] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.704781] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.706076] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.707357] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.708733] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.710042] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.711328] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.712674] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.713969] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.730607] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1519.732614] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1519.734085] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1519.735399] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 01 00 00 01 00 [ 1519.751545] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1519.753507] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1519.754920] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1519.756240] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 01 00 00 00 00 02 00 [ 1519.758061] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.759336] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.761221] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.762499] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.763871] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.765141] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.766444] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.767739] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.769041] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.770293] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.771576] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.772860] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.774139] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.775384] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.776739] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.778017] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.779308] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.780644] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.781910] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.783191] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.784477] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.785815] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.787102] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.788361] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.789676] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.790975] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.792225] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.793532] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.794823] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.798669] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.799924] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.801300] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.802581] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.804218] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.805502] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.806811] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.808055] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.809356] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.810606] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.811907] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.813203] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.814472] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.815743] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.817007] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.818299] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.819584] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.820862] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.822155] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.823447] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.824926] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.826180] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.827447] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.828915] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.830167] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.831433] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.832795] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.834060] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.835344] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.836601] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.837874] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.839144] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.840457] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.841775] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.843010] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.844293] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.845612] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.846871] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.848144] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.849416] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.850750] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.852046] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.853339] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.854655] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.856034] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.857410] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.858758] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.860001] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.861288] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.862591] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.863878] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.865194] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.866459] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.867789] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.869060] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.870348] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.871608] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.872919] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.874355] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.894469] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1519.896845] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1519.899535] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1519.901191] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 01 00 00 00 00 02 00 [ 1519.904201] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.906478] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.910880] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.912180] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.913478] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.914820] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.916110] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.917408] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.922333] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.923655] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.925643] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.927068] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.928546] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.929880] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.931257] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.932558] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.933913] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.935195] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.936478] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.937852] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.940918] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.942288] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.944458] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.945858] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.947226] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.948516] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.974476] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.976592] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.978187] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.979469] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.980880] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1519.982518] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1520.002022] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1520.004193] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1520.005597] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1520.006924] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 01 00 00 00 00 02 00 [ 1520.028331] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1520.030284] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1520.031651] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1520.032986] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00 [ 1520.113178] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s [ 1520.115140] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 1520.116514] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 1520.117852] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 01 00 00 00 00 02 00 03:49:04 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x4, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:49:04 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00000000000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:49:04 executing program 3: r0 = fork() fork() capset(&(0x7f00000000c0)={0x20080522, r0}, &(0x7f0000000040)={0x401, 0x3, 0x1, 0x40000000, 0x0, 0xffffffff}) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:49:04 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:49:04 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 77) 03:49:04 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x5000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:49:04 executing program 0: openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x58, 0x40, 0x0, 0x5d, 0x89005, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000040)}, 0x88, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x7fff}, 0x0, 0x6, 0xffffffffffffffff, 0x0) write(0xffffffffffffffff, &(0x7f0000000000)="cd656d69f282f46caedc9da09676f7d5fb29e8f4e5806ac5ea118e763750a91ce6ccb5e3206389", 0x27) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, 0x42, 0xe21}, 0x14}}, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108) openat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x101000, 0x80) setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f0000000300)=ANY=[@ANYBLOB="03000000000000000a00000000000000ff010000000000000000000000000001000000ed0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000a00000000000000ff01000000000000000000000000000100"/202], 0x110) ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000180)={0x2, 0x7e850000, 0x5, 0x0, 0x0, [{{r0}, 0x8e}, {{}, 0x2}, {{r2}, 0x20f}, {{r3}, 0x800}, {{r0}, 0x1ff}]}) socket$inet_tcp(0x2, 0x1, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, 0xffffffffffffffff, 0x800, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2c, &(0x7f0000000400)={0x7, {{0xa, 0x4e20, 0x3, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x5}}, {{0xa, 0x4e22, 0xf14, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8000}}}, 0x108) r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) close_range(r1, r5, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT(0xffffffffffffffff, 0x4004f506, &(0x7f00000000c0)=0x1) unshare(0x48020200) unshare(0x58040280) 03:49:04 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/udplite\x00') lseek(r0, 0xfffffffffffffffa, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000180)=0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='tracefs\x00', 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x20020, &(0x7f0000000140)=ANY=[@ANYBLOB="bf4376e2", @ANYRESHEX=0x0, @ANYBLOB="15a4"]) r3 = openat$incfs(r2, &(0x7f00000002c0)='.pending_reads\x00', 0x440, 0x258) r4 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r4, 0x1268, 0x0) preadv(r4, &(0x7f0000000b00)=[{&(0x7f00000001c0)=""/27, 0x1b}, {&(0x7f0000000bc0)=""/212, 0xd4}, {&(0x7f00000005c0)=""/249, 0xf9}, {&(0x7f00000006c0)=""/183, 0xb7}, {&(0x7f0000000840)=""/69, 0x45}, {&(0x7f00000004c0)=""/170, 0xaa}, {&(0x7f0000000980)=""/149, 0x95}, {&(0x7f0000000a40)=""/183, 0xb7}], 0x8, 0x5, 0x200) sendmsg$nl_generic(r3, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000440)={&(0x7f0000000780)=ANY=[@ANYBLOB="8800dbdf25070000003800000000000000009fb362932d3e54d11aca78d822a2d5a5f5f5f2ab0f6185519969aac0405cd0a68a3ff61d14b94f7d78a739b7a927ffffffffff01f8006e58124af98d3a737d13c877827663a3af7db214ae2cce61d4cda3e9a347e1be39000000007feb31755cd10aca06bedc6d5a00"/142], 0x88}, 0x1, 0x0, 0x0, 0x5}, 0x4040001) syz_open_procfs(r1, &(0x7f0000000380)='timers\x00') pipe2(&(0x7f0000000480), 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r5, r3, 0x800, 0x0) close_range(r5, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) r6 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x4f, 0x0, 0x20, &(0x7f0000000600)=ANY=[]) mknodat$loop(r6, &(0x7f0000000300)='./file0\x00', 0x0, 0x0) [ 1534.034216] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1534.045568] FAULT_INJECTION: forcing a failure. [ 1534.045568] name failslab, interval 1, probability 0, space 0, times 0 [ 1534.048125] CPU: 1 PID: 12181 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1534.049578] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1534.051276] Call Trace: [ 1534.051824] dump_stack+0x107/0x167 [ 1534.052579] should_fail.cold+0x5/0xa [ 1534.053387] ? create_object.isra.0+0x3a/0xa20 [ 1534.054576] should_failslab+0x5/0x20 [ 1534.054603] kmem_cache_alloc+0x5b/0x310 [ 1534.056029] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 1534.057273] create_object.isra.0+0x3a/0xa20 [ 1534.058188] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1534.059247] kmem_cache_alloc+0x159/0x310 [ 1534.060116] ptlock_alloc+0x1d/0x70 [ 1534.060888] pte_alloc_one+0x68/0x1a0 [ 1534.061678] __pte_alloc+0x1d/0x330 [ 1534.062443] remap_pfn_range+0xacb/0x1010 [ 1534.063338] ? apply_to_existing_page_range+0x40/0x40 [ 1534.064417] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1534.065503] io_uring_mmap+0x398/0x530 [ 1534.066313] mmap_region+0xb5a/0x1590 [ 1534.067122] do_mmap+0xcdb/0x11e0 [ 1534.067853] vm_mmap_pgoff+0x198/0x1f0 [ 1534.068681] ? randomize_page+0xb0/0xb0 [ 1534.069509] ? __fget_files+0x296/0x4c0 [ 1534.070354] ksys_mmap_pgoff+0x41c/0x560 [ 1534.071196] ? find_mergeable_anon_vma+0x250/0x250 [ 1534.072226] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1534.073316] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1534.074384] do_syscall_64+0x33/0x40 [ 1534.075154] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1534.076191] RIP: 0033:0x7fd4717f2b62 [ 1534.076975] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1534.076985] RSP: 002b:00007fd46ed680f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1534.077006] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1534.077018] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020ffb000 [ 1534.077029] RBP: 0000000020ffb000 R08: 0000000000000007 R09: 0000000000000000 [ 1534.077040] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 03:49:04 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x5, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:49:04 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1800000000000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1534.077052] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:49:04 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x6000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1534.173909] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:49:04 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:49:04 executing program 0: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0xfffffffffffffec8, 0x1001000a00}], 0x2800018, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40000, 0x4, 0x0, 0x0, 0x0, 0xc0000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) mknodat$null(0xffffffffffffffff, &(0x7f0000000600)='./file1/file0\x00', 0x400, 0x103) r0 = syz_open_dev$vcsu(&(0x7f00000004c0), 0x6, 0x40) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000500), &(0x7f0000000540)={0x0, 0xfb, 0x85, 0x1, 0x1, "326bd3efa9421068d6f57e23bfe25361", "eb10c182cf75f0fe7144bce8bfaee5c4c61908ebf3e05309d0b01329624d5f4c1cf8202bf30ce57bc0e14a4d13bedecb6e1ac960baa729cf803eef910f23c58f2e7822d2a60e2337213192f33517d5c740137e29cf6051d5d5e32b87f303022ec41761fb79600baeedd8f70040e0f27c"}, 0x85, 0x2) ioctl$AUTOFS_IOC_READY(0xffffffffffffffff, 0x9360, 0x2d0d) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x20602, 0x11f) r3 = openat$incfs(r2, &(0x7f0000000240)='.pending_reads\x00', 0xf0540, 0x88) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x6, 0x40, 0x2, 0x1, 0x0, 0x2, 0x10, 0x11, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x5, 0x2, @perf_config_ext={0x4, 0x3}, 0x19008, 0x3, 0x6, 0xe, 0x9, 0xfffffff9, 0x5405, 0x0, 0x3, 0x0, 0x1}, 0x0, 0x10, 0xffffffffffffffff, 0x2) move_mount(0xffffffffffffff9c, &(0x7f00000001c0)='./file1/file0\x00', 0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x50) creat(&(0x7f00000002c0)='./file2\x00', 0x41) ioctl$AUTOFS_DEV_IOCTL_FAIL(r3, 0xc0189377, &(0x7f0000000280)={{0x1, 0x1, 0x18, r1, {0xcdf, 0x8}}, './file0\x00'}) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs2/binder0\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r5}, './file1/file0\x00'}) r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000400), 0x28000, 0x0) getsockopt$IP_VS_SO_GET_INFO(r6, 0x0, 0x481, &(0x7f0000000440), &(0x7f0000000480)=0xc) sendfile(0xffffffffffffffff, r1, 0x0, 0x100000001) 03:49:04 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x6, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:49:04 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 78) 03:49:04 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x7000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:49:04 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5ffffff00000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1534.341977] FAULT_INJECTION: forcing a failure. [ 1534.341977] name failslab, interval 1, probability 0, space 0, times 0 [ 1534.343409] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1534.344427] CPU: 1 PID: 12310 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1534.346903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1534.348652] Call Trace: [ 1534.349211] dump_stack+0x107/0x167 [ 1534.349981] should_fail.cold+0x5/0xa [ 1534.350784] ? vm_area_dup+0x78/0x290 [ 1534.351585] should_failslab+0x5/0x20 [ 1534.352379] kmem_cache_alloc+0x5b/0x310 [ 1534.353245] vm_area_dup+0x78/0x290 [ 1534.353983] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1534.355065] ? mark_lock+0xf5/0x2df0 [ 1534.355835] ? lock_chain_count+0x20/0x20 [ 1534.356689] ? __lock_acquire+0x1657/0x5b00 [ 1534.357577] ? mark_lock+0xf5/0x2df0 [ 1534.358352] ? vm_area_alloc+0x110/0x110 [ 1534.359192] ? __lock_acquire+0x1657/0x5b00 [ 1534.360091] ? lock_acquire+0x197/0x470 [ 1534.360930] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1534.362016] ? SOFTIRQ_verbose+0x10/0x10 [ 1534.362854] ? vmacache_find+0x55/0x2a0 [ 1534.363687] __split_vma+0xa8/0x570 [ 1534.364433] __do_munmap+0x365/0x1260 [ 1534.365243] ? lock_release+0x680/0x680 [ 1534.366054] mmap_region+0x776/0x1590 [ 1534.366866] ? get_unmapped_area+0x2f0/0x420 [ 1534.367774] do_mmap+0xcdb/0x11e0 [ 1534.368515] vm_mmap_pgoff+0x198/0x1f0 [ 1534.369326] ? randomize_page+0xb0/0xb0 [ 1534.370160] ? __fget_files+0x296/0x4c0 [ 1534.370998] ksys_mmap_pgoff+0x41c/0x560 [ 1534.371846] ? find_mergeable_anon_vma+0x250/0x250 [ 1534.372888] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1534.373980] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1534.375045] do_syscall_64+0x33/0x40 [ 1534.375822] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1534.376892] RIP: 0033:0x7fd4717f2b62 [ 1534.377663] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1534.381523] RSP: 002b:00007fd46ed470f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1534.383113] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1534.384596] RDX: 0000000000000003 RSI: 0000000000100000 RDI: 0000000020ffc000 [ 1534.386083] RBP: 0000000020ffc000 R08: 0000000000000007 R09: 0000000010000000 [ 1534.387565] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 [ 1534.389057] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:49:04 executing program 7: r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10) r1 = add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f00000001c0)={'fscrypt:', @desc3}, &(0x7f0000000200)={0x0, "f038779de021f8c8c974dd89170cf2579d1fa459ba726003d07140eeb357b87ae67d5b00d5a28eea29113393d0e1c7391515c7ab7c00", 0x2d}, 0x48, 0xffffffffffffffff) r2 = getegid() keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000080)='rxrpc_s\x00', &(0x7f0000000300)=@keyring={'key_or_keyring:', r1}) keyctl$chown(0x4, r1, 0xee01, r2) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0x0, 0x2}, 0x6) fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000140)={{}, {0x1, 0x1}, [{0x2, 0x3, 0xffffffffffffffff}, {0x2, 0x2, 0xffffffffffffffff}], {0x4, 0x6}, [{}, {0x8, 0x0, r2}, {0x8, 0x1}], {0x10, 0x2}, {0x20, 0x7}}, 0x4c, 0x2) r3 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r4 = add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f00000001c0)={'fscrypt:', @desc3}, &(0x7f0000000200)={0x0, "f038779de021f8c8c974dd89170cf2579d1fa459ba726003d07140eeb357b87ae67d5b00d5a28eea29113393d0e1c7391515c7ab7c00", 0x2d}, 0x48, 0xffffffffffffffff) r5 = getegid() keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000080)='rxrpc_s\x00', &(0x7f0000000300)=@keyring={'key_or_keyring:', r4}) keyctl$chown(0x4, r4, 0xee01, r5) bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0x0, 0x2}, 0x6) fsetxattr$system_posix_acl(r3, 0x0, &(0x7f0000000140)={{}, {0x1, 0x1}, [{0x2, 0x3, 0xffffffffffffffff}, {0x2, 0x2, 0xffffffffffffffff}], {0x4, 0x6}, [{}, {0x8, 0x0, r5}, {0x8, 0x1}], {0x10, 0x2}, {0x20, 0x7}}, 0x4c, 0x2) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="02000000010003000000000002000000", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="02000000", @ANYRES32=0xee01, @ANYBLOB="29626114d3df95b3d6e86e2af1ee80b9df436b9bb4a41fc29a0565927acfe6371d43d6a9d44bf278fa7146e8652ab0b896de6b73c936b4c2792ba7b08db20a2f10bf40c4e03d7d5468861de2ba1466260e73746b2881c5bf07f81be8d68155f4dc4c01aff256108ff848f4d7678c314e346c062f724b30bd7c0db40c2bd4816ac0b5ab80b9dd44c5b5ab70d52c96a7e18c3620dc51d7bd083442c68efaf3ee69041d650d421c7c42c2309975d9965982c3707f995b6b7b829116f6bd16fea663", @ANYRES32=0xee00, @ANYBLOB="02000100", @ANYRES32=0x0, @ANYBLOB="02000500", @ANYRES32=0x0, @ANYBLOB="040002000000000008000100", @ANYRES32=r2, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB="08000600", @ANYRES32, @ANYBLOB="10000100000000002000000000000000"], 0x6c, 0x3) connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r6, 0x0, 0x2e, &(0x7f0000000100)={0x2, {{0x2, 0x0, @multicast2}}}, 0x108) sendto$inet(r0, &(0x7f00000018c0)="c0", 0x1, 0x0, 0x0, 0x0) [ 1534.412717] FAT-fs (loop0): bogus number of reserved sectors [ 1534.413570] FAT-fs (loop0): Can't find a valid FAT filesystem [ 1534.502300] FAT-fs (loop0): Unrecognized mount option ".pending_reads" or missing value 03:49:18 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x8000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:49:18 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x7, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:49:18 executing program 0: r0 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000440)={0x0, "9b55f610ffe7b9856842eb69443042b20caac33d7dda6ec6986b177fa13c2bd2c68577ea852c8bb47f31ee549b6a921e231ef07ee0f7fca620564faeeeafa440"}, 0x48, 0x0) r1 = add_key$keyring(&(0x7f0000000040), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, &(0x7f00000003c0)="28f1e7b20e07e8531f7f22422a0e8fe40633756b19a6a2fd463aebd18e6f5765845dba471bc1a4c6c999c8e8ac93a6e7ae0a6f762c98a8ee8c7c269f049eebc28f308e17d68fc43f462580e6972b3b5e3ad15c65a66c39be12e225e07a4ea6e82c81a755ae4e9f70b7d403a88bcb2b6f80b8e1", 0x73, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000000)=@keyring={'key_or_keyring:', 0x0, 0xa}) request_key(&(0x7f0000000240)='.request_key_auth\x00', &(0x7f0000000280)={'syz', 0x3}, &(0x7f0000000380)='dns_resolver\x00', r1) add_key$keyring(0x0, &(0x7f0000000440)={'syz', 0x3}, 0x0, 0x0, 0x0) r3 = add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000000000000102034fe30405060708090a68cd0d0e0f101112131415161718191a1b1c1d1e1f202122232421262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f4000bb55aa6b264891b609ffffea8ae9d412deba4141af412554ac00cbce3e8c373df6f792146c4c4b4fd861a102cb525bf01d8a5f9c6e4201c358f7db1d24d9fd759ccdd3f4e30ca6f9e1d089afdf07f16281db82c6e0ee4bdb78a4c57c"], 0x48, r0) r4 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f0000000300)={0x0, "3ef8a4c24927541ee4e5f8f0b6b073f3a14d9e238c0905546a9d62c9625f460dacb026ba3f615f7fdd3496dc19ed7064fc4d0bd8c5f4b761484442989c621844", 0x2e}, 0x48, 0xfffffffffffffffd) request_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000280)={'syz', 0x3}, &(0x7f0000000380)='\x00', r4) r5 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f0000000300)={0x0, "3ef8a4c24927541ee4e5f8f0b6b073f3a14d9e238c0905546a9d62c9625f460dacb026ba3f615f7fdd3496dc19ed7064fc4d0bd8c5f4b761484442989c621844", 0x2e}, 0x48, 0xfffffffffffffffd) request_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000280)={'syz', 0x3}, &(0x7f0000000380)='\x00', r5) r6 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f0000000300)={0x0, "3ef8a4c24927541ee4e5f8f0b6b073f3a14d9e238c0905546a9d62c9625f460dacb026ba3f615f7fdd3496dc19ed7064fc4d0bd8c5f4b761484442989c621844", 0x2e}, 0x48, 0xfffffffffffffffd) request_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000280)={'syz', 0x3}, &(0x7f0000000380)='\x00', r6) keyctl$KEYCTL_MOVE(0x1e, r4, r5, r6, 0x1) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f0000000200)='id_resolver\x00', 0x0) add_key(&(0x7f00000000c0)='dns_resolver\x00', &(0x7f0000000100)={'syz', 0x2}, &(0x7f0000000340)="a407c3efc1edfab7037255db440500824001767ee5522ccc6b4a4c358e2f414cae835269010f99ea715085731fa8ad0600", 0xfffff, r0) socket$packet(0x11, 0x2, 0x300) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000000ac0)={0x17412c500, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 03:49:18 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, &(0x7f0000000200)={0x0, "f038779de021f8c8c974dd89170cf2579d1fa459ba726003d07140eeb342b87ae631f7a548867a29f29fd1637ddac658a709b49b093393d0e1c7391515c7ab7c"}, 0x48, 0xfffffffffffffffe) r2 = add_key$fscrypt_provisioning(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x2}, &(0x7f0000000500)=ANY=[@ANYBLOB="03000000000000000102030405060708090a0b0c0d0e0f1085e4131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f40"], 0x48, r1) r3 = add_key$keyring(&(0x7f0000000040), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000000)=@keyring={'key_or_keyring:', 0x0, 0xa}) keyctl$negate(0xd, r2, 0x80, r3) r4 = add_key$keyring(&(0x7f0000000140), &(0x7f0000000280)={'syz', 0x2}, 0x0, 0x0, r0) r5 = add_key$keyring(&(0x7f0000000040), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000000)=@keyring={'key_or_keyring:', 0x0, 0xa}) r6 = request_key(&(0x7f0000000000)='rxrpc\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000100)='\x00', r5) r7 = add_key$keyring(&(0x7f0000000400), &(0x7f0000000440)={'syz', 0x2}, 0x0, 0x0, r4) request_key(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz', 0x3}, &(0x7f00000003c0)='$}#.+\x00', r7) keyctl$link(0x8, r6, r0) 03:49:18 executing program 3: r0 = fork() r1 = gettid() kcmp(r0, r0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) capset(&(0x7f0000000000)={0x19980330, r1}, &(0x7f0000000040)) capset(&(0x7f0000000000)={0x20071026, r0}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x800001, 0x0, 0x1000003}) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) ptrace(0x8, r0) r2 = gettid() capset(&(0x7f0000000000)={0x19980330, r2}, &(0x7f0000000040)) fcntl$setown(0xffffffffffffffff, 0x8, r2) getpgrp(r0) 03:49:18 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 79) 03:49:18 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x2e, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:49:18 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff00000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1548.236420] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1548.246168] Option ' ' to dns_resolver key: bad/missing value [ 1548.262265] FAULT_INJECTION: forcing a failure. [ 1548.262265] name failslab, interval 1, probability 0, space 0, times 0 [ 1548.266060] CPU: 0 PID: 12339 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1548.267631] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1548.269542] Call Trace: [ 1548.270143] dump_stack+0x107/0x167 [ 1548.270981] should_fail.cold+0x5/0xa [ 1548.271843] ? ptlock_alloc+0x1d/0x70 [ 1548.272713] should_failslab+0x5/0x20 [ 1548.273584] kmem_cache_alloc+0x5b/0x310 [ 1548.274525] ptlock_alloc+0x1d/0x70 [ 1548.275345] pte_alloc_one+0x68/0x1a0 [ 1548.276203] __pte_alloc+0x1d/0x330 [ 1548.277041] remap_pfn_range+0xacb/0x1010 [ 1548.278015] ? apply_to_existing_page_range+0x40/0x40 [ 1548.279171] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1548.280348] io_uring_mmap+0x398/0x530 [ 1548.281250] mmap_region+0xb5a/0x1590 [ 1548.282128] do_mmap+0xcdb/0x11e0 [ 1548.282927] vm_mmap_pgoff+0x198/0x1f0 [ 1548.283814] ? randomize_page+0xb0/0xb0 [ 1548.284711] ? __fget_files+0x296/0x4c0 [ 1548.285634] ksys_mmap_pgoff+0x41c/0x560 [ 1548.286555] ? find_mergeable_anon_vma+0x250/0x250 03:49:18 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x9000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1548.287829] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1548.289016] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1548.290187] do_syscall_64+0x33/0x40 [ 1548.291021] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1548.292175] RIP: 0033:0x7fd4717f2b62 [ 1548.293019] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1548.297119] RSP: 002b:00007fd46ed680f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1548.298809] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1548.300396] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020ffb000 [ 1548.301999] RBP: 0000000020ffb000 R08: 0000000000000007 R09: 0000000000000000 [ 1548.303587] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 [ 1548.305181] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:49:18 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x8, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1548.354312] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:49:18 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:49:18 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:49:18 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) ptrace(0x1, r0) migrate_pages(r0, 0x400000000000005, &(0x7f0000000040)=0xfffffffffffffff9, &(0x7f0000000080)=0x1) 03:49:18 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xa000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:49:18 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000200), 0x0) io_uring_enter(0xffffffffffffffff, 0x4014ff, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/dev\x00') syz_io_uring_submit(0x0, 0x0, 0x0, 0x8001) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000500)=ANY=[@ANYRES32, @ANYBLOB]) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000008, 0x100010, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000fee000/0x12000)=nil, 0x12000, 0x2, 0x4010, r0, 0x8000000) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x4, 0x50, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000ff1a002d020000000000000000000000000600000035280000"], 0x1c}, 0x1, 0x8100}, 0x0) syz_io_uring_setup(0x242c, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f00000000c0), &(0x7f0000000140)) pread64(r0, &(0x7f00000001c0)=""/234, 0xea, 0x0) 03:49:18 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x9, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:49:18 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 80) [ 1548.489490] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1548.493584] Option ' ' to dns_resolver key: bad/missing value 03:49:18 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90003, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:49:18 executing program 0: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0) lseek(r0, 0x9e46, 0x0) getdents64(r0, &(0x7f0000001400)=""/53, 0x35) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) r1 = clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_mmap}, {@cache_none}], [{@smackfsfloor={'smackfsfloor', 0x3d, ':'}}, {@seclabel}]}}) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000240), 0x141043, 0x0) r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x501240) fcntl$setown(r2, 0x8, r1) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x3a}}) pidfd_getfd(r0, r3, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="400300001400010000000200040000000a00000008000000", @ANYBLOB="1d0001"], 0x340}}, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 03:49:18 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xf000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:49:18 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0xa, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1548.601405] FAULT_INJECTION: forcing a failure. [ 1548.601405] name failslab, interval 1, probability 0, space 0, times 0 [ 1548.603863] CPU: 1 PID: 12506 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1548.605337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1548.607103] Call Trace: [ 1548.607661] dump_stack+0x107/0x167 [ 1548.608426] should_fail.cold+0x5/0xa [ 1548.609240] ? create_object.isra.0+0x3a/0xa20 [ 1548.610198] should_failslab+0x5/0x20 [ 1548.610988] kmem_cache_alloc+0x5b/0x310 [ 1548.611832] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 1548.613089] create_object.isra.0+0x3a/0xa20 [ 1548.613991] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1548.615034] kmem_cache_alloc+0x159/0x310 [ 1548.615890] ptlock_alloc+0x1d/0x70 [ 1548.616641] pte_alloc_one+0x68/0x1a0 [ 1548.616771] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1548.617430] __pte_alloc+0x1d/0x330 [ 1548.617463] remap_pfn_range+0xacb/0x1010 [ 1548.620568] ? apply_to_existing_page_range+0x40/0x40 [ 1548.621639] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1548.622705] io_uring_mmap+0x398/0x530 [ 1548.623509] mmap_region+0xb5a/0x1590 [ 1548.624303] do_mmap+0xcdb/0x11e0 [ 1548.625039] vm_mmap_pgoff+0x198/0x1f0 [ 1548.625845] ? randomize_page+0xb0/0xb0 [ 1548.626658] ? __fget_files+0x296/0x4c0 [ 1548.627485] ksys_mmap_pgoff+0x41c/0x560 [ 1548.628324] ? find_mergeable_anon_vma+0x250/0x250 [ 1548.629339] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1548.630412] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1548.631469] do_syscall_64+0x33/0x40 [ 1548.632232] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1548.633293] RIP: 0033:0x7fd4717f2b62 [ 1548.634055] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1548.637899] RSP: 002b:00007fd46ed680f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1548.639452] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1548.640923] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020ffb000 [ 1548.642379] RBP: 0000000020ffb000 R08: 0000000000000007 R09: 0000000000000000 [ 1548.643836] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 [ 1548.645306] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 1548.716166] 9pnet: Insufficient options for proto=fd [ 1564.500835] mmap: syz-executor.7 (12595) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 1564.503899] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:49:34 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 81) 03:49:34 executing program 0: ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000340)={{0x1, 0x1, 0x18}, './file0\x00'}) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x90101, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x248e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) openat2(r1, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x444002, 0x2}, 0x18) utimes(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={{}, {0x77359400}}) mount$cgroup(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)={[{@subsystem='freezer'}]}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000f80)='./file1\x00', 0x400, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000002c0)=ANY=[@ANYBLOB="0110bd000100000018000000", @ANYRES32, @ANYBLOB="04000000000000002e2f66696c653000"]) r3 = fsmount(0xffffffffffffffff, 0x1, 0x71) ioctl$BTRFS_IOC_DEV_REPLACE(r3, 0xca289435, &(0x7f0000000500)={0x1, 0x9, @start={0x0, 0x1, "2e70ae2fff3d57ed1497b3a77e3c3449a74b66a1a3600953b2aa02b3ed69eb1362b7900b98551f1f85d6d4e0c30fda97c5a59268c408e872a1bb7165da8722e869c3804ae174d48e4ad7323428829fd8ae05d183607a151669d11dd488a33b1297c4407f9d568ee31f233ee545089e9baed9a9a395bd0ccfdaca006e9a7c0d1084d9bddfc846f6f92516434815c24223bf6fda521965b1525108208a859f06e4bd721b57b2792283138066c3884580b3ed4e7fd615c2cca5df0cc99824aa5c7d4e2745a87a0954ecd108ac680dcfe6cf97a676132cbfabd8c63a07507f57057f88427484155b1bbf23fe508c3e7cacd078bd6ab9a4414385714b66dadec4ae17e4b5ddb58ef8b4b6c23b0729afd9403334c730430a0d1219969a70363ff74b3697b0308f090c15303fae13ec7c636d170757790c5017d3791b2499e5052b060018b17c7b8909403c65beebf7c968d8b6ffc7bed2be687ce493243ef6ddd980dde2ea159a56663410f1ee3ad7a94bbd2d5403c6a8e393a01df54d44c2fad91a5afcd609358029bf6e177b065c81b72e3493b5a4f82dc3c99406eb0cd651b55e3409b23e9dffd2d61f63cc98fd8f2dfcbefc915eaceae5420aedbc54df41c07f782b5bbd62a6dd01e8caaa1b446329eba9d4cd380cb5bbb5ee3eb0ac03e5d8510c2ff8fafd8b18cbcf1308a8a54af2876174c3018edec5ba8ef804d15d2c00680bd0c6d0b07f823d7e79b4befcc5bf513726906ef9ec1271cba23a6a4fe654806e56ef8644c0dea0c25bb8e0859a576af23e28c7bc55d759ac0b121bb0bbbc7b04d1ab3928b021bd0975962560dfbfeef51118e8808e232b4f2c66ac7b0be24b0727adf6bd101655907c47cbbc3312222729498bb8fa5fb9e7bbf4a22840955e20e4e40f5efd02b226f4c92d08d2d470e0ff8e3fce3d689c602989e1e1e4a4a097f71300856d0151136c381f3458f18d0c39da369f1814e840f181a120a1ca4094833d11fb0278c9622e2ca199e7df5b2d51d5fe5220b2addcb2cb18b5c1713a6f8391ad0153acb4db0481f9c1c527fb117c0a4a13633d6b1cd834932e4550d745d3901bb4070048ce0f5ec759a3adb45659509ce5724c281c8a434ce3a6213d9f5f6c38e80240fe42d34ea3771fcd231714cd03b3036bb767fd630960dda0d7f335b2addd1770967daa5c9e592d678cf4c23b65dd69f4a62f55db7104248ed7d2aaeecd767942daee8b33905c544c167fce58f001cb222fec2bec7d0bb47e48bad859d994c50f90f895cee11e8baeac65775ef06075d17cce4b8dae3333d8d589917c0ac8d87da5011f1580aa49bd5b9f5fb6e6bfeee9e6e538aa2efd0dd8ce6ff74f748c054d25da2f2c584a6c5ef7949849e5f48fa295bfaf73ee9b73023a58045b0a7f7cdf20c558b9289a6defa5cd24288adac41c40bbc611574b77235b05c4", "e5395dcee97031225b420fd4d7323c059a4a0b358a633d091a2326dfb217b243c37434f3c6a588af0c91cb126c9779eea3b72e3cf38052885070d9530f0eca8fcccf3aca70a508535365014bb737408ba2d2ff8e817bbacb5a96725dbb92ebe460a67220e314d736c476c5fd6218e8ba88ea0e7c28f58377b0d4ba6d6f559cb0e06be48ba40b7218631f7187e2a0162e6c1fbc9c0bb07f9cda07b37d11b086a18133dbf16471ee8ef221cde6a17afd98ec03cdd168cc908c8d94c4824d5573f6d5437a632c0467620f3000f7b982086fecbe34e0ced15499dfcb7edc78a7a8e3f742c98989dd7bc170e4e239e6432947e8183f4a4e399a0c3f0e879de125aef7dc1530acf3e645b03c043095dffa59c05ece7a4e508b90d2ed9bd69211e82e3e7e63ac39612bfd25e9765177b4b169d2f57150e7bedf5b492147014fa41998cc9a589233beec4217af4c82565d5a222ecc38ec12ff03d44da32aaad5dbd2eb488beaa00fed49d55d790eecccad58775d3188c2fd6430f77e570115246a9b00eafb872de2cbcb6da244d3eccf3a7209a01c97d3e2eead6c4fb83a13a6398f7e2e9f039c67f8a90aad0467fc75b9778def95286231cdd575121cc9f477d56ef176dac6f15805f828e5d9a41492da3d573e180530a550a9101be058ead9519217cd7f7db7caafaff0e0488c30f63a68071db5731014173710ae99456d74b6f10c01c58d1a5f60cfe4e3c99aaee653c7e49ce1c2fb695722e453890b7427e454875f0e84a9a97aa8d6fd31e42f6edcf7dcbde113235cad50c7702723ce55d2bf31e6b11636a9a0e67ac938c61525772ef45ce8db1359441637b93b0a51461105a408672a07d68230262f8fb3fe810818d8859297202a722b53ef819fee9fe3609b3bd1667c89a3ece00410221482bce389a4a22ac421621d54bd131e26fbdd0502d57056624387f601bfb4ba86cade7a1a21009f911ee2b375644377c4b707a45cee9508484645a50c3989e2c75790bd297a61e9421a4e8870d8ba941183e877ee37aafc90d4b1c2c1743b51dfcd7a68c183ed3b1ac27b2e4ccbe8fb0a42a6c00a89519165758505c603d0662c0eeeb389f805935f822bf05c71788d1dfb3bc7bdb9e05b26286ebe84f4848a032daaecc3731d4265777bcf42b6c8b0c1a81684dad400aa9dac39281137540a5db499fc0719fff16185e33af3bad7bf63f64b2525d072198807408ac774be6b9f30416ac603d6e2785761130313cb66450f69365656e93fd1825570503c65d217a3504d3390ac224d3a68fe35014c1172b89b54af23fc355d830da535030995748455ff33ce0d5d6961475b44a5e95f90629dc9c2a60ca0ae7f67b810ee733043720f7f028d775805ac763d23633b9e0631f291a824018ecb0ee6bb2ab4aba6634cf6f1180acf7edf7e821d127aaf4ef8185cf8966087"}, [0x100000000, 0x3ff, 0x6, 0x0, 0x0, 0x8001, 0x3ff, 0x3f, 0x7, 0x27a, 0x10001, 0x4, 0x8001, 0x7c1b, 0xfff, 0x3, 0x80, 0x1, 0x8, 0x101, 0x7fffffff, 0x8, 0x400, 0x7, 0x2, 0x9, 0x0, 0x0, 0x4, 0x2, 0x7fff, 0x8, 0x0, 0x117e, 0x7ff, 0xfffffffffffffffd, 0x7, 0x10001, 0xd56, 0x7, 0xa58f, 0x8, 0x400, 0x700000000, 0x7, 0xfffffffffffff801, 0x1, 0x87, 0xd6e3, 0x8, 0x6, 0x4, 0x6, 0xfffffffffffffff8, 0x6, 0x2, 0xffffffff, 0xffffffffffffff01, 0x9d36, 0x0, 0x800001ff, 0xfde3, 0x0, 0x7]}) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x8) mq_open(&(0x7f0000005c00)='-@\x00', 0x0, 0x0, 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000001c00)) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x800, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$incfs(0xffffffffffffffff, &(0x7f0000000280)='.log\x00', 0x109000, 0x8) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000300)={{0x1, 0x1, 0x18, r3, @out_args}, './file0\x00'}) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f00000004c0)={0x20000002}) 03:49:34 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x48000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:49:34 executing program 7: syz_io_uring_setup(0x1, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100), 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000001340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000040)={&(0x7f0000000140)={0x11d8, 0x18, 0x300, 0x70bd25, 0x25dfdbfb, {0x5}, [@nested={0x113b, 0x2a, 0x0, 0x1, [@typed={0x8, 0x42, 0x0, 0x0, @uid}, @generic="c1136710309174257894abcf5350c16b4f94ba510dbdbcee0074d6df5d526be4ab4c38960199c43f6706e693dc53849b95a0b01e031362ab2342a8ea0f09905547b21b126cde770fdf20649f8fbd9bb4cb2c1e5beb9ea3ec44dc9f967e9b207f26df790ff18f196bc25b7f907161bea800399c63392bb844ac9ea71cd5efb25f30f9650336c9d79826f630471f1c9920be9567dceca1715d4eefb33bc88513db72b3dea1fbe0a331ca9e0da3666c1bf393de8a8d853265154008364a7427301066137dc3d2c84d6fd4719610cfd346fe42235bbef4e553c72dd04cd9863974fd75885fbf05e0a4a70268ba6113053b90cd85f27a4dd3710fd496f260a7a1a484074154e78daf9cfa2f103374c4e95b87146c2f0fea7e433464422895ee5499fe13a95391a4435da0a784821d01bd78ee75d490576aa3c77db539205d0c1c7096404eb359b9a01ba9b411fdf77b5a22e40fcae0f7beccaeff2df0f329ff501df3db5d7aebf05b76a9ecd48233eda170b2b36d7d46c34d7c5190d4e057e2bd235b538d7364531d0abed9386798bb62991b543ade0b326e780526ff76e7bb4814d4403276f0c3d39b929b4ad685342e8bec49f2fc7bb3a7ff42a39cfd4a140d396f02090f95d8336e97b75a498ad4f83a53c5c844feb20b1b645e23d34646dfb994b4bf7540ba570e46a39790ab5264c0ec7aa0263bf43df8c4eb34e677894aa274f013ac70ba89d218ddd5a2da64f5c7b3e5302ae601fd41cf4b7f7606cb633481dfa9be5d27006afd6db068c382688d3d8dd30ab11af56f872c651839630cce7e7037a38d283677bb11f2cff74327d06b4e84c6ae3da7d2af1d1edd77e02362e3f876db108933f22693d9bf4679c1bc6c8796ae87a9ad4a771dc2b3df8558861cfeec037fe0878ce4577768bcab6758b9fc04ac7777b6c92e00812376a24bb8e1ce6f4c4aeaa97e57258b9f05a457fcdf015e8e618f67bfdf6f3be1542055adb1ccc302ed0bcc13c19e222d6eacd2b639a89e6c48c191781b365e771e7987586a4d2acc7ac88aa3425b8f6bf263df0078291b9c61e12bb55d3657d25930663f329f5841211c986ec363f9d84ce4a53d36537ba031a2209e1220141f170295052dc663f3fcaf4f6d1540e28f45da126177a43b68b2427ac797cdb98aeefcf76602c6ed920f91be9c71f0e6c72c3f9f9c9b0462b1f06199454c5203527698e7abd8aca36c535dd9a102bf5193a1603bab77502786c68fcd675669bc6ead9a13bfcf16db2752cb064ef1fb9fdfb59cfe46fbf08f436e22a805421e77d474d91cfd9807af5d651892607e3ffd799ed1c42fc7abae660b1799a9ab4818b49e56c24ad83c7b4a7fbc0510abb3f26fcff69007601e490ac53b881ea4967e7a102cd02e0ac61c02c066cb4f52539df7328013a3aca42b36fee9408fca42d176273a77b440aba00c5f357cbd50a70ddc0687bb5289259cd3f5c91cda125f6044ec591e143f3f6211786511b8556d699ef40f3ce9caf50b61a607cab3cb391429d62493a615371a7b220a50c16b2e5e64dd52bde3e0a2ec29874c8a8388a6d65e5176e1148daeb0d36c7933b22221f4deb76c609b9108d68a6e519fa9ed8135585e0495bd8a200e85adc6f9cad407d17ff11627504da3208c42483a8e7a5714d843c16a7cb732941c6ba59a641634ed6f189ca9884c1dcd5d9a0cea417e9d1c7559c233a7283d87bff03e09bf3d85085e2e5f122fd26eeb03f32d077d2e6e67d1f5287dad054c22c8ea4dc86d761bfe3b267785892a0e73937a7730f94fd37614997d38f4711bf17621a86798b556e1d61b7e3756b69f39019bc7f45b2d8c8962fc5b356d1f4c278adfc2dddd79348ccff0bf1057bddeababd209de2ceeb4e488187b67a636f5c1852a30ab0d0e5ba5068cb5240cd031d37c5d4dbfadf8c201b7954391ef8238e40e461fbb4de6817f2242f6b41767084ee1768c1846d237410be04d728d62f4fcd339bdbeb5eacf117a3271660d62c688c1c7288d91988e92bf7ce87c29163b36301d01e5ac7e611f4018e35e06811ae4857d05eae6b61a86640800488135ef8a21bb74aeed00cf30bed5956daaf850c34d4fbda56028f9f4b6f9421ee246ad963ecffa7bf879ce4e1c6ef46f789d959090eb93520a8beef0721442741e91d96bd8ab0cd7af394d4c15e55eadffa02082fc8dba5113e0cd0b7f2ddec90f9332e9b9bea1d7a00f1ffb59588d63958c6856edc567e08174f7ae9dfbc0ed1a1ed9e06c129d5930808bac17092c1e134b622cc06f6ac0764fdfd1cc41036a65b7703d33b1da0b1055069e083f51961a151f0bd9d862facdad46c56b7c610bf456ca1ac74788456eb33cd6351b1c363d836d56a3da04718aeefef8e79fc6177b447c42aacb18eaf8c0f6f3701239cb5ccc0364bd7da8846d5354bf70b7f9f7ebb431ee50feb1b70d08abf83ed0689bd98a0c79f9725a1d9b6e36288fc36b52f8cb06d5701449877a68fa78e5cc21936c85673ad8860988f5508da792ded97127ab32b2fb3686f7683e795d080ebecbc03c5e3706e5964e554c56c2a6d81906d63d27e0723a96798e98e92c39de3f0d9b7d7f36dde6c51f060e77f1f181d53a69e2af31413a8dd4569d7233d414804a1828916d5be34396a804f7a0469542218f2e3cd94d68d70375cc30b6ed4a785a2004f172d9faa636389cdf689b6474bfb5673ca9eb9cb54073023a15b62a8cb8c9d20276ecd126b4332298c4efb082c36d3244f380d485117fe59305849dc3d2e7ad18f8a0f88bc6e2bbc1ae89b3a3284e94b012abdc39f56befd27602676b105ef4031365dd17f78a4549b7d98b42f6fece87dfb3b6310f076a80b05a002978b4be53c79d98a1db1f09fab9f4ce484aaaa7bb9757d96cb5065670cebf753cdff2428fb73001216dad83c5de6608564000b0c680f27b94834f257c14983b45c4fe2600752f2fe0f6a2878d9f267bfd22534914bd05d761be98d45d9460e5f04ed8fe72401dd48d9860448de54817889fdbf1946a1967bbf2cff6510d86a44342c2afb0386707baebe443d7afe3cb1488ee53eeaa307bd24645589838c129c70a4c1ebd2a6f527c36b46bb0d7117618a7d6a3b36f88892a5635bfceafce1bcf950fd05e0563eb94fc615fb760468807298a57eb4baa7a049b1ce859c9eeda49be3d6ea08aea0ed606a2b2b43ef263725f67280eca5aed2285aac61b7ed2f6c27f796b242bbab727bbfe0663674f2117a5bd3101fe92b5829a9b16fc6acb2d9aa517ad0c7915005ed9095a16e085b86c27942330e0b6e1b92f75597c03aecea430ca0c2abff34d9830f2854d0cd8048d3d8f04fb718979b65b5f9c00726b470e69a8ba83ec440e5f570f257cef72395618f90bb06e76a4ccf6d7daa196f307e249db39299a4fafb6113e26b9f7e59faa197fea902373fe814984cd70118e23d8b0056e89cb90f69ad855bd4989b9976430edfb4ffe65fd27d2d3279e85eb92c130cf68100e53cc20d35b2c5f1445103d5ec44caaac6e3aef09c89215a4aabfe3282d7bc9c44550b03c38fb51f52d639aff257a178c269f4f4908dcc86b687f1c3c31699efa9b80a256a8438a0a2f54b930b2be5fa5ff40c9a7a1920be80513f3ff52d52aa1f71e7b65565cc5851e6f56e83ac7c0b8554ef5cac8dbd11847f1c9cb1c973695bdcdd84374bf10558ff1c5a2fe52ecdd76245ca09b7335a70d017d42fce3cb980a2b54d6645956f440b492b8106452dbc6b0c465ae7ff43b64af19485a89c2e07097117a799cb8089f4a47e3faa2ba1c15e4330536bb3a51322a63a83f805fbf5253f424d0116c968c8b462cf91a2b8ea3f2b432adb251aa6eaae53d2f603b6dd3f2958717610ce79d74319c2264d229760ebff0c9ac3ae6b98852ff0e758411b42826d34ca042f970be47d27b1c26fa3f1897f695d133121ef56de61de3a586dea2d603b4b9b3d9e28126f3dfe4d82784c6d7d71676f35825feeac90011c3c290933c2b0658f251700d3c7e573d21d41bfbb9974eaf26b360682e9357db52aac62b55987c7d19c47cba5031f42a619183e05383098f3de24b51713e0e237da6959ee05ba6fedb85c825a63a73fde25e4e8cc6efed60c42222da5aa9661ddd67db248acdc0c4607af4d1d6ad6b8a6979c229c687d3f5a066d7447a11f02462ad69ae14268b83c81356c068f3ad3af1e93909af54c1d084d8dd9bf5eee67d06709d0249c45829a1c4e4c4c2df48dfceb211a0e86c61b8f800ee80be0dd64bff22d92c1ffd1682a31f8564a1d1e99f98f80f3571aba1bcb1d01d496f4d4005e8b7f0daf0ecb3df5aeda983255be16de20a830675aa2b533f9f6ca3b1f65beff32cf4a4993204768b3869625daf15abbd31fd7f9c04bd1cfd9d1153356afa21026725cc38f2939fa55416fa67540e6e67784a15755e7545e8824498f6829b9225fd122536fbc694996d37058123fd6dc87ce65f4581edb2e6e098bc24f9109d9eda7dc9f21c4cb2e5e39178c3947126d532b5d1ef52a992dda76bbe9df344a12026479a6d3a46e34b2f589ce67964dc02d8d2c64faf99c02bd514d30264d779d3fb158edf13ad18c5c48c6f5405523958cd216268f8434c650673fd0d1c680bc03f49231b610919c1974a3563b8af906715070c3255b951d4d54ae90ce151485eea4c045a42bc0e533d5c637568676c948ba9a50c9e9e0589c9988ec054bb1ddab6fc198d8c0c373adc139d3fd45a2e19693ab39462df3e5c45c1bb626c249abc715a2453e9a4ff166d5c5826b186201b427fbcc2cdc3c7b1c34984e08537b3f5461b21192917291fca046a8bd66774baa9c3e9fc4d72b9edbf6b22ce8134c130590f228a4cdae00356edd53a7c363171bad5376141cc7365464cbf0c1a70c3d19c5e0a6a6bd0c3565962bbef911da632a4079a1d77c984c69780c9dbf59ce1839877b321f6ad7446f4fabb0e7562bad82188dc7ecd73723ae79fe718ba232fa034f2ab3029bca3c659d84aab78a7d184826910abee57a98098dbc54753dd113ed1c31b32bdd982642b95b2ddba1c433298f4fb581b1340e630d951515ce66edc318ef26a65c740c96d8e5b6e08348acfec57e485ef450437295cd1aa151f5a51f2955ab1abe5825de1a9628d4b0bbd92cba7cbcff4a656cf33b7cba566b76ed70c1c70a875ac1eb55b466fdfc2f21abd794c91cb447d56c88b6db561e6c55aa0ae4d5c1c01c3fef25622c9d1e42cf1f22ed9ac274769d77d14aa233f349d399896860d29f5e071c77b40b3141a89d73c1bb1d368dfb1b8469bf1593e8a2442a344c93e96e40c63f1fd9c01ecd862645e69f7bd340fa89455dfb01fb51f12019455eb7bf9ca7f5956cc5f627b89e1f8625505e1fedabc9a4b3218763def1ac8f8cb1dd64af2d2a2d9d834c23eac30dfea119712cbcc7e045778fe9817b433ef3f4826d40e0634d80573a02d56a4953e3bfe94f7ebadb22d473d6a9b78d614f4c9190f72458f09069c825fc08a5aa5876f58ffc8af6bfcb958a8cbb644de946aa8ded0010e8c02f9942b972c340dd24bf980b2290e477b36e84dea07c39be0ccd1b992da1dd77cb733dc29ad89bc14dfc4da62e2befb3f1f43b3128435f67ee9624d522c95cc467f45d96dd0d5c655b97b175348dbedbc923511ff20394bce7e1e573ccbfd8009d0834a057c2fa5ffdfeb672ec68b089df9225d1f6b83219993bd6d8c81090eefabeb42b4eb9bec5084bb698c4dbcc53ee49fa28c6b7dec4db294c05f6f4dce9d13f3aeed07075a964c", @generic="3a4e1476983a59a20fb7db8db37761c4b9087941c4f951340d0d7a6e0c11c724a5a182786ec0a45ab9e87ad335732da9c420a8517987208716131fa898773229bb619d398a9e7847a713676be4583273328589ed60e4ee5ba8706022c7029cd9281d21cce92a", @typed={0x8, 0x6d, 0x0, 0x0, @u32=0x2}, @typed={0x4, 0x36}, @typed={0x8, 0x13, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @generic="091921213c2216b3fca512378c342cc69788fcbe880b71ed7c80dfe32b668cf76be808107ad7d25bf1006763f5009f8e39c34bc74e0790504426f14fb0128cc1961ab3c872e66dc09666f3203825e91b4177b5429d370560e056a08606c489cd4694c84ffe87e4aee5072c922b9d3991353dfc1f5a776896d75b8ee81a40eb1d6e1ef9c8b00d96a3a970e92d1f7b0261fc431d6f20dcce3a2007d643c972368b790fa79edc429dab9f96c5052ee8a164940974ad33"]}, @generic="53444755f5f0453efe038e44d9e386735ca44f610f2970e72f51fad25dca9ad38c1e59b6ad117f5eca4103d0810e12212f24edeec9c89ae3a7d46a78354050382d683185bed121e47e8a5dd745cca35a7e64ab5cee850b27ad2436b6424a29d91f09d72ead78c0964339bef3bfd783447ac3f73745894506df8c320aae849e8a2378d4c47af0"]}, 0x11d8}, 0x1, 0x0, 0x0, 0x20008040}, 0x20040080) r0 = openat$incfs(0xffffffffffffffff, &(0x7f0000001380)='.log\x00', 0x40000, 0x80) r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1000005, 0x11, r0, 0x8000000) remap_file_pages(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0xffffffffffffff20, 0x0) syz_io_uring_complete(r1) 03:49:34 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90102, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:49:34 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000001e00), 0x200202, 0x0) sendmsg$nl_generic(r1, &(0x7f0000002fc0)={&(0x7f0000001e40)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000002f80)={&(0x7f0000001e80)={0x10f8, 0x13, 0x1, 0x70bd25, 0x25dfdbfe, {0x1b}, [@typed={0x8, 0x9, 0x0, 0x0, @ipv4=@local}, @nested={0x10db, 0x1d, 0x0, 0x1, [@generic="78fa1056e513472e8210f8c96738f0ea4c7a657ce4bdc587dd6d9957f6df3f89d5a382101663227188fef036bf2512794652a9f793c8736803d52586dc6ff2d01232015715fd1e1173f7bd30feda56184902d67b90ef", @typed={0x8, 0x47, 0x0, 0x0, @ipv4=@multicast2}, @generic="ae666a1bd077361b1f7786318395048199f5d98bfc5e59d5a43dfc659f18be53cb13755ccf2272a055208d20ccc63977392c4a910fcc2643f22ac185386b1ac97b07188be31f4774b59256f594783eb995b9156adbb1ecd74599893009ce6aaa5833f0eb333db43f0ce46c8ee126c49ca5a31ea68696071b3a32f459051577aa906394b1b9601d3658705249b2d4ee9b9f35ea95a0b96442f5fb8f4bb8226e3185d20edf56a3ccc05680abbab61d72872f1db103730dbeac2d3a6a2afc24b564acd00d6dec066d660f46be3ec4883061e57c3a593606347f1c024bf74e3fba230fa724fbafa3ac86464d5472da55eafc7d7853de2b5c851b668311e7f6f1cf6853167faf2a6baf73c86fb8638a518821f53337b3d9d2ad17abadb22ba3bd285aba8860da6a133ef215fa0f40ab4b064675f84791cca3994391615a0e04a905fb5092a92c1ae12b679041c1cc11c21b943809246a928cb493cdf531bb2dbd60d194e95c784d8452f7607ba4cf5ed9a8e9ec10cac3fd2e5b64072ee821afec35606284d6071a3c7746e126e9026f779d55803208526ba518fc83bf1f49b838cdd0fe81dd7e726184e67ccfdf6f93acde3ae0a523e766fe4c3aee520cd539c46ef8cbe9155e94dceae5f8948a410dd1a1767cc2a96ee365900ec61c6c22114a1529eb7e093999afabbd86f72876336906d0cb2c731a9f340002ff405eaa57ee9d197f8e711d46634c6f67e0e98dcbb4b75646c1b0d7a50aab39486cf1c979ee73faaaf3246d73fee4265efd56a9be6b30915d8faee6b7da050e0547fc6655a96a17ba6db67790a7fab18d9437d69ef3f5741d7c44214fa1a27181c361c63dedc4c9fba224f5e1c9a8d40a5326b451323efac76d7458d6a759f6345ce143e81c2c74fd626c9ae670ceb185944eb4e8e9646e8dac15e5d340806a71a2ab216d8941195c99bdeb72b21acd8edab5b4c1f7f1628a14ebb8305f38c9800600e93dfe56376dd09156241b3d591f5be0edfcfe61139be9909cf49bf82517eced9057857b32da117363cf019be87e19651ef700e5b45fd614a9f3fef2a0b81642e198a19a8ba2d90bc9bd6cf45682aafb14c8ca76cc363192e52b05107aaad10be6b280186326532e9cde1370ba7f07aab552a94f5976e44c5b73a87e0129a9f4a4e8798e4039818b5e8a63614b5b5abad6bc40a5e7900e4ce1d415c260349e7b2ec76d5c498b9d2b6f8cff156ae03a26ec17c50ebafd3256fdc78ee05381bc7ec9727a8cf9822748df6b149a6ff1439d8c8fef63a26c44f4393e7fb35f12dfa2535eeee5b50136d92fc7ffa810ab336fbde4891d7922810350772645e7c3bf96e27122c8854be68c393c8256994525d55ec3e6e7434738948e84807f4487077d8fda315fc39872f0aad86ce2d94b00ee5c07f5dafb64e263de09e7fd1fa89e621e56c4d1e4363c55870b77e56e709885d58d77db7a31c6c171c70aa6e3a98e8035d837c341b54c8f27c115ea080e351318b753f79526d0c211026e2137d6ec2abcff67d33bd8801de60a1e6505f95220270dee49596cac9b2b928b66608cb90412c559592476022b924420852a411e2b47e27ec4a20a3b74d17938385ed6d103a0da8bbfb9ad21a0cafcacb53e50d7663d35a30bea88300effba7122a0b7edaaf335f9061d1022bc84e0383140f34ab5414653630231465729d1697029d30df9acaaa953181c4676e41a20fb4f3bea74e814b01c90f3c03f62e196798af62668bd7bef5ae4a6b4d37bff533104d9d5bc66793fa0ec6fad57c4ea58d6537cf7225ce6490e379522ced59023b58bf95d52241548275bf821f485e6434165747081c3d4e4ae494bc21de68d0563c53e897c7d343a4b5f2a46e883c3b93b01f4fcc56a9d3286d2a6993491139e57a0503c0a21bce51c3211ec2a11e4fcbf1d1b3b33b9c9a87aeb337775599786e2e90b88cecddc3b25905608e75697549b2ffc4c04dec8fbe2ebf638d853e4e9f3b865818756492ae4369dfa7c13727baedee8457b4eb6c3e3446b148e99631bbc7efa71c46734dbe0972b5c04909aa39865df6f787dafa39deea05db5e428e6d45164fafa1172b963504b73443e72fa737c0cbab4e662a1a99fb83ba0ab777b056ace94b3f8acde92c7299aee11fbb3b244e47c291b545ef4a12349dc1fc392688286ebb407e603c330b9987345fcd60b784b8f3fc446dece7242855b31083ddd878a49ce44aabb28f681e051a2660c4aeacdbb1957af93fde3d11bf1c0f0a5938602e359cd5f782eebb509773d7910bd003eb25a61e68dc9526f67743589c96a2fb5a111c030a522abb2f5e93d633d698b788bbda705a07cdbdce52fa96b815daa640f65bc32c09008bcb84adac10521c9a5903d87bd1d65bcb6bbe08632d781a730086d893dff1d50f1073f2024ca7b4938ff8489c08e00579a56ef49b11fcdd9840bb65bfb7346a72a152f2e1d6044ab23689ad59c32721171eb3d41ea2739c45372f7e9896e8b32d0c63b5a1c9a1cbd587987e8f1b3fba2eae51fce492cf4a68f9abe6f6fb86126e87a72ae8834bc3c9080985fb1391ce076307c8d65f7264763bf775474626ec13381e83cc781c7d3adf307493404a0cfab545b50f5981123c08a2292974f7f6d9029dfdb19c7f90f7e24403f166dafc30e83df08612f9cb65d91d66faa0de9c27464ec5a79ca2fdea03765e5a5dfee6e6ecfdb7742c703a714f408f1e150ffa722c569f262a68351a62a7903eeb89237a1f04a5d7819a67106afb2fa6dd94f77a9e0ccc583f1f59de263c13731b8eb51c86661d6a707b387d106cd60c5e61e565f82ac869e4c4fc92689e97f56dd5e3ddf026813181019aa2cabbee4ff81680f0bedfeafbd98062109cfc1aead6db3f7475e609f76d919162e1de0bbc4d24b27feee75b971e192d31507176d130ca602849d5f9a945d8621378a920a1814896753bb6eef88d973320117a5daf51e0226fdd42c60b8cdec966861ebb428c6ccc96999655603a8dcf5a0e9a576f18bf1a2b66d48a36e824a80fa332c2643da9d685c81c9dbdf6da8e7469d561d4e78802b48d095f4985651b9286e7c0fa1ced5704ebf7141838cb2d1632d4cb885de34d1c213855998f52d8535fff7d97b1da34741192ec36e3519e52460119887372cbede1d15558fed21aa3ef424f2dc54649e47b2a4c41410922b128faed20141c2fb3b8f2b1808fbf7b4d98c451b3fe7e61bf52add2a1939dabe3b69327c01653e1fcaec7431863e40372a7659ffaecbbda4ff867f8569f2225116b3a7a149c429e67dee3727d93fbb16decc6313e059b3d117b3cb7cfbd908a989d25f2e3d8a25fa5290fd5917c19dc7a4f9002f488051d2ed392e48fad58a440fef4add682368b6af8968ae82f74e6c905e59142e53b2d91d291cd1d82bbfda019292dd5f5fba1498d80f2fd205b40ba7bef1cb7fbd3ab3ac300c5d765f2affad2fb8b014419d81c5aa1066da95b0725b85c0e307044bc4faa2ef9f219204abaa753e0e472be1b1cb20228ff20aec7776fbd0bba570faa122cb788e20beccc1e2a3d9cad1cbc3d26d2229e68b18b8a7201b808f2200e9e5c0a4828ebf8b4c9dde538f33d3d21e870b3f875544c0aae06eed63a05651dce7ff97b1f7237bdb229aecad8bb79a1c850b605d268c1d79f458e3146c88681a89682a74d6732809e29fc74cb9f13f9693d380c7e48d1584345547b75fb0a69931e8513fbaf21de3a69665a7ad9cfb7898314ed9a42214ecb961f0ab0eafb44a67a52543da9014cb6474a7cc6d21d55537777dc4b02e5e4cf664939daaf2e9c70ed006c897084637b5224d98e7ea82e43887d991c52b62f6926199e4e076e00b071a2a00140fb68a515c01fcb26ff9a7023242465e216b12ffdfd69b82e8e4933d3394fc01fc9af23314cd181f34259c4271b8c010e57278f4305eb37b98a73c1291de64ad723de91bd56cd3056e56d2abf845fe1a83ec11829dd52c0b51771a60a03903f58b5ea5cf408086ebd78210bb0515ed41e544261916bfde8ae01b386337af2471371f488b8306b515ad4b63561894427dd16adce26ee4e28ca0d75a8cbdb0aae11d67d4bf9e88c3b9c4eec5641d5d83c6f832550e1def655579599f771fb1d443964465026d0892f4d2d99ac855dd4c1c194c2ba931d7bbacc6d4a66ceb42fabf8a3608d6c9c4c2db3418e31a9ecd5fdf59a50edcae227ce0683b54d271b6228b9ab6a70682ab764c04df96ba9082d9830c5d231bb0b6152b0522d3c52b4f141f89e045139271b4fbe1a3f92c1542c3cf06b1a59af1069898dc6ed948737e1636700f712624e90ec7bc352801bca2453e4223b045a19550db0ab91bcc4ee8e51fac8898bbf7dce473363228e580c3c8f50078d51cca113c2b5cd12333867da30d00b10609bdf089b056a3eda6866195b08aefc669a70496d816963023fa9a2202081e08ba35fe18b55ebf5e66cc4506eea1c84742ac0228190aa0d6c4fccf55a642d354effacb7a1cf095dfaad77cd860601039bee681741a5cec6202f2cab3bf44222eca707d91acec5d687aecb32787d50e6b5e1d80247281ce49cc6cde8851fd3d4ca54256d018dbe0d485204b5b44a0877008f62db926004f463cdfd35c6a97d7c297c37c2337015a594a42ef00427dd6d7aaa62f1ba6e4a9b1ca33dddacb153e66c7e789ee821ac0a761220443419966a2d3bf08ca85a8c83c432cbcb654f5cd740d469d47c0d5b2bc4e0f9546068abf877792935ecc58ca6f5c797cc4c590f3abeae9e2307051f81394ec468d897f78a63767716b225792b57f85ea0e08ee730b9bd57a0a042fe8422969f9b5a5ef1aa0a5906109692c791fff9fcf3a914c479788c332eeff9c1b5bdbd9e9103aeb69ed6bafd8565a3728f9165afcee0f80a99bbcc59c962266c0437b963547842a21049daf5209328347e9262a979445eea9cd0ae6e139e8614633672aefa48084524b6a94a7ac49717b57f336f48ef2890589dd1189228b009a179b192cef76b6c380f36e7e29ea0ca7c6448d3caf8a7986aca06f680a50bec8c3509893bd3471241a15ea636a56be6e9218174490def7406d247e3554cf643f83cdc6053fc2b218e824c45cc84ce3a877e89d23b4d0e6d0d21ae9468e407052f6849f3d4ccb76358d9df1817a0ddf2a418712027cfd98f19eca207538285880937121ca28502b9eb9ac31265615be4bb491124e19612e87d5978274d5409b555fa0c368c53b0a2263629aff5e4ad1c04ee2587df610ecf172ab5c3888acfe25ce8077efac78ff461243c05b75acb997e33e15b93750a233db3a9bc70868f1e2adb56b3186360d36ec7a0c0efb4489370a30367f96e754d94245360fc39cdf50262f6f0e55ef02c2c4705e86a37e78629d0a66cceb3498e58df070ff2a15477422b3f7b4c38598e4e4ca2093db8c1e0895302e20e5bb71bec95c6bbb7c463692f4b3647388306667486352375c551eaa7b63a02270d79974afaba0e893c9a73cf2b9d89d6532a6bd7a794a04ed73e9211c296279086109ddfd7426df0495cd868b638b564315643bc45ed2ebfbe0f095c4bf2ed81f1d1ea0acff4a79e72bc77a99c3265854a320b6ff682be0412e0b0ab1d91d872e552eb50d4c44ca6faf42e4543b28e60676899228d91cc85be03eb3a5536a86f89aec0ae2e8becb5fa495fcc14c37ca5e266a43d96c9ca43035e211e24d85a5c2d27ea5bfafadfa0d9860e413e41946b981514244f11d8c6afbc4d967802b5e1ed5989e7f890cf4a9093ebbde34", @generic="16559d823c437a31ae5d319a4d4b8cf9b22e66eecbac5a7b3cd2526fbf1fd3a1690ebc295d041705edc18e852aa7f2651236ef455aec74c35cef3646948f9099279b1a681d29c9d29f716e817ff68828df", @typed={0x8, 0x8, 0x0, 0x0, @ipv4=@loopback}, @typed={0x14, 0x76, 0x0, 0x0, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}}, @typed={0xc, 0x1b, 0x0, 0x0, @u64=0x5f0}]}]}, 0x10f8}, 0x1, 0x0, 0x0, 0x44001}, 0x44) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001bc0)=[{{&(0x7f00000000c0), 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000140)=""/165, 0xa5}, {&(0x7f0000000200)=""/91, 0x5b}, {&(0x7f0000000280)=""/32, 0x20}], 0x3}}, {{&(0x7f0000000300)=@abs, 0x6e, &(0x7f00000017c0)=[{&(0x7f0000000380)=""/64, 0x40}, {&(0x7f00000003c0)=""/213, 0xd5}, {&(0x7f00000004c0)=""/103, 0x67}, {&(0x7f0000000540)=""/109, 0x6d}, {&(0x7f00000005c0)=""/65, 0x41}, {&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000001640)=""/117, 0x75}, {&(0x7f00000016c0)=""/8, 0x8}, {&(0x7f0000001700)=""/130, 0x82}], 0x9, &(0x7f0000001880)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @cred={{0x1c}}], 0x100}}, {{&(0x7f0000001980), 0x6e, &(0x7f0000001ac0)=[{&(0x7f0000001a00)=""/141, 0x8d}], 0x1, &(0x7f0000001b00)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb0}}], 0x3, 0x10100, &(0x7f0000001c80)={0x77359400}) capset(&(0x7f0000001cc0)={0x799e265e, r3}, &(0x7f0000001d00)={0x5, 0x800, 0x9, 0x7f, 0x2, 0x5}) ptrace$setopts(0x4200, r2, 0x4c, 0x100060) 03:49:34 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0xb, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:49:34 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:49:34 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x4c000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1564.582193] FAULT_INJECTION: forcing a failure. [ 1564.582193] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1564.584038] CPU: 0 PID: 12606 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1564.585106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1564.586348] Call Trace: [ 1564.586748] dump_stack+0x107/0x167 [ 1564.587315] should_fail.cold+0x5/0xa [ 1564.587895] __alloc_pages_nodemask+0x182/0x600 [ 1564.588607] ? mark_held_locks+0x9e/0xe0 [ 1564.589227] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 1564.590188] ? kmem_cache_free+0xa7/0x2d0 [ 1564.590816] alloc_pages_current+0x187/0x280 [ 1564.591489] __get_free_pages+0xc/0xa0 [ 1564.592067] ? kmem_cache_free+0x249/0x2d0 [ 1564.592707] tlb_remove_table+0x3ca/0xcb0 [ 1564.593347] ___pte_free_tlb+0x86/0xb0 [ 1564.593930] free_pgd_range+0x747/0x1380 [ 1564.594552] free_pgtables+0x230/0x2f0 [ 1564.595166] unmap_region+0x308/0x400 03:49:35 executing program 7: sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8080}, 0x80) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='uid_map\x00') socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_DEL_TX_TS(r0, 0x0, 0x4) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) fallocate(r2, 0x6, 0x0, 0x1000002) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/asound/timers\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, r1) syz_io_uring_setup(0x3a75, &(0x7f0000000540)={0x0, 0x0, 0x20, 0x3}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) close(r3) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, 0x0) [ 1564.595747] ? anon_vma_compatible+0x2d0/0x2d0 [ 1564.596558] ? __vma_rb_erase+0x775/0xfa0 [ 1564.597232] ? vmacache_update+0xce/0x140 [ 1564.597893] __do_munmap+0x891/0x1260 [ 1564.598512] mmap_region+0x776/0x1590 [ 1564.599126] ? get_unmapped_area+0x2f0/0x420 [ 1564.599829] do_mmap+0xcdb/0x11e0 [ 1564.600394] vm_mmap_pgoff+0x198/0x1f0 [ 1564.601036] ? randomize_page+0xb0/0xb0 [ 1564.601672] ? __fget_files+0x296/0x4c0 [ 1564.602322] ksys_mmap_pgoff+0x41c/0x560 [ 1564.602976] ? find_mergeable_anon_vma+0x250/0x250 [ 1564.603770] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1564.604586] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1564.605417] do_syscall_64+0x33/0x40 [ 1564.606003] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1564.606798] RIP: 0033:0x7fd4717f2b62 [ 1564.607384] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1564.610224] RSP: 002b:00007fd46ed470f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1564.611433] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1564.612532] RDX: 0000000000000003 RSI: 0000000000100000 RDI: 0000000020ffc000 [ 1564.613664] RBP: 0000000020ffc000 R08: 0000000000000007 R09: 0000000010000000 [ 1564.614794] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 [ 1564.615906] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:49:35 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90103, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:49:35 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0xf, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:49:35 executing program 0: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000002540)='/proc/cpuinfo\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, 0x0) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80045400, 0x0) readv(0xffffffffffffffff, &(0x7f00000024c0)=[{&(0x7f0000000100)=""/170, 0xaa}, {&(0x7f00000001c0)=""/252, 0xfc}, {&(0x7f00000002c0)=""/205, 0xcd}, {&(0x7f0000002580)=""/258, 0x102}, {&(0x7f00000004c0)=""/4096, 0x1000}, {&(0x7f00000014c0)=""/4096, 0x1000}], 0x6) fremovexattr(r0, &(0x7f00000000c0)=@known='com.apple.system.Security\x00') [ 1564.707103] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:49:35 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x68000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:49:35 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90104, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:49:35 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x10, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1564.804126] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:49:50 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x11, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:49:50 executing program 7: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='status\x00') r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x10, r2, 0x10000000) readv(r1, &(0x7f0000001540)=[{&(0x7f0000000140)=""/44, 0x2c}], 0x1) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f00000004c0)=ANY=[@ANYBLOB="40c20a1542ffd55db5ea6d18e3b27e753db9825124b996b5bc", @ANYRES32=r0, @ANYBLOB="0852003f00d3735540c761460f66"]) r3 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000002c0)) writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000200)="af", 0x1}], 0x1) pwritev(r3, &(0x7f0000000080)=[{&(0x7f0000000180)='\x00', 0x1}], 0x1, 0x0, 0x0) r4 = syz_open_procfs$userns(0x0, &(0x7f00000003c0)) ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000400)={0x101, 0x8, 0x7ff, 0x0, 0x5}) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000040)={0x0, r3, 0x20000000000002, 0x0, 0x80000001}) signalfd4(r1, &(0x7f0000000100)={[0x1]}, 0x8, 0x800) 03:49:50 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x9, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0xa66) 03:49:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x6c000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:49:50 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 82) 03:49:50 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x33, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:49:50 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='configfs\x00', 0x0, 0x0) request_key(0x0, 0x0, 0x0, 0x0) listxattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=""/51, 0x33) r0 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) request_key(&(0x7f0000000100)='rxrpc_s\x00', &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)='$\x00', r0) openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) getdents(r1, &(0x7f0000000c00)=""/4096, 0x1000) 03:49:50 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9010a, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1579.642067] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:49:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x74000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1579.663552] FAULT_INJECTION: forcing a failure. [ 1579.663552] name failslab, interval 1, probability 0, space 0, times 0 [ 1579.664904] CPU: 0 PID: 12740 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1579.665702] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1579.666672] Call Trace: [ 1579.666981] dump_stack+0x107/0x167 [ 1579.667414] should_fail.cold+0x5/0xa [ 1579.667857] ? create_object.isra.0+0x3a/0xa20 [ 1579.668385] should_failslab+0x5/0x20 [ 1579.668822] kmem_cache_alloc+0x5b/0x310 [ 1579.669301] create_object.isra.0+0x3a/0xa20 [ 1579.669816] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1579.670402] kmem_cache_alloc+0x159/0x310 [ 1579.670895] vm_area_dup+0x78/0x290 [ 1579.671322] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1579.671933] ? mark_lock+0xf5/0x2df0 [ 1579.672367] ? lock_chain_count+0x20/0x20 [ 1579.672850] ? __lock_acquire+0x1657/0x5b00 [ 1579.673381] ? mark_lock+0xf5/0x2df0 [ 1579.673816] ? vm_area_alloc+0x110/0x110 [ 1579.674281] ? __lock_acquire+0x1657/0x5b00 [ 1579.674784] ? lock_acquire+0x197/0x470 [ 1579.675236] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1579.675831] ? SOFTIRQ_verbose+0x10/0x10 [ 1579.676291] ? vmacache_find+0x55/0x2a0 [ 1579.676744] __split_vma+0xa8/0x570 [ 1579.677159] __do_munmap+0x365/0x1260 [ 1579.677607] ? lock_release+0x680/0x680 [ 1579.678058] mmap_region+0x776/0x1590 [ 1579.678505] ? get_unmapped_area+0x2f0/0x420 [ 1579.679004] do_mmap+0xcdb/0x11e0 [ 1579.679410] vm_mmap_pgoff+0x198/0x1f0 [ 1579.679863] ? randomize_page+0xb0/0xb0 [ 1579.680312] ? __fget_files+0x296/0x4c0 [ 1579.680771] ksys_mmap_pgoff+0x41c/0x560 [ 1579.681240] ? find_mergeable_anon_vma+0x250/0x250 [ 1579.681813] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1579.682402] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1579.682995] do_syscall_64+0x33/0x40 [ 1579.683418] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1579.683994] RIP: 0033:0x7fd4717f2b62 [ 1579.684412] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1579.686523] RSP: 002b:00007fd46ed680f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1579.687383] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1579.688199] RDX: 0000000000000003 RSI: 0000000000100000 RDI: 0000000020ffc000 [ 1579.689010] RBP: 0000000020ffc000 R08: 0000000000000007 R09: 0000000010000000 [ 1579.689824] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 [ 1579.690629] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 [ 1579.731594] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:49:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x7a000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:49:50 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90118, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:49:50 executing program 7: io_setup(0xf5, &(0x7f00000000c0)=0x0) io_pgetevents(r0, 0x8, 0x1, &(0x7f0000000100)=[{}], &(0x7f0000000180), &(0x7f0000000200)={&(0x7f00000001c0)={[0x8a]}, 0x8}) syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f0000001980), 0x4bf221b84c8475b6, &(0x7f0000000080)=ANY=[@ANYBLOB="6e6fae701de89740e4ba52e1646f74732c646f74732c6e6f646f74732c747a3d5554432c646f74732c646f6e74"]) 03:49:50 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x6c, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1579.788661] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:50:03 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90600, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:03 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000000104050000000000000000000000000005000100010000000a000200000001ff060000000600064000000000bc0ccb73f514cbe2596b7639191cec02e2507457a22265268d81fd067c8a3eed27a95ea22b8bcfdb25de1ca7208682b845fbcd5e265dc572862688c5fe9ce54aef265c6d8ba684360e6a"], 0x30}}, 0x0) 03:50:03 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x3a, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:03 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) r1 = gettid() r2 = fcntl$getown(0xffffffffffffffff, 0x9) r3 = gettid() capset(&(0x7f0000000000)={0x19980330, r3}, &(0x7f0000000040)) r4 = gettid() capset(&(0x7f0000000000)={0x19980330, r4}, &(0x7f0000000040)) r5 = gettid() capset(&(0x7f0000000000)={0x19980330, r5}, &(0x7f0000000040)) r6 = gettid() capset(&(0x7f0000000000)={0x19980330, r6}, &(0x7f0000000040)) clone3(&(0x7f0000000340)={0x104002a00, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0), {0x36}, &(0x7f0000000200)=""/165, 0xa5, &(0x7f00000002c0), &(0x7f0000000300)=[r2, r1, r3, 0xffffffffffffffff, r0, r4, r5, r6], 0x8}, 0x58) capset(&(0x7f0000000000)={0x19980330, r1}, &(0x7f0000000040)) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x1, 0x3, 0x5, 0x4, 0x0, 0x5, 0x40, 0x9, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_config_ext={0x5, 0x8}, 0x400, 0x401, 0xff, 0x0, 0x7, 0x1000, 0x2, 0x0, 0x3, 0x0, 0x1}, r1, 0x3, 0xffffffffffffffff, 0x0) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:50:03 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x9effffff, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:50:03 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 83) [ 1593.233324] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:50:03 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0xf0, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1593.247343] FAULT_INJECTION: forcing a failure. [ 1593.247343] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1593.248809] CPU: 0 PID: 12883 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1593.249627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1593.250614] Call Trace: [ 1593.250929] dump_stack+0x107/0x167 [ 1593.251368] should_fail.cold+0x5/0xa [ 1593.251819] __alloc_pages_nodemask+0x182/0x600 [ 1593.252374] ? memtype_seq_stop+0x20/0x20 [ 1593.252864] ? pat_pagerange_is_ram+0xa8/0x140 [ 1593.253425] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 1593.254145] alloc_pages_current+0x187/0x280 [ 1593.254658] pte_alloc_one+0x16/0x1a0 [ 1593.255106] __pte_alloc+0x1d/0x330 [ 1593.255530] remap_pfn_range+0xacb/0x1010 [ 1593.256033] ? apply_to_existing_page_range+0x40/0x40 [ 1593.256648] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1593.257290] io_uring_mmap+0x398/0x530 [ 1593.257780] mmap_region+0xb5a/0x1590 [ 1593.258253] do_mmap+0xcdb/0x11e0 [ 1593.258682] vm_mmap_pgoff+0x198/0x1f0 [ 1593.259160] ? randomize_page+0xb0/0xb0 [ 1593.259648] ? __fget_files+0x296/0x4c0 [ 1593.260146] ksys_mmap_pgoff+0x41c/0x560 [ 1593.260648] ? find_mergeable_anon_vma+0x250/0x250 [ 1593.261254] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1593.261875] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1593.262506] do_syscall_64+0x33/0x40 [ 1593.262967] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1593.263598] RIP: 0033:0x7fd4717f2b62 [ 1593.264049] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1593.266311] RSP: 002b:00007fd46ed680f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1593.267241] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1593.268113] RDX: 0000000000000003 RSI: 0000000000100000 RDI: 0000000020ffc000 [ 1593.268979] RBP: 0000000020ffc000 R08: 0000000000000007 R09: 0000000010000000 [ 1593.269807] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 [ 1593.270671] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:50:03 executing program 7: memfd_create(&(0x7f0000000100)='\x00~(\x87P\x16}\x0e\x80\x1c\xadP:\x116\a\f\x16\xc7\r9cs\'C\x02\xd4\x16\b\xb5\xc6\xaaF\xedQ\b\x82\x82\xf1\xec\x96n0\a\x9c\x97\xdd\xd2\x95v\xe5\xcf\xa5\x87\xed\x9e\xc1\xaa[N\xc9[\xe3\x05R\x9ds`\xc0\xbbd\xc4_t;\xa1\xfb\xe3\x9a03\xe7<\xe4\x93{@\xa9\x06\x00\x94A\xe70gO\x82\xae\n\xac\xc3\xebz\xb5\"\xb7\x18\x01\xf5\xd0\xf9\xa4z/\x90\x14\xcfv\x1f\xe0\x82Z\xa9\xf2\xf8\xa3\xb5\xc6#w\xfc`\xd0\x86R\xb9\x03\xd8\x8c\x92\xb6\xd7E!P\xb8\xb1\xa6\x9c\x02.\x03Ls\r\xb6\xd8f\xa7\x0f\x9b\x87\x8d\x8d\x82|\x94\x10\xdaU', 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84000) readv(r2, &(0x7f00000006c0)=[{&(0x7f00000002c0)=""/220, 0xdc}, {&(0x7f0000000040)=""/48, 0x30}, {&(0x7f00000003c0)=""/203, 0xcb}, {&(0x7f00000004c0)=""/245, 0xf5}, {&(0x7f00000005c0)=""/219, 0xdb}], 0x5) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="300002001c00210040000000000a000000050000000000f3ff13000100fc020000000000000000000000200000"], 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) signalfd(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x248e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0) read(r3, &(0x7f0000000000), 0x1b4000) 03:50:03 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x1f4, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:50:03 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xb3000000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:50:03 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 84) 03:50:03 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() syz_open_procfs(r0, &(0x7f0000000000)='net/kcm\x00') process_vm_readv(r0, &(0x7f0000001a40)=[{&(0x7f00000018c0)=""/31, 0x1f}, {&(0x7f0000001b40)=""/124, 0x7a}, {&(0x7f0000001980)=""/161, 0xa1}], 0x100000000000002c, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x65}, {&(0x7f0000001080)=""/188, 0xffffffbc}, {&(0x7f0000001bc0)=""/122, 0x7a}, {&(0x7f0000001c40)=""/163, 0xa3}, {&(0x7f0000001d00)=""/231, 0xe7}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/9, 0x9}, {&(0x7f0000001040)=""/43, 0x2e}], 0x8, 0x0) [ 1593.373854] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:50:03 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1593.473930] FAULT_INJECTION: forcing a failure. [ 1593.473930] name failslab, interval 1, probability 0, space 0, times 0 [ 1593.476161] CPU: 1 PID: 12969 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1593.477534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1593.479175] Call Trace: [ 1593.479698] dump_stack+0x107/0x167 [ 1593.480430] should_fail.cold+0x5/0xa [ 1593.481246] ? ptlock_alloc+0x1d/0x70 [ 1593.482120] should_failslab+0x5/0x20 [ 1593.482967] kmem_cache_alloc+0x5b/0x310 [ 1593.483877] ptlock_alloc+0x1d/0x70 [ 1593.484689] pte_alloc_one+0x68/0x1a0 [ 1593.485542] __pte_alloc+0x1d/0x330 [ 1593.486355] remap_pfn_range+0xacb/0x1010 [ 1593.487313] ? apply_to_existing_page_range+0x40/0x40 [ 1593.488457] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1593.489627] io_uring_mmap+0x398/0x530 [ 1593.490494] mmap_region+0xb5a/0x1590 [ 1593.491357] do_mmap+0xcdb/0x11e0 [ 1593.492146] vm_mmap_pgoff+0x198/0x1f0 [ 1593.493017] ? randomize_page+0xb0/0xb0 [ 1593.493911] ? __fget_files+0x296/0x4c0 [ 1593.494808] ksys_mmap_pgoff+0x41c/0x560 [ 1593.495711] ? find_mergeable_anon_vma+0x250/0x250 [ 1593.496806] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1593.497974] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1593.499127] do_syscall_64+0x33/0x40 [ 1593.499955] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1593.501091] RIP: 0033:0x7fd4717f2b62 [ 1593.501937] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1593.505992] RSP: 002b:00007fd46ed680f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1593.507667] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1593.509246] RDX: 0000000000000003 RSI: 0000000000100000 RDI: 0000000020ffc000 [ 1593.510830] RBP: 0000000020ffc000 R08: 0000000000000007 R09: 0000000010000000 [ 1593.512402] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 [ 1593.513992] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:50:19 executing program 7: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400000000ffff004ec4ba7dc57fa5b91e"], 0x14}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) io_uring_setup(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x161}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x304) socket$inet(0x2, 0xa, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x8914, &(0x7f00000001c0)={'syzkaller1\x00', {0x2, 0x0, @empty}}) 03:50:19 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 85) 03:50:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xf0ffffff, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:50:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:19 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:19 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x300, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:50:19 executing program 0: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = memfd_create(&(0x7f0000000340)='\x00', 0x2) pwritev2(r0, &(0x7f0000000440)=[{&(0x7f00000002c0)="81", 0x1}], 0x1, 0x7ffd, 0x0, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) fcntl$addseals(r2, 0x409, 0xc) fallocate(r0, 0x0, 0x0, 0x4) chdir(&(0x7f0000000040)='./file0\x00') mount$cgroup(0x0, 0x0, &(0x7f0000000100), 0x180010, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file2\x00') r3 = creat(&(0x7f0000000200)='./file1\x00', 0x2) chroot(&(0x7f0000000280)='./file2\x00') r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) pwritev2(r3, &(0x7f0000000840)=[{&(0x7f0000000480)="ad9bb8e848ac88ffbef9f0742792e1353dfb5853f58ca9cf9cc886853b9e39e48cae5824bf7335847c09f9e9a7db02679835b1bfc30b201a2cb9a4b53c91a28ebcca45e4c9a758a25db1760391d50e95384cc96bbddbaf42db71a7f65ac687f0849f9fad33278a19a1adff4f0b1c481cc221399f09892d33c106a82ff59302ae803ed7c02c86aaeef54dc4ee2667ddbe4fe0cce5c23bef9eadfe72d0d890fae1440ffa43180d7d3d4cfb72", 0xab}, {&(0x7f0000000540)="c670fef7f3d676990f49a2e36ec07dbdeac3340505faa82738abb07b00b7194a4751be9b760cdce896fb0da7d748c8f4f762e726a99458da18446c9b50df3705509a0de8fde258ffb3758bd1abe0ec64d117bc17675d0e3295ee7d7fd44eb660a86972604a95dbc2aaf9fddc151938cb13dc1e1d9ed1fd0ce6311e4cd570fe5efd6aaf69703856ee52d3283c928c9ec15c01d8871831a57a683d3de75b9d7872ef40fcc93cc27a30abd068c9aff2adfb4632f69912e2c9863a5b1d", 0xbb}, {&(0x7f00000003c0)="569256c3ba77587aded2b069fff6b377c3eba8bcc59bcbdbc70134afe8beebd0fd4b82013a56d3f2eeab6b182919b6a87d73cff753ea34a8539692c2fb95a43118e29cd77a0c6ede233741bb1811839596087f429dffadf5631a0cf3095488711292432636b57756f95dec886285ad8b59b806541d32908bd7", 0x79}, {&(0x7f0000000300)='q', 0x1}, {&(0x7f0000000600)="35cbd747d73ec8ccfa7f679a417218da1e252dfaf8fe2c846573b6450b2efc37b0c78ab0346437eedfc6b8b07dc37ba1acdcbe6ddbf887d35bda5e9043ec027287c47198132c875a0e800b64ce23da8dc4ce3b553b474fcb74e8699a70ef4a45dec2cbdacc239b7fee948ff28569576309521e9ddbb4b1856f022f69ca583dd7848f31832e4eed076e7355d624a405fe178f77e372139c18ed14562d73f8e05b52c55340f1765b8fe6e71c60688c732862a0d93fcc7f3b9d9a464ec8caa01d477e8b0908431c56f28303d86e34a38cfff8a0d221761abaa106ae51e26917618fb1de244263d69fb67f914dcdf9b1837d041541", 0xf3}, {&(0x7f0000000700)="75a3dca44be2d52773d4f33776", 0xd}, {&(0x7f0000000740)="1852c6c75eef00e31799842fad1c57d282e1d977bdb395b33d2695e4952bf1ecd4a21d75bd59287aee7af49a8bbeb6395ee0161871682b7e7a94ebf42e7d08520463bcf1d56b371b35cb677e2759bebdc1e03527c477001e0212921569483e382aa7ca285df56b1ccf36aab0da88f13480a9b283830d7159b70dc4b1bb90fe264a8d471afc2d45df7276a2986c4fa1cd20ea1455a57423f915045c15fa264de34bf20740e87e6905847e1caec62bc80aa701094f245948c42aeb9b52e0d5080942b6ce4516b6927992ca43c4beffa256ff2079be5ff6eff71ce2914f648d98cf959873b71850d81c8f", 0xe9}], 0x7, 0x3f, 0x8, 0x2) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) write(r4, &(0x7f0000000380)="0249e99a7f0211ef77a2e6ddf80889819eecd945439d8a17fd966a028b5a0d7d6da10a8b16bf2bf2b67ed8b591", 0x2d) fcntl$dupfd(0xffffffffffffffff, 0x0, r4) sendfile(r4, r5, 0x0, 0x100000001) 03:50:19 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) capset(&(0x7f00000000c0)={0x19980330, r0}, &(0x7f0000000100)={0x4, 0x1, 0x2, 0x1, 0x2aa5, 0x9}) fork() [ 1608.927019] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1608.950268] FAULT_INJECTION: forcing a failure. [ 1608.950268] name failslab, interval 1, probability 0, space 0, times 0 [ 1608.952693] CPU: 0 PID: 13014 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1608.954102] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1608.955797] Call Trace: [ 1608.956345] dump_stack+0x107/0x167 [ 1608.957090] should_fail.cold+0x5/0xa [ 1608.957885] ? create_object.isra.0+0x3a/0xa20 [ 1608.958823] should_failslab+0x5/0x20 [ 1608.959603] kmem_cache_alloc+0x5b/0x310 [ 1608.960422] ? __alloc_pages_slowpath.constprop.0+0x2130/0x2130 [ 1608.961646] create_object.isra.0+0x3a/0xa20 [ 1608.962535] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1608.963561] kmem_cache_alloc+0x159/0x310 [ 1608.964405] ptlock_alloc+0x1d/0x70 [ 1608.965157] pte_alloc_one+0x68/0x1a0 [ 1608.965933] __pte_alloc+0x1d/0x330 [ 1608.966672] remap_pfn_range+0xacb/0x1010 [ 1608.967538] ? apply_to_existing_page_range+0x40/0x40 [ 1608.968595] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1608.969673] io_uring_mmap+0x398/0x530 [ 1608.970474] mmap_region+0xb5a/0x1590 [ 1608.971263] do_mmap+0xcdb/0x11e0 [ 1608.971983] vm_mmap_pgoff+0x198/0x1f0 [ 1608.972774] ? randomize_page+0xb0/0xb0 [ 1608.973594] ? __fget_files+0x296/0x4c0 [ 1608.974427] ksys_mmap_pgoff+0x41c/0x560 [ 1608.975255] ? find_mergeable_anon_vma+0x250/0x250 [ 1608.976263] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1608.977329] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1608.978432] do_syscall_64+0x33/0x40 [ 1608.979190] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1608.980286] RIP: 0033:0x7fd4717f2b62 [ 1608.981040] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1608.985021] RSP: 002b:00007fd46ed680f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1608.986605] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007fd4717f2b62 [ 1608.988054] RDX: 0000000000000003 RSI: 0000000000100000 RDI: 0000000020ffc000 [ 1608.989493] RBP: 0000000020ffc000 R08: 0000000000000007 R09: 0000000010000000 [ 1608.990954] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100 [ 1608.992400] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffb000 03:50:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xfffff000, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:50:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1609.039508] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:50:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:19 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x500, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:50:19 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) (fail_nth: 86) 03:50:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xffffff7f, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:50:19 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1609.226521] FAULT_INJECTION: forcing a failure. [ 1609.226521] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1609.228889] CPU: 1 PID: 13140 Comm: syz-executor.4 Not tainted 5.10.200 #1 [ 1609.230251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1609.231886] Call Trace: [ 1609.232405] dump_stack+0x107/0x167 [ 1609.233137] should_fail.cold+0x5/0xa [ 1609.233915] _copy_to_user+0x2e/0x180 [ 1609.234683] simple_read_from_buffer+0xcc/0x160 [ 1609.235597] proc_fail_nth_read+0x198/0x230 [ 1609.236447] ? proc_sessionid_read+0x230/0x230 [ 1609.237328] ? security_file_permission+0x24e/0x570 [ 1609.238319] ? perf_trace_initcall_start+0x101/0x380 [ 1609.239310] ? proc_sessionid_read+0x230/0x230 [ 1609.240196] vfs_read+0x228/0x580 [ 1609.240878] ksys_read+0x12d/0x260 [ 1609.241579] ? vfs_write+0xa70/0xa70 [ 1609.242323] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1609.243340] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1609.244348] do_syscall_64+0x33/0x40 [ 1609.245074] entry_SYSCALL_64_after_hwframe+0x62/0xc7 [ 1609.246069] RIP: 0033:0x7fd4717a569c [ 1609.246790] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1609.250362] RSP: 002b:00007fd46ed68170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1609.251835] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fd4717a569c [ 1609.253215] RDX: 000000000000000f RSI: 00007fd46ed681e0 RDI: 0000000000000006 [ 1609.254609] RBP: 00007fd46ed681d0 R08: 0000000000000000 R09: 0000000010000000 [ 1609.255975] R10: 0000000000008011 R11: 0000000000000246 R12: 0000000000000002 [ 1609.257393] R13: 00007ffcfc52045f R14: 00007fd46ed68300 R15: 0000000000022000 [ 1609.260372] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1623.542838] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:50:33 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x600, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:50:33 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) 03:50:33 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:33 executing program 7: r0 = creat(0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) fcntl$dupfd(r1, 0x0, r1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x248e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r2, &(0x7f00000000c0)=""/149, 0x95) ioctl$PERF_EVENT_IOC_REFRESH(0xffffffffffffffff, 0x2402, 0x6) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x8) r3 = epoll_create(0x3) ioctl$FIBMAP(r3, 0x1, &(0x7f0000000200)=0xffffff29) socket$netlink(0x10, 0x3, 0x0) unshare(0x48020200) 03:50:33 executing program 0: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000011400)='\"', 0x1, 0xf000}], 0x801, &(0x7f0000000040)=ANY=[@ANYBLOB="636877636bffff7472691d261ae3e80c6c0413c5"]) 03:50:33 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xffffff9e, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:50:33 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:33 executing program 3: r0 = fork() r1 = gettid() capset(&(0x7f0000000000)={0x19980330, r1}, &(0x7f0000000040)) r2 = getpid() rt_tgsigqueueinfo(r1, r2, 0x40, &(0x7f0000000140)={0x3a, 0x0, 0x2}) getpgid(r0) capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000000080)={0xfff, 0x2, 0xffff, 0x1, 0xfffffffe}) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x7, &(0x7f00000000c0)=0x1) capset(&(0x7f00000001c0)={0x20071026, r1}, &(0x7f0000000200)={0x40, 0x4, 0x3, 0x7, 0x200, 0xffff0000}) r3 = fcntl$getown(0xffffffffffffffff, 0x9) ptrace$cont(0x18, r3, 0x50, 0x80) 03:50:33 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xfffffff0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:50:34 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x700, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:50:34 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x900, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1623.644787] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:50:34 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:34 executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ipv6_route\x00') r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='children\x00') sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x2, 0x70bd26, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x14}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20000000) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000600)=ANY=[@ANYBLOB="2800000000399e4ce8bc6b9e5900"], 0x28}}, 0x0) pipe2(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) syz_open_procfs(0x0, &(0x7f0000000500)='net/llc/core\x00') preadv(r1, &(0x7f00000004c0)=[{&(0x7f0000000300)=""/89, 0x59}, {&(0x7f0000000380)=""/201, 0xc9}], 0x2, 0x6, 0x6) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r4, r3, 0x800, 0x0) getpeername$netlink(r3, &(0x7f0000000140), &(0x7f0000000180)=0xc) r5 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r5, 0x8008f511, &(0x7f00000001c0)) 03:50:34 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:34 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) 03:50:34 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0xffffffff, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1623.794399] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14592 sclass=netlink_route_socket pid=13276 comm=syz-executor.0 03:50:34 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0xa00, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:50:34 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:34 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = semget(0x0, 0x2, 0x200) semop(r0, &(0x7f0000000140)=[{0x0, 0x0, 0x1000}], 0x1) semctl$IPC_RMID(r0, 0x0, 0x0) r1 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)={0x0, 0x0, 0x7, 0x0, 0x3}) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r2, 0x0, 0x5, 0x0, 0x0) r3 = fcntl$getown(0xffffffffffffffff, 0x9) tkill(r3, 0x31) migrate_pages(r1, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) ioctl$int_out(0xffffffffffffffff, 0x5460, &(0x7f00000000c0)) [ 1623.866550] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:50:34 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x2}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) 03:50:34 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:34 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0xb00, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:50:34 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x2, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:50:34 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:34 executing program 7: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1624.148099] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:50:34 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x3, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:50:34 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:34 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0xf00, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1624.307342] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:50:49 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:49 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)={0x0, 0x0}) r2 = syz_open_procfs$namespace(r0, &(0x7f0000000140)='ns/pid\x00') kcmp(r1, r0, 0x0, 0xffffffffffffffff, r2) 03:50:49 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:50:50 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x1100, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:50:50 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x3}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) 03:50:50 executing program 7: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = dup(r0) r2 = syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000002a40)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000240)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x5, 0x10, 0xffffffffffffffff, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x7) r5 = dup(r1) connect$inet6(r5, &(0x7f0000000100)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c) connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e24, @multicast2}, 0x10) setsockopt$sock_int(r5, 0x1, 0x29, &(0x7f0000000080)=0x1, 0x4) sendto(r5, 0x0, 0x0, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x5, 0x3, 0x3f, 0x40, 0x9, 0x2, 0x3, 0x600000, 0x3ac, 0x40, 0x82, 0x2, 0x5, 0x38, 0x1, 0x9, 0x8, 0x1f0}, [{0x60000000, 0x3ff, 0x9, 0x80000001, 0x4, 0x5b, 0x100000001, 0x8}], "ef01dcfffbaa4d58bae04f31a60d753f1b61b9fa51b687c3243d621ba2ef44df134e4b718a801ca0fb2c6fc3c6676fe57dbc92d5f3d11df3d3e182cfeadd1a5a1aa3", ['\x00']}, 0x1ba) 03:50:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:50:50 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0) openat(r0, &(0x7f0000000300)='./file1/file0\x00', 0x282001, 0x82) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) dup(0xffffffffffffffff) pwrite64(r0, &(0x7f0000000340), 0x0, 0x0) r2 = openat(r1, &(0x7f00000001c0)='./file1/file0\x00', 0x4000, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000200)="af", 0x1}], 0x1) accept4$unix(r3, &(0x7f0000000200)=@abs, &(0x7f00000002c0)=0x6e, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000500)={&(0x7f0000000000), 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x14, 0x25, 0x400, 0x70bd29, 0x25dfdbfe, {0x9}}, 0x14}, 0x1, 0x0, 0x0, 0x48040}, 0x800) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) timerfd_create(0x8, 0x800) ioctl$AUTOFS_DEV_IOCTL_FAIL(r2, 0xc0189377, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {0x101, 0x6}}, './file0\x00'}) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r6, r5, 0x800, 0x0) close_range(r6, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r6, &(0x7f0000000340)={0x3000401f}) unshare(0x48020200) [ 1639.649552] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:51:04 executing program 7: r0 = syz_mount_image$iso9660(&(0x7f0000000440), &(0x7f0000000480)='./file0\x00', 0x0, 0x42, &(0x7f0000000a40), 0x0, &(0x7f0000000040)={[{@iocharset={'iocharset', 0x3d, 'cp775'}}, {@map_off}]}) r1 = openat2(r0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x80000, 0x100, 0x3}, 0x18) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r3, r2, 0x800, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) openat(r3, &(0x7f0000000100)='./file0\x00', 0x80602, 0x4) unlinkat(r1, &(0x7f00000000c0)='./file0\x00', 0x0) 03:51:04 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:51:04 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) 03:51:04 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1654.032665] ISOFS: Unable to identify CD-ROM format. 03:51:04 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x25, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:51:04 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x6c00, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:51:04 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) r1 = getpgrp(r0) waitid(0x2, r1, &(0x7f0000000140), 0x20000008, &(0x7f00000002c0)) 03:51:04 executing program 0: creat(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffdfffffffffffff, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r0, 0x800, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) openat(r1, &(0x7f0000000080)='./file0\x00', 0x40, 0x90) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x800, 0x0) sendfile(r2, r3, &(0x7f0000000140)=0x1, 0x6) setxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)='system.posix_acl_access\x00', &(0x7f0000000040)=ANY=[@ANYBLOB="020000000100000000000000020000f0c39296adc85b01916f00", @ANYRES32=0x0, @ANYBLOB="040002000000000100000400", @ANYRES32=0x0, @ANYBLOB="10000400000000002000060000000000"], 0x34, 0x0) 03:51:04 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0xf000, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:51:04 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x0, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:51:04 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1654.116632] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1654.196448] ISOFS: Unable to identify CD-ROM format. 03:51:19 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1669.042565] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:51:19 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0xf401, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) 03:51:19 executing program 0: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x107142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff}, 0x0) tee(r3, r2, 0x800, 0x0) ioctl$FS_IOC_MEASURE_VERITY(r2, 0xc0046686, &(0x7f0000000040)=ANY=[@ANYBLOB="00001900d45aa5a857bc00013a7b05c2b72923e80180764dc1b2f36c59"]) 03:51:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x2, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:51:19 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x6}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) 03:51:19 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) read(0xffffffffffffffff, &(0x7f00000000c0)=""/218, 0xda) 03:51:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:51:19 executing program 7: pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r2, r1, 0x800, 0x0) r4 = fcntl$dupfd(r1, 0x406, r1) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='net/dev_snmp6\x00') sendmsg$TIPC_CMD_SET_LINK_TOL(r5, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={&(0x7f00000004c0)={0x68, 0x0, 0x0, 0x70bd29, 0x25dfdbfd, {{}, {}, {0x4c, 0x18, {0x1d5, @link='syz1\x00'}}}, ["", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x4008044}, 0x4080) fcntl$setlease(r4, 0x400, 0x0) r6 = openat(r3, &(0x7f0000000540)='./file0\x00', 0x40400, 0x105) write$binfmt_elf64(r6, &(0x7f0000000580)={{0x7f, 0x45, 0x4c, 0x46, 0x9, 0x0, 0x7, 0x0, 0x80000001, 0x3, 0x3e, 0x8000, 0x125, 0x40, 0x1e3, 0x101, 0x5bf, 0x38, 0x2, 0x2, 0x9, 0x2}, [{0x70000000, 0x9, 0xfffffffffffff801, 0x1000, 0x1000, 0x5, 0x1, 0x61}, {0x4, 0x5, 0x100000001, 0x9, 0x24, 0x1, 0x7, 0x3ff}], "9071c0fb9481a34d1697fc8ba2d033952760ba311f5798083bdba9e4536e8cc6f6d3bf5f1289c890cd6fefe6f1066cea0c218ee0a1777a36bcc54af79a4685b3692887331323c49060cebfa474b49ff079b8b60f4d368b45a6d44a531a117600469291e67a95cfedb669d6ec8db8d96c84319f6d9c", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x725) preadv(r1, &(0x7f0000000300)=[{&(0x7f00000000c0)=""/55, 0x37}, {&(0x7f0000000200)=""/214, 0xd6}], 0x2, 0xfffeffff, 0x3) r7 = perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x76, 0x81, 0x4, 0x40, 0x0, 0xae48, 0x410, 0x8, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_config_ext={0xffffffff80000000, 0x51}, 0x802, 0x41, 0x3f, 0x0, 0xfffffffffffffff9, 0x1ff, 0x800, 0x0, 0x797c, 0x0, 0xfffffffffffffffb}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x3) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close_range(r8, 0xffffffffffffffff, 0x0) fcntl$dupfd(r7, 0x0, r0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000000)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f0000000080)={r9, 0x3, 0x2}) syz_extract_tcp_res$synack(&(0x7f0000000100)={0x41424344, 0x41424344}, 0x1, 0x0) syz_emit_ethernet(0x5e, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd60afb6a500280600fc010000000000000000000000000000fe8000000000000000000000000000aa000010001ebc61fb", @ANYRES32=r10, @ANYRES32=0x41424344, @ANYBLOB="a0000000907800001312c5d042cdfadd3cb7b0d1d01fcd6018590000"], 0x0) 03:51:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x3, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:51:19 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x34000, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1669.127896] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:51:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x4, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1669.182042] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:51:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x5, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) 03:51:19 executing program 6: perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100d882}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:51:19 executing program 3: r0 = fork() capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) capset(&(0x7f00000000c0)={0x19980330, r0}, 0x0) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x8, &(0x7f0000000080)=0x1) 03:51:19 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000100)="e86bdc9565", 0x5}], 0x1) perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x8}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)) 03:51:19 executing program 5: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90100, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 03:51:19 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x80000, &(0x7f0000000300)={&(0x7f0000000380)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private1}, [@srcaddr={0x14, 0xd, @in=@empty}]}, 0x3c}}, 0x0) [ 1669.256807] netlink: 'syz-executor.2': attribute type 10 has an invalid length. 03:51:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x20, 0x1d, 0xc21, 0x0, 0x0, {0x5, 0x6, 0x2}, [@nested={0xc, 0xa, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0) [ 1669.413207] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 1674.423771] Bluetooth: hci2: command 0x0409 tx timeout [ 1676.471782] Bluetooth: hci2: command 0x041b tx timeout [ 1678.519769] Bluetooth: hci2: command 0x040f tx timeout [ 1679.492587] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1679.494322] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1679.497265] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1679.546553] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1679.548358] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1679.551766] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1684.343787] Bluetooth: hci2: command 0x0409 tx timeout [ 1686.391774] Bluetooth: hci2: command 0x041b tx timeout [ 1688.439788] Bluetooth: hci2: command 0x040f tx timeout [ 1689.401076] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1689.402860] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1689.405755] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1689.468321] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1689.470025] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1689.473799] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1694.263767] Bluetooth: hci2: command 0x0409 tx timeout [ 1696.312761] Bluetooth: hci2: command 0x041b tx timeout [ 1698.359754] Bluetooth: hci2: command 0x040f tx timeout [ 1699.167691] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1699.169418] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1699.171976] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1699.221664] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1699.223447] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1699.225812] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1703.991779] Bluetooth: hci2: command 0x0409 tx timeout [ 1706.039783] Bluetooth: hci2: command 0x041b tx timeout [ 1708.087802] Bluetooth: hci2: command 0x040f tx timeout [ 1708.955031] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1708.956755] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1708.959477] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1709.017648] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1709.019597] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1709.022133] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1713.847796] Bluetooth: hci2: command 0x0409 tx timeout [ 1715.895873] Bluetooth: hci2: command 0x041b tx timeout [ 1717.943768] Bluetooth: hci2: command 0x040f tx timeout [ 1718.923645] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1718.925607] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1718.929293] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1718.976292] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1718.978229] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1718.981229] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1723.767791] Bluetooth: hci2: command 0x0409 tx timeout [ 1725.815758] Bluetooth: hci2: command 0x041b tx timeout [ 1727.863788] Bluetooth: hci2: command 0x040f tx timeout [ 1728.740050] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1728.741788] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1728.744748] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1728.790157] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1728.791872] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1728.796137] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1733.560846] Bluetooth: hci2: command 0x0409 tx timeout [ 1735.607760] Bluetooth: hci2: command 0x041b tx timeout [ 1737.655770] Bluetooth: hci2: command 0x040f tx timeout [ 1738.545380] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1738.547102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1738.556466] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1738.605787] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1738.608105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1738.611879] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1743.415825] Bluetooth: hci2: command 0x0409 tx timeout [ 1745.463762] Bluetooth: hci2: command 0x041b tx timeout [ 1747.511802] Bluetooth: hci2: command 0x040f tx timeout [ 1748.408498] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1748.410546] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1748.413390] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1748.467570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1748.469199] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1748.471960] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1753.271775] Bluetooth: hci2: command 0x0409 tx timeout [ 1755.319762] Bluetooth: hci2: command 0x041b tx timeout [ 1757.367838] Bluetooth: hci2: command 0x040f tx timeout [ 1758.290694] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1758.293152] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1758.322797] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1758.364341] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1758.366041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1758.369059] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1763.127777] Bluetooth: hci2: command 0x0409 tx timeout [ 1765.175849] Bluetooth: hci2: command 0x041b tx timeout [ 1767.223770] Bluetooth: hci2: command 0x040f tx timeout [ 1768.112626] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1768.114370] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1768.119862] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1768.177790] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1768.179746] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1768.182224] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1772.983771] Bluetooth: hci2: command 0x0409 tx timeout [ 1775.031793] Bluetooth: hci2: command 0x041b tx timeout [ 1777.080454] Bluetooth: hci2: command 0x040f tx timeout [ 1777.968080] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1777.970474] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1777.973377] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1778.024550] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1778.026570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1778.029141] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 2023/11/21 03:53:08 executor 7 failed 11 times: executor 7: exit status 67 SYZFAIL: tun read failed (errno 9: Bad file descriptor) SYZFAIL: child failed (errno 0: Success) loop exited with status 67 [ 1778.880933] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium VM DIAGNOSIS: 03:53:08 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=ffffffff815fa94d RCX=1ffff1100d9c1301 RDX=1ffff1100d9c1354 RSI=ffff8880182bf748 RDI=ffffffff815fa94d RBP=ffff88806ce09aa0 RSP=ffff88806ce09a28 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000032042 R11=1ffff1100d9c1338 R12=ffff88806ce09b10 R13=0000000000000000 R14=ffff88801833cec0 R15=ffff88800ee8c000 RIP=ffffffff811bc280 RFL=00000292 [--S-A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f94082e0fb8 CR3=000000000c99e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=fdfb25ee6534c7ed11e4a263b0098b57 XMM02=acd51bc9e42957e8b7c401f5209b5d1a XMM03=936ac75debdd9bdd9b807ae2418657e8 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=0d0c0f0e09080b0a0504070601000302 XMM07=0e0d0c0f0a09080b0605040702010003 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff8163e340 RDX=ffff888018339a40 RSI=0000000000000000 RDI=0000000000000000 RBP=ffffea0000770c40 RSP=ffff888015a979a0 R8 =0000000000000000 R9 =ffffea0000770c47 R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=ffffea0000770c48 R14=0000000000000000 R15=ffffea0000770c08 RIP=ffffffff814083f4 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000560f883df250 CR3=000000000c99e000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=636578650a3a73656d69742031312064 XMM02=6174732074697865203a3720726f7475 XMM03=203a4c4941465a59530a373620737574 XMM04=0a64656c6961662064616572206e7574 XMM05=6620646142203a39206f6e7272652820 XMM06=0a29726f747069726373656420656c69 XMM07=6620646c696863203a4c4941465a5953 XMM08=72206e7574203a4c4941465a59530a37 XMM09=72726528200a64656c69616620646165 XMM10=6420656c696620646142203a39206f6e XMM11=41465a59530a29726f74706972637365 XMM12=64656c69616620646c696863203a4c49 XMM13=63637553203a30206f6e72726528200a XMM14=64657469786520706f6f6c0a29737365 XMM15=0a373620737574617473206874697720