0000000000000000 [ 1517.128111][T11912] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1517.128124][T11912] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1517.165116][T11932] CPU: 0 PID: 11932 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1517.173878][T11932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1517.184098][T11932] Call Trace: [ 1517.187394][T11932] dump_stack+0x137/0x19d [ 1517.191728][T11932] should_fail+0x23c/0x250 [ 1517.196141][T11932] should_fail_usercopy+0x16/0x20 06:48:37 executing program 0 (fault-call:1 fault-nth:8): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:37 executing program 1: syz_io_uring_setup(0x0, &(0x7f0000000280)={0x0, 0xfffffffe, 0x8}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000300), 0x0) 06:48:37 executing program 4: syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0xf48, &(0x7f0000000180), &(0x7f0000e30000/0x3000)=nil, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x7e10, 0x0, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) 06:48:37 executing program 4: syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0xf48, &(0x7f0000000180), &(0x7f0000e30000/0x3000)=nil, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x7e10, 0x0, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) 06:48:37 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e33000/0x2000)=nil, 0x2000, 0x4000, 0x6, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e33000/0x1000)=nil, 0x1000, 0x0, 0x10, r0, 0x38204000) [ 1517.201161][T11932] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1517.207443][T11932] ? shmem_write_begin+0x7e/0x100 [ 1517.212594][T11932] generic_perform_write+0x1e4/0x3a0 [ 1517.217908][T11932] ? shmem_write_begin+0x100/0x100 [ 1517.223017][T11932] __generic_file_write_iter+0x161/0x300 [ 1517.228750][T11932] ? generic_write_checks+0x250/0x290 [ 1517.237857][T11932] generic_file_write_iter+0x75/0x130 [ 1517.243251][T11932] vfs_write+0x69d/0x770 [ 1517.247487][T11932] ksys_write+0xce/0x180 [ 1517.251737][T11932] __x64_sys_write+0x3e/0x50 06:48:37 executing program 1: syz_io_uring_setup(0x0, &(0x7f0000000280)={0x0, 0xfffffffe, 0x8}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000300), 0x0) 06:48:37 executing program 4: syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0xf48, &(0x7f0000000180), &(0x7f0000e30000/0x3000)=nil, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x7e10, &(0x7f0000000080)={0x0, 0x0, 0x10, 0x0, 0x11d}, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) [ 1517.256412][T11932] do_syscall_64+0x4a/0x90 [ 1517.260843][T11932] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1517.266848][T11932] RIP: 0033:0x4665d9 [ 1517.270816][T11932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1517.290978][T11932] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1517.299483][T11932] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1517.305705][T11944] FAULT_INJECTION: forcing a failure. [ 1517.305705][T11944] name failslab, interval 1, probability 0, space 0, times 0 [ 1517.307537][T11932] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1517.307553][T11932] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1517.307565][T11932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1517.344641][T11932] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1517.352611][T11944] CPU: 1 PID: 11944 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1517.361404][T11944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1517.371674][T11944] Call Trace: [ 1517.374995][T11944] dump_stack+0x137/0x19d [ 1517.379523][T11944] should_fail+0x23c/0x250 [ 1517.384039][T11944] __should_failslab+0x81/0x90 [ 1517.388812][T11944] ? percpu_ref_init+0x9e/0x210 [ 1517.393833][T11944] should_failslab+0x5/0x20 [ 1517.398339][T11944] kmem_cache_alloc_trace+0x49/0x310 [ 1517.403696][T11944] percpu_ref_init+0x9e/0x210 [ 1517.408635][T11944] ? __io_register_rsrc_update+0x1260/0x1260 [ 1517.414654][T11944] io_uring_create+0x1419/0x18d0 [ 1517.419604][T11944] ? should_fail+0xd6/0x250 [ 1517.424117][T11944] __x64_sys_io_uring_setup+0xe1/0x120 [ 1517.429648][T11944] do_syscall_64+0x4a/0x90 [ 1517.434052][T11944] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1517.440006][T11944] RIP: 0033:0x4665d9 [ 1517.443888][T11944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1517.463491][T11944] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1517.472010][T11944] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1517.480091][T11944] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1517.488160][T11944] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1517.496121][T11944] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 06:48:38 executing program 3 (fault-call:1 fault-nth:45): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:38 executing program 1: syz_io_uring_setup(0x3125, 0x0, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000300), 0x0) 06:48:38 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7605}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:38 executing program 4: syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0xf48, &(0x7f0000000180), &(0x7f0000e30000/0x3000)=nil, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x7e10, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x11d}, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) 06:48:38 executing program 0 (fault-call:1 fault-nth:9): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:38 executing program 2: ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f0000000100)={0xe66f, 0xfffffffe, 0x0, 'queue0\x00', 0x40}) mlock(&(0x7f0000e31000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2) r0 = syz_io_uring_setup(0x28fe, &(0x7f0000000000)={0x0, 0xd4d5, 0x4, 0x0, 0x274}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000e31000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x80010, r0, 0x8000000) [ 1517.504105][T11944] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1517.548754][T11963] FAULT_INJECTION: forcing a failure. [ 1517.548754][T11963] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1517.562007][T11963] CPU: 0 PID: 11963 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1517.568703][T11967] FAULT_INJECTION: forcing a failure. [ 1517.568703][T11967] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1517.570947][T11963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1517.570960][T11963] Call Trace: [ 1517.570967][T11963] dump_stack+0x137/0x19d [ 1517.601969][T11963] should_fail+0x23c/0x250 [ 1517.606403][T11963] __alloc_pages+0x102/0x320 [ 1517.611185][T11963] alloc_pages_vma+0x391/0x660 [ 1517.615932][T11963] shmem_getpage_gfp+0x980/0x1410 [ 1517.620991][T11963] shmem_write_begin+0x7e/0x100 [ 1517.625992][T11963] generic_perform_write+0x196/0x3a0 [ 1517.631308][T11963] ? shmem_write_begin+0x100/0x100 [ 1517.636484][T11963] __generic_file_write_iter+0x161/0x300 [ 1517.642100][T11963] ? generic_write_checks+0x250/0x290 [ 1517.647502][T11963] generic_file_write_iter+0x75/0x130 [ 1517.653009][T11963] vfs_write+0x69d/0x770 [ 1517.657234][T11963] ksys_write+0xce/0x180 [ 1517.661455][T11963] __x64_sys_write+0x3e/0x50 [ 1517.666072][T11963] do_syscall_64+0x4a/0x90 [ 1517.670498][T11963] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1517.676475][T11963] RIP: 0033:0x4665d9 [ 1517.680352][T11963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1517.700027][T11963] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1517.708437][T11963] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1517.716412][T11963] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1517.724373][T11963] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1517.732416][T11963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1517.740420][T11963] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1517.748548][T11967] CPU: 1 PID: 11967 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1517.757466][T11967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1517.767560][T11967] Call Trace: [ 1517.770887][T11967] dump_stack+0x137/0x19d [ 1517.775231][T11967] should_fail+0x23c/0x250 [ 1517.779654][T11967] should_fail_usercopy+0x16/0x20 [ 1517.784678][T11967] _copy_to_user+0x1c/0x90 [ 1517.789099][T11967] io_uring_create+0x159f/0x18d0 [ 1517.794043][T11967] ? should_fail+0xd6/0x250 06:48:38 executing program 4: syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0xf48, &(0x7f0000000180), &(0x7f0000e30000/0x3000)=nil, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x7e10, &(0x7f0000000080), &(0x7f0000c49000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) 06:48:38 executing program 1: syz_io_uring_setup(0x3125, 0x0, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000300), 0x0) 06:48:38 executing program 3 (fault-call:1 fault-nth:46): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:38 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, &(0x7f00000000c0)={0x0, 0xea60}) [ 1517.798575][T11967] __x64_sys_io_uring_setup+0xe1/0x120 [ 1517.804166][T11967] do_syscall_64+0x4a/0x90 [ 1517.808605][T11967] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1517.814562][T11967] RIP: 0033:0x4665d9 [ 1517.818475][T11967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1517.838073][T11967] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 06:48:38 executing program 4: syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0xf48, &(0x7f0000000180), &(0x7f0000e30000/0x3000)=nil, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x7e10, &(0x7f0000000080), &(0x7f0000c49000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, &(0x7f0000000140)) 06:48:38 executing program 2: mlock(&(0x7f0000e33000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2, 0x10010, 0xffffffffffffffff, 0x8000000) [ 1517.846488][T11967] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1517.854697][T11967] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1517.862677][T11967] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1517.870656][T11967] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1517.878633][T11967] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1517.903251][T11982] FAULT_INJECTION: forcing a failure. [ 1517.903251][T11982] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1517.916333][T11982] CPU: 0 PID: 11982 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1517.925131][T11982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1517.935181][T11982] Call Trace: [ 1517.938451][T11982] dump_stack+0x137/0x19d [ 1517.942786][T11982] should_fail+0x23c/0x250 [ 1517.947289][T11982] should_fail_usercopy+0x16/0x20 06:48:38 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mincore(&(0x7f0000ffd000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/5) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x8, 0x10, r0, 0x8000000) 06:48:38 executing program 1: syz_io_uring_setup(0x3125, 0x0, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000300), 0x0) 06:48:38 executing program 0 (fault-call:1 fault-nth:10): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:38 executing program 1: syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x8}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000300), 0x0) [ 1517.952317][T11982] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1517.958535][T11982] ? shmem_write_begin+0x7e/0x100 [ 1517.963561][T11982] generic_perform_write+0x1e4/0x3a0 [ 1517.968948][T11982] ? shmem_write_begin+0x100/0x100 [ 1517.974061][T11982] __generic_file_write_iter+0x161/0x300 [ 1517.979755][T11982] ? generic_write_checks+0x250/0x290 [ 1517.985178][T11982] generic_file_write_iter+0x75/0x130 [ 1517.990549][T11982] vfs_write+0x69d/0x770 [ 1517.994789][T11982] ksys_write+0xce/0x180 [ 1517.999199][T11982] __x64_sys_write+0x3e/0x50 06:48:38 executing program 4: syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0xf48, &(0x7f0000000180), &(0x7f0000e30000/0x3000)=nil, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x7e10, &(0x7f0000000080), &(0x7f0000c49000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, &(0x7f0000000140)) 06:48:38 executing program 1: syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x8}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000300), 0x0) [ 1518.003817][T11982] do_syscall_64+0x4a/0x90 [ 1518.008291][T11982] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1518.014347][T11982] RIP: 0033:0x4665d9 [ 1518.018235][T11982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.032921][T11993] FAULT_INJECTION: forcing a failure. [ 1518.032921][T11993] name failslab, interval 1, probability 0, space 0, times 0 [ 1518.037899][T11982] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1518.037921][T11982] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1518.037933][T11982] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1518.037945][T11982] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1518.083089][T11982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1518.091138][T11982] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1518.099107][T11993] CPU: 1 PID: 11993 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1518.107873][T11993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1518.117924][T11993] Call Trace: [ 1518.121201][T11993] dump_stack+0x137/0x19d [ 1518.125547][T11993] should_fail+0x23c/0x250 [ 1518.129980][T11993] ? sock_alloc_inode+0x23/0x90 [ 1518.134845][T11993] __should_failslab+0x81/0x90 [ 1518.139603][T11993] ? sockfs_init_fs_context+0x70/0x70 [ 1518.145045][T11993] should_failslab+0x5/0x20 [ 1518.149617][T11993] kmem_cache_alloc+0x46/0x2f0 [ 1518.154381][T11993] ? selinux_socket_create+0x7c/0x170 [ 1518.159754][T11993] ? sockfs_init_fs_context+0x70/0x70 [ 1518.165432][T11993] sock_alloc_inode+0x23/0x90 [ 1518.170114][T11993] ? sockfs_init_fs_context+0x70/0x70 [ 1518.175474][T11993] new_inode_pseudo+0x38/0x1c0 [ 1518.180241][T11993] __sock_create+0x122/0x4f0 [ 1518.184876][T11993] ? should_fail+0xd6/0x250 [ 1518.189387][T11993] sock_create_kern+0x34/0x40 [ 1518.194056][T11993] io_uring_create+0x15e5/0x18d0 [ 1518.198992][T11993] ? should_fail+0xd6/0x250 [ 1518.203489][T11993] __x64_sys_io_uring_setup+0xe1/0x120 [ 1518.208950][T11993] do_syscall_64+0x4a/0x90 [ 1518.213362][T11993] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1518.219248][T11993] RIP: 0033:0x4665d9 [ 1518.223138][T11993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.242856][T11993] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 06:48:38 executing program 4: syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0xf48, &(0x7f0000000180), &(0x7f0000e30000/0x3000)=nil, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x7e10, &(0x7f0000000080), &(0x7f0000c49000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, &(0x7f0000000140)) 06:48:38 executing program 3 (fault-call:1 fault-nth:47): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:38 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:38 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) ioctl$MON_IOCT_RING_SIZE(0xffffffffffffffff, 0x9204, 0x221ed) 06:48:38 executing program 0 (fault-call:1 fault-nth:11): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:38 executing program 1: syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x8}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000300), 0x0) [ 1518.251422][T11993] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1518.259382][T11993] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1518.267353][T11993] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1518.275338][T11993] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1518.283363][T11993] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1518.291406][T11993] socket: no more sockets 06:48:38 executing program 4: syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0xf48, &(0x7f0000000180), &(0x7f0000e30000/0x3000)=nil, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x7e10, &(0x7f0000000080), &(0x7f0000c49000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000100), 0x0) 06:48:39 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) prctl$PR_CAPBSET_READ(0x17, 0x1c) sendmsg$NET_DM_CMD_START(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x0, 0x4, 0x70bd26, 0x25dfdbbe, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000100}, 0x4000044) 06:48:39 executing program 4: syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0xf48, &(0x7f0000000180), &(0x7f0000e30000/0x3000)=nil, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x7e10, &(0x7f0000000080), &(0x7f0000c49000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000100), 0x0) [ 1518.344124][T12011] FAULT_INJECTION: forcing a failure. [ 1518.344124][T12011] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1518.357482][T12011] CPU: 1 PID: 12011 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1518.366242][T12011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1518.376375][T12011] Call Trace: [ 1518.379783][T12011] dump_stack+0x137/0x19d [ 1518.384127][T12011] should_fail+0x23c/0x250 [ 1518.388587][T12011] __alloc_pages+0x102/0x320 [ 1518.393170][T12011] alloc_pages_vma+0x391/0x660 [ 1518.397987][T12011] shmem_getpage_gfp+0x980/0x1410 [ 1518.403007][T12011] shmem_write_begin+0x7e/0x100 [ 1518.407858][T12011] generic_perform_write+0x196/0x3a0 [ 1518.412596][T12022] FAULT_INJECTION: forcing a failure. [ 1518.412596][T12022] name failslab, interval 1, probability 0, space 0, times 0 [ 1518.413179][T12011] ? shmem_write_begin+0x100/0x100 [ 1518.431151][T12011] __generic_file_write_iter+0x161/0x300 [ 1518.436774][T12011] ? generic_write_checks+0x250/0x290 [ 1518.442220][T12011] generic_file_write_iter+0x75/0x130 [ 1518.447608][T12011] vfs_write+0x69d/0x770 [ 1518.451946][T12011] ksys_write+0xce/0x180 [ 1518.456172][T12011] __x64_sys_write+0x3e/0x50 [ 1518.460856][T12011] do_syscall_64+0x4a/0x90 [ 1518.465335][T12011] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1518.471289][T12011] RIP: 0033:0x4665d9 [ 1518.475224][T12011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.495595][T12011] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1518.503992][T12011] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1518.511956][T12011] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1518.519908][T12011] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1518.527868][T12011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1518.535844][T12011] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1518.543905][T12022] CPU: 0 PID: 12022 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1518.552723][T12022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1518.562961][T12022] Call Trace: [ 1518.566237][T12022] dump_stack+0x137/0x19d [ 1518.570649][T12022] should_fail+0x23c/0x250 [ 1518.575097][T12022] ? security_inode_alloc+0x30/0x180 [ 1518.580446][T12022] __should_failslab+0x81/0x90 [ 1518.585393][T12022] should_failslab+0x5/0x20 [ 1518.589890][T12022] kmem_cache_alloc+0x46/0x2f0 [ 1518.594715][T12022] security_inode_alloc+0x30/0x180 [ 1518.599976][T12022] inode_init_always+0x20b/0x420 [ 1518.604915][T12022] ? sockfs_init_fs_context+0x70/0x70 [ 1518.607194][T12030] FAULT_INJECTION: forcing a failure. [ 1518.607194][T12030] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1518.610286][T12022] new_inode_pseudo+0x73/0x1c0 [ 1518.628180][T12022] __sock_create+0x122/0x4f0 [ 1518.632783][T12022] ? percpu_ref_init+0x9e/0x210 [ 1518.637640][T12022] ? should_fail+0xd6/0x250 [ 1518.642126][T12022] sock_create_kern+0x34/0x40 [ 1518.646788][T12022] io_uring_create+0x15e5/0x18d0 [ 1518.651707][T12022] ? should_fail+0xd6/0x250 [ 1518.656205][T12022] __x64_sys_io_uring_setup+0xe1/0x120 [ 1518.661706][T12022] do_syscall_64+0x4a/0x90 [ 1518.666113][T12022] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1518.671991][T12022] RIP: 0033:0x4665d9 [ 1518.675871][T12022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.695570][T12022] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1518.704140][T12022] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1518.712178][T12022] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1518.720137][T12022] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1518.728089][T12022] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1518.736039][T12022] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 06:48:39 executing program 4: syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0xf48, &(0x7f0000000180), &(0x7f0000e30000/0x3000)=nil, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000000200), 0x0) syz_io_uring_setup(0x7e10, &(0x7f0000000080), &(0x7f0000c49000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000100), 0x0) 06:48:39 executing program 1: syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xfffffffe}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000300), 0x0) 06:48:39 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:39 executing program 3 (fault-call:1 fault-nth:48): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) [ 1518.744024][T12030] CPU: 1 PID: 12030 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1518.744102][T12022] socket: no more sockets [ 1518.752779][T12030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1518.767127][T12030] Call Trace: [ 1518.770404][T12030] dump_stack+0x137/0x19d [ 1518.774743][T12030] should_fail+0x23c/0x250 [ 1518.779158][T12030] should_fail_usercopy+0x16/0x20 [ 1518.784182][T12030] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1518.790346][T12030] ? shmem_write_begin+0x7e/0x100 [ 1518.795379][T12030] generic_perform_write+0x1e4/0x3a0 [ 1518.800670][T12030] ? shmem_write_begin+0x100/0x100 [ 1518.805787][T12030] __generic_file_write_iter+0x161/0x300 [ 1518.811474][T12030] ? generic_write_checks+0x250/0x290 [ 1518.816890][T12030] generic_file_write_iter+0x75/0x130 [ 1518.822371][T12030] vfs_write+0x69d/0x770 [ 1518.826604][T12030] ksys_write+0xce/0x180 [ 1518.830838][T12030] __x64_sys_write+0x3e/0x50 [ 1518.835432][T12030] do_syscall_64+0x4a/0x90 [ 1518.840022][T12030] entry_SYSCALL_64_after_hwframe+0x44/0xae 06:48:39 executing program 0 (fault-call:1 fault-nth:12): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:39 executing program 1: syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xfffffffe}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000300), 0x0) 06:48:39 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x4, &(0x7f0000ffc000/0x2000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:39 executing program 4: ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f0000000100)={0xe66f, 0xfffffffe, 0x0, 'queue0\x00', 0x40}) mlock(&(0x7f0000e31000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2) r0 = syz_io_uring_setup(0x28fe, &(0x7f0000000000)={0x0, 0xd4d5, 0x4, 0x0, 0x274}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000e31000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x80010, r0, 0x8000000) 06:48:39 executing program 1: syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xfffffffe}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000300), 0x0) [ 1518.845924][T12030] RIP: 0033:0x4665d9 [ 1518.849815][T12030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1518.869443][T12030] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1518.877931][T12030] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1518.885985][T12030] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 06:48:39 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = syz_io_uring_setup(0xba5, &(0x7f0000000000)={0x0, 0xd3d2, 0x0, 0x1, 0x136}, &(0x7f0000e31000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) shmget(0x2, 0x2000, 0x100, &(0x7f0000e33000/0x2000)=nil) shmget$private(0x0, 0x2000, 0x1, &(0x7f0000e33000/0x2000)=nil) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000001, 0x4010, r0, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000e32000/0x2000)=nil, 0x2000, 0x1000003, 0x8010, r0, 0x10000000) [ 1518.894124][T12030] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1518.902092][T12030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1518.909072][T12042] FAULT_INJECTION: forcing a failure. [ 1518.909072][T12042] name failslab, interval 1, probability 0, space 0, times 0 [ 1518.910152][T12030] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1518.930811][T12042] CPU: 0 PID: 12042 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1518.939571][T12042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1518.949619][T12042] Call Trace: [ 1518.952888][T12042] dump_stack+0x137/0x19d [ 1518.957423][T12042] should_fail+0x23c/0x250 [ 1518.961959][T12042] ? sk_prot_alloc+0x41/0x190 [ 1518.966770][T12042] __should_failslab+0x81/0x90 [ 1518.971575][T12042] should_failslab+0x5/0x20 [ 1518.976186][T12042] kmem_cache_alloc+0x46/0x2f0 [ 1518.981052][T12042] sk_prot_alloc+0x41/0x190 [ 1518.985547][T12042] sk_alloc+0x2e/0x220 [ 1518.989627][T12042] unix_create1+0x74/0x3c0 [ 1518.994076][T12042] unix_create+0xdc/0x100 [ 1518.998473][T12042] __sock_create+0x2c7/0x4f0 [ 1519.003064][T12042] sock_create_kern+0x34/0x40 [ 1519.007743][T12042] io_uring_create+0x15e5/0x18d0 [ 1519.012682][T12042] ? should_fail+0xd6/0x250 [ 1519.017184][T12042] __x64_sys_io_uring_setup+0xe1/0x120 [ 1519.022638][T12042] do_syscall_64+0x4a/0x90 [ 1519.027043][T12042] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1519.032935][T12042] RIP: 0033:0x4665d9 [ 1519.036878][T12042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.056663][T12042] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1519.065240][T12042] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1519.073221][T12042] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1519.081183][T12042] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1519.089142][T12042] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 06:48:39 executing program 1: syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xfffffffe, 0x8}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:39 executing program 4: ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f0000000100)={0xe66f, 0xfffffffe, 0x0, 'queue0\x00', 0x40}) mlock(&(0x7f0000e31000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2) r0 = syz_io_uring_setup(0x28fe, &(0x7f0000000000)={0x0, 0xd4d5, 0x4, 0x0, 0x274}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000e31000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x80010, r0, 0x8000000) 06:48:39 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:39 executing program 2: mlock(&(0x7f0000b73000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:39 executing program 3 (fault-call:1 fault-nth:49): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) [ 1519.097108][T12042] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1519.128856][T12062] FAULT_INJECTION: forcing a failure. [ 1519.128856][T12062] name fail_page_alloc, interval 1, probability 0, space 0, times 0 06:48:39 executing program 4: ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f0000000100)={0xe66f, 0xfffffffe, 0x0, 'queue0\x00', 0x40}) mlock(&(0x7f0000e31000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2) r0 = syz_io_uring_setup(0x28fe, &(0x7f0000000000)={0x0, 0xd4d5, 0x4, 0x0, 0x274}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000e31000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x80010, r0, 0x8000000) 06:48:39 executing program 0 (fault-call:1 fault-nth:13): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:39 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x4000)=nil, 0x4000, 0x2000004, 0x8010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_setup(0x622d, &(0x7f0000000100)={0x0, 0x1625, 0x10, 0x0, 0x254}, &(0x7f0000e23000/0x1000)=nil, &(0x7f0000002000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_submit(r0, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x6, 0x8000, 0x0, 0x0, 0x1e, 0x0, {0x1}}, 0x2) 06:48:39 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x7ffffffff000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1519.142290][T12062] CPU: 1 PID: 12062 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1519.151047][T12062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1519.161124][T12062] Call Trace: [ 1519.164398][T12062] dump_stack+0x137/0x19d [ 1519.168756][T12062] should_fail+0x23c/0x250 [ 1519.173171][T12062] __alloc_pages+0x102/0x320 [ 1519.177756][T12062] alloc_pages_vma+0x391/0x660 [ 1519.182518][T12062] shmem_getpage_gfp+0x980/0x1410 [ 1519.187549][T12062] shmem_write_begin+0x7e/0x100 [ 1519.192428][T12062] generic_perform_write+0x196/0x3a0 [ 1519.196509][T12070] FAULT_INJECTION: forcing a failure. [ 1519.196509][T12070] name failslab, interval 1, probability 0, space 0, times 0 [ 1519.197851][T12062] ? shmem_write_begin+0x100/0x100 [ 1519.215582][T12062] __generic_file_write_iter+0x161/0x300 [ 1519.221209][T12062] ? generic_write_checks+0x250/0x290 [ 1519.226565][T12062] generic_file_write_iter+0x75/0x130 [ 1519.231922][T12062] vfs_write+0x69d/0x770 [ 1519.236321][T12062] ksys_write+0xce/0x180 [ 1519.240548][T12062] __x64_sys_write+0x3e/0x50 [ 1519.245122][T12062] do_syscall_64+0x4a/0x90 [ 1519.249524][T12062] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1519.255461][T12062] RIP: 0033:0x4665d9 [ 1519.259339][T12062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.279028][T12062] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1519.287425][T12062] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1519.295537][T12062] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1519.303559][T12062] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1519.311525][T12062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1519.319569][T12062] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1519.327635][T12070] CPU: 0 PID: 12070 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1519.336502][T12070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1519.346649][T12070] Call Trace: [ 1519.349948][T12070] dump_stack+0x137/0x19d [ 1519.354321][T12070] should_fail+0x23c/0x250 [ 1519.358742][T12070] __should_failslab+0x81/0x90 [ 1519.363511][T12070] ? selinux_sk_alloc_security+0x70/0xf0 [ 1519.369233][T12070] should_failslab+0x5/0x20 [ 1519.373930][T12070] kmem_cache_alloc_trace+0x49/0x310 [ 1519.379295][T12070] selinux_sk_alloc_security+0x70/0xf0 [ 1519.384761][T12070] security_sk_alloc+0x45/0x90 [ 1519.389524][T12070] sk_prot_alloc+0xd2/0x190 [ 1519.394097][T12070] sk_alloc+0x2e/0x220 06:48:40 executing program 4: ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f0000000100)={0xe66f, 0xfffffffe, 0x0, 'queue0\x00', 0x40}) mlock(&(0x7f0000e31000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2) syz_io_uring_setup(0x28fe, &(0x7f0000000000)={0x0, 0xd4d5, 0x4, 0x0, 0x274}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000e31000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:48:40 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x40) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x0) ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x1dd) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:40 executing program 3 (fault-call:1 fault-nth:50): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:40 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x7ffffffff000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:40 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, &(0x7f00000000c0)={0x0, 0xea60}) [ 1519.398248][T12070] unix_create1+0x74/0x3c0 [ 1519.402735][T12070] unix_create+0xdc/0x100 [ 1519.407135][T12070] __sock_create+0x2c7/0x4f0 [ 1519.411770][T12070] sock_create_kern+0x34/0x40 [ 1519.416456][T12070] io_uring_create+0x15e5/0x18d0 [ 1519.421391][T12070] ? should_fail+0xd6/0x250 [ 1519.426024][T12070] __x64_sys_io_uring_setup+0xe1/0x120 [ 1519.431507][T12070] do_syscall_64+0x4a/0x90 [ 1519.436014][T12070] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1519.441975][T12070] RIP: 0033:0x4665d9 [ 1519.445914][T12070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.455675][T12081] FAULT_INJECTION: forcing a failure. [ 1519.455675][T12081] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1519.466087][T12070] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1519.466108][T12070] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1519.466119][T12070] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1519.503571][T12070] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1519.511631][T12070] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1519.519591][T12070] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1519.527624][T12081] CPU: 1 PID: 12081 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1519.536526][T12081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1519.546584][T12081] Call Trace: [ 1519.549891][T12081] dump_stack+0x137/0x19d [ 1519.554223][T12081] should_fail+0x23c/0x250 [ 1519.558647][T12081] should_fail_usercopy+0x16/0x20 [ 1519.563820][T12081] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1519.570046][T12081] ? shmem_write_begin+0x7e/0x100 [ 1519.575129][T12081] generic_perform_write+0x1e4/0x3a0 [ 1519.580424][T12081] ? shmem_write_begin+0x100/0x100 [ 1519.585543][T12081] __generic_file_write_iter+0x161/0x300 [ 1519.591192][T12081] ? generic_write_checks+0x250/0x290 06:48:40 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x7ffffffff000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:40 executing program 4: ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f0000000100)={0xe66f, 0xfffffffe, 0x0, 'queue0\x00', 0x40}) mlock(&(0x7f0000e31000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2) 06:48:40 executing program 0 (fault-call:1 fault-nth:14): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:40 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e31000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$TCXONC(r1, 0x540a, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x40010, r0, 0x0) 06:48:40 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x7ffffffff000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:40 executing program 2: munlockall() mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1519.596768][T12081] generic_file_write_iter+0x75/0x130 [ 1519.602265][T12081] vfs_write+0x69d/0x770 [ 1519.606601][T12081] ksys_write+0xce/0x180 [ 1519.610843][T12081] __x64_sys_write+0x3e/0x50 [ 1519.615425][T12081] do_syscall_64+0x4a/0x90 [ 1519.620092][T12081] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1519.625990][T12081] RIP: 0033:0x4665d9 [ 1519.630059][T12081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.649682][T12081] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1519.653829][T12095] FAULT_INJECTION: forcing a failure. [ 1519.653829][T12095] name failslab, interval 1, probability 0, space 0, times 0 [ 1519.658208][T12081] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1519.658223][T12081] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1519.686910][T12081] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1519.694867][T12081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1519.702895][T12081] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1519.710851][T12095] CPU: 0 PID: 12095 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1519.719613][T12095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1519.729665][T12095] Call Trace: [ 1519.733029][T12095] dump_stack+0x137/0x19d [ 1519.737361][T12095] should_fail+0x23c/0x250 [ 1519.741795][T12095] ? __d_alloc+0x36/0x370 [ 1519.746212][T12095] __should_failslab+0x81/0x90 [ 1519.751070][T12095] should_failslab+0x5/0x20 [ 1519.755608][T12095] kmem_cache_alloc+0x46/0x2f0 [ 1519.760385][T12095] __d_alloc+0x36/0x370 [ 1519.764548][T12095] d_alloc_pseudo+0x1a/0x50 [ 1519.769047][T12095] alloc_file_pseudo+0x63/0x130 [ 1519.773893][T12095] anon_inode_getfile+0x9f/0x120 [ 1519.778824][T12095] io_uring_create+0x163b/0x18d0 [ 1519.783752][T12095] ? should_fail+0xd6/0x250 [ 1519.788256][T12095] __x64_sys_io_uring_setup+0xe1/0x120 [ 1519.793755][T12095] do_syscall_64+0x4a/0x90 [ 1519.798325][T12095] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1519.804217][T12095] RIP: 0033:0x4665d9 [ 1519.808099][T12095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1519.827764][T12095] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1519.836181][T12095] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 06:48:40 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) 06:48:40 executing program 4: ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f0000000100)={0xe66f, 0xfffffffe, 0x0, 'queue0\x00', 0x40}) mlock(&(0x7f0000e31000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:40 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:40 executing program 3 (fault-call:1 fault-nth:51): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:40 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x7ffffffff000, 0x0, &(0x7f0000e31000/0x4000)=nil) [ 1519.844149][T12095] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1519.852119][T12095] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1519.860175][T12095] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1519.868189][T12095] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 06:48:40 executing program 0 (fault-call:1 fault-nth:15): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:40 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x7ffffffff000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:48:40 executing program 2: ioctl$TIOCGICOUNT(0xffffffffffffffff, 0x545d, 0x0) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000008c0), 0x43) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x4, 0x4010, r0, 0xa44a8000) syz_io_uring_setup(0x5c1b, &(0x7f0000000000)={0x0, 0xe1ff, 0x20, 0x3, 0x39b}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x2000)=nil, &(0x7f0000000100), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:40 executing program 4: ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f0000000100)={0xe66f, 0xfffffffe, 0x0, 'queue0\x00', 0x40}) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1519.899822][T12113] FAULT_INJECTION: forcing a failure. [ 1519.899822][T12113] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1519.913220][T12113] CPU: 1 PID: 12113 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1519.922097][T12113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1519.932370][T12113] Call Trace: [ 1519.935871][T12113] dump_stack+0x137/0x19d [ 1519.940209][T12113] should_fail+0x23c/0x250 [ 1519.944630][T12113] __alloc_pages+0x102/0x320 06:48:40 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mmap$IORING_OFF_CQ_RING(&(0x7f0000e32000/0x1000)=nil, 0x1000, 0x0, 0x10010, 0xffffffffffffffff, 0x8000000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1519.949260][T12113] alloc_pages_vma+0x391/0x660 [ 1519.954064][T12113] shmem_getpage_gfp+0x980/0x1410 [ 1519.959088][T12113] shmem_write_begin+0x7e/0x100 [ 1519.963941][T12113] generic_perform_write+0x196/0x3a0 [ 1519.969321][T12113] ? shmem_write_begin+0x100/0x100 [ 1519.974435][T12113] __generic_file_write_iter+0x161/0x300 [ 1519.980150][T12113] ? generic_write_checks+0x250/0x290 [ 1519.985519][T12113] generic_file_write_iter+0x75/0x130 [ 1519.990892][T12113] vfs_write+0x69d/0x770 [ 1519.995152][T12113] ksys_write+0xce/0x180 06:48:40 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x7ffffffff000, 0x0, &(0x7f0000e31000/0x4000)=nil) [ 1519.999388][T12113] __x64_sys_write+0x3e/0x50 [ 1520.003981][T12113] do_syscall_64+0x4a/0x90 [ 1520.005133][T12126] FAULT_INJECTION: forcing a failure. [ 1520.005133][T12126] name failslab, interval 1, probability 0, space 0, times 0 [ 1520.008396][T12113] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1520.026893][T12113] RIP: 0033:0x4665d9 [ 1520.030776][T12113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1520.050370][T12113] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1520.058778][T12113] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1520.066833][T12113] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1520.074961][T12113] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1520.082914][T12113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1520.090866][T12113] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1520.098872][T12126] CPU: 0 PID: 12126 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1520.107652][T12126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1520.117761][T12126] Call Trace: [ 1520.121142][T12126] dump_stack+0x137/0x19d [ 1520.125472][T12126] should_fail+0x23c/0x250 [ 1520.129978][T12126] ? __alloc_file+0x2e/0x1a0 [ 1520.134642][T12126] __should_failslab+0x81/0x90 [ 1520.139443][T12126] should_failslab+0x5/0x20 [ 1520.144111][T12126] kmem_cache_alloc+0x46/0x2f0 [ 1520.148878][T12126] __alloc_file+0x2e/0x1a0 [ 1520.153407][T12126] alloc_empty_file+0xcd/0x1c0 [ 1520.154507][T12135] FAULT_INJECTION: forcing a failure. [ 1520.154507][T12135] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1520.158348][T12126] alloc_file+0x3a/0x280 [ 1520.175600][T12126] alloc_file_pseudo+0xe2/0x130 [ 1520.180439][T12126] anon_inode_getfile+0x9f/0x120 [ 1520.185381][T12126] io_uring_create+0x163b/0x18d0 [ 1520.190340][T12126] ? should_fail+0xd6/0x250 [ 1520.194830][T12126] __x64_sys_io_uring_setup+0xe1/0x120 [ 1520.200319][T12126] do_syscall_64+0x4a/0x90 [ 1520.204725][T12126] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1520.210815][T12126] RIP: 0033:0x4665d9 [ 1520.214739][T12126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1520.234514][T12126] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1520.242936][T12126] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 06:48:40 executing program 4: ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f0000000100)={0xe66f, 0xfffffffe, 0x0, 'queue0\x00', 0x40}) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:40 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64000000}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:40 executing program 3 (fault-call:1 fault-nth:52): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) [ 1520.250889][T12126] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1520.258840][T12126] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1520.266793][T12126] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1520.274842][T12126] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1520.283014][T12135] CPU: 1 PID: 12135 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1520.291865][T12135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1520.302199][T12135] Call Trace: [ 1520.305484][T12135] dump_stack+0x137/0x19d [ 1520.309829][T12135] should_fail+0x23c/0x250 [ 1520.314243][T12135] should_fail_usercopy+0x16/0x20 [ 1520.319269][T12135] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1520.325335][T12135] ? shmem_write_begin+0x7e/0x100 [ 1520.330426][T12135] generic_perform_write+0x1e4/0x3a0 [ 1520.335732][T12135] ? shmem_write_begin+0x100/0x100 [ 1520.340851][T12135] __generic_file_write_iter+0x161/0x300 [ 1520.346483][T12135] ? generic_write_checks+0x250/0x290 06:48:41 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000, 0x2, &(0x7f0000ffd000/0x3000)=nil) 06:48:41 executing program 0 (fault-call:1 fault-nth:16): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:41 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x7ffffffff000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:48:41 executing program 4: ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f0000000100)={0xe66f, 0xfffffffe, 0x0, 'queue0\x00', 0x40}) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1520.351944][T12135] generic_file_write_iter+0x75/0x130 [ 1520.357322][T12135] vfs_write+0x69d/0x770 [ 1520.361575][T12135] ksys_write+0xce/0x180 [ 1520.365804][T12135] __x64_sys_write+0x3e/0x50 [ 1520.370389][T12135] do_syscall_64+0x4a/0x90 [ 1520.374813][T12135] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1520.380738][T12135] RIP: 0033:0x4665d9 [ 1520.384725][T12135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1520.385979][T12147] FAULT_INJECTION: forcing a failure. [ 1520.385979][T12147] name failslab, interval 1, probability 0, space 0, times 0 [ 1520.404351][T12135] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1520.404373][T12135] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1520.404383][T12135] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1520.404394][T12135] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1520.449442][T12135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1520.457394][T12135] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1520.465441][T12147] CPU: 0 PID: 12147 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1520.474205][T12147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1520.484247][T12147] Call Trace: [ 1520.487516][T12147] dump_stack+0x137/0x19d [ 1520.491838][T12147] should_fail+0x23c/0x250 [ 1520.496252][T12147] ? security_file_alloc+0x30/0x190 [ 1520.501473][T12147] __should_failslab+0x81/0x90 [ 1520.506258][T12147] should_failslab+0x5/0x20 [ 1520.510758][T12147] kmem_cache_alloc+0x46/0x2f0 [ 1520.515516][T12147] security_file_alloc+0x30/0x190 [ 1520.520601][T12147] __alloc_file+0x83/0x1a0 [ 1520.525033][T12147] alloc_empty_file+0xcd/0x1c0 [ 1520.529870][T12147] alloc_file+0x3a/0x280 [ 1520.534107][T12147] alloc_file_pseudo+0xe2/0x130 [ 1520.538959][T12147] anon_inode_getfile+0x9f/0x120 [ 1520.543890][T12147] io_uring_create+0x163b/0x18d0 [ 1520.548907][T12147] ? should_fail+0xd6/0x250 [ 1520.553402][T12147] __x64_sys_io_uring_setup+0xe1/0x120 [ 1520.558973][T12147] do_syscall_64+0x4a/0x90 [ 1520.563391][T12147] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1520.569463][T12147] RIP: 0033:0x4665d9 [ 1520.573495][T12147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1520.593086][T12147] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 06:48:41 executing program 3 (fault-call:1 fault-nth:53): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:41 executing program 2: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r2, 0x55143000) mincore(&(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/209) 06:48:41 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x76050000}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:41 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x7ffffffff000, 0x0, &(0x7f0000e31000/0x4000)=nil) [ 1520.601546][T12147] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1520.609870][T12147] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1520.617927][T12147] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1520.625892][T12147] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1520.634034][T12147] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 06:48:41 executing program 4: mlock(&(0x7f0000e31000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:41 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x7ffffffff000, 0x0, &(0x7f0000e31000/0x4000)=nil) [ 1520.650484][T12154] FAULT_INJECTION: forcing a failure. [ 1520.650484][T12154] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1520.663886][T12154] CPU: 0 PID: 12154 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1520.672637][T12154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1520.682691][T12154] Call Trace: [ 1520.685968][T12154] dump_stack+0x137/0x19d [ 1520.690303][T12154] should_fail+0x23c/0x250 [ 1520.694724][T12154] __alloc_pages+0x102/0x320 06:48:41 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) 06:48:41 executing program 0 (fault-call:1 fault-nth:17): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1520.699317][T12154] alloc_pages_vma+0x391/0x660 [ 1520.704101][T12154] shmem_getpage_gfp+0x980/0x1410 [ 1520.709196][T12154] shmem_write_begin+0x7e/0x100 [ 1520.714224][T12154] generic_perform_write+0x196/0x3a0 [ 1520.719650][T12154] ? shmem_write_begin+0x100/0x100 [ 1520.724764][T12154] __generic_file_write_iter+0x161/0x300 [ 1520.730452][T12154] ? generic_write_checks+0x250/0x290 [ 1520.732392][T12167] FAULT_INJECTION: forcing a failure. [ 1520.732392][T12167] name failslab, interval 1, probability 0, space 0, times 0 [ 1520.735822][T12154] generic_file_write_iter+0x75/0x130 [ 1520.753848][T12154] vfs_write+0x69d/0x770 [ 1520.758076][T12154] ksys_write+0xce/0x180 [ 1520.762300][T12154] __x64_sys_write+0x3e/0x50 [ 1520.766880][T12154] do_syscall_64+0x4a/0x90 [ 1520.771279][T12154] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1520.777226][T12154] RIP: 0033:0x4665d9 [ 1520.781101][T12154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1520.800694][T12154] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1520.809085][T12154] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1520.817069][T12154] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1520.825110][T12154] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1520.833155][T12154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1520.841116][T12154] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1520.849074][T12167] CPU: 1 PID: 12167 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1520.857912][T12167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1520.867965][T12167] Call Trace: [ 1520.871235][T12167] dump_stack+0x137/0x19d [ 1520.875625][T12167] should_fail+0x23c/0x250 [ 1520.880060][T12167] __should_failslab+0x81/0x90 [ 1520.884817][T12167] ? io_uring_alloc_task_context+0x49/0x2b0 [ 1520.890718][T12167] should_failslab+0x5/0x20 [ 1520.895236][T12167] kmem_cache_alloc_trace+0x49/0x310 [ 1520.900526][T12167] ? errseq_sample+0x2b/0x40 [ 1520.901437][T12172] FAULT_INJECTION: forcing a failure. [ 1520.901437][T12172] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1520.905112][T12167] ? _find_next_bit+0x16a/0x190 [ 1520.923028][T12167] io_uring_alloc_task_context+0x49/0x2b0 [ 1520.928857][T12167] ? alloc_fd+0x388/0x3e0 [ 1520.933172][T12167] io_uring_add_task_file+0x68/0x200 [ 1520.938444][T12167] io_uring_create+0x1734/0x18d0 [ 1520.943464][T12167] ? should_fail+0xd6/0x250 [ 1520.947951][T12167] __x64_sys_io_uring_setup+0xe1/0x120 [ 1520.953393][T12167] do_syscall_64+0x4a/0x90 [ 1520.957829][T12167] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1520.963705][T12167] RIP: 0033:0x4665d9 [ 1520.967577][T12167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1520.987222][T12167] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1520.995614][T12167] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 06:48:41 executing program 4: mlock(&(0x7f0000e31000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:48:41 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:41 executing program 3 (fault-call:1 fault-nth:54): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) [ 1521.003565][T12167] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1521.011516][T12167] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1521.019476][T12167] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1521.027440][T12167] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1521.035392][T12172] CPU: 0 PID: 12172 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1521.044158][T12172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 06:48:41 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfefdffff}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:41 executing program 0 (fault-call:1 fault-nth:18): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1521.054203][T12172] Call Trace: [ 1521.057474][T12172] dump_stack+0x137/0x19d [ 1521.061802][T12172] should_fail+0x23c/0x250 [ 1521.066208][T12172] should_fail_usercopy+0x16/0x20 [ 1521.071237][T12172] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1521.077341][T12172] ? shmem_write_begin+0x7e/0x100 [ 1521.082477][T12172] generic_perform_write+0x1e4/0x3a0 [ 1521.087762][T12172] ? shmem_write_begin+0x100/0x100 [ 1521.092951][T12172] __generic_file_write_iter+0x161/0x300 [ 1521.098621][T12172] ? generic_write_checks+0x250/0x290 06:48:41 executing program 4: mlock(&(0x7f0000e31000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:48:41 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) modify_ldt$write(0x1, &(0x7f0000000000)={0x1000, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1521.104021][T12172] generic_file_write_iter+0x75/0x130 [ 1521.109562][T12172] vfs_write+0x69d/0x770 [ 1521.113797][T12172] ksys_write+0xce/0x180 [ 1521.118036][T12172] __x64_sys_write+0x3e/0x50 [ 1521.122641][T12172] do_syscall_64+0x4a/0x90 [ 1521.127073][T12172] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1521.132997][T12172] RIP: 0033:0x4665d9 [ 1521.136880][T12172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1521.148734][T12182] FAULT_INJECTION: forcing a failure. [ 1521.148734][T12182] name failslab, interval 1, probability 0, space 0, times 0 [ 1521.156660][T12172] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1521.156682][T12172] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1521.185607][T12172] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1521.193562][T12172] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1521.201527][T12172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1521.209768][T12172] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1521.217745][T12182] CPU: 1 PID: 12182 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1521.226839][T12182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1521.237003][T12182] Call Trace: [ 1521.240277][T12182] dump_stack+0x137/0x19d [ 1521.244614][T12182] should_fail+0x23c/0x250 [ 1521.249027][T12182] __should_failslab+0x81/0x90 [ 1521.253788][T12182] ? io_uring_alloc_task_context+0xc0/0x2b0 [ 1521.259673][T12182] should_failslab+0x5/0x20 [ 1521.264260][T12182] kmem_cache_alloc_trace+0x49/0x310 [ 1521.269585][T12182] ? _raw_spin_unlock_irqrestore+0x27/0x40 [ 1521.275416][T12182] io_uring_alloc_task_context+0xc0/0x2b0 [ 1521.281136][T12182] ? alloc_fd+0x388/0x3e0 [ 1521.285466][T12182] io_uring_add_task_file+0x68/0x200 [ 1521.291250][T12182] io_uring_create+0x1734/0x18d0 [ 1521.296335][T12182] ? should_fail+0xd6/0x250 [ 1521.300936][T12182] __x64_sys_io_uring_setup+0xe1/0x120 [ 1521.306418][T12182] do_syscall_64+0x4a/0x90 [ 1521.310962][T12182] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1521.316915][T12182] RIP: 0033:0x4665d9 [ 1521.320809][T12182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1521.340866][T12182] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 06:48:42 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) 06:48:42 executing program 3 (fault-call:1 fault-nth:55): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:42 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfe}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:42 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000e32000/0x3000)=nil, 0x4000) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x3000)=nil, 0x3000}, &(0x7f0000000040)=0x10) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:48:42 executing program 4: mlock(&(0x7f0000e31000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) [ 1521.349381][T12182] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1521.357362][T12182] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1521.365364][T12182] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1521.373619][T12182] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1521.381693][T12182] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1521.406249][T12197] FAULT_INJECTION: forcing a failure. [ 1521.406249][T12197] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1521.419499][T12197] CPU: 1 PID: 12197 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1521.428603][T12197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1521.438692][T12197] Call Trace: [ 1521.441974][T12197] dump_stack+0x137/0x19d [ 1521.446312][T12197] should_fail+0x23c/0x250 [ 1521.450724][T12197] __alloc_pages+0x102/0x320 [ 1521.455321][T12197] alloc_pages_vma+0x391/0x660 [ 1521.460082][T12197] shmem_getpage_gfp+0x980/0x1410 [ 1521.465141][T12197] shmem_write_begin+0x7e/0x100 [ 1521.470098][T12197] generic_perform_write+0x196/0x3a0 [ 1521.475438][T12197] ? shmem_write_begin+0x100/0x100 [ 1521.480630][T12197] __generic_file_write_iter+0x161/0x300 [ 1521.486276][T12197] ? generic_write_checks+0x250/0x290 [ 1521.491641][T12197] generic_file_write_iter+0x75/0x130 [ 1521.497009][T12197] vfs_write+0x69d/0x770 [ 1521.501396][T12197] ksys_write+0xce/0x180 [ 1521.505651][T12197] __x64_sys_write+0x3e/0x50 [ 1521.510246][T12197] do_syscall_64+0x4a/0x90 [ 1521.512274][T12211] FAULT_INJECTION: forcing a failure. [ 1521.512274][T12211] name failslab, interval 1, probability 0, space 0, times 0 [ 1521.514665][T12197] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1521.533130][T12197] RIP: 0033:0x4665d9 [ 1521.537030][T12197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 06:48:42 executing program 4: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r2, 0x55143000) mincore(&(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/209) 06:48:42 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) 06:48:42 executing program 0 (fault-call:1 fault-nth:19): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:42 executing program 2: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000, 0x0) r1 = perf_event_open$cgroup(&(0x7f0000000140)={0x1, 0x80, 0xf7, 0x1a, 0x3, 0x6, 0x0, 0x9, 0x10000, 0x9, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={&(0x7f0000000100), 0x5}, 0x10, 0x100, 0x3, 0xc7ce221e3d0ba70f, 0x9, 0x0, 0x8a, 0x0, 0xffffffff, 0x0, 0xfff}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xc) perf_event_open$cgroup(&(0x7f0000000040)={0x2, 0x80, 0x0, 0x74, 0x3, 0x0, 0x0, 0x4, 0x8002, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x7, 0x0, @perf_bp={&(0x7f0000000000), 0x3}, 0x11, 0x3, 0xd668, 0x9, 0xe9, 0x4e300000, 0xd4c, 0x0, 0x10001, 0x0, 0x1f}, r0, 0xa, r1, 0x1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x4, 0x2004, @fd_index=0x7, 0x3ff, 0x0, 0x0, 0x12, 0x0, {0x1}}, 0x7) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1521.556627][T12197] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1521.565035][T12197] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1521.573155][T12197] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1521.581212][T12197] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1521.589330][T12197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1521.597323][T12197] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1521.605279][T12211] CPU: 0 PID: 12211 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1521.614077][T12211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1521.624187][T12211] Call Trace: [ 1521.627453][T12211] dump_stack+0x137/0x19d [ 1521.631784][T12211] should_fail+0x23c/0x250 [ 1521.636230][T12211] __should_failslab+0x81/0x90 [ 1521.641057][T12211] ? io_wq_create+0x6a/0x6e0 [ 1521.645645][T12211] should_failslab+0x5/0x20 [ 1521.650141][T12211] kmem_cache_alloc_trace+0x49/0x310 06:48:42 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:42 executing program 4: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r2, 0x55143000) mincore(&(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/209) 06:48:42 executing program 3 (fault-call:1 fault-nth:56): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:42 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) [ 1521.655572][T12211] io_wq_create+0x6a/0x6e0 [ 1521.659985][T12211] ? io_uring_alloc_task_context+0xc0/0x2b0 [ 1521.665954][T12211] io_uring_alloc_task_context+0x15a/0x2b0 [ 1521.671772][T12211] ? io_free_work+0x30/0x30 [ 1521.676319][T12211] ? tctx_task_work+0x3d0/0x3d0 [ 1521.681169][T12211] io_uring_add_task_file+0x68/0x200 [ 1521.686455][T12211] io_uring_create+0x1734/0x18d0 [ 1521.691561][T12211] ? should_fail+0xd6/0x250 [ 1521.696062][T12211] __x64_sys_io_uring_setup+0xe1/0x120 [ 1521.701540][T12211] do_syscall_64+0x4a/0x90 06:48:42 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) [ 1521.705953][T12211] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1521.711939][T12211] RIP: 0033:0x4665d9 [ 1521.715825][T12211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1521.735538][T12211] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1521.744161][T12211] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 06:48:42 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget(0x0, 0x4000, 0x80, &(0x7f0000e30000/0x4000)=nil) r0 = shmget(0x2, 0x2000, 0x10, &(0x7f0000ff0000/0x2000)=nil) getresuid(&(0x7f00000001c0)=0x0, &(0x7f0000000200), &(0x7f0000000240)) r2 = getpid() sched_getparam(r2, &(0x7f0000000540)) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000280)={{0x0, 0x0, 0xee01, r1, 0x0, 0x48, 0x81}, 0x80000000, 0xffffffffffffffff, 0x1, 0xffffffff, r2, 0xffffffffffffffff, 0x100}) setuid(r1) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffc000/0x2000)=nil, 0x2000}, &(0x7f0000000040)=0x10) [ 1521.752291][T12211] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1521.760317][T12211] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1521.768289][T12211] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1521.776382][T12211] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1521.791483][T12227] FAULT_INJECTION: forcing a failure. [ 1521.791483][T12227] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1521.804553][T12227] CPU: 1 PID: 12227 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1521.813314][T12227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1521.823379][T12227] Call Trace: [ 1521.826755][T12227] dump_stack+0x137/0x19d [ 1521.831164][T12227] should_fail+0x23c/0x250 [ 1521.835605][T12227] should_fail_usercopy+0x16/0x20 [ 1521.840617][T12227] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1521.846681][T12227] ? shmem_write_begin+0x7e/0x100 [ 1521.851862][T12227] generic_perform_write+0x1e4/0x3a0 [ 1521.857216][T12227] ? shmem_write_begin+0x100/0x100 [ 1521.857346][T12237] FAULT_INJECTION: forcing a failure. [ 1521.857346][T12237] name failslab, interval 1, probability 0, space 0, times 0 [ 1521.862426][T12227] __generic_file_write_iter+0x161/0x300 [ 1521.862450][T12227] ? generic_write_checks+0x250/0x290 [ 1521.862469][T12227] generic_file_write_iter+0x75/0x130 [ 1521.891499][T12227] vfs_write+0x69d/0x770 [ 1521.895748][T12227] ksys_write+0xce/0x180 [ 1521.899974][T12227] __x64_sys_write+0x3e/0x50 [ 1521.904542][T12227] do_syscall_64+0x4a/0x90 [ 1521.908943][T12227] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1521.914887][T12227] RIP: 0033:0x4665d9 [ 1521.918763][T12227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1521.938413][T12227] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1521.946807][T12227] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 06:48:42 executing program 4: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r2, 0x55143000) mincore(&(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/209) 06:48:42 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) 06:48:42 executing program 2: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) pselect6(0x40, &(0x7f00000004c0), 0x0, &(0x7f0000000540)={0x80}, &(0x7f0000000580), 0x0) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:42 executing program 0 (fault-call:1 fault-nth:20): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1521.955034][T12227] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1521.963103][T12227] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1521.971090][T12227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1521.979129][T12227] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1521.987105][T12237] CPU: 0 PID: 12237 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1521.995976][T12237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1522.006032][T12237] Call Trace: [ 1522.009302][T12237] dump_stack+0x137/0x19d [ 1522.013700][T12237] should_fail+0x23c/0x250 [ 1522.018107][T12237] ? io_wq_create+0x96/0x6e0 [ 1522.022813][T12237] __should_failslab+0x81/0x90 [ 1522.027601][T12237] should_failslab+0x5/0x20 [ 1522.032089][T12237] __kmalloc+0x66/0x340 [ 1522.036353][T12237] ? kmem_cache_alloc_trace+0x215/0x310 [ 1522.041907][T12237] ? io_wq_create+0x6a/0x6e0 [ 1522.046518][T12237] io_wq_create+0x96/0x6e0 [ 1522.050930][T12237] ? io_uring_alloc_task_context+0xc0/0x2b0 06:48:42 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) 06:48:42 executing program 2: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x14000, 0x7, &(0x7f0000feb000/0x14000)=nil) [ 1522.056813][T12237] io_uring_alloc_task_context+0x15a/0x2b0 [ 1522.062610][T12237] ? io_free_work+0x30/0x30 [ 1522.067289][T12237] ? tctx_task_work+0x3d0/0x3d0 [ 1522.072231][T12237] io_uring_add_task_file+0x68/0x200 [ 1522.077514][T12237] io_uring_create+0x1734/0x18d0 [ 1522.082581][T12237] ? should_fail+0xd6/0x250 [ 1522.087078][T12237] __x64_sys_io_uring_setup+0xe1/0x120 [ 1522.092605][T12237] do_syscall_64+0x4a/0x90 [ 1522.097021][T12237] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1522.102936][T12237] RIP: 0033:0x4665d9 06:48:42 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:42 executing program 4: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r2, 0x55143000) [ 1522.106822][T12237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1522.126429][T12237] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1522.135036][T12237] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1522.143006][T12237] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1522.151076][T12237] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 06:48:42 executing program 3 (fault-call:1 fault-nth:57): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:42 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e20000/0x4000)=nil, &(0x7f0000000000)) r0 = shmget$private(0x0, 0x2000, 0x2, &(0x7f0000ffc000/0x2000)=nil) shmat(r0, &(0x7f0000ffa000/0x3000)=nil, 0x0) [ 1522.159135][T12237] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1522.167102][T12237] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 06:48:42 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) 06:48:42 executing program 4: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r2, 0x55143000) 06:48:42 executing program 0 (fault-call:1 fault-nth:21): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1522.230660][T12255] FAULT_INJECTION: forcing a failure. [ 1522.230660][T12255] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1522.243921][T12255] CPU: 0 PID: 12255 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1522.252687][T12255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1522.262785][T12255] Call Trace: [ 1522.266069][T12255] dump_stack+0x137/0x19d [ 1522.270549][T12255] should_fail+0x23c/0x250 [ 1522.274955][T12255] __alloc_pages+0x102/0x320 06:48:42 executing program 4: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, 0xffffffffffffffff, 0x55143000) [ 1522.279604][T12255] alloc_pages_vma+0x391/0x660 [ 1522.284370][T12255] shmem_getpage_gfp+0x980/0x1410 [ 1522.289390][T12255] shmem_write_begin+0x7e/0x100 [ 1522.294282][T12255] generic_perform_write+0x196/0x3a0 [ 1522.297713][T12264] FAULT_INJECTION: forcing a failure. [ 1522.297713][T12264] name failslab, interval 1, probability 0, space 0, times 0 [ 1522.299569][T12255] ? shmem_write_begin+0x100/0x100 [ 1522.299594][T12255] __generic_file_write_iter+0x161/0x300 [ 1522.323522][T12255] ? generic_write_checks+0x250/0x290 [ 1522.328903][T12255] generic_file_write_iter+0x75/0x130 [ 1522.334298][T12255] vfs_write+0x69d/0x770 [ 1522.338521][T12255] ksys_write+0xce/0x180 [ 1522.342742][T12255] __x64_sys_write+0x3e/0x50 [ 1522.347339][T12255] do_syscall_64+0x4a/0x90 [ 1522.351742][T12255] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1522.357649][T12255] RIP: 0033:0x4665d9 [ 1522.361525][T12255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1522.381154][T12255] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1522.389638][T12255] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1522.397604][T12255] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1522.405565][T12255] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1522.413523][T12255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1522.421544][T12255] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1522.429567][T12264] CPU: 1 PID: 12264 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1522.438500][T12264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1522.448552][T12264] Call Trace: [ 1522.451829][T12264] dump_stack+0x137/0x19d [ 1522.456192][T12264] should_fail+0x23c/0x250 [ 1522.460608][T12264] __should_failslab+0x81/0x90 [ 1522.465433][T12264] should_failslab+0x5/0x20 [ 1522.469934][T12264] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 1522.475684][T12264] ? __cpuhp_state_add_instance_cpuslocked+0x1dc/0x330 [ 1522.482679][T12264] ? io_wq_create+0x257/0x6e0 [ 1522.487358][T12264] io_wq_create+0x257/0x6e0 [ 1522.491861][T12264] io_uring_alloc_task_context+0x15a/0x2b0 [ 1522.497712][T12264] ? io_free_work+0x30/0x30 [ 1522.502345][T12264] ? tctx_task_work+0x3d0/0x3d0 [ 1522.507214][T12264] io_uring_add_task_file+0x68/0x200 [ 1522.512533][T12264] io_uring_create+0x1734/0x18d0 [ 1522.517489][T12264] ? should_fail+0xd6/0x250 [ 1522.521986][T12264] __x64_sys_io_uring_setup+0xe1/0x120 [ 1522.527462][T12264] do_syscall_64+0x4a/0x90 06:48:43 executing program 3 (fault-call:1 fault-nth:58): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:43 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) 06:48:43 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) syz_io_uring_submit(r0, r1, &(0x7f0000000100)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd=r2, 0x0, 0x0, 0x0, 0x1}, 0xfffff270) 06:48:43 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:43 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) move_pages(0x0, 0x8, &(0x7f0000000000)=[&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000e30000/0x2000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000e2f000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000e20000/0x1000)=nil], &(0x7f0000000040)=[0x3, 0x2, 0x401], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0) [ 1522.531877][T12264] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1522.537778][T12264] RIP: 0033:0x4665d9 [ 1522.541668][T12264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1522.544503][T12278] FAULT_INJECTION: forcing a failure. [ 1522.544503][T12278] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1522.561281][T12264] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1522.561304][T12264] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1522.590745][T12264] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1522.598696][T12264] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1522.606648][T12264] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1522.614633][T12264] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1522.622603][T12278] CPU: 0 PID: 12278 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1522.631618][T12278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1522.641700][T12278] Call Trace: [ 1522.644985][T12278] dump_stack+0x137/0x19d [ 1522.649307][T12278] should_fail+0x23c/0x250 [ 1522.653714][T12278] should_fail_usercopy+0x16/0x20 [ 1522.658781][T12278] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1522.664902][T12278] ? shmem_write_begin+0x7e/0x100 [ 1522.670145][T12278] generic_perform_write+0x1e4/0x3a0 [ 1522.675434][T12278] ? shmem_write_begin+0x100/0x100 06:48:43 executing program 4: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, 0xffffffffffffffff, 0x55143000) 06:48:43 executing program 0 (fault-call:1 fault-nth:22): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:43 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) 06:48:43 executing program 4: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, 0xffffffffffffffff, 0x55143000) [ 1522.680628][T12278] __generic_file_write_iter+0x161/0x300 [ 1522.686285][T12278] ? generic_write_checks+0x250/0x290 [ 1522.691749][T12278] generic_file_write_iter+0x75/0x130 [ 1522.697124][T12278] vfs_write+0x69d/0x770 [ 1522.701440][T12278] ksys_write+0xce/0x180 [ 1522.705687][T12278] __x64_sys_write+0x3e/0x50 [ 1522.710301][T12278] do_syscall_64+0x4a/0x90 [ 1522.714718][T12278] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1522.720641][T12278] RIP: 0033:0x4665d9 [ 1522.724527][T12278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1522.744312][T12278] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1522.745215][T12287] FAULT_INJECTION: forcing a failure. [ 1522.745215][T12287] name failslab, interval 1, probability 0, space 0, times 0 [ 1522.752718][T12278] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1522.752737][T12278] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1522.752748][T12278] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1522.789347][T12278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1522.797302][T12278] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1522.805320][T12287] CPU: 1 PID: 12287 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1522.814085][T12287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1522.824204][T12287] Call Trace: [ 1522.827485][T12287] dump_stack+0x137/0x19d [ 1522.831817][T12287] should_fail+0x23c/0x250 [ 1522.836260][T12287] __should_failslab+0x81/0x90 [ 1522.841028][T12287] ? io_uring_add_task_file+0xdc/0x200 [ 1522.846502][T12287] should_failslab+0x5/0x20 [ 1522.851008][T12287] kmem_cache_alloc_trace+0x49/0x310 [ 1522.856290][T12287] ? xa_load+0x249/0x260 [ 1522.860828][T12287] io_uring_add_task_file+0xdc/0x200 [ 1522.866127][T12287] io_uring_create+0x1734/0x18d0 [ 1522.871244][T12287] ? should_fail+0xd6/0x250 [ 1522.875738][T12287] __x64_sys_io_uring_setup+0xe1/0x120 [ 1522.881206][T12287] do_syscall_64+0x4a/0x90 [ 1522.885634][T12287] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1522.891594][T12287] RIP: 0033:0x4665d9 [ 1522.895506][T12287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1522.915317][T12287] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1522.923771][T12287] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 06:48:43 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:43 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) syz_io_uring_submit(r0, r1, &(0x7f0000000100)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd=r2, 0x0, 0x0, 0x0, 0x1}, 0xfffff270) 06:48:43 executing program 3 (fault-call:1 fault-nth:59): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:43 executing program 4: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r2, 0x55143000) 06:48:43 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) move_pages(0x0, 0x1, &(0x7f0000000000)=[&(0x7f0000ffc000/0x3000)=nil], &(0x7f0000000040)=[0xf6, 0x8, 0x271f, 0x4, 0x6, 0x0, 0xfc, 0x0, 0x80000000], &(0x7f0000000080)=[0x0, 0x0, 0x0], 0x4) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1522.931745][T12287] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1522.939905][T12287] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1522.947876][T12287] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1522.955870][T12287] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 06:48:43 executing program 4: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r2, 0x55143000) 06:48:43 executing program 0 (fault-call:1 fault-nth:23): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:43 executing program 2: timer_gettime(0x0, &(0x7f0000000000)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = gettid() move_pages(r0, 0x5, &(0x7f0000000040)=[&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000e34000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000e30000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil], &(0x7f0000000080)=[0x80000000, 0x5, 0x5, 0x0, 0x40, 0x1, 0x5], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], 0x2) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) timer_create(0x4, &(0x7f0000000100)={0x0, 0xa, 0x1, @tid=r0}, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2, 0x10, r1, 0x8000000) [ 1522.983662][T12303] FAULT_INJECTION: forcing a failure. [ 1522.983662][T12303] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1522.996994][T12303] CPU: 1 PID: 12303 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1523.005900][T12303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1523.015959][T12303] Call Trace: [ 1523.019237][T12303] dump_stack+0x137/0x19d [ 1523.023661][T12303] should_fail+0x23c/0x250 [ 1523.028128][T12303] __alloc_pages+0x102/0x320 06:48:43 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) syz_io_uring_submit(r0, r1, &(0x7f0000000100)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd=r2, 0x0, 0x0, 0x0, 0x1}, 0xfffff270) [ 1523.032748][T12303] alloc_pages_vma+0x391/0x660 [ 1523.037510][T12303] shmem_getpage_gfp+0x980/0x1410 [ 1523.042541][T12303] shmem_write_begin+0x7e/0x100 [ 1523.047487][T12303] generic_perform_write+0x196/0x3a0 [ 1523.052870][T12303] ? shmem_write_begin+0x100/0x100 [ 1523.058091][T12303] __generic_file_write_iter+0x161/0x300 [ 1523.060078][T12315] FAULT_INJECTION: forcing a failure. [ 1523.060078][T12315] name failslab, interval 1, probability 0, space 0, times 0 [ 1523.063804][T12303] ? generic_write_checks+0x250/0x290 [ 1523.081872][T12303] generic_file_write_iter+0x75/0x130 [ 1523.087362][T12303] vfs_write+0x69d/0x770 [ 1523.091635][T12303] ksys_write+0xce/0x180 [ 1523.095862][T12303] __x64_sys_write+0x3e/0x50 [ 1523.100445][T12303] do_syscall_64+0x4a/0x90 [ 1523.104845][T12303] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1523.110724][T12303] RIP: 0033:0x4665d9 [ 1523.114599][T12303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1523.134358][T12303] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1523.142811][T12303] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1523.150764][T12303] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1523.158752][T12303] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1523.166793][T12303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1523.174813][T12303] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1523.182775][T12315] CPU: 0 PID: 12315 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1523.191547][T12315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1523.201662][T12315] Call Trace: [ 1523.204949][T12315] dump_stack+0x137/0x19d [ 1523.209320][T12315] should_fail+0x23c/0x250 [ 1523.213758][T12315] ? xas_create+0x96b/0xb30 [ 1523.218262][T12315] __should_failslab+0x81/0x90 [ 1523.223108][T12315] should_failslab+0x5/0x20 [ 1523.227606][T12315] kmem_cache_alloc+0x46/0x2f0 06:48:43 executing program 3 (fault-call:1 fault-nth:60): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:43 executing program 4: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r2, 0x55143000) 06:48:43 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:43 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) syz_io_uring_submit(r0, r1, &(0x7f0000000100)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd=r2, 0x0, 0x0, 0x0, 0x1}, 0xfffff270) [ 1523.232370][T12315] xas_create+0x96b/0xb30 [ 1523.236760][T12315] xas_store+0x70/0xca0 [ 1523.240918][T12315] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1523.246903][T12315] __xa_store+0xcb/0x320 [ 1523.251164][T12315] xa_store+0x30/0x70 [ 1523.255166][T12315] io_uring_add_task_file+0x111/0x200 [ 1523.260680][T12315] io_uring_create+0x1734/0x18d0 [ 1523.271834][T12315] ? should_fail+0xd6/0x250 [ 1523.276340][T12315] __x64_sys_io_uring_setup+0xe1/0x120 [ 1523.281868][T12315] do_syscall_64+0x4a/0x90 [ 1523.285758][T12327] FAULT_INJECTION: forcing a failure. [ 1523.285758][T12327] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1523.286284][T12315] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1523.305191][T12315] RIP: 0033:0x4665d9 [ 1523.309074][T12315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1523.328782][T12315] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1523.337323][T12315] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1523.345283][T12315] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1523.353428][T12315] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1523.361397][T12315] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1523.369682][T12315] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1523.377673][T12327] CPU: 1 PID: 12327 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1523.386625][T12327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1523.396759][T12327] Call Trace: [ 1523.400123][T12327] dump_stack+0x137/0x19d [ 1523.404459][T12327] should_fail+0x23c/0x250 [ 1523.408880][T12327] should_fail_usercopy+0x16/0x20 [ 1523.414141][T12327] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1523.420239][T12327] ? shmem_write_begin+0x7e/0x100 [ 1523.425294][T12327] generic_perform_write+0x1e4/0x3a0 [ 1523.430676][T12327] ? shmem_write_begin+0x100/0x100 06:48:44 executing program 4: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r2, 0x55143000) 06:48:44 executing program 0 (fault-call:1 fault-nth:24): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:44 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) 06:48:44 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) [ 1523.435864][T12327] __generic_file_write_iter+0x161/0x300 [ 1523.441517][T12327] ? generic_write_checks+0x250/0x290 [ 1523.446980][T12327] generic_file_write_iter+0x75/0x130 [ 1523.452362][T12327] vfs_write+0x69d/0x770 [ 1523.456614][T12327] ksys_write+0xce/0x180 [ 1523.460875][T12327] __x64_sys_write+0x3e/0x50 [ 1523.465459][T12327] do_syscall_64+0x4a/0x90 [ 1523.469916][T12327] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1523.475806][T12327] RIP: 0033:0x4665d9 06:48:44 executing program 4: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r1, 0x55143000) 06:48:44 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, &(0x7f00000000c0)={0x0, 0xea60}) [ 1523.479799][T12327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1523.499675][T12327] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1523.508096][T12327] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1523.516106][T12327] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1523.524090][T12327] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1523.530115][T12344] FAULT_INJECTION: forcing a failure. [ 1523.530115][T12344] name failslab, interval 1, probability 0, space 0, times 0 [ 1523.532166][T12327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1523.532181][T12327] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1523.561368][T12344] CPU: 0 PID: 12344 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1523.570227][T12344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1523.580775][T12344] Call Trace: [ 1523.584047][T12344] dump_stack+0x137/0x19d [ 1523.588387][T12344] should_fail+0x23c/0x250 [ 1523.592801][T12344] ? xas_create+0x96b/0xb30 [ 1523.597392][T12344] __should_failslab+0x81/0x90 [ 1523.602326][T12344] should_failslab+0x5/0x20 [ 1523.606953][T12344] kmem_cache_alloc+0x46/0x2f0 [ 1523.611949][T12344] xas_create+0x96b/0xb30 [ 1523.616277][T12344] xas_store+0x70/0xca0 [ 1523.620427][T12344] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1523.626497][T12344] __xa_store+0xcb/0x320 [ 1523.630827][T12344] xa_store+0x30/0x70 [ 1523.634867][T12344] io_uring_add_task_file+0x111/0x200 [ 1523.640246][T12344] io_uring_create+0x1734/0x18d0 [ 1523.645181][T12344] ? should_fail+0xd6/0x250 [ 1523.649683][T12344] __x64_sys_io_uring_setup+0xe1/0x120 [ 1523.655177][T12344] do_syscall_64+0x4a/0x90 [ 1523.659763][T12344] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1523.665654][T12344] RIP: 0033:0x4665d9 06:48:44 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f00000025c0)={0x0, 0x0, &(0x7f0000002580)={&(0x7f0000000800)=ANY=[@ANYBLOB="88"], 0x588}}, 0x0) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:44 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:48:44 executing program 3 (fault-call:1 fault-nth:61): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:44 executing program 4: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r1, 0x55143000) 06:48:44 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000}, &(0x7f00000000c0)={0x0, 0xea60}) [ 1523.669617][T12344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1523.689242][T12344] RSP: 002b:00007fc68c920108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1523.697660][T12344] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 1523.705630][T12344] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1523.713664][T12344] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1523.721628][T12344] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1523.729698][T12344] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1523.752084][T12356] FAULT_INJECTION: forcing a failure. [ 1523.752084][T12356] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1523.765376][T12356] CPU: 1 PID: 12356 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1523.774140][T12356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1523.784438][T12356] Call Trace: 06:48:44 executing program 4: getpid() mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r0, 0x55143000) 06:48:44 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x12) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x7) 06:48:44 executing program 0 (fault-call:1 fault-nth:25): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:44 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1523.787722][T12356] dump_stack+0x137/0x19d [ 1523.792162][T12356] should_fail+0x23c/0x250 [ 1523.796594][T12356] __alloc_pages+0x102/0x320 [ 1523.801186][T12356] alloc_pages_vma+0x391/0x660 [ 1523.805951][T12356] shmem_getpage_gfp+0x980/0x1410 [ 1523.811112][T12356] shmem_write_begin+0x7e/0x100 [ 1523.815966][T12356] generic_perform_write+0x196/0x3a0 [ 1523.821526][T12356] ? shmem_write_begin+0x100/0x100 [ 1523.826696][T12356] __generic_file_write_iter+0x161/0x300 [ 1523.832353][T12356] ? generic_write_checks+0x250/0x290 06:48:44 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r0, 0x55143000) 06:48:44 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1523.837820][T12356] generic_file_write_iter+0x75/0x130 [ 1523.843284][T12356] vfs_write+0x69d/0x770 [ 1523.847615][T12356] ksys_write+0xce/0x180 [ 1523.851859][T12356] __x64_sys_write+0x3e/0x50 [ 1523.856451][T12356] do_syscall_64+0x4a/0x90 [ 1523.860866][T12356] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1523.866762][T12356] RIP: 0033:0x4665d9 [ 1523.870647][T12356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1523.877410][T12372] FAULT_INJECTION: forcing a failure. [ 1523.877410][T12372] name failslab, interval 1, probability 0, space 0, times 0 [ 1523.890257][T12356] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1523.890291][T12356] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1523.890303][T12356] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1523.927372][T12356] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1523.935352][T12356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1523.943376][T12356] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1523.951334][T12372] CPU: 0 PID: 12372 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1523.960123][T12372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1523.970240][T12372] Call Trace: [ 1523.973513][T12372] dump_stack+0x137/0x19d [ 1523.977876][T12372] should_fail+0x23c/0x250 [ 1523.982296][T12372] ? xas_create+0x96b/0xb30 06:48:44 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:48:44 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6400000000000000}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:44 executing program 3 (fault-call:1 fault-nth:62): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:44 executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r0, 0x408c5333, &(0x7f0000000040)={0xf, 0x80, 0x0, 'queue0\x00', 0x1f}) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1523.986801][T12372] __should_failslab+0x81/0x90 [ 1523.991635][T12372] should_failslab+0x5/0x20 [ 1523.996141][T12372] kmem_cache_alloc+0x46/0x2f0 [ 1524.000923][T12372] ? xas_create+0x96b/0xb30 [ 1524.005437][T12372] xas_create+0x96b/0xb30 [ 1524.009762][T12372] xas_store+0x70/0xca0 [ 1524.013915][T12372] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1524.019908][T12372] __xa_store+0xcb/0x320 [ 1524.024207][T12372] xa_store+0x30/0x70 [ 1524.028236][T12372] io_uring_add_task_file+0x111/0x200 [ 1524.033712][T12372] io_uring_create+0x1734/0x18d0 06:48:44 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r0, 0x55143000) [ 1524.038647][T12372] ? should_fail+0xd6/0x250 [ 1524.043242][T12372] __x64_sys_io_uring_setup+0xe1/0x120 [ 1524.048709][T12372] do_syscall_64+0x4a/0x90 [ 1524.053306][T12372] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1524.057744][T12387] FAULT_INJECTION: forcing a failure. [ 1524.057744][T12387] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1524.059276][T12372] RIP: 0033:0x4665d9 [ 1524.059291][T12372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1524.059305][T12372] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1524.104373][T12372] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1524.112328][T12372] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1524.120285][T12372] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1524.128242][T12372] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1524.136199][T12372] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1524.144268][T12387] CPU: 1 PID: 12387 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1524.153091][T12387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1524.163158][T12387] Call Trace: [ 1524.166567][T12387] dump_stack+0x137/0x19d [ 1524.170895][T12387] should_fail+0x23c/0x250 [ 1524.175399][T12387] should_fail_usercopy+0x16/0x20 [ 1524.180432][T12387] iov_iter_copy_from_user_atomic+0x281/0xb60 06:48:44 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:48:44 executing program 0 (fault-call:1 fault-nth:26): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:44 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r0, 0x55143000) 06:48:44 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7605000000000000}, &(0x7f00000000c0)={0x0, 0xea60}) [ 1524.186506][T12387] ? shmem_write_begin+0x7e/0x100 [ 1524.191604][T12387] generic_perform_write+0x1e4/0x3a0 [ 1524.197141][T12387] ? shmem_write_begin+0x100/0x100 [ 1524.202268][T12387] __generic_file_write_iter+0x161/0x300 [ 1524.207903][T12387] ? generic_write_checks+0x250/0x290 [ 1524.213333][T12387] generic_file_write_iter+0x75/0x130 [ 1524.218782][T12387] vfs_write+0x69d/0x770 [ 1524.223025][T12387] ksys_write+0xce/0x180 [ 1524.227284][T12387] __x64_sys_write+0x3e/0x50 [ 1524.231926][T12387] do_syscall_64+0x4a/0x90 06:48:44 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) move_pages(r0, 0x9, &(0x7f0000000000)=[&(0x7f0000e34000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000e20000/0x3000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000e20000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000e20000/0x2000)=nil], &(0x7f0000000080)=[0x8d52], &(0x7f00000000c0)=[0x0], 0x4) [ 1524.236352][T12387] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1524.242445][T12387] RIP: 0033:0x4665d9 [ 1524.246332][T12387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1524.262690][T12397] FAULT_INJECTION: forcing a failure. [ 1524.262690][T12397] name failslab, interval 1, probability 0, space 0, times 0 [ 1524.265961][T12387] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1524.265983][T12387] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1524.265995][T12387] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1524.303073][T12387] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1524.311039][T12387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1524.319012][T12387] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1524.327034][T12397] CPU: 0 PID: 12397 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 06:48:45 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1524.335811][T12397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1524.345870][T12397] Call Trace: [ 1524.349289][T12397] dump_stack+0x137/0x19d [ 1524.353623][T12397] should_fail+0x23c/0x250 [ 1524.358047][T12397] ? xas_create+0x96b/0xb30 [ 1524.362552][T12397] __should_failslab+0x81/0x90 [ 1524.367318][T12397] should_failslab+0x5/0x20 [ 1524.371814][T12397] kmem_cache_alloc+0x46/0x2f0 [ 1524.376625][T12397] ? xas_create+0x96b/0xb30 [ 1524.381179][T12397] xas_create+0x96b/0xb30 [ 1524.385515][T12397] xas_store+0x70/0xca0 06:48:45 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r0, 0x55143000) [ 1524.389671][T12397] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1524.395846][T12397] __xa_store+0xcb/0x320 [ 1524.400310][T12397] xa_store+0x30/0x70 [ 1524.404285][T12397] io_uring_add_task_file+0x111/0x200 [ 1524.409656][T12397] io_uring_create+0x1734/0x18d0 [ 1524.414615][T12397] ? should_fail+0xd6/0x250 [ 1524.419210][T12397] __x64_sys_io_uring_setup+0xe1/0x120 [ 1524.424671][T12397] do_syscall_64+0x4a/0x90 [ 1524.429092][T12397] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1524.435059][T12397] RIP: 0033:0x4665d9 06:48:45 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000e32000/0x2000)=nil) [ 1524.438941][T12397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1524.458548][T12397] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1524.466955][T12397] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1524.475080][T12397] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 06:48:45 executing program 3 (fault-call:1 fault-nth:63): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:45 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1524.483152][T12397] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1524.491218][T12397] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1524.499182][T12397] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1524.525201][T12415] FAULT_INJECTION: forcing a failure. [ 1524.525201][T12415] name fail_page_alloc, interval 1, probability 0, space 0, times 0 06:48:45 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:48:45 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfefdffff00000000}, &(0x7f00000000c0)={0x0, 0xea60}) [ 1524.538627][T12415] CPU: 0 PID: 12415 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1524.549452][T12415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1524.559510][T12415] Call Trace: [ 1524.562841][T12415] dump_stack+0x137/0x19d [ 1524.567205][T12415] should_fail+0x23c/0x250 [ 1524.571627][T12415] __alloc_pages+0x102/0x320 [ 1524.576287][T12415] alloc_pages_vma+0x391/0x660 [ 1524.581067][T12415] ? _raw_spin_unlock_irqrestore+0x27/0x40 06:48:45 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r0, 0x55143000) [ 1524.587034][T12415] shmem_getpage_gfp+0x980/0x1410 [ 1524.592091][T12415] shmem_write_begin+0x7e/0x100 [ 1524.597123][T12415] generic_perform_write+0x196/0x3a0 [ 1524.602461][T12415] ? shmem_write_begin+0x100/0x100 [ 1524.607594][T12415] __generic_file_write_iter+0x161/0x300 [ 1524.613229][T12415] ? generic_write_checks+0x250/0x290 [ 1524.618688][T12415] generic_file_write_iter+0x75/0x130 [ 1524.624174][T12415] vfs_write+0x69d/0x770 [ 1524.628468][T12415] ksys_write+0xce/0x180 [ 1524.632815][T12415] __x64_sys_write+0x3e/0x50 06:48:45 executing program 0 (fault-call:1 fault-nth:27): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:45 executing program 2: mlock(&(0x7f0000e32000/0x1000)=nil, 0x1000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4002) mremap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000, 0x4, &(0x7f0000e1f000/0x2000)=nil) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_POLL_REMOVE={0x7, 0xa9b1b2502d63b253, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1}, 0x9) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mq_timedsend(r0, &(0x7f0000000000)="7e483650208b2a1f6352f3da7436ac6c5b272f6f122830e0ef4df09ea79c3c928f6b9e724585776ec038e5fac927c641d824df44807a50ce0b87726e5dc5212f5fcf02f4f021750bcc63034ea4d780077ea220525b027f382d29fff2e3e542c18194911b44e65d94d04cf49a48f00c12216251827d2ce1a7b5c0e583e3079f417209279203743408efdf0a71e612f6257d97b1a8a79e3500a6da269f9962a140b3051c1bc7165363f6", 0xa9, 0x1, 0x0) 06:48:45 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r0, 0x55143000) 06:48:45 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1524.637421][T12415] do_syscall_64+0x4a/0x90 [ 1524.641949][T12415] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1524.648107][T12415] RIP: 0033:0x4665d9 [ 1524.652032][T12415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1524.671653][T12415] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1524.680166][T12415] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1524.688250][T12415] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1524.696227][T12415] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1524.698788][T12431] FAULT_INJECTION: forcing a failure. [ 1524.698788][T12431] name failslab, interval 1, probability 0, space 0, times 0 [ 1524.704260][T12415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1524.704275][T12415] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1524.732921][T12431] CPU: 1 PID: 12431 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 06:48:45 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:48:45 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r0, 0x55143000) 06:48:45 executing program 3 (fault-call:1 fault-nth:64): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:45 executing program 2: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) [ 1524.741749][T12431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1524.751826][T12431] Call Trace: [ 1524.755099][T12431] dump_stack+0x137/0x19d [ 1524.759448][T12431] should_fail+0x23c/0x250 [ 1524.763863][T12431] ? xas_create+0x96b/0xb30 [ 1524.768399][T12431] __should_failslab+0x81/0x90 [ 1524.773169][T12431] should_failslab+0x5/0x20 [ 1524.777668][T12431] kmem_cache_alloc+0x46/0x2f0 [ 1524.782561][T12431] ? xas_create+0x96b/0xb30 [ 1524.787062][T12431] xas_create+0x96b/0xb30 06:48:45 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1524.791481][T12431] xas_store+0x70/0xca0 [ 1524.795639][T12431] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1524.801627][T12431] ? kcsan_setup_watchpoint+0x213/0x380 [ 1524.807244][T12431] __xa_store+0xcb/0x320 [ 1524.811495][T12431] xa_store+0x30/0x70 [ 1524.815499][T12431] io_uring_add_task_file+0x111/0x200 [ 1524.816326][T12445] FAULT_INJECTION: forcing a failure. [ 1524.816326][T12445] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1524.821001][T12431] io_uring_create+0x1734/0x18d0 [ 1524.821022][T12431] ? should_fail+0xd6/0x250 [ 1524.843623][T12431] __x64_sys_io_uring_setup+0xe1/0x120 [ 1524.849208][T12431] do_syscall_64+0x4a/0x90 [ 1524.853614][T12431] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1524.859639][T12431] RIP: 0033:0x4665d9 [ 1524.863818][T12431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1524.883431][T12431] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1524.891920][T12431] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1524.899885][T12431] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1524.907890][T12431] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1524.915856][T12431] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1524.923898][T12431] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1524.931857][T12445] CPU: 0 PID: 12445 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1524.940636][T12445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1524.950681][T12445] Call Trace: [ 1524.953963][T12445] dump_stack+0x137/0x19d [ 1524.958279][T12445] should_fail+0x23c/0x250 [ 1524.962678][T12445] should_fail_usercopy+0x16/0x20 [ 1524.967684][T12445] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1524.973822][T12445] ? shmem_write_begin+0x7e/0x100 [ 1524.978836][T12445] generic_perform_write+0x1e4/0x3a0 [ 1524.984163][T12445] ? shmem_write_begin+0x100/0x100 [ 1524.989272][T12445] __generic_file_write_iter+0x161/0x300 [ 1524.994898][T12445] ? generic_write_checks+0x250/0x290 [ 1525.000307][T12445] generic_file_write_iter+0x75/0x130 [ 1525.005679][T12445] vfs_write+0x69d/0x770 [ 1525.009915][T12445] ksys_write+0xce/0x180 [ 1525.014189][T12445] __x64_sys_write+0x3e/0x50 [ 1525.018828][T12445] do_syscall_64+0x4a/0x90 [ 1525.023230][T12445] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1525.029139][T12445] RIP: 0033:0x4665d9 [ 1525.033014][T12445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1525.052640][T12445] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1525.061035][T12445] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1525.069070][T12445] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1525.077275][T12445] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1525.085231][T12445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 06:48:45 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:45 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:48:45 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r0, 0x55143000) [ 1525.093198][T12445] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:45 executing program 0 (fault-call:1 fault-nth:28): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:45 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) io_setup(0x5, &(0x7f0000000000)=0x0) io_getevents(r0, 0xffff, 0x0, 0x0, 0x0) io_getevents(r0, 0x7, 0x1, &(0x7f0000000000)=[{}], &(0x7f0000000040)) [ 1525.178035][T12460] FAULT_INJECTION: forcing a failure. [ 1525.178035][T12460] name failslab, interval 1, probability 0, space 0, times 0 [ 1525.190754][T12460] CPU: 0 PID: 12460 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1525.199526][T12460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1525.209588][T12460] Call Trace: [ 1525.212859][T12460] dump_stack+0x137/0x19d [ 1525.217728][T12460] should_fail+0x23c/0x250 [ 1525.222163][T12460] ? xas_create+0x96b/0xb30 [ 1525.226708][T12460] __should_failslab+0x81/0x90 [ 1525.231521][T12460] should_failslab+0x5/0x20 [ 1525.236138][T12460] kmem_cache_alloc+0x46/0x2f0 [ 1525.240903][T12460] ? xas_create+0x96b/0xb30 [ 1525.245591][T12460] xas_create+0x96b/0xb30 [ 1525.249958][T12460] xas_store+0x70/0xca0 [ 1525.254118][T12460] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1525.260354][T12460] __xa_store+0xcb/0x320 [ 1525.264675][T12460] xa_store+0x30/0x70 [ 1525.268665][T12460] io_uring_add_task_file+0x111/0x200 06:48:45 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x10, r0, 0x55143000) 06:48:45 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, &(0x7f00000000c0)={0x0, 0xea60}) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000040)={0x16, 0x7ff, 0x5, 0x41bd, 0x8, 0x9, 0x5, 0x6}, &(0x7f0000000100)={0x7fffffff, 0x23f9d30b, 0x5, 0x0, 0x7e000000, 0x2000000000000, 0x2, 0x7}, &(0x7f0000000140)={0xffffffffffffff01, 0x7, 0x5, 0x7, 0x4, 0xfff, 0x7, 0x7fff}, &(0x7f00000001c0)={r0, r1+60000000}, &(0x7f0000000240)={&(0x7f0000000200)={[0xa1]}, 0x8}) clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) mq_timedsend(0xffffffffffffffff, &(0x7f0000000280)="e34f56d5e3852ce5c0feb00e504bfbf3bf8c19c2edbbb62b3f4e5d315ed5c991514d2253e67616805fc928ea080c494a34f968f35a5c2abfeec8", 0x3a, 0x22, &(0x7f0000000300)={r2, r3+60000000}) 06:48:45 executing program 3 (fault-call:1 fault-nth:65): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:45 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:48:45 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1525.274048][T12460] io_uring_create+0x1734/0x18d0 [ 1525.278991][T12460] ? should_fail+0xd6/0x250 [ 1525.283497][T12460] __x64_sys_io_uring_setup+0xe1/0x120 [ 1525.288962][T12460] do_syscall_64+0x4a/0x90 [ 1525.293428][T12460] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1525.299332][T12460] RIP: 0033:0x4665d9 [ 1525.303237][T12460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 06:48:46 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x10, r0, 0x55143000) [ 1525.323056][T12460] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1525.331808][T12460] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1525.339779][T12460] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1525.347819][T12460] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1525.355792][T12460] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1525.363765][T12460] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 06:48:46 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x10, r0, 0x55143000) 06:48:46 executing program 5: select(0x40, &(0x7f0000000000)={0x1, 0x0, 0x5, 0x0, 0x4}, 0x0, &(0x7f0000000080)={0xe6152a7, 0x0, 0x0, 0x0, 0x1000000000000000}, &(0x7f00000001c0)={0x0, 0xea60}) r0 = perf_event_open$cgroup(&(0x7f0000000100)={0x1, 0x80, 0x37, 0x0, 0x81, 0x81, 0x0, 0x3, 0xa0400, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x3, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x6, 0x4, @perf_bp={&(0x7f0000000040), 0x7}, 0x13204, 0x4, 0x9, 0x7, 0x5, 0x1e6a, 0x2b6e, 0x0, 0x5, 0x0, 0x7}, 0xffffffffffffffff, 0xb, 0xffffffffffffffff, 0x9) ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f0000000180)) pselect6(0x40, &(0x7f00000000c0)={0x40, 0x3, 0xff, 0x5, 0x48c5, 0x6, 0x1, 0x1}, &(0x7f0000000200)={0x8, 0x4, 0x8, 0x7f, 0x5, 0x4, 0xffffffffffffd0af, 0x4}, &(0x7f0000000240)={0xaf2, 0x1f, 0x400, 0x1, 0x5, 0x4, 0x7, 0x4}, &(0x7f0000000280)={0x77359400}, &(0x7f0000000300)={&(0x7f00000002c0)={[0xdda]}, 0x8}) ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f0000000340)) 06:48:46 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1525.378465][T12475] FAULT_INJECTION: forcing a failure. [ 1525.378465][T12475] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1525.391870][T12475] CPU: 0 PID: 12475 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1525.400631][T12475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1525.410692][T12475] Call Trace: [ 1525.413968][T12475] dump_stack+0x137/0x19d [ 1525.418314][T12475] should_fail+0x23c/0x250 [ 1525.422797][T12475] __alloc_pages+0x102/0x320 06:48:46 executing program 0 (fault-call:1 fault-nth:29): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1525.427389][T12475] alloc_pages_vma+0x391/0x660 [ 1525.432248][T12475] shmem_getpage_gfp+0x980/0x1410 [ 1525.437285][T12475] shmem_write_begin+0x7e/0x100 [ 1525.442162][T12475] generic_perform_write+0x196/0x3a0 [ 1525.447457][T12475] ? shmem_write_begin+0x100/0x100 [ 1525.448058][T12488] FAULT_INJECTION: forcing a failure. [ 1525.448058][T12488] name failslab, interval 1, probability 0, space 0, times 0 [ 1525.452573][T12475] __generic_file_write_iter+0x161/0x300 [ 1525.471138][T12475] ? generic_write_checks+0x250/0x290 [ 1525.476570][T12475] generic_file_write_iter+0x75/0x130 [ 1525.482093][T12475] vfs_write+0x69d/0x770 [ 1525.486341][T12475] ksys_write+0xce/0x180 [ 1525.490640][T12475] __x64_sys_write+0x3e/0x50 [ 1525.495217][T12475] do_syscall_64+0x4a/0x90 [ 1525.499672][T12475] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1525.505781][T12475] RIP: 0033:0x4665d9 [ 1525.509665][T12475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1525.529454][T12475] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1525.537864][T12475] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1525.545821][T12475] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1525.554023][T12475] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1525.561978][T12475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1525.570056][T12475] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1525.578086][T12488] CPU: 1 PID: 12488 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1525.586924][T12488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1525.596978][T12488] Call Trace: [ 1525.600250][T12488] dump_stack+0x137/0x19d [ 1525.604579][T12488] should_fail+0x23c/0x250 [ 1525.608995][T12488] ? xas_create+0x96b/0xb30 [ 1525.613490][T12488] __should_failslab+0x81/0x90 [ 1525.618248][T12488] should_failslab+0x5/0x20 [ 1525.622753][T12488] kmem_cache_alloc+0x46/0x2f0 06:48:46 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, 0xffffffffffffffff, 0x55143000) [ 1525.627516][T12488] ? xas_create+0x96b/0xb30 [ 1525.632023][T12488] xas_create+0x96b/0xb30 [ 1525.636358][T12488] xas_store+0x70/0xca0 [ 1525.640516][T12488] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1525.646604][T12488] __xa_store+0xcb/0x320 [ 1525.650909][T12488] xa_store+0x30/0x70 [ 1525.654896][T12488] io_uring_add_task_file+0x111/0x200 [ 1525.660296][T12488] io_uring_create+0x1734/0x18d0 [ 1525.665251][T12488] ? should_fail+0xd6/0x250 [ 1525.669756][T12488] __x64_sys_io_uring_setup+0xe1/0x120 [ 1525.675254][T12488] do_syscall_64+0x4a/0x90 [ 1525.679672][T12488] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1525.685826][T12488] RIP: 0033:0x4665d9 [ 1525.689824][T12488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1525.709572][T12488] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1525.718003][T12488] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 06:48:46 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) syz_io_uring_setup(0x3b0c, &(0x7f0000000000)={0x0, 0xabd1, 0x0, 0x0, 0x34, 0x0, r0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000e1e000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000008, 0x1010, r1, 0x68977000) 06:48:46 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, 0x0, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:48:46 executing program 3 (fault-call:1 fault-nth:66): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:46 executing program 5: select(0x40, &(0x7f0000000040)={0xffffffffffffffff}, 0x0, &(0x7f0000000080)={0x7, 0x0, 0xfffffffffffffffc, 0x9}, &(0x7f00000000c0)={0x0, 0xea60}) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) accept4(r0, &(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @private2}, &(0x7f0000000000)=0x80, 0x0) 06:48:46 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, 0xffffffffffffffff, 0x55143000) 06:48:46 executing program 0 (fault-call:1 fault-nth:30): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1525.726155][T12488] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1525.734194][T12488] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1525.742233][T12488] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1525.750272][T12488] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1525.808096][T12503] FAULT_INJECTION: forcing a failure. [ 1525.808096][T12503] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1525.815261][T12509] FAULT_INJECTION: forcing a failure. [ 1525.815261][T12509] name failslab, interval 1, probability 0, space 0, times 0 [ 1525.821180][T12503] CPU: 0 PID: 12503 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1525.842472][T12503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1525.852538][T12503] Call Trace: [ 1525.855804][T12503] dump_stack+0x137/0x19d [ 1525.860127][T12503] should_fail+0x23c/0x250 [ 1525.864625][T12503] should_fail_usercopy+0x16/0x20 [ 1525.869690][T12503] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1525.875762][T12503] ? shmem_write_begin+0x7e/0x100 [ 1525.880953][T12503] generic_perform_write+0x1e4/0x3a0 [ 1525.886318][T12503] ? shmem_write_begin+0x100/0x100 [ 1525.891520][T12503] __generic_file_write_iter+0x161/0x300 [ 1525.897155][T12503] ? generic_write_checks+0x250/0x290 [ 1525.902548][T12503] generic_file_write_iter+0x75/0x130 [ 1525.908015][T12503] vfs_write+0x69d/0x770 [ 1525.912251][T12503] ksys_write+0xce/0x180 [ 1525.916473][T12503] __x64_sys_write+0x3e/0x50 [ 1525.921136][T12503] do_syscall_64+0x4a/0x90 [ 1525.925763][T12503] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1525.931702][T12503] RIP: 0033:0x4665d9 [ 1525.935586][T12503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1525.955265][T12503] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1525.963749][T12503] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1525.971705][T12503] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1525.979742][T12503] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1525.987781][T12503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1525.995741][T12503] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1526.003710][T12509] CPU: 1 PID: 12509 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1526.012492][T12509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1526.022534][T12509] Call Trace: [ 1526.025804][T12509] dump_stack+0x137/0x19d [ 1526.030144][T12509] should_fail+0x23c/0x250 [ 1526.034599][T12509] ? xas_create+0x96b/0xb30 [ 1526.039093][T12509] __should_failslab+0x81/0x90 [ 1526.044055][T12509] should_failslab+0x5/0x20 [ 1526.048552][T12509] kmem_cache_alloc+0x46/0x2f0 [ 1526.053333][T12509] ? xas_create+0x96b/0xb30 06:48:46 executing program 5: select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x4000000000}, &(0x7f00000000c0)={0x0, 0xea60}) io_getevents(0x0, 0x9, 0xe1cca6e92926e75, &(0x7f0000000100), &(0x7f00000001c0)) select(0x40, &(0x7f0000000040)={0xfffffffffffffff6, 0x5, 0x80000000, 0x7, 0xf43, 0x2, 0x1ff, 0xe8}, &(0x7f0000000100)={0x2, 0x1000000004, 0x3, 0x5, 0xbdb4, 0x8, 0x1f, 0x7ff96d7d}, &(0x7f0000000140)={0x7, 0x9, 0x641, 0x648c, 0x0, 0x3, 0x8000000000, 0x18d2}, &(0x7f0000000180)) r0 = mq_open(&(0x7f0000000380)='\x00', 0x800, 0x88, &(0x7f00000003c0)={0x10000, 0x786, 0x9, 0x765e098a}) mq_timedreceive(r0, &(0x7f0000000400)=""/209, 0xd1, 0x7fff, &(0x7f0000000500)) clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) clock_nanosleep(0x3, 0x1, &(0x7f0000000300)={r1, r2+60000000}, &(0x7f0000000340)) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) clock_nanosleep(0x1, 0x1, &(0x7f0000000240)={r3, r4+60000000}, &(0x7f0000000280)) [ 1526.057875][T12509] xas_create+0x96b/0xb30 [ 1526.062265][T12509] xas_store+0x70/0xca0 [ 1526.066509][T12509] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1526.072572][T12509] __xa_store+0xcb/0x320 [ 1526.076847][T12509] xa_store+0x30/0x70 [ 1526.080827][T12509] io_uring_add_task_file+0x111/0x200 [ 1526.086197][T12509] io_uring_create+0x1734/0x18d0 [ 1526.091130][T12509] ? should_fail+0xd6/0x250 [ 1526.095631][T12509] __x64_sys_io_uring_setup+0xe1/0x120 [ 1526.101094][T12509] do_syscall_64+0x4a/0x90 06:48:46 executing program 3 (fault-call:1 fault-nth:67): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:46 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, 0x0, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1526.105566][T12509] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1526.111563][T12509] RIP: 0033:0x4665d9 [ 1526.115455][T12509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1526.135084][T12509] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1526.143501][T12509] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1526.151494][T12509] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 06:48:46 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, 0xffffffffffffffff, 0x55143000) 06:48:46 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) move_pages(r0, 0x1, &(0x7f0000000000)=[&(0x7f0000e32000/0x3000)=nil], 0x0, &(0x7f0000000040)=[0x0, 0x0, 0x0], 0x2) [ 1526.159465][T12509] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1526.167536][T12509] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1526.175507][T12509] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1526.197861][T12522] FAULT_INJECTION: forcing a failure. 06:48:46 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e31000/0x1000)=nil, 0x1000, 0x64) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x4000)=nil, 0x4000}, &(0x7f0000000040)=0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x8141) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000180), r2) sendmsg$NLBL_UNLABEL_C_LIST(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x50, r4, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:ssh_keysign_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private}, @NLBL_UNLABEL_A_ACPTFLG={0x5}]}, 0x50}}, 0x0) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, r4, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @local}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000010}, 0x90) 06:48:46 executing program 0 (fault-call:1 fault-nth:31): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1526.197861][T12522] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1526.211232][T12522] CPU: 1 PID: 12522 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1526.220004][T12522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1526.230085][T12522] Call Trace: [ 1526.233358][T12522] dump_stack+0x137/0x19d [ 1526.237681][T12522] should_fail+0x23c/0x250 [ 1526.242179][T12522] __alloc_pages+0x102/0x320 [ 1526.246775][T12522] alloc_pages_vma+0x391/0x660 [ 1526.251535][T12522] shmem_getpage_gfp+0x980/0x1410 [ 1526.256601][T12522] shmem_write_begin+0x7e/0x100 [ 1526.261523][T12522] generic_perform_write+0x196/0x3a0 [ 1526.262681][T12533] FAULT_INJECTION: forcing a failure. [ 1526.262681][T12533] name failslab, interval 1, probability 0, space 0, times 0 [ 1526.266876][T12522] ? shmem_write_begin+0x100/0x100 [ 1526.284657][T12522] __generic_file_write_iter+0x161/0x300 [ 1526.290283][T12522] ? generic_write_checks+0x250/0x290 [ 1526.295647][T12522] generic_file_write_iter+0x75/0x130 [ 1526.301017][T12522] vfs_write+0x69d/0x770 [ 1526.305261][T12522] ksys_write+0xce/0x180 [ 1526.309573][T12522] __x64_sys_write+0x3e/0x50 [ 1526.314147][T12522] do_syscall_64+0x4a/0x90 [ 1526.318677][T12522] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1526.324562][T12522] RIP: 0033:0x4665d9 [ 1526.328438][T12522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1526.348322][T12522] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1526.356861][T12522] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1526.364922][T12522] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1526.372890][T12522] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1526.380847][T12522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1526.388911][T12522] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1526.396952][T12533] CPU: 0 PID: 12533 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 06:48:47 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, 0x0, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:48:47 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r0, 0x0) 06:48:47 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) msync(&(0x7f0000e2f000/0x4000)=nil, 0x4000, 0x2) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:47 executing program 3 (fault-call:1 fault-nth:68): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) [ 1526.405821][T12533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1526.415879][T12533] Call Trace: [ 1526.419154][T12533] dump_stack+0x137/0x19d [ 1526.423489][T12533] should_fail+0x23c/0x250 [ 1526.427971][T12533] ? xas_create+0x96b/0xb30 [ 1526.432478][T12533] __should_failslab+0x81/0x90 [ 1526.437246][T12533] should_failslab+0x5/0x20 [ 1526.441742][T12533] kmem_cache_alloc+0x46/0x2f0 [ 1526.446558][T12533] ? xas_create+0x96b/0xb30 [ 1526.451080][T12533] xas_create+0x96b/0xb30 [ 1526.455408][T12533] xas_store+0x70/0xca0 06:48:47 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1526.459703][T12533] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1526.465709][T12533] __xa_store+0xcb/0x320 [ 1526.469983][T12533] xa_store+0x30/0x70 [ 1526.473983][T12533] io_uring_add_task_file+0x111/0x200 [ 1526.479365][T12533] io_uring_create+0x1734/0x18d0 [ 1526.484298][T12533] ? should_fail+0xd6/0x250 [ 1526.488888][T12533] __x64_sys_io_uring_setup+0xe1/0x120 [ 1526.494365][T12533] do_syscall_64+0x4a/0x90 [ 1526.498778][T12533] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1526.500402][T12545] FAULT_INJECTION: forcing a failure. [ 1526.500402][T12545] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1526.504752][T12533] RIP: 0033:0x4665d9 [ 1526.504768][T12533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1526.504782][T12533] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1526.549911][T12533] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1526.558014][T12533] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1526.565990][T12533] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1526.573959][T12533] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1526.581969][T12533] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1526.589929][T12545] CPU: 1 PID: 12545 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1526.598711][T12545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1526.608762][T12545] Call Trace: [ 1526.612033][T12545] dump_stack+0x137/0x19d [ 1526.616360][T12545] should_fail+0x23c/0x250 [ 1526.620779][T12545] should_fail_usercopy+0x16/0x20 [ 1526.625823][T12545] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1526.631900][T12545] ? shmem_write_begin+0x7e/0x100 [ 1526.636926][T12545] generic_perform_write+0x1e4/0x3a0 [ 1526.642212][T12545] ? shmem_write_begin+0x100/0x100 [ 1526.647308][T12545] __generic_file_write_iter+0x161/0x300 [ 1526.652923][T12545] ? generic_write_checks+0x250/0x290 [ 1526.658369][T12545] generic_file_write_iter+0x75/0x130 [ 1526.663759][T12545] vfs_write+0x69d/0x770 [ 1526.667980][T12545] ksys_write+0xce/0x180 [ 1526.672205][T12545] __x64_sys_write+0x3e/0x50 [ 1526.676772][T12545] do_syscall_64+0x4a/0x90 [ 1526.681218][T12545] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1526.687308][T12545] RIP: 0033:0x4665d9 [ 1526.691317][T12545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1526.711089][T12545] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1526.719608][T12545] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1526.727936][T12545] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1526.735889][T12545] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1526.743930][T12545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1526.751898][T12545] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:47 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mq_timedreceive(r0, &(0x7f0000000100)=""/233, 0xe9, 0x1, &(0x7f0000000040)={0x77359400}) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:47 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:48:47 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) 06:48:47 executing program 0 (fault-call:1 fault-nth:32): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:47 executing program 2: mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000000, 0x30, 0xffffffffffffffff, 0x10000000) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:47 executing program 3 (fault-call:1 fault-nth:69): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) [ 1527.144871][T12559] FAULT_INJECTION: forcing a failure. [ 1527.144871][T12559] name failslab, interval 1, probability 0, space 0, times 0 [ 1527.157673][T12559] CPU: 1 PID: 12559 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1527.166427][T12559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1527.176483][T12559] Call Trace: [ 1527.179866][T12559] dump_stack+0x137/0x19d [ 1527.181328][T12557] FAULT_INJECTION: forcing a failure. [ 1527.181328][T12557] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1527.184277][T12559] should_fail+0x23c/0x250 [ 1527.184298][T12559] ? xas_create+0x96b/0xb30 [ 1527.206507][T12559] __should_failslab+0x81/0x90 [ 1527.211378][T12559] should_failslab+0x5/0x20 [ 1527.215930][T12559] kmem_cache_alloc+0x46/0x2f0 [ 1527.220803][T12559] ? xas_create+0x96b/0xb30 [ 1527.225293][T12559] xas_create+0x96b/0xb30 [ 1527.229618][T12559] xas_store+0x70/0xca0 [ 1527.233843][T12559] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1527.239891][T12559] __xa_store+0xcb/0x320 [ 1527.244121][T12559] xa_store+0x30/0x70 [ 1527.248169][T12559] io_uring_add_task_file+0x111/0x200 [ 1527.253586][T12559] io_uring_create+0x1734/0x18d0 [ 1527.258514][T12559] ? should_fail+0xd6/0x250 [ 1527.263055][T12559] __x64_sys_io_uring_setup+0xe1/0x120 [ 1527.268533][T12559] do_syscall_64+0x4a/0x90 [ 1527.272946][T12559] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1527.279003][T12559] RIP: 0033:0x4665d9 [ 1527.282879][T12559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1527.302468][T12559] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1527.310933][T12559] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1527.318909][T12559] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1527.326890][T12559] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1527.334858][T12559] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 06:48:47 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap$IORING_OFF_SQES(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x2000000, 0x50, 0xffffffffffffffff, 0x10000000) msync(&(0x7f0000e34000/0x2000)=nil, 0x2000, 0x2) mmap$usbmon(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x1, 0x50, 0xffffffffffffffff, 0x80) 06:48:48 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:48:48 executing program 2: ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='\x00') mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x20802, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) mremap(&(0x7f0000e20000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) mmap$usbmon(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x9, 0x810, r1, 0x1) 06:48:48 executing program 0 (fault-call:1 fault-nth:33): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1527.342916][T12559] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1527.350878][T12557] CPU: 0 PID: 12557 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1527.359771][T12557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1527.369815][T12557] Call Trace: [ 1527.373081][T12557] dump_stack+0x137/0x19d [ 1527.377594][T12557] should_fail+0x23c/0x250 [ 1527.382876][T12557] __alloc_pages+0x102/0x320 [ 1527.387478][T12557] alloc_pages_vma+0x391/0x660 06:48:48 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000), &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:48:48 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) [ 1527.392248][T12557] shmem_getpage_gfp+0x980/0x1410 [ 1527.397283][T12557] shmem_write_begin+0x7e/0x100 [ 1527.402141][T12557] generic_perform_write+0x196/0x3a0 [ 1527.407431][T12557] ? shmem_write_begin+0x100/0x100 [ 1527.412576][T12557] __generic_file_write_iter+0x161/0x300 [ 1527.418203][T12557] ? generic_write_checks+0x250/0x290 [ 1527.423718][T12557] generic_file_write_iter+0x75/0x130 [ 1527.429124][T12557] vfs_write+0x69d/0x770 [ 1527.433549][T12557] ksys_write+0xce/0x180 [ 1527.434333][T12578] FAULT_INJECTION: forcing a failure. [ 1527.434333][T12578] name failslab, interval 1, probability 0, space 0, times 0 [ 1527.437828][T12557] __x64_sys_write+0x3e/0x50 [ 1527.455240][T12557] do_syscall_64+0x4a/0x90 [ 1527.459649][T12557] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1527.465535][T12557] RIP: 0033:0x4665d9 [ 1527.469433][T12557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1527.489024][T12557] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1527.497418][T12557] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1527.505380][T12557] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1527.513536][T12557] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1527.521507][T12557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1527.529463][T12557] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1527.537518][T12578] CPU: 1 PID: 12578 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1527.546443][T12578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1527.556648][T12578] Call Trace: [ 1527.559917][T12578] dump_stack+0x137/0x19d [ 1527.564259][T12578] should_fail+0x23c/0x250 [ 1527.568677][T12578] ? xas_create+0x96b/0xb30 [ 1527.573175][T12578] __should_failslab+0x81/0x90 [ 1527.577936][T12578] should_failslab+0x5/0x20 [ 1527.582438][T12578] kmem_cache_alloc+0x46/0x2f0 [ 1527.587243][T12578] ? xas_create+0x96b/0xb30 [ 1527.591750][T12578] xas_create+0x96b/0xb30 [ 1527.596092][T12578] xas_store+0x70/0xca0 [ 1527.600249][T12578] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1527.606226][T12578] __xa_store+0xcb/0x320 [ 1527.610480][T12578] xa_store+0x30/0x70 [ 1527.614539][T12578] io_uring_add_task_file+0x111/0x200 [ 1527.619926][T12578] io_uring_create+0x1734/0x18d0 [ 1527.624871][T12578] ? should_fail+0xd6/0x250 [ 1527.629378][T12578] __x64_sys_io_uring_setup+0xe1/0x120 [ 1527.634860][T12578] do_syscall_64+0x4a/0x90 [ 1527.639288][T12578] entry_SYSCALL_64_after_hwframe+0x44/0xae 06:48:48 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) modify_ldt$read(0x0, &(0x7f00000001c0)=""/52, 0x34) getitimer(0x0, &(0x7f0000000040)) 06:48:48 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) 06:48:48 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x810, r0, 0x80000001) mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) mmap$IORING_OFF_SQES(&(0x7f0000e33000/0x3000)=nil, 0x3000, 0x4, 0x400c010, r0, 0x10000000) ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r0, 0x80083313, &(0x7f0000000040)) 06:48:48 executing program 3 (fault-call:1 fault-nth:70): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:48 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000), &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, 0x0, &(0x7f00000000c0)) 06:48:48 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) 06:48:48 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000), &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, 0x0, &(0x7f00000000c0)) [ 1527.645183][T12578] RIP: 0033:0x4665d9 [ 1527.649073][T12578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1527.669041][T12578] RSP: 002b:00007fc68c941108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1527.677450][T12578] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1527.685418][T12578] RDX: 0000000020cc4000 RSI: 0000000020000280 RDI: 0000000000003125 [ 1527.693393][T12578] RBP: 0000000020000280 R08: 0000000000000000 R09: 0000000000000000 [ 1527.695551][T12595] FAULT_INJECTION: forcing a failure. [ 1527.695551][T12595] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1527.701392][T12578] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1527.701407][T12578] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1527.730669][T12595] CPU: 0 PID: 12595 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1527.739464][T12595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1527.749614][T12595] Call Trace: [ 1527.752893][T12595] dump_stack+0x137/0x19d [ 1527.757381][T12595] should_fail+0x23c/0x250 [ 1527.761811][T12595] should_fail_usercopy+0x16/0x20 [ 1527.766836][T12595] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1527.772898][T12595] ? shmem_write_begin+0x7e/0x100 [ 1527.777967][T12595] generic_perform_write+0x1e4/0x3a0 [ 1527.783262][T12595] ? shmem_write_begin+0x100/0x100 [ 1527.787917][T12609] FAULT_INJECTION: forcing a failure. [ 1527.787917][T12609] name failslab, interval 1, probability 0, space 0, times 0 [ 1527.788445][T12595] __generic_file_write_iter+0x161/0x300 [ 1527.788470][T12595] ? generic_write_checks+0x250/0x290 [ 1527.788486][T12595] generic_file_write_iter+0x75/0x130 [ 1527.788502][T12595] vfs_write+0x69d/0x770 [ 1527.821605][T12595] ksys_write+0xce/0x180 [ 1527.825836][T12595] __x64_sys_write+0x3e/0x50 [ 1527.830410][T12595] do_syscall_64+0x4a/0x90 [ 1527.834844][T12595] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1527.840725][T12595] RIP: 0033:0x4665d9 [ 1527.844761][T12595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1527.864349][T12595] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1527.872754][T12595] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1527.880835][T12595] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1527.888889][T12595] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 06:48:48 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) 06:48:48 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000), &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, 0x0, &(0x7f00000000c0)) 06:48:48 executing program 0 (fault-call:1 fault-nth:34): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:48 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000), &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), 0x0) [ 1527.896847][T12595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1527.904894][T12595] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1527.912884][T12609] CPU: 1 PID: 12609 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1527.921654][T12609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1527.931880][T12609] Call Trace: [ 1527.935156][T12609] dump_stack+0x137/0x19d [ 1527.939504][T12609] should_fail+0x23c/0x250 [ 1527.943950][T12609] ? vm_area_dup+0x44/0x120 [ 1527.948523][T12609] __should_failslab+0x81/0x90 [ 1527.953409][T12609] should_failslab+0x5/0x20 [ 1527.957915][T12609] kmem_cache_alloc+0x46/0x2f0 [ 1527.962708][T12609] vm_area_dup+0x44/0x120 [ 1527.967037][T12609] ? kmem_cache_alloc+0x201/0x2f0 [ 1527.972057][T12609] ? xas_create+0x96b/0xb30 [ 1527.976557][T12609] ? xas_create+0xae3/0xb30 [ 1527.981107][T12609] __split_vma+0x82/0x320 [ 1527.985460][T12609] ? vmacache_find+0x157/0x320 [ 1527.990261][T12609] __do_munmap+0x2e9/0x1340 [ 1527.994759][T12609] ? __xas_nomem+0xfc/0x270 [ 1527.999263][T12609] mmap_region+0x58a/0x13e0 [ 1528.003758][T12609] ? security_mmap_addr+0x78/0x90 [ 1528.008780][T12609] do_mmap+0x77d/0xc90 [ 1528.012848][T12609] vm_mmap_pgoff+0xfc/0x1d0 [ 1528.017348][T12609] ksys_mmap_pgoff+0x2a8/0x380 [ 1528.022104][T12609] do_syscall_64+0x4a/0x90 [ 1528.026531][T12609] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1528.032504][T12609] RIP: 0033:0x466622 06:48:48 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) [ 1528.036389][T12609] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1528.056001][T12609] RSP: 002b:00007fc68c9410f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1528.064413][T12609] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 0000000000466622 [ 1528.072389][T12609] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020e1f000 [ 1528.080539][T12609] RBP: 0000000020e1f000 R08: 0000000000000004 R09: 0000000000000000 [ 1528.088522][T12609] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000000000000 06:48:48 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000040)={0x4, 0x800, 0x881, 0x100000001, 0x1, 0x3, 0x5000000000000, 0x3}, &(0x7f0000000100)={0x7, 0x10000000000000, 0x0, 0x5, 0x5, 0x2, 0xa060, 0x20}, &(0x7f0000000140)={0xfff, 0x7, 0x5, 0x1, 0xffffffffffff20a1, 0x40, 0xf2, 0x7f}, &(0x7f0000000180), &(0x7f0000000200)={&(0x7f00000001c0)={[0x5]}, 0x8}) 06:48:48 executing program 2: mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000008, 0x50, 0xffffffffffffffff, 0x400) move_pages(0x0, 0x4, &(0x7f0000000040)=[&(0x7f0000e32000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000e2e000/0xa000)=nil, &(0x7f0000e2f000/0x4000)=nil], 0x0, &(0x7f0000000080), 0x6) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$usbmon(&(0x7f0000e30000/0x3000)=nil, 0x3000, 0x2, 0x810, r0, 0x200) syz_io_uring_setup(0x5052, &(0x7f0000000080)={0x0, 0xc83e, 0x1, 0x3, 0x109}, &(0x7f0000e31000/0x2000)=nil, &(0x7f0000e37000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100)) 06:48:48 executing program 3 (fault-call:1 fault-nth:71): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:48 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000), &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), 0x0) 06:48:48 executing program 0 (fault-call:1 fault-nth:35): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:48 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) 06:48:48 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000), &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), 0x0) [ 1528.096536][T12609] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1528.151923][T12630] FAULT_INJECTION: forcing a failure. [ 1528.151923][T12630] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1528.157465][T12638] FAULT_INJECTION: forcing a failure. [ 1528.157465][T12638] name failslab, interval 1, probability 0, space 0, times 0 [ 1528.165192][T12630] CPU: 0 PID: 12630 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1528.186535][T12630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1528.196781][T12630] Call Trace: [ 1528.200062][T12630] dump_stack+0x137/0x19d [ 1528.204555][T12630] should_fail+0x23c/0x250 [ 1528.209130][T12630] __alloc_pages+0x102/0x320 [ 1528.216788][T12630] alloc_pages_vma+0x391/0x660 [ 1528.221649][T12630] shmem_getpage_gfp+0x980/0x1410 [ 1528.226857][T12630] shmem_write_begin+0x7e/0x100 [ 1528.231703][T12630] generic_perform_write+0x196/0x3a0 [ 1528.237154][T12630] ? shmem_write_begin+0x100/0x100 [ 1528.242351][T12630] __generic_file_write_iter+0x161/0x300 [ 1528.248035][T12630] ? generic_write_checks+0x250/0x290 [ 1528.253401][T12630] generic_file_write_iter+0x75/0x130 [ 1528.258817][T12630] vfs_write+0x69d/0x770 [ 1528.263049][T12630] ksys_write+0xce/0x180 [ 1528.267290][T12630] __x64_sys_write+0x3e/0x50 [ 1528.271871][T12630] do_syscall_64+0x4a/0x90 [ 1528.276273][T12630] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1528.282263][T12630] RIP: 0033:0x4665d9 [ 1528.286140][T12630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1528.305726][T12630] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1528.314216][T12630] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1528.322175][T12630] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1528.330126][T12630] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1528.338101][T12630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 06:48:49 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) 06:48:49 executing program 2: mlock(&(0x7f0000e31000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:49 executing program 3 (fault-call:1 fault-nth:72): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) [ 1528.346070][T12630] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1528.354106][T12638] CPU: 1 PID: 12638 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1528.362896][T12638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1528.372972][T12638] Call Trace: [ 1528.376249][T12638] dump_stack+0x137/0x19d [ 1528.380583][T12638] should_fail+0x23c/0x250 [ 1528.384999][T12638] ? vm_area_alloc+0x28/0xa0 [ 1528.389591][T12638] __should_failslab+0x81/0x90 [ 1528.394392][T12638] should_failslab+0x5/0x20 06:48:49 executing program 1: mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000008, 0x50, 0xffffffffffffffff, 0x400) move_pages(0x0, 0x4, &(0x7f0000000040)=[&(0x7f0000e32000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000e2e000/0xa000)=nil, &(0x7f0000e2f000/0x4000)=nil], 0x0, &(0x7f0000000080), 0x6) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$usbmon(&(0x7f0000e30000/0x3000)=nil, 0x3000, 0x2, 0x810, r0, 0x200) syz_io_uring_setup(0x5052, &(0x7f0000000080)={0x0, 0xc83e, 0x1, 0x3, 0x109}, &(0x7f0000e31000/0x2000)=nil, &(0x7f0000e37000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100)) 06:48:49 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000002, 0xac011, 0xffffffffffffffff, 0x0) [ 1528.398977][T12638] kmem_cache_alloc+0x46/0x2f0 [ 1528.403855][T12638] vm_area_alloc+0x28/0xa0 [ 1528.408383][T12638] mmap_region+0x721/0x13e0 [ 1528.412961][T12638] ? security_mmap_addr+0x78/0x90 [ 1528.417993][T12638] do_mmap+0x77d/0xc90 [ 1528.422072][T12638] vm_mmap_pgoff+0xfc/0x1d0 [ 1528.426576][T12638] ksys_mmap_pgoff+0x2a8/0x380 [ 1528.431332][T12638] do_syscall_64+0x4a/0x90 [ 1528.435742][T12638] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1528.441803][T12638] RIP: 0033:0x466622 [ 1528.445721][T12638] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1528.454794][T12649] FAULT_INJECTION: forcing a failure. [ 1528.454794][T12649] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1528.465596][T12638] RSP: 002b:00007fc68c9410f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1528.465616][T12638] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 0000000000466622 [ 1528.465628][T12638] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020e1f000 [ 1528.503430][T12638] RBP: 0000000020e1f000 R08: 0000000000000004 R09: 0000000000000000 [ 1528.511394][T12638] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000000000000 [ 1528.519444][T12638] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1528.527407][T12649] CPU: 0 PID: 12649 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1528.536517][T12649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1528.546743][T12649] Call Trace: [ 1528.550036][T12649] dump_stack+0x137/0x19d [ 1528.554462][T12649] should_fail+0x23c/0x250 [ 1528.558961][T12649] should_fail_usercopy+0x16/0x20 [ 1528.563988][T12649] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1528.570172][T12649] ? shmem_write_begin+0x7e/0x100 [ 1528.575296][T12649] generic_perform_write+0x1e4/0x3a0 [ 1528.580582][T12649] ? shmem_write_begin+0x100/0x100 [ 1528.585711][T12649] __generic_file_write_iter+0x161/0x300 [ 1528.591433][T12649] ? generic_write_checks+0x250/0x290 [ 1528.596835][T12649] generic_file_write_iter+0x75/0x130 06:48:49 executing program 5: syz_open_dev$ttys(0xc, 0x2, 0x1) select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:49 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) 06:48:49 executing program 0 (fault-call:1 fault-nth:36): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:49 executing program 1: mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000008, 0x50, 0xffffffffffffffff, 0x400) move_pages(0x0, 0x4, &(0x7f0000000040)=[&(0x7f0000e32000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000e2e000/0xa000)=nil, &(0x7f0000e2f000/0x4000)=nil], 0x0, &(0x7f0000000080), 0x6) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$usbmon(&(0x7f0000e30000/0x3000)=nil, 0x3000, 0x2, 0x810, r0, 0x200) syz_io_uring_setup(0x5052, &(0x7f0000000080)={0x0, 0xc83e, 0x1, 0x3, 0x109}, &(0x7f0000e31000/0x2000)=nil, &(0x7f0000e37000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100)) 06:48:49 executing program 1: mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000008, 0x50, 0xffffffffffffffff, 0x400) move_pages(0x0, 0x4, &(0x7f0000000040)=[&(0x7f0000e32000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000e2e000/0xa000)=nil, &(0x7f0000e2f000/0x4000)=nil], 0x0, &(0x7f0000000080), 0x6) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$usbmon(&(0x7f0000e30000/0x3000)=nil, 0x3000, 0x2, 0x810, r0, 0x200) syz_io_uring_setup(0x5052, &(0x7f0000000080)={0x0, 0xc83e, 0x1, 0x3, 0x109}, &(0x7f0000e31000/0x2000)=nil, &(0x7f0000e37000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000100)) 06:48:49 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) move_pages(0xffffffffffffffff, 0x2, &(0x7f0000000000)=[&(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff9000/0x7000)=nil], 0x0, &(0x7f0000000040)=[0x0, 0x0], 0x2) [ 1528.602226][T12649] vfs_write+0x69d/0x770 [ 1528.606711][T12649] ksys_write+0xce/0x180 [ 1528.610957][T12649] __x64_sys_write+0x3e/0x50 [ 1528.615555][T12649] do_syscall_64+0x4a/0x90 [ 1528.619973][T12649] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1528.625867][T12649] RIP: 0033:0x4665d9 [ 1528.629753][T12649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 06:48:49 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) [ 1528.649373][T12649] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1528.657815][T12649] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1528.665790][T12649] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1528.673767][T12649] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1528.681739][T12649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1528.684951][T12664] FAULT_INJECTION: forcing a failure. [ 1528.684951][T12664] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1528.689801][T12649] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1528.711081][T12664] CPU: 1 PID: 12664 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1528.719835][T12664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1528.729885][T12664] Call Trace: [ 1528.733270][T12664] dump_stack+0x137/0x19d [ 1528.737595][T12664] should_fail+0x23c/0x250 [ 1528.742020][T12664] __alloc_pages+0x102/0x320 [ 1528.746615][T12664] alloc_pages+0x21d/0x310 [ 1528.751080][T12664] pte_alloc_one+0x29/0xb0 [ 1528.755502][T12664] __pte_alloc+0x2f/0x210 [ 1528.759893][T12664] remap_pfn_range_notrack+0x5b7/0x770 [ 1528.765447][T12664] remap_pfn_range+0x87/0xe0 [ 1528.770090][T12664] io_uring_mmap+0x23b/0x260 [ 1528.774761][T12664] mmap_region+0xbb6/0x13e0 [ 1528.779258][T12664] do_mmap+0x77d/0xc90 [ 1528.783328][T12664] vm_mmap_pgoff+0xfc/0x1d0 [ 1528.787824][T12664] ksys_mmap_pgoff+0x2a8/0x380 [ 1528.792588][T12664] do_syscall_64+0x4a/0x90 [ 1528.797257][T12664] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1528.803182][T12664] RIP: 0033:0x466622 [ 1528.807073][T12664] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1528.826757][T12664] RSP: 002b:00007fc68c9410f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1528.835177][T12664] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 0000000000466622 [ 1528.843148][T12664] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020e1f000 06:48:49 executing program 1: mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000008, 0x50, 0xffffffffffffffff, 0x400) move_pages(0x0, 0x4, &(0x7f0000000040)=[&(0x7f0000e32000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000e2e000/0xa000)=nil, &(0x7f0000e2f000/0x4000)=nil], 0x0, &(0x7f0000000080), 0x6) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$usbmon(&(0x7f0000e30000/0x3000)=nil, 0x3000, 0x2, 0x810, r0, 0x200) 06:48:49 executing program 1: mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000008, 0x50, 0xffffffffffffffff, 0x400) move_pages(0x0, 0x4, &(0x7f0000000040)=[&(0x7f0000e32000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000e2e000/0xa000)=nil, &(0x7f0000e2f000/0x4000)=nil], 0x0, &(0x7f0000000080), 0x6) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) 06:48:49 executing program 3 (fault-call:1 fault-nth:73): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:49 executing program 1: mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000008, 0x50, 0xffffffffffffffff, 0x400) move_pages(0x0, 0x4, &(0x7f0000000040)=[&(0x7f0000e32000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000e2e000/0xa000)=nil, &(0x7f0000e2f000/0x4000)=nil], 0x0, &(0x7f0000000080), 0x6) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) [ 1528.851151][T12664] RBP: 0000000020e1f000 R08: 0000000000000004 R09: 0000000000000000 [ 1528.857755][T12676] FAULT_INJECTION: forcing a failure. [ 1528.857755][T12676] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1528.859124][T12664] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000000000000 [ 1528.859139][T12664] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 [ 1528.888291][T12676] CPU: 0 PID: 12676 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 06:48:49 executing program 0 (fault-call:1 fault-nth:37): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:49 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000040)={0x3, 0x4, 0x80, 0x100, 0x2, 0x5, 0x9, 0x603c7fea}, &(0x7f0000000100)={0x7, 0x10001, 0x8, 0x2054, 0x1ff, 0x1f, 0x2, 0x1a}, &(0x7f0000000140)={0x1000, 0x0, 0x7, 0x1, 0x800, 0x21b, 0x7, 0x2}, &(0x7f0000000180)={0x0, 0x3938700}, &(0x7f0000000200)={&(0x7f00000001c0)={[0x2]}, 0x8}) pselect6(0x40, &(0x7f0000000240)={0x3, 0x1, 0xd9, 0x6, 0x97, 0x2, 0x8, 0x4}, &(0x7f0000000280)={0x766, 0x80000001, 0x3, 0xcb5b, 0x6, 0x100000000, 0x2, 0x3}, &(0x7f00000002c0)={0x1, 0x5, 0x5, 0x8001, 0x1, 0x6, 0x1000, 0x29a4}, &(0x7f0000000300), &(0x7f0000000380)={&(0x7f0000000340)={[0x3ff]}, 0x8}) 06:48:49 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) io_getevents(0x0, 0x0, 0x0, 0x0, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0) 06:48:49 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) 06:48:49 executing program 1: mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000008, 0x50, 0xffffffffffffffff, 0x400) move_pages(0x0, 0x4, &(0x7f0000000040)=[&(0x7f0000e32000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000e2e000/0xa000)=nil, &(0x7f0000e2f000/0x4000)=nil], 0x0, &(0x7f0000000080), 0x6) [ 1528.897066][T12676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1528.907121][T12676] Call Trace: [ 1528.910408][T12676] dump_stack+0x137/0x19d [ 1528.914740][T12676] should_fail+0x23c/0x250 [ 1528.919158][T12676] __alloc_pages+0x102/0x320 [ 1528.923744][T12676] alloc_pages_vma+0x391/0x660 [ 1528.928545][T12676] shmem_getpage_gfp+0x980/0x1410 [ 1528.933630][T12676] shmem_write_begin+0x7e/0x100 [ 1528.938568][T12676] generic_perform_write+0x196/0x3a0 [ 1528.943858][T12676] ? shmem_write_begin+0x100/0x100 [ 1528.948983][T12676] __generic_file_write_iter+0x161/0x300 [ 1528.953413][T12687] FAULT_INJECTION: forcing a failure. [ 1528.953413][T12687] name failslab, interval 1, probability 0, space 0, times 0 [ 1528.954680][T12676] ? generic_write_checks+0x250/0x290 [ 1528.973046][T12676] generic_file_write_iter+0x75/0x130 [ 1528.978493][T12676] vfs_write+0x69d/0x770 [ 1528.982720][T12676] ksys_write+0xce/0x180 [ 1528.986946][T12676] __x64_sys_write+0x3e/0x50 [ 1528.991546][T12676] do_syscall_64+0x4a/0x90 [ 1528.996124][T12676] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1529.002067][T12676] RIP: 0033:0x4665d9 [ 1529.005942][T12676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1529.025557][T12676] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1529.034254][T12676] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1529.042210][T12676] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1529.050162][T12676] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1529.058218][T12676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1529.066343][T12676] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1529.074309][T12687] CPU: 1 PID: 12687 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1529.083071][T12687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1529.093193][T12687] Call Trace: [ 1529.096516][T12687] dump_stack+0x137/0x19d [ 1529.100846][T12687] should_fail+0x23c/0x250 [ 1529.105306][T12687] ? __sigqueue_alloc+0x175/0x2c0 [ 1529.110323][T12687] __should_failslab+0x81/0x90 [ 1529.115230][T12687] should_failslab+0x5/0x20 [ 1529.119833][T12687] kmem_cache_alloc+0x46/0x2f0 [ 1529.124603][T12687] ? vma_wants_writenotify+0x1e2/0x250 [ 1529.130061][T12687] __sigqueue_alloc+0x175/0x2c0 [ 1529.135045][T12687] __send_signal+0x178/0x760 [ 1529.139618][T12687] send_signal+0x281/0x390 [ 1529.144017][T12687] force_sig_info_to_task+0x2ad/0x2e0 [ 1529.149405][T12687] force_sig_fault+0x62/0x90 [ 1529.154019][T12687] __bad_area_nosemaphore+0x256/0x2f0 [ 1529.159368][T12687] exc_page_fault+0x94/0x230 [ 1529.163942][T12687] ? asm_exc_page_fault+0x8/0x30 [ 1529.168892][T12687] asm_exc_page_fault+0x1e/0x30 [ 1529.173818][T12687] RIP: 0033:0x403f03 [ 1529.177690][T12687] Code: 89 d8 8d 34 90 8b 45 04 ba 03 00 00 00 c1 e0 04 03 45 64 39 c6 48 0f 42 f0 45 31 c9 e8 06 27 06 00 8b 75 00 41 89 d8 4c 89 ef <49> 89 06 41 b9 00 00 00 10 b9 11 80 00 00 ba 03 00 00 00 c1 e6 06 [ 1529.197363][T12687] RSP: 002b:00007fc68c941110 EFLAGS: 00010207 06:48:49 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mincore(&(0x7f0000ffe000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/91) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:49 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d) 06:48:49 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) 06:48:49 executing program 3 (fault-call:1 fault-nth:74): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:49 executing program 1: mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000008, 0x50, 0xffffffffffffffff, 0x400) [ 1529.203442][T12687] RAX: 0000000020e1f000 RBX: 0000000000000004 RCX: 0000000000466622 [ 1529.211393][T12687] RDX: 0000000000000003 RSI: 0000000000004000 RDI: 0000000020cc4000 [ 1529.219340][T12687] RBP: 0000000020000280 R08: 0000000000000004 R09: 0000000000000000 [ 1529.227315][T12687] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000000000000 [ 1529.235357][T12687] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 06:48:49 executing program 0 (fault-call:1 fault-nth:38): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:49 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x0) [ 1529.279652][T12703] FAULT_INJECTION: forcing a failure. [ 1529.279652][T12703] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1529.292792][T12703] CPU: 0 PID: 12703 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1529.301977][T12703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1529.312097][T12703] Call Trace: [ 1529.315377][T12703] dump_stack+0x137/0x19d [ 1529.319712][T12703] should_fail+0x23c/0x250 [ 1529.324175][T12703] should_fail_usercopy+0x16/0x20 06:48:49 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x0) [ 1529.329298][T12703] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1529.335477][T12703] ? shmem_write_begin+0x7e/0x100 [ 1529.340529][T12703] generic_perform_write+0x1e4/0x3a0 [ 1529.342343][T12715] FAULT_INJECTION: forcing a failure. [ 1529.342343][T12715] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1529.345832][T12703] ? shmem_write_begin+0x100/0x100 [ 1529.363932][T12703] __generic_file_write_iter+0x161/0x300 [ 1529.369557][T12703] ? generic_write_checks+0x250/0x290 [ 1529.374914][T12703] generic_file_write_iter+0x75/0x130 [ 1529.380272][T12703] vfs_write+0x69d/0x770 [ 1529.384503][T12703] ksys_write+0xce/0x180 [ 1529.388813][T12703] __x64_sys_write+0x3e/0x50 [ 1529.393391][T12703] do_syscall_64+0x4a/0x90 [ 1529.397805][T12703] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1529.403735][T12703] RIP: 0033:0x4665d9 [ 1529.407610][T12703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1529.427219][T12703] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1529.435790][T12703] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1529.443838][T12703] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1529.451925][T12703] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1529.459890][T12703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1529.467848][T12703] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1529.475845][T12715] CPU: 1 PID: 12715 Comm: syz-executor.0 Not tainted 5.13.0-rc4-syzkaller #0 [ 1529.485314][T12715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1529.495486][T12715] Call Trace: [ 1529.498863][T12715] dump_stack+0x137/0x19d [ 1529.503191][T12715] should_fail+0x23c/0x250 [ 1529.507601][T12715] should_fail_usercopy+0x16/0x20 [ 1529.512712][T12715] copy_fpstate_to_sigframe+0x370/0x570 [ 1529.518282][T12715] __setup_rt_frame+0x11d/0x3d0 [ 1529.523140][T12715] arch_do_signal_or_restart+0x196/0x220 [ 1529.528809][T12715] exit_to_user_mode_prepare+0x109/0x190 [ 1529.534490][T12715] ? asm_exc_page_fault+0x8/0x30 [ 1529.539427][T12715] irqentry_exit_to_user_mode+0x5/0x20 [ 1529.544950][T12715] irqentry_exit+0xe/0x30 [ 1529.549473][T12715] asm_exc_page_fault+0x1e/0x30 [ 1529.554350][T12715] RIP: 0033:0x403f03 [ 1529.558233][T12715] Code: 89 d8 8d 34 90 8b 45 04 ba 03 00 00 00 c1 e0 04 03 45 64 39 c6 48 0f 42 f0 45 31 c9 e8 06 27 06 00 8b 75 00 41 89 d8 4c 89 ef <49> 89 06 41 b9 00 00 00 10 b9 11 80 00 00 ba 03 00 00 00 c1 e6 06 06:48:50 executing program 1: mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 06:48:50 executing program 3 (fault-call:1 fault-nth:75): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:50 executing program 2: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) sendmsg$AUDIT_TTY_GET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x3f8, 0x100, 0x70bd27, 0x25dfdbfc, "", ["", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x20048804) mlock(&(0x7f0000fef000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f0000e31000/0x4000)=nil) 06:48:50 executing program 1: mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 06:48:50 executing program 5: madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xa) syz_io_uring_setup(0x6e, &(0x7f0000000100)={0x0, 0x0, 0x4, 0x1, 0x74}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0xffffff, 0x0, 0x0, 0x0, 0xffffffffffffffff}, &(0x7f00000000c0)) 06:48:50 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1529.577850][T12715] RSP: 002b:00007fc68c941110 EFLAGS: 00010207 [ 1529.584427][T12715] RAX: 0000000020e1f000 RBX: 0000000000000004 RCX: 0000000000466622 [ 1529.592458][T12715] RDX: 0000000000000003 RSI: 0000000000004000 RDI: 0000000020cc4000 [ 1529.600439][T12715] RBP: 0000000020000280 R08: 0000000000000004 R09: 0000000000000000 [ 1529.608413][T12715] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000000000000 [ 1529.616425][T12715] R13: 0000000020cc4000 R14: 0000000000000000 R15: 0000000020e1f000 06:48:50 executing program 1: mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 06:48:50 executing program 5: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x40) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000100)={0x20, 0x1, {0x3, 0x0, 0x7fffffff, 0x0, 0x4}, 0x6986}) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:50 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x0) [ 1529.670878][T12731] FAULT_INJECTION: forcing a failure. [ 1529.670878][T12731] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1529.684213][T12731] CPU: 1 PID: 12731 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1529.692983][T12731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1529.703269][T12731] Call Trace: [ 1529.706545][T12731] dump_stack+0x137/0x19d [ 1529.710888][T12731] should_fail+0x23c/0x250 [ 1529.715343][T12731] __alloc_pages+0x102/0x320 06:48:50 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:50 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e34000/0x1000)=nil) sigaltstack(&(0x7f0000e1e000/0x4000)=nil, 0x0) shmget(0x0, 0x3000, 0x1000, &(0x7f0000e1e000/0x3000)=nil) 06:48:50 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) [ 1529.719989][T12731] alloc_pages_vma+0x391/0x660 [ 1529.724788][T12731] shmem_getpage_gfp+0x980/0x1410 [ 1529.729816][T12731] shmem_write_begin+0x7e/0x100 [ 1529.734728][T12731] generic_perform_write+0x196/0x3a0 [ 1529.740020][T12731] ? shmem_write_begin+0x100/0x100 [ 1529.745148][T12731] __generic_file_write_iter+0x161/0x300 [ 1529.750816][T12731] ? generic_write_checks+0x250/0x290 [ 1529.756200][T12731] generic_file_write_iter+0x75/0x130 [ 1529.761753][T12731] vfs_write+0x69d/0x770 [ 1529.766142][T12731] ksys_write+0xce/0x180 06:48:50 executing program 1: mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) [ 1529.770513][T12731] __x64_sys_write+0x3e/0x50 [ 1529.775107][T12731] do_syscall_64+0x4a/0x90 [ 1529.779533][T12731] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1529.785498][T12731] RIP: 0033:0x4665d9 [ 1529.789496][T12731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1529.809334][T12731] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 06:48:50 executing program 3 (fault-call:1 fault-nth:76): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:50 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) 06:48:50 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000, 0x2, &(0x7f0000e1f000/0x3000)=nil) sigaltstack(&(0x7f0000e1f000/0x3000)=nil, &(0x7f0000000140)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private2}}, &(0x7f0000000080)=0x80, 0x80000) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000e32000/0x2000)=nil, 0x2000}, &(0x7f0000000100)=0x10) 06:48:50 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3105, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:50 executing program 1: mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) 06:48:50 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) [ 1529.818040][T12731] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1529.826305][T12731] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1529.834279][T12731] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1529.842252][T12731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1529.850224][T12731] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:50 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:50 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e34000/0x1000)=nil) sigaltstack(&(0x7f0000e1e000/0x4000)=nil, 0x0) shmget(0x0, 0x3000, 0x1000, &(0x7f0000e1e000/0x3000)=nil) 06:48:50 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) [ 1529.901449][T12765] FAULT_INJECTION: forcing a failure. [ 1529.901449][T12765] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1529.914543][T12765] CPU: 1 PID: 12765 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1529.923403][T12765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1529.933675][T12765] Call Trace: [ 1529.936959][T12765] dump_stack+0x137/0x19d [ 1529.941300][T12765] should_fail+0x23c/0x250 [ 1529.945754][T12765] should_fail_usercopy+0x16/0x20 06:48:50 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000009, 0x80010, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r0, 0x0, &(0x7f0000000080)=@IORING_OP_OPENAT2={0x1c, 0x5, 0x0, 0xffffffffffffffff, &(0x7f0000000000)={0x80, 0x10, 0x21}, &(0x7f0000000040)='./file0\x00', 0x18, 0x0, 0x23456}, 0x7) 06:48:50 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e34000/0x1000)=nil) sigaltstack(&(0x7f0000e1e000/0x4000)=nil, 0x0) shmget(0x0, 0x3000, 0x1000, &(0x7f0000e1e000/0x3000)=nil) 06:48:50 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e34000/0x1000)=nil) sigaltstack(&(0x7f0000e1e000/0x4000)=nil, 0x0) shmget(0x0, 0x3000, 0x1000, &(0x7f0000e1e000/0x3000)=nil) [ 1529.950947][T12765] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1529.957116][T12765] ? shmem_write_begin+0x7e/0x100 [ 1529.962207][T12765] generic_perform_write+0x1e4/0x3a0 [ 1529.967624][T12765] ? shmem_write_begin+0x100/0x100 [ 1529.972803][T12765] __generic_file_write_iter+0x161/0x300 [ 1529.978475][T12765] ? generic_write_checks+0x250/0x290 [ 1529.983864][T12765] generic_file_write_iter+0x75/0x130 [ 1529.989257][T12765] vfs_write+0x69d/0x770 [ 1529.993503][T12765] ksys_write+0xce/0x180 [ 1529.997746][T12765] __x64_sys_write+0x3e/0x50 [ 1530.002377][T12765] do_syscall_64+0x4a/0x90 [ 1530.006815][T12765] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1530.012938][T12765] RIP: 0033:0x4665d9 [ 1530.016823][T12765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1530.036536][T12765] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1530.044963][T12765] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1530.052940][T12765] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1530.060919][T12765] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1530.069444][T12765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1530.077513][T12765] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:50 executing program 3 (fault-call:1 fault-nth:77): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:50 executing program 5: r0 = inotify_init() mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000000, 0x1010, r0, 0x77658000) select(0x40, &(0x7f0000000000)={0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0xad, 0x20000000000}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) select(0x40, &(0x7f0000000040)={0x2b0, 0x1, 0x8001, 0x3f, 0x1, 0x4, 0x7}, &(0x7f0000000100)={0x5, 0x6, 0x100, 0x1, 0x1f98000000000, 0x7, 0x2, 0xc09d}, &(0x7f0000000140)={0x8, 0x73d, 0x5, 0x9, 0x4, 0x7, 0x7, 0x4}, &(0x7f0000000180)={0x0, 0xea60}) 06:48:50 executing program 4: madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) 06:48:50 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e34000/0x1000)=nil) sigaltstack(&(0x7f0000e1e000/0x4000)=nil, 0x0) 06:48:50 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x2}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:50 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = io_uring_setup(0x71e3, &(0x7f0000000000)={0x0, 0x8e3f, 0x0, 0x1, 0x2d0}) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3000000, 0x100010, r0, 0x8000000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:50 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mincore(&(0x7f0000e20000/0x3000)=nil, 0x3000, &(0x7f0000000080)=""/116) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000e20000/0x1000)=nil) [ 1530.183871][T12787] FAULT_INJECTION: forcing a failure. [ 1530.183871][T12787] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1530.197286][T12787] CPU: 1 PID: 12787 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1530.206049][T12787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1530.216119][T12787] Call Trace: [ 1530.219396][T12787] dump_stack+0x137/0x19d [ 1530.223736][T12787] should_fail+0x23c/0x250 [ 1530.228174][T12787] __alloc_pages+0x102/0x320 06:48:50 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x69f0, &(0x7f0000000000)={0x0, 0x79c4, 0x0, 0x1, 0x167}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:50 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mincore(&(0x7f0000e31000/0x4000)=nil, 0x4000, &(0x7f0000000000)=""/223) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:50 executing program 2: shmctl$IPC_RMID(0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x10881, 0x0) syz_io_uring_setup(0x7837, &(0x7f0000000040)={0x0, 0x7b36, 0x20, 0x0, 0x3df, 0x0, r0}, &(0x7f0000e20000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) [ 1530.232762][T12787] alloc_pages_vma+0x391/0x660 [ 1530.237730][T12787] shmem_getpage_gfp+0x980/0x1410 [ 1530.242868][T12787] shmem_write_begin+0x7e/0x100 [ 1530.247735][T12787] generic_perform_write+0x196/0x3a0 [ 1530.253015][T12787] ? shmem_write_begin+0x100/0x100 [ 1530.258134][T12787] __generic_file_write_iter+0x161/0x300 [ 1530.263784][T12787] ? generic_write_checks+0x250/0x290 [ 1530.269165][T12787] generic_file_write_iter+0x75/0x130 [ 1530.274741][T12787] vfs_write+0x69d/0x770 [ 1530.278974][T12787] ksys_write+0xce/0x180 06:48:50 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e32000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:50 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mincore(&(0x7f0000ffd000/0x3000)=nil, 0x3000, &(0x7f0000000000)=""/200) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1530.283209][T12787] __x64_sys_write+0x3e/0x50 [ 1530.287796][T12787] do_syscall_64+0x4a/0x90 [ 1530.292301][T12787] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1530.298251][T12787] RIP: 0033:0x4665d9 [ 1530.302147][T12787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1530.321753][T12787] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 06:48:51 executing program 3 (fault-call:1 fault-nth:78): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) [ 1530.330194][T12787] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1530.338152][T12787] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1530.346125][T12787] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1530.354099][T12787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1530.362078][T12787] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1530.400115][T12820] FAULT_INJECTION: forcing a failure. [ 1530.400115][T12820] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1530.413322][T12820] CPU: 0 PID: 12820 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1530.422228][T12820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1530.432304][T12820] Call Trace: [ 1530.435593][T12820] dump_stack+0x137/0x19d [ 1530.439916][T12820] should_fail+0x23c/0x250 [ 1530.444313][T12820] should_fail_usercopy+0x16/0x20 06:48:51 executing program 5: ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, &(0x7f0000000000)={0x100, 0x7, 0x7, 0x0, 0x6, 0x1}) 06:48:51 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e34000/0x1000)=nil) sigaltstack(&(0x7f0000e1e000/0x4000)=nil, 0x0) 06:48:51 executing program 4: madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) 06:48:51 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x3}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:51 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$SNAPSHOT_FREE(r0, 0x3305) 06:48:51 executing program 5: select(0x40, &(0x7f0000000000)={0x4}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) sendmsg$AUDIT_ADD_RULE(r0, &(0x7f0000000700)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8400}, 0xc, &(0x7f00000006c0)={&(0x7f0000000280)={0x42c, 0x3f3, 0x4, 0x70bd2a, 0x25dfdbfe, {0x2, 0x1, 0x2e, [0x1, 0x8000, 0x8f0, 0x1f, 0x6d, 0x8, 0x7fff, 0x3ff, 0x4c75, 0x5, 0x800, 0x8, 0x80, 0x80000000, 0x6, 0x0, 0xffffff7f, 0x5, 0x400, 0x1, 0x8001, 0xffff8000, 0x2, 0x4, 0x9, 0x80000000, 0x0, 0x71, 0x100, 0x5, 0x8, 0x2, 0x6cdb, 0x1b, 0x1, 0x6, 0x0, 0x2, 0x1, 0x1, 0xc0, 0x39, 0x3, 0xfffff419, 0x1, 0x4fb, 0x13cd, 0x8, 0x8, 0x3fc, 0x3, 0xff, 0x401, 0x1ff, 0x6, 0xffff, 0x9, 0x6, 0x5, 0x5, 0x749d80, 0x87, 0x0, 0x40], [0x2e18, 0x9, 0x7f, 0xec, 0x8, 0x4, 0x1, 0x7, 0x2, 0x0, 0x0, 0x7, 0x9, 0x7, 0xbc, 0x10001, 0xd15, 0x3, 0x4900000, 0x80, 0x6, 0x1000, 0x10000, 0x1, 0x7f, 0x80000001, 0x10001, 0x9, 0x5, 0x5, 0x3, 0x6, 0x8001, 0x0, 0x6, 0x9, 0x2, 0xae87, 0x0, 0x9000, 0x1f, 0x5, 0x4, 0x2, 0x3, 0x7ff, 0x9, 0x101, 0x5c00, 0x0, 0x7ff, 0xee8, 0xffff, 0x1, 0x81, 0xb425, 0xfffffffa, 0x6, 0x1, 0x9, 0x80000000, 0x5, 0x40000, 0x2], [0x0, 0x2, 0x401, 0x6, 0x9, 0x3, 0x1, 0x1, 0x71ff, 0x4, 0x4, 0xadbcafc, 0x4, 0x5, 0xff, 0xffff0000, 0x7540, 0x20, 0xfffffffa, 0x1, 0x7, 0x1ff, 0x5, 0x101, 0xffffffff, 0x401, 0x7058, 0x5, 0x6, 0x6, 0x9, 0x6, 0x21, 0x1, 0x7fffffff, 0x9f, 0x7, 0xaa8, 0x7, 0x6, 0x25, 0x8, 0x4, 0x3, 0x6, 0x800, 0x1, 0x60bc36de, 0x3, 0x48, 0xec, 0x6, 0xa6, 0x8000, 0x6, 0x5c4, 0x4, 0x1f, 0x9, 0x2, 0x3, 0x59a, 0x1], [0x1, 0x6, 0x200, 0x2, 0x80000000, 0x7, 0x0, 0x51edca81, 0x3, 0x7ff, 0x6, 0x7f, 0x5, 0x7, 0x2, 0x3ff, 0xfd11, 0x2, 0x40, 0x1, 0x2000, 0x4, 0x0, 0xa802, 0x1, 0x7ff, 0xf7d, 0xffff, 0x9, 0xffffff80, 0xfffffff9, 0x4, 0x0, 0x9, 0x5, 0x1, 0x0, 0x80, 0x4, 0x6, 0xb0a, 0x2c8, 0x4, 0x0, 0x342, 0xfffffff7, 0x5, 0x7, 0x0, 0x6c02, 0x7, 0x1, 0xeea, 0x4, 0x3, 0x1f, 0x0, 0x46350539, 0x3f, 0x400, 0xe6, 0x2, 0x4, 0xffffffff], 0xb, ['(\x00', '#@\b\x00', '(\'@\x00', '\x00']}, ["", "", ""]}, 0x42c}, 0x1, 0x0, 0x0, 0x200e8000}, 0x0) ioctl$PTP_CLOCK_GETCAPS(0xffffffffffffffff, 0x80503d01, &(0x7f00000001c0)) select(0x40, &(0x7f0000000040)={0x80000001, 0x5560000000000, 0x938c, 0x2, 0x1, 0x100000001, 0x20, 0x7}, &(0x7f0000000100)={0x3, 0x19, 0x8, 0x8000, 0x7, 0x63c, 0x9, 0x9}, &(0x7f0000000140)={0x1ff, 0x5, 0x80, 0x20b, 0x100000001, 0x1, 0xffff, 0x4}, &(0x7f0000000180)={0x77359400}) [ 1530.449436][T12820] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1530.455510][T12820] ? shmem_write_begin+0x7e/0x100 [ 1530.460562][T12820] generic_perform_write+0x1e4/0x3a0 [ 1530.465846][T12820] ? shmem_write_begin+0x100/0x100 [ 1530.470956][T12820] __generic_file_write_iter+0x161/0x300 [ 1530.476594][T12820] ? generic_write_checks+0x250/0x290 [ 1530.481968][T12820] generic_file_write_iter+0x75/0x130 [ 1530.487405][T12820] vfs_write+0x69d/0x770 [ 1530.491670][T12820] ksys_write+0xce/0x180 [ 1530.496018][T12820] __x64_sys_write+0x3e/0x50 06:48:51 executing program 4: madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x14) 06:48:51 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e34000/0x1000)=nil) 06:48:51 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x0) [ 1530.500602][T12820] do_syscall_64+0x4a/0x90 [ 1530.505020][T12820] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1530.510963][T12820] RIP: 0033:0x4665d9 [ 1530.514948][T12820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1530.534822][T12820] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 06:48:51 executing program 1: mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e34000/0x1000)=nil) 06:48:51 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x0) [ 1530.543273][T12820] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1530.551245][T12820] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1530.559417][T12820] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1530.567380][T12820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1530.575449][T12820] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:51 executing program 3 (fault-call:1 fault-nth:79): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:51 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x4}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:51 executing program 4: mlock(&(0x7f0000e32000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x0) 06:48:51 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x492c, &(0x7f00000001c0)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000240), &(0x7f0000000280)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:51 executing program 1: mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e34000/0x1000)=nil) 06:48:51 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000040)={0x503f3add, 0x1, 0x7, 0x1, 0x7ff, 0x4, 0x72e, 0x6}, &(0x7f0000000100)={0x400, 0xfffffffffffffffc, 0x0, 0xef0, 0x2, 0x1, 0x200, 0x1ff}, &(0x7f0000000140)={0x4, 0x8, 0x448, 0x10001, 0x800, 0x20, 0x80000001, 0x8}, &(0x7f0000000180)={0x0, 0x3938700}, &(0x7f0000000200)={&(0x7f00000001c0)={[0x40]}, 0x8}) socketpair(0xa, 0x800, 0x8, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000001840)={&(0x7f0000000280)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x80, &(0x7f0000001740)=[{&(0x7f0000000300)=""/252, 0xfc}, {&(0x7f0000000400)=""/127, 0x7f}, {&(0x7f0000000480)=""/213, 0xd5}, {&(0x7f0000000580)=""/4096, 0x1000}, {&(0x7f0000001580)=""/219, 0xdb}, {&(0x7f0000001680)=""/86, 0x56}, {&(0x7f0000001700)=""/9, 0x9}], 0x7, &(0x7f00000017c0)=""/128, 0x80}, 0x12041) 06:48:51 executing program 1: mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e34000/0x1000)=nil) 06:48:51 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000000), 0xffffffffffffffff) ioctl$MON_IOCT_RING_SIZE(0xffffffffffffffff, 0x9204, 0x883b9) getpid() getsockopt$inet_tcp_buf(r0, 0x6, 0x8, 0x0, &(0x7f0000000040)) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x2, &(0x7f0000ffb000/0x3000)=nil) gettid() [ 1530.727496][T12856] FAULT_INJECTION: forcing a failure. [ 1530.727496][T12856] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1530.740746][T12856] CPU: 0 PID: 12856 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1530.749522][T12856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1530.759634][T12856] Call Trace: [ 1530.762913][T12856] dump_stack+0x137/0x19d [ 1530.767297][T12856] should_fail+0x23c/0x250 [ 1530.771715][T12856] __alloc_pages+0x102/0x320 06:48:51 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000e34000/0x1000)=nil) 06:48:51 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x7}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1530.776460][T12856] alloc_pages_vma+0x391/0x660 [ 1530.781397][T12856] shmem_getpage_gfp+0x980/0x1410 [ 1530.786423][T12856] shmem_write_begin+0x7e/0x100 [ 1530.791288][T12856] generic_perform_write+0x196/0x3a0 [ 1530.796582][T12856] ? shmem_write_begin+0x100/0x100 [ 1530.801776][T12856] __generic_file_write_iter+0x161/0x300 [ 1530.807440][T12856] ? generic_write_checks+0x250/0x290 [ 1530.812865][T12856] generic_file_write_iter+0x75/0x130 [ 1530.818334][T12856] vfs_write+0x69d/0x770 [ 1530.822579][T12856] ksys_write+0xce/0x180 06:48:51 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000e34000/0x1000)=nil) 06:48:51 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x8}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1530.827009][T12856] __x64_sys_write+0x3e/0x50 [ 1530.831616][T12856] do_syscall_64+0x4a/0x90 [ 1530.836086][T12856] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1530.842044][T12856] RIP: 0033:0x4665d9 [ 1530.845936][T12856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1530.865551][T12856] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 06:48:51 executing program 3 (fault-call:1 fault-nth:80): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:51 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x10}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:51 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000e34000/0x1000)=nil) 06:48:51 executing program 4: r0 = inotify_init() mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000000, 0x1010, r0, 0x77658000) select(0x40, &(0x7f0000000000)={0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0xad, 0x20000000000}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) select(0x40, &(0x7f0000000040)={0x2b0, 0x1, 0x8001, 0x3f, 0x1, 0x4, 0x7}, &(0x7f0000000100)={0x5, 0x6, 0x100, 0x1, 0x1f98000000000, 0x7, 0x2, 0xc09d}, &(0x7f0000000140)={0x8, 0x73d, 0x5, 0x9, 0x4, 0x7, 0x7, 0x4}, &(0x7f0000000180)={0x0, 0xea60}) 06:48:51 executing program 2: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x9c01, 0x8, 0x3, 0x195}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1530.874056][T12856] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1530.882028][T12856] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1530.889999][T12856] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1530.897974][T12856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1530.905964][T12856] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 [ 1530.939453][T12892] FAULT_INJECTION: forcing a failure. [ 1530.939453][T12892] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1530.952695][T12892] CPU: 0 PID: 12892 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1530.961466][T12892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1530.971523][T12892] Call Trace: [ 1530.974832][T12892] dump_stack+0x137/0x19d [ 1530.979164][T12892] should_fail+0x23c/0x250 [ 1530.983579][T12892] should_fail_usercopy+0x16/0x20 06:48:51 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000040)) 06:48:51 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x42}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:51 executing program 2: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x14b402, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$SNAPSHOT_CREATE_IMAGE(r0, 0x40043311, &(0x7f0000000240)) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000180), r1) sendmsg$NLBL_UNLABEL_C_LIST(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x50, r3, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:ssh_keysign_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private}, @NLBL_UNLABEL_A_ACPTFLG={0x5}]}, 0x50}}, 0x0) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x60, r3, 0x300, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'wg2\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x28}}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast1}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @remote}]}, 0x60}, 0x1, 0x0, 0x0, 0x200000c4}, 0x408c5) sendmsg$NET_DM_CMD_STOP(r2, &(0x7f0000000380)={0xffffffffffffffff, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x0, 0x800, 0x70bd26, 0x25dfdbfe, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x20000004) r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000400), r1) sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x30, r4, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast2}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @empty}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x4095) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1e000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e1e000/0x4000)=nil) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, 0xffffffffffffffff) syz_io_uring_setup(0xb48, &(0x7f0000000000)={0x0, 0xaa15, 0x8, 0x1, 0xf, 0x0, r5}, &(0x7f0000e33000/0x4000)=nil, &(0x7f0000e36000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1530.988622][T12892] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1530.994722][T12892] ? shmem_write_begin+0x7e/0x100 [ 1530.999744][T12892] generic_perform_write+0x1e4/0x3a0 [ 1531.005033][T12892] ? shmem_write_begin+0x100/0x100 [ 1531.010200][T12892] __generic_file_write_iter+0x161/0x300 [ 1531.015924][T12892] ? generic_write_checks+0x250/0x290 [ 1531.021466][T12892] generic_file_write_iter+0x75/0x130 [ 1531.026841][T12892] vfs_write+0x69d/0x770 [ 1531.031130][T12892] ksys_write+0xce/0x180 [ 1531.035383][T12892] __x64_sys_write+0x3e/0x50 06:48:51 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x60}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:51 executing program 4: r0 = inotify_init() mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000000, 0x1010, r0, 0x77658000) select(0x40, &(0x7f0000000000)={0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0xad, 0x20000000000}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) select(0x40, &(0x7f0000000040)={0x2b0, 0x1, 0x8001, 0x3f, 0x1, 0x4, 0x7}, &(0x7f0000000100)={0x5, 0x6, 0x100, 0x1, 0x1f98000000000, 0x7, 0x2, 0xc09d}, &(0x7f0000000140)={0x8, 0x73d, 0x5, 0x9, 0x4, 0x7, 0x7, 0x4}, &(0x7f0000000180)={0x0, 0xea60}) 06:48:51 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x420, 0x10080) mmap$usbmon(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000000, 0x11, r0, 0x9) [ 1531.039979][T12892] do_syscall_64+0x4a/0x90 [ 1531.044395][T12892] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1531.050298][T12892] RIP: 0033:0x4665d9 [ 1531.054197][T12892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1531.073903][T12892] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1531.082379][T12892] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 06:48:51 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x1d8}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1531.090472][T12892] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1531.098449][T12892] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1531.106444][T12892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1531.114499][T12892] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:51 executing program 3 (fault-call:1 fault-nth:81): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:51 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x9c01, 0x8, 0x3, 0x195}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:51 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x1da}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:51 executing program 5: shmget(0x2, 0x1000, 0x200, &(0x7f0000ffd000/0x1000)=nil) shmget$private(0x0, 0x2000, 0x78001202, &(0x7f0000ffc000/0x2000)=nil) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:51 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil) r0 = syz_io_uring_setup(0x28be, &(0x7f0000000000)={0x0, 0x1250, 0x4, 0x1, 0x378}, &(0x7f0000e34000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f00000000c0)) syz_io_uring_setup(0x2dec, &(0x7f0000000140)={0x0, 0x23a2, 0x10, 0x3, 0x1e3, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000e34000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x3, 0x0, @fd_index=0x4}, 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000e34000/0x3000)=nil, 0x3000, 0x4, 0x29070, r0, 0x0) 06:48:51 executing program 4: r0 = inotify_init() mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000000, 0x1010, r0, 0x77658000) select(0x40, &(0x7f0000000000)={0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0xad, 0x20000000000}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) select(0x40, &(0x7f0000000040)={0x2b0, 0x1, 0x8001, 0x3f, 0x1, 0x4, 0x7}, &(0x7f0000000100)={0x5, 0x6, 0x100, 0x1, 0x1f98000000000, 0x7, 0x2, 0xc09d}, &(0x7f0000000140)={0x8, 0x73d, 0x5, 0x9, 0x4, 0x7, 0x7, 0x4}, &(0x7f0000000180)={0x0, 0xea60}) 06:48:51 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x9c01, 0x8, 0x3, 0x195}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:51 executing program 2: mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:51 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x204}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1531.247712][T12933] FAULT_INJECTION: forcing a failure. [ 1531.247712][T12933] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1531.261056][T12933] CPU: 1 PID: 12933 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1531.269848][T12933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1531.279901][T12933] Call Trace: [ 1531.283354][T12933] dump_stack+0x137/0x19d [ 1531.287688][T12933] should_fail+0x23c/0x250 [ 1531.292139][T12933] __alloc_pages+0x102/0x320 06:48:51 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xc00000, 0x3, &(0x7f0000400000/0xc00000)=nil) 06:48:51 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x9c01, 0x8, 0x3, 0x195}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:51 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x9c01, 0x8, 0x3, 0x195}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1531.296725][T12933] alloc_pages_vma+0x391/0x660 [ 1531.301509][T12933] shmem_getpage_gfp+0x980/0x1410 [ 1531.306564][T12933] shmem_write_begin+0x7e/0x100 [ 1531.311562][T12933] generic_perform_write+0x196/0x3a0 [ 1531.316893][T12933] ? shmem_write_begin+0x100/0x100 [ 1531.322009][T12933] __generic_file_write_iter+0x161/0x300 [ 1531.327646][T12933] ? generic_write_checks+0x250/0x290 [ 1531.333543][T12933] generic_file_write_iter+0x75/0x130 [ 1531.338965][T12933] vfs_write+0x69d/0x770 [ 1531.343213][T12933] ksys_write+0xce/0x180 [ 1531.347473][T12933] __x64_sys_write+0x3e/0x50 [ 1531.352085][T12933] do_syscall_64+0x4a/0x90 [ 1531.356535][T12933] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1531.362522][T12933] RIP: 0033:0x4665d9 [ 1531.366463][T12933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1531.386255][T12933] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 06:48:52 executing program 3 (fault-call:1 fault-nth:82): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:52 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x300}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:52 executing program 4: r0 = inotify_init() mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000000, 0x1010, r0, 0x77658000) select(0x40, &(0x7f0000000000)={0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0xad, 0x20000000000}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:52 executing program 5: ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f0000000040)) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:52 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x9c01, 0x8, 0x3, 0x195}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:52 executing program 2: mlock(&(0x7f0000e34000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e1d000/0x3000)=nil, 0x3000, 0x1000008, 0x13, r0, 0x91577000) read$usbmon(r0, &(0x7f0000000080)=""/81, 0x51) [ 1531.394665][T12933] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1531.402638][T12933] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1531.410628][T12933] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1531.418714][T12933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1531.426683][T12933] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:52 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x402}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:52 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x9c01, 0x8, 0x3, 0x195}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1531.458853][T12958] FAULT_INJECTION: forcing a failure. [ 1531.458853][T12958] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1531.471993][T12958] CPU: 1 PID: 12958 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1531.481277][T12958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1531.491329][T12958] Call Trace: [ 1531.494605][T12958] dump_stack+0x137/0x19d [ 1531.498935][T12958] should_fail+0x23c/0x250 [ 1531.503361][T12958] should_fail_usercopy+0x16/0x20 06:48:52 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x406}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:52 executing program 4: inotify_init() select(0x40, &(0x7f0000000000)={0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0xad, 0x20000000000}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) [ 1531.508391][T12958] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1531.514459][T12958] ? shmem_write_begin+0x7e/0x100 [ 1531.519494][T12958] generic_perform_write+0x1e4/0x3a0 [ 1531.524791][T12958] ? shmem_write_begin+0x100/0x100 [ 1531.529970][T12958] __generic_file_write_iter+0x161/0x300 [ 1531.535751][T12958] ? generic_write_checks+0x250/0x290 [ 1531.541206][T12958] generic_file_write_iter+0x75/0x130 [ 1531.546634][T12958] vfs_write+0x69d/0x770 [ 1531.550882][T12958] ksys_write+0xce/0x180 06:48:52 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) select(0x40, &(0x7f0000000040)={0x99, 0x5, 0x5601046e, 0x4, 0x100000000, 0x4, 0x1, 0x7}, &(0x7f0000000100)={0x400, 0x9, 0xffffffff, 0x5, 0xfffffffffffffffe, 0x5, 0x8, 0x1}, &(0x7f0000000140)={0x6, 0x98e9, 0x1, 0x9, 0x3, 0x4, 0x100000001, 0x3}, &(0x7f0000000180)={0x0, 0x2710}) 06:48:52 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1531.555122][T12958] __x64_sys_write+0x3e/0x50 [ 1531.559717][T12958] do_syscall_64+0x4a/0x90 [ 1531.564179][T12958] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1531.570069][T12958] RIP: 0033:0x4665d9 [ 1531.574009][T12958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1531.593628][T12958] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1531.602106][T12958] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1531.610139][T12958] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1531.618104][T12958] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1531.626118][T12958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1531.634088][T12958] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:52 executing program 3 (fault-call:1 fault-nth:83): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:52 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x604}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:52 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:52 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000e20000/0x2000)=nil) 06:48:52 executing program 4: select(0x40, &(0x7f0000000000)={0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0xad, 0x20000000000}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:52 executing program 5: select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x7, 0x400000000000}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:52 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x700}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:52 executing program 4: select(0x40, &(0x7f0000000000)={0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0xad, 0x20000000000}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:52 executing program 2: shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000) mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000e34000/0x1000)=nil) [ 1531.757849][T12991] FAULT_INJECTION: forcing a failure. [ 1531.757849][T12991] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1531.771370][T12991] CPU: 1 PID: 12991 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1531.780134][T12991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1531.790192][T12991] Call Trace: [ 1531.793555][T12991] dump_stack+0x137/0x19d [ 1531.797958][T12991] should_fail+0x23c/0x250 [ 1531.802379][T12991] __alloc_pages+0x102/0x320 06:48:52 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x2000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:52 executing program 4: select(0x40, &(0x7f0000000000)={0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0xad, 0x20000000000}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) [ 1531.807021][T12991] alloc_pages_vma+0x391/0x660 [ 1531.811864][T12991] shmem_getpage_gfp+0x980/0x1410 [ 1531.817007][T12991] shmem_write_begin+0x7e/0x100 [ 1531.821873][T12991] generic_perform_write+0x196/0x3a0 [ 1531.827162][T12991] ? shmem_write_begin+0x100/0x100 [ 1531.832288][T12991] __generic_file_write_iter+0x161/0x300 [ 1531.838004][T12991] ? generic_write_checks+0x250/0x290 [ 1531.843593][T12991] generic_file_write_iter+0x75/0x130 [ 1531.848959][T12991] vfs_write+0x69d/0x770 [ 1531.853213][T12991] ksys_write+0xce/0x180 06:48:52 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) shmget(0x3, 0x2000, 0x80, &(0x7f0000e35000/0x2000)=nil) shmget(0x3, 0x3000, 0x1, &(0x7f0000ffd000/0x3000)=nil) mlock(&(0x7f0000e34000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1531.857458][T12991] __x64_sys_write+0x3e/0x50 [ 1531.862108][T12991] do_syscall_64+0x4a/0x90 [ 1531.866700][T12991] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1531.872604][T12991] RIP: 0033:0x4665d9 [ 1531.876496][T12991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1531.896291][T12991] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 06:48:52 executing program 3 (fault-call:1 fault-nth:84): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:52 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) select(0x40, &(0x7f0000000040)={0x6, 0x7, 0xbd6, 0x4000000000, 0x1, 0x5, 0x6, 0xffffffffffffff81}, &(0x7f0000000100)={0x100000001, 0xf21, 0x80000000, 0x5, 0x7, 0x100000000, 0x1}, &(0x7f0000000140)={0x8, 0x4c3, 0xffffffff, 0x100000000000, 0x3ff, 0x9, 0xfffffffffffffff7, 0x7}, &(0x7f0000000180)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x100000c, 0x10, 0xffffffffffffffff, 0x8000000) 06:48:52 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1531.904731][T12991] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1531.912710][T12991] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1531.920688][T12991] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1531.928745][T12991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1531.936799][T12991] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:52 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x4000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:52 executing program 4: inotify_init() select(0x0, 0x0, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:52 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x2, 0x4007, @fd_index=0x1, 0x8, &(0x7f0000000080)=[{&(0x7f0000000000)=""/110, 0x6e}], 0x1, 0x1b}, 0x100) 06:48:52 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x4200}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1531.977990][T13020] FAULT_INJECTION: forcing a failure. [ 1531.977990][T13020] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1531.991377][T13020] CPU: 0 PID: 13020 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1532.000150][T13020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1532.010524][T13020] Call Trace: [ 1532.013886][T13020] dump_stack+0x137/0x19d [ 1532.018225][T13020] should_fail+0x23c/0x250 [ 1532.022676][T13020] should_fail_usercopy+0x16/0x20 06:48:52 executing program 1: syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x9c01, 0x8, 0x3, 0x195}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:52 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x6000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:52 executing program 4: inotify_init() select(0x0, 0x0, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) [ 1532.027694][T13020] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1532.033761][T13020] ? shmem_write_begin+0x7e/0x100 [ 1532.038790][T13020] generic_perform_write+0x1e4/0x3a0 [ 1532.044217][T13020] ? shmem_write_begin+0x100/0x100 [ 1532.049401][T13020] __generic_file_write_iter+0x161/0x300 [ 1532.055030][T13020] ? generic_write_checks+0x250/0x290 [ 1532.060473][T13020] generic_file_write_iter+0x75/0x130 [ 1532.066231][T13020] vfs_write+0x69d/0x770 [ 1532.070474][T13020] ksys_write+0xce/0x180 06:48:52 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e32000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e33000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) r3 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffc000/0x2000)=nil, 0x2000}, &(0x7f0000000040)=0x10) 06:48:52 executing program 2: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = perf_event_open(&(0x7f0000000080)={0x4, 0x80, 0x9, 0x70, 0xfb, 0x0, 0x0, 0x2, 0x4, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x90, 0x1, @perf_config_ext={0x6}, 0x410a, 0x6, 0x8, 0x2, 0x200, 0x4, 0x7fff, 0x0, 0x99, 0x0, 0x4}, 0x0, 0x3, r0, 0xa) ioctl$PERF_EVENT_IOC_REFRESH(r1, 0x2402, 0xf1) ioctl$PTP_PIN_GETFUNC(r0, 0xc0603d06, &(0x7f0000000000)={'\x00', 0x5, 0x2, 0x401}) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget(0x0, 0x4000, 0x40, &(0x7f0000e33000/0x4000)=nil) [ 1532.074719][T13020] __x64_sys_write+0x3e/0x50 [ 1532.079305][T13020] do_syscall_64+0x4a/0x90 [ 1532.083728][T13020] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1532.091447][T13020] RIP: 0033:0x4665d9 [ 1532.095449][T13020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1532.115747][T13020] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1532.124167][T13020] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1532.132140][T13020] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1532.140124][T13020] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1532.148267][T13020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1532.156235][T13020] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:52 executing program 3 (fault-call:1 fault-nth:85): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:52 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x60ff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:52 executing program 1: syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x9c01, 0x8, 0x3, 0x195}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:52 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000e20000/0x2000)=nil) 06:48:52 executing program 4: inotify_init() select(0x0, 0x0, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:52 executing program 5: r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x400400, 0x0) ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, &(0x7f0000000140)={{0x3, 0x3ff}, {0x30000000000, 0x1}, 0x3f, 0x1}) ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, &(0x7f0000000100)={{0x4, 0x8}, {0x4, 0x4}, 0x9, 0x1}) select(0x40, &(0x7f0000000000)={0x5}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_REFRESH(r1, 0x2402, 0x42) ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d) 06:48:52 executing program 5: select(0x40, &(0x7f0000000000)={0x4, 0x8000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x3}, 0x0, &(0x7f0000000080)={0x8000000000000007, 0x0, 0x2}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:52 executing program 5: mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000, 0x2, &(0x7f0000ffc000/0x1000)=nil) mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil) 06:48:52 executing program 1: syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x9c01, 0x8, 0x3, 0x195}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1532.272827][T13058] FAULT_INJECTION: forcing a failure. [ 1532.272827][T13058] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1532.286169][T13058] CPU: 1 PID: 13058 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1532.294991][T13058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1532.308208][T13058] Call Trace: [ 1532.311484][T13058] dump_stack+0x137/0x19d [ 1532.315816][T13058] should_fail+0x23c/0x250 06:48:52 executing program 4: inotify_init() select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xad, 0x20000000000}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:53 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x7f00}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:53 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x9700}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1532.320243][T13058] __alloc_pages+0x102/0x320 [ 1532.324831][T13058] alloc_pages_vma+0x391/0x660 [ 1532.329605][T13058] shmem_getpage_gfp+0x980/0x1410 [ 1532.334631][T13058] shmem_write_begin+0x7e/0x100 [ 1532.339648][T13058] generic_perform_write+0x196/0x3a0 [ 1532.344931][T13058] ? shmem_write_begin+0x100/0x100 [ 1532.350229][T13058] __generic_file_write_iter+0x161/0x300 [ 1532.355871][T13058] ? generic_write_checks+0x250/0x290 [ 1532.361763][T13058] generic_file_write_iter+0x75/0x130 [ 1532.367164][T13058] vfs_write+0x69d/0x770 [ 1532.371416][T13058] ksys_write+0xce/0x180 [ 1532.375655][T13058] __x64_sys_write+0x3e/0x50 [ 1532.380494][T13058] do_syscall_64+0x4a/0x90 [ 1532.384906][T13058] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1532.390835][T13058] RIP: 0033:0x4665d9 [ 1532.394809][T13058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1532.414535][T13058] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 06:48:53 executing program 3 (fault-call:1 fault-nth:86): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:53 executing program 2: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x3b3080, 0x0) read$usbmon(r0, &(0x7f0000000040)=""/44, 0x2c) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000080)) 06:48:53 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) select(0x40, &(0x7f0000000040)={0x10001, 0x3, 0x5, 0xfffffffffffffb60, 0xfff, 0x7, 0x6, 0x7}, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x1, 0x18, 0x5, 0xfffffffffffffff8, 0x1}, &(0x7f0000000140)={0x1, 0x20, 0x8, 0x4, 0xffffffffffffffc1, 0x31, 0x1, 0x9}, &(0x7f0000000180)={0x0, 0xea60}) 06:48:53 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xd801}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:53 executing program 1: syz_io_uring_setup(0x5405, 0x0, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1532.422948][T13058] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1532.430912][T13058] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1532.438964][T13058] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1532.447218][T13058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1532.455340][T13058] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:53 executing program 4: inotify_init() select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xad, 0x20000000000}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:53 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xda01}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1532.487802][T13087] FAULT_INJECTION: forcing a failure. [ 1532.487802][T13087] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1532.500879][T13087] CPU: 1 PID: 13087 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1532.509758][T13087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1532.519847][T13087] Call Trace: [ 1532.523189][T13087] dump_stack+0x137/0x19d [ 1532.527514][T13087] should_fail+0x23c/0x250 [ 1532.531933][T13087] should_fail_usercopy+0x16/0x20 06:48:53 executing program 1: syz_io_uring_setup(0x5405, 0x0, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:53 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000000)={0x1e, @time={0xa78, 0x1}, 0xc1, {0x0, 0x6}, 0xfa, 0x2, 0x1}) 06:48:53 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x40000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1532.537093][T13087] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1532.543182][T13087] ? shmem_write_begin+0x7e/0x100 [ 1532.548320][T13087] generic_perform_write+0x1e4/0x3a0 [ 1532.553602][T13087] ? shmem_write_begin+0x100/0x100 [ 1532.558792][T13087] __generic_file_write_iter+0x161/0x300 [ 1532.564432][T13087] ? generic_write_checks+0x250/0x290 [ 1532.569863][T13087] generic_file_write_iter+0x75/0x130 [ 1532.575396][T13087] vfs_write+0x69d/0x770 [ 1532.579724][T13087] ksys_write+0xce/0x180 06:48:53 executing program 1: syz_io_uring_setup(0x5405, 0x0, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:53 executing program 4: inotify_init() select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xad, 0x20000000000}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) [ 1532.584067][T13087] __x64_sys_write+0x3e/0x50 [ 1532.588655][T13087] do_syscall_64+0x4a/0x90 [ 1532.593067][T13087] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1532.598989][T13087] RIP: 0033:0x4665d9 [ 1532.602871][T13087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1532.622651][T13087] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1532.631064][T13087] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1532.639055][T13087] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1532.647027][T13087] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1532.655002][T13087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1532.662976][T13087] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:53 executing program 3 (fault-call:1 fault-nth:87): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:53 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x80000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:53 executing program 2: mlock(&(0x7f0000fee000/0x12000)=nil, 0x12000) shmget(0x2, 0x3000, 0x78000040, &(0x7f0000ffc000/0x3000)=nil) ioctl$PERF_EVENT_IOC_REFRESH(0xffffffffffffffff, 0x2402, 0x7d3) move_pages(0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000000), 0x2) shmget$private(0x0, 0x2000, 0x8, &(0x7f0000e1f000/0x2000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2) 06:48:53 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x3, 0x195}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:53 executing program 5: move_pages(0xffffffffffffffff, 0x9, &(0x7f0000000000)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000fef000/0x11000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ff0000/0x10000)=nil], 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4) 06:48:53 executing program 4: inotify_init() select(0x40, &(0x7f0000000000)={0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:53 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x91000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:53 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e2f000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000e2f000/0x4000)=nil) sigaltstack(&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000000)) r0 = getpid() ioctl$MON_IOCG_STATS(0xffffffffffffffff, 0x80089203, &(0x7f0000000100)) sched_getparam(r0, &(0x7f0000000540)) move_pages(r0, 0x6, &(0x7f0000000040)=[&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000e2f000/0x2000)=nil, &(0x7f0000e30000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000e32000/0x2000)=nil], &(0x7f0000000080)=[0x5], &(0x7f00000000c0)=[0x0, 0x0, 0x0], 0x4) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x6, 0x20010, r1, 0x0) r2 = gettid() move_pages(r2, 0x8, &(0x7f0000000140)=[&(0x7f0000ff8000/0x4000)=nil, &(0x7f0000e2f000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ff7000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil], &(0x7f0000000180)=[0x8, 0xa8b, 0x9, 0x7], &(0x7f00000001c0)=[0x0], 0x6) ioprio_set$pid(0x3, r0, 0x4007) 06:48:53 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x100900}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1532.794916][T13123] FAULT_INJECTION: forcing a failure. [ 1532.794916][T13123] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1532.808185][T13123] CPU: 1 PID: 13123 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1532.817049][T13123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1532.827112][T13123] Call Trace: [ 1532.830383][T13123] dump_stack+0x137/0x19d [ 1532.834718][T13123] should_fail+0x23c/0x250 [ 1532.839179][T13123] __alloc_pages+0x102/0x320 06:48:53 executing program 2: mlock(&(0x7f0000ffb000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:53 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x104000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:53 executing program 2: mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) [ 1532.843764][T13123] alloc_pages_vma+0x391/0x660 [ 1532.848594][T13123] shmem_getpage_gfp+0x980/0x1410 [ 1532.853618][T13123] shmem_write_begin+0x7e/0x100 [ 1532.858489][T13123] generic_perform_write+0x196/0x3a0 [ 1532.863777][T13123] ? shmem_write_begin+0x100/0x100 [ 1532.868916][T13123] __generic_file_write_iter+0x161/0x300 [ 1532.874648][T13123] ? generic_write_checks+0x250/0x290 [ 1532.880008][T13123] generic_file_write_iter+0x75/0x130 [ 1532.885410][T13123] vfs_write+0x69d/0x770 [ 1532.889646][T13123] ksys_write+0xce/0x180 [ 1532.893886][T13123] __x64_sys_write+0x3e/0x50 [ 1532.898567][T13123] do_syscall_64+0x4a/0x90 [ 1532.903016][T13123] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1532.908988][T13123] RIP: 0033:0x4665d9 [ 1532.912876][T13123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1532.932788][T13123] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 06:48:53 executing program 3 (fault-call:1 fault-nth:88): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:53 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x105400}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:53 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) move_pages(0xffffffffffffffff, 0x4, &(0x7f00000000c0)=[&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000e20000/0x1000)=nil, &(0x7f0000e34000/0x2000)=nil, &(0x7f0000e20000/0x1000)=nil], &(0x7f0000000040)=[0x3f, 0x7ff, 0x7f, 0x8, 0x16a, 0x8, 0x8, 0xc, 0x6, 0x92], &(0x7f0000000080), 0x4) geteuid() mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:53 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, &(0x7f0000000340)={0x0, 0xea60}) ioctl$MON_IOCX_GET(0xffffffffffffffff, 0x40189206, &(0x7f0000000280)={&(0x7f00000001c0), &(0x7f00000002c0)=""/70, 0xffffffffffffffd1}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, &(0x7f0000000200)={0xff, 0x8, 0x1f, 0xcf9a, 0x8, 0x3}) sendmsg$AUDIT_TTY_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x18, 0x3f9, 0x400, 0x70bd2a, 0x25dfdbfd, {0x405}, ["", "", "", "", "", "", "", "", ""]}, 0x6a}, 0x1, 0x0, 0x0, 0x80}, 0x84000) 06:48:53 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x3, 0x195}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:53 executing program 4: inotify_init() select(0x40, &(0x7f0000000000)={0xa}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) [ 1532.941301][T13123] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1532.949351][T13123] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1532.957487][T13123] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1532.965440][T13123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1532.973574][T13123] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:53 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x3, 0x195}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:53 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x200000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1533.020772][T13148] FAULT_INJECTION: forcing a failure. [ 1533.020772][T13148] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1533.033943][T13148] CPU: 1 PID: 13148 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1533.042699][T13148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1533.052754][T13148] Call Trace: [ 1533.056036][T13148] dump_stack+0x137/0x19d [ 1533.060475][T13148] should_fail+0x23c/0x250 [ 1533.064893][T13148] should_fail_usercopy+0x16/0x20 06:48:53 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x9c01, 0x0, 0x3, 0x195}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:53 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x400000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:53 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x9c01, 0x0, 0x0, 0x195}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1533.069916][T13148] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1533.076113][T13148] ? shmem_write_begin+0x7e/0x100 [ 1533.081145][T13148] generic_perform_write+0x1e4/0x3a0 [ 1533.086435][T13148] ? shmem_write_begin+0x100/0x100 [ 1533.091562][T13148] __generic_file_write_iter+0x161/0x300 [ 1533.097231][T13148] ? generic_write_checks+0x250/0x290 [ 1533.102771][T13148] generic_file_write_iter+0x75/0x130 [ 1533.108464][T13148] vfs_write+0x69d/0x770 [ 1533.112758][T13148] ksys_write+0xce/0x180 [ 1533.116999][T13148] __x64_sys_write+0x3e/0x50 06:48:53 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x401000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1533.121588][T13148] do_syscall_64+0x4a/0x90 [ 1533.126117][T13148] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1533.132092][T13148] RIP: 0033:0x4665d9 [ 1533.136035][T13148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1533.155880][T13148] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1533.164388][T13148] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1533.172364][T13148] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1533.180458][T13148] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1533.188605][T13148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1533.196737][T13148] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:53 executing program 3 (fault-call:1 fault-nth:89): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:53 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x9c01}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:53 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x402e1d}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:53 executing program 2: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xff) sendmsg$TEAM_CMD_PORT_LIST_GET(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5848310c5f4a803b1c7600c423784da83b99b469a9016dcee52156e78fc510701d01beaf476195b87b153fb2b4019650122ae439a6b7885d8c1966f90fa0b8d4cc18d7ebf5724d1a90d79e797b09386dd848eb39d2913f21fae04bb2a4f7f44805fd08c2bd8afe369be2b9926c8704711ec908a2bcdcbca4a620be06000099bcbb1265d75de6dc479485557763e1c2c97c5dc6f28296e75e2168a8b923e10400", @ANYRES16=0x0, @ANYBLOB="0300000000000000df2503002635801b64000008000100a640dbcadb1c1f92e122482d12e3c560e91a96690000000000000000", @ANYRES32=0x0, @ANYBLOB="3c00028038000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000005000300030000000800040081000000"], 0x58}, 0x1, 0x0, 0x0, 0xc000}, 0x80) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) mremap(&(0x7f0000e33000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:53 executing program 4: inotify_init() select(0x40, &(0x7f0000000000)={0xa}, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:53 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x20}, &(0x7f00000000c0)={0x0, 0xea60}) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=""/110}) [ 1533.321516][T13181] FAULT_INJECTION: forcing a failure. [ 1533.321516][T13181] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1533.334987][T13181] CPU: 0 PID: 13181 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1533.343743][T13181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1533.353796][T13181] Call Trace: [ 1533.357069][T13181] dump_stack+0x137/0x19d [ 1533.361448][T13181] should_fail+0x23c/0x250 [ 1533.365901][T13181] __alloc_pages+0x102/0x320 06:48:54 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x4af000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:54 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x9c01}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, &(0x7f00000000c0)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:54 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:54 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f0000000040)) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r1, 0x40505331, &(0x7f00000001c0)={{0x0, 0x2}, {0x2, 0x6}, 0x40, 0x1, 0x40}) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000240)=0xc40) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000000100)) [ 1533.370489][T13181] alloc_pages_vma+0x391/0x660 [ 1533.375257][T13181] shmem_getpage_gfp+0x980/0x1410 [ 1533.380320][T13181] shmem_write_begin+0x7e/0x100 [ 1533.385178][T13181] generic_perform_write+0x196/0x3a0 [ 1533.390459][T13181] ? shmem_write_begin+0x100/0x100 [ 1533.395681][T13181] __generic_file_write_iter+0x161/0x300 [ 1533.401324][T13181] ? generic_write_checks+0x250/0x290 [ 1533.406703][T13181] generic_file_write_iter+0x75/0x130 [ 1533.412142][T13181] vfs_write+0x69d/0x770 [ 1533.416397][T13181] ksys_write+0xce/0x180 06:48:54 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mremap(&(0x7f0000e33000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil) 06:48:54 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x4fd000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1533.420630][T13181] __x64_sys_write+0x3e/0x50 [ 1533.425221][T13181] do_syscall_64+0x4a/0x90 [ 1533.429789][T13181] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1533.435824][T13181] RIP: 0033:0x4665d9 [ 1533.440256][T13181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1533.460106][T13181] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 06:48:54 executing program 3 (fault-call:1 fault-nth:90): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:54 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x9c01}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:54 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x541000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:54 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e32000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) syz_io_uring_setup(0x5b3a, &(0x7f0000000000)={0x0, 0xf13, 0x10, 0x0, 0x126, 0x0, r0}, &(0x7f0000e35000/0x4000)=nil, &(0x7f0000e31000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:48:54 executing program 4: inotify_init() select(0x40, &(0x7f0000000000)={0xa}, 0x0, 0x0, 0x0) [ 1533.468661][T13181] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1533.476668][T13181] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1533.484645][T13181] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1533.492629][T13181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1533.500676][T13181] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:54 executing program 2: mlock(&(0x7f0000e31000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:54 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x9c01}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:48:54 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x600000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1533.547704][T13209] FAULT_INJECTION: forcing a failure. [ 1533.547704][T13209] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1533.560848][T13209] CPU: 1 PID: 13209 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1533.569617][T13209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1533.579670][T13209] Call Trace: [ 1533.582943][T13209] dump_stack+0x137/0x19d [ 1533.587291][T13209] should_fail+0x23c/0x250 [ 1533.591750][T13209] should_fail_usercopy+0x16/0x20 06:48:54 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000040)={0x6, 0xfff, 0xc0000, 0xffffffffffffff01, 0xf76d, 0x80000000, 0x7, 0x6}, &(0x7f0000000100)={0x7f5, 0x80, 0x5, 0x6, 0xfffffffffffffff7, 0x8, 0x7, 0x8}, &(0x7f0000000140)={0x7fffffff, 0x8000, 0x4, 0x8, 0xfff, 0x200, 0x63, 0xfffffffffffffffa}, &(0x7f0000000180)={0x0, 0x3938700}, &(0x7f0000000200)={&(0x7f00000001c0)={[0xced5]}, 0x8}) 06:48:54 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x80ffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1533.596789][T13209] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1533.602861][T13209] ? shmem_write_begin+0x7e/0x100 [ 1533.607934][T13209] generic_perform_write+0x1e4/0x3a0 [ 1533.613228][T13209] ? shmem_write_begin+0x100/0x100 [ 1533.618392][T13209] __generic_file_write_iter+0x161/0x300 [ 1533.624126][T13209] ? generic_write_checks+0x250/0x290 [ 1533.629670][T13209] generic_file_write_iter+0x75/0x130 [ 1533.635073][T13209] vfs_write+0x69d/0x770 [ 1533.639406][T13209] ksys_write+0xce/0x180 [ 1533.643742][T13209] __x64_sys_write+0x3e/0x50 06:48:54 executing program 2: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PTP_CLOCK_GETCAPS(r0, 0x80503d01, &(0x7f0000000180)) syz_io_uring_setup(0x661, &(0x7f0000000100)={0x0, 0x6aa4, 0x0, 0x3, 0x3ab}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f0000000000)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x77a2, &(0x7f0000000200)={0x0, 0xae04, 0x20, 0x0, 0x219}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) 06:48:54 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x9c01}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) [ 1533.648338][T13209] do_syscall_64+0x4a/0x90 [ 1533.652880][T13209] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1533.658857][T13209] RIP: 0033:0x4665d9 [ 1533.662768][T13209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1533.683115][T13209] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1533.691803][T13209] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1533.699877][T13209] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1533.707850][T13209] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1533.716035][T13209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1533.724073][T13209] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:54 executing program 3 (fault-call:1 fault-nth:91): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:54 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x970000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:54 executing program 2: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x4200, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000040), &(0x7f0000000080)=0x4) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:54 executing program 1: syz_io_uring_setup(0x5405, &(0x7f0000000000)={0x0, 0x9c01}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) [ 1533.854743][T13237] FAULT_INJECTION: forcing a failure. [ 1533.854743][T13237] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1533.868266][T13237] CPU: 1 PID: 13237 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1533.877025][T13237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1533.887211][T13237] Call Trace: [ 1533.890518][T13237] dump_stack+0x137/0x19d [ 1533.894837][T13237] should_fail+0x23c/0x250 [ 1533.899237][T13237] __alloc_pages+0x102/0x320 [ 1533.903823][T13237] alloc_pages_vma+0x391/0x660 [ 1533.908621][T13237] shmem_getpage_gfp+0x980/0x1410 [ 1533.913645][T13237] shmem_write_begin+0x7e/0x100 [ 1533.918482][T13237] generic_perform_write+0x196/0x3a0 [ 1533.923786][T13237] ? shmem_write_begin+0x100/0x100 [ 1533.928959][T13237] __generic_file_write_iter+0x161/0x300 [ 1533.934575][T13237] ? generic_write_checks+0x250/0x290 [ 1533.939924][T13237] generic_file_write_iter+0x75/0x130 [ 1533.945277][T13237] vfs_write+0x69d/0x770 [ 1533.949497][T13237] ksys_write+0xce/0x180 [ 1533.953807][T13237] __x64_sys_write+0x3e/0x50 [ 1533.958377][T13237] do_syscall_64+0x4a/0x90 [ 1533.962870][T13237] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1533.968765][T13237] RIP: 0033:0x4665d9 [ 1533.972643][T13237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1533.992322][T13237] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1534.000717][T13237] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1534.008686][T13237] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1534.016785][T13237] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1534.024745][T13237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1534.032712][T13237] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:55 executing program 4: inotify_init() select(0x40, &(0x7f0000000000)={0xa}, 0x0, 0x0, 0x0) 06:48:55 executing program 5: ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(0xffffffffffffffff, 0x40505331, &(0x7f0000000100)={{0x0, 0x1}, {0x8, 0x7}, 0x7, 0x4, 0x8}) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f0000000040)) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 06:48:55 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xc04a01}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:55 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2) 06:48:55 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PTP_CLOCK_GETCAPS(r0, 0x80503d01, &(0x7f0000000180)) syz_io_uring_setup(0x661, &(0x7f0000000100)={0x0, 0x6aa4, 0x0, 0x3, 0x3ab}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f0000000000)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x77a2, &(0x7f0000000200)={0x0, 0xae04, 0x20, 0x0, 0x219}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) 06:48:55 executing program 3 (fault-call:1 fault-nth:92): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:55 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PTP_CLOCK_GETCAPS(r0, 0x80503d01, &(0x7f0000000180)) syz_io_uring_setup(0x661, &(0x7f0000000100)={0x0, 0x6aa4, 0x0, 0x3, 0x3ab}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f0000000000)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x77a2, &(0x7f0000000200)={0x0, 0xae04, 0x20, 0x0, 0x219}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) 06:48:55 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xc0ffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:55 executing program 2: seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000000)=0x7) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000e1f000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10) r0 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x200000e, 0x1010, r0, 0x65bdc000) [ 1534.412256][T13250] FAULT_INJECTION: forcing a failure. [ 1534.412256][T13250] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1534.425381][T13250] CPU: 1 PID: 13250 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1534.434201][T13250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1534.444257][T13250] Call Trace: [ 1534.447537][T13250] dump_stack+0x137/0x19d [ 1534.451877][T13250] should_fail+0x23c/0x250 [ 1534.456301][T13250] should_fail_usercopy+0x16/0x20 06:48:55 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xd04f00}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1534.461399][T13250] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1534.467585][T13250] ? shmem_write_begin+0x7e/0x100 [ 1534.472613][T13250] generic_perform_write+0x1e4/0x3a0 [ 1534.477978][T13250] ? shmem_write_begin+0x100/0x100 [ 1534.483261][T13250] __generic_file_write_iter+0x161/0x300 [ 1534.488915][T13250] ? generic_write_checks+0x250/0x290 [ 1534.494291][T13250] generic_file_write_iter+0x75/0x130 [ 1534.499694][T13250] vfs_write+0x69d/0x770 [ 1534.503930][T13250] ksys_write+0xce/0x180 06:48:55 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PTP_CLOCK_GETCAPS(r0, 0x80503d01, &(0x7f0000000180)) syz_io_uring_setup(0x661, &(0x7f0000000100)={0x0, 0x6aa4, 0x0, 0x3, 0x3ab}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f0000000000)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x77a2, &(0x7f0000000200)={0x0, 0xae04, 0x20, 0x0, 0x219}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000040), &(0x7f00000000c0)) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) 06:48:55 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xf04a00}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1534.508405][T13250] __x64_sys_write+0x3e/0x50 [ 1534.513078][T13250] do_syscall_64+0x4a/0x90 [ 1534.517533][T13250] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1534.523483][T13250] RIP: 0033:0x4665d9 [ 1534.527410][T13250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1534.547213][T13250] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1534.555723][T13250] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1534.563684][T13250] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1534.571684][T13250] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1534.579759][T13250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1534.587724][T13250] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:55 executing program 4: inotify_init() select(0x40, &(0x7f0000000000)={0xa}, 0x0, 0x0, 0x0) 06:48:55 executing program 2: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x40443, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000040)={0x840, 0x0, {0x3, 0x0, 0x9, 0x3, 0x100}, 0x7}) socket$inet6_udp(0xa, 0x2, 0x0) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) socketpair(0x15, 0x0, 0x58, &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x82200) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r1, 0xc0105303, &(0x7f0000000140)={0xff, 0x3, 0x2}) 06:48:55 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) mq_open(&(0x7f0000000040)='+/{[}\x00', 0x800, 0x10, &(0x7f0000000100)={0x400000000000005, 0x5, 0x1, 0x7fff}) 06:48:55 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xf0e120}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:55 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PTP_CLOCK_GETCAPS(r0, 0x80503d01, &(0x7f0000000180)) syz_io_uring_setup(0x661, &(0x7f0000000100)={0x0, 0x6aa4, 0x0, 0x3, 0x3ab}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f0000000000)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) 06:48:55 executing program 3 (fault-call:1 fault-nth:93): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:55 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x1000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:55 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PTP_CLOCK_GETCAPS(r0, 0x80503d01, &(0x7f0000000180)) syz_io_uring_setup(0x661, &(0x7f0000000100)={0x0, 0x6aa4, 0x0, 0x3, 0x3ab}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f0000000000)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) [ 1535.266036][T13271] FAULT_INJECTION: forcing a failure. [ 1535.266036][T13271] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1535.279464][T13271] CPU: 1 PID: 13271 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1535.288217][T13271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1535.298361][T13271] Call Trace: [ 1535.301653][T13271] dump_stack+0x137/0x19d [ 1535.306093][T13271] should_fail+0x23c/0x250 [ 1535.310690][T13271] __alloc_pages+0x102/0x320 06:48:56 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PTP_CLOCK_GETCAPS(r0, 0x80503d01, &(0x7f0000000180)) syz_io_uring_setup(0x661, &(0x7f0000000100)={0x0, 0x6aa4, 0x0, 0x3, 0x3ab}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f0000000000)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) 06:48:56 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x14ac000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1535.315397][T13271] alloc_pages_vma+0x391/0x660 [ 1535.320199][T13271] shmem_getpage_gfp+0x980/0x1410 [ 1535.325298][T13271] shmem_write_begin+0x7e/0x100 [ 1535.330259][T13271] generic_perform_write+0x196/0x3a0 [ 1535.335612][T13271] ? shmem_write_begin+0x100/0x100 [ 1535.340808][T13271] __generic_file_write_iter+0x161/0x300 [ 1535.346441][T13271] ? generic_write_checks+0x250/0x290 [ 1535.351815][T13271] generic_file_write_iter+0x75/0x130 [ 1535.357235][T13271] vfs_write+0x69d/0x770 [ 1535.361475][T13271] ksys_write+0xce/0x180 06:48:56 executing program 2: inotify_init() select(0x40, &(0x7f0000000000)={0xa}, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:56 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PTP_CLOCK_GETCAPS(r0, 0x80503d01, &(0x7f0000000180)) syz_io_uring_setup(0x661, &(0x7f0000000100)={0x0, 0x6aa4, 0x0, 0x3, 0x3ab}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f0000000000)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) [ 1535.365710][T13271] __x64_sys_write+0x3e/0x50 [ 1535.370415][T13271] do_syscall_64+0x4a/0x90 [ 1535.374914][T13271] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1535.380816][T13271] RIP: 0033:0x4665d9 [ 1535.384746][T13271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1535.404371][T13271] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1535.412944][T13271] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1535.420942][T13271] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1535.428909][T13271] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1535.436881][T13271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1535.445269][T13271] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:56 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mq_timedsend(r0, &(0x7f0000000040)="dfbe2829aae237d57554936b2a", 0xd, 0x6, &(0x7f0000000100)={0x0, 0x3938700}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000001880)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000018c0)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000001fc0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001f80)={&(0x7f0000001900)={0x66c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [{{0x8, 0x1, r2}, {0x80, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0xe6}}, {0x8}}}]}}, {{0x8}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}]}}, {{0x8}, {0x15c, 0x2, 0x0, 0x1, [{0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x3, 0x40, 0xff}, {0x6, 0x0, 0x8, 0x7}, {0x2, 0x1d, 0x6, 0xfffffff8}, {0x6, 0x1, 0x8, 0x3}]}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}]}}, {{0x8}, {0xb4, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x810}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x100}}}]}}, {{0x8, 0x1, r3}, {0x140, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}]}}, {{0x8}, {0x1e4, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x48e7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xb4000000}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}]}}]}, 0x66c}, 0x1, 0x0, 0x0, 0x1}, 0x40) 06:48:56 executing program 2: inotify_init() select(0x40, &(0x7f0000000000)={0xa}, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:56 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PTP_CLOCK_GETCAPS(r0, 0x80503d01, &(0x7f0000000180)) syz_io_uring_setup(0x661, &(0x7f0000000100)={0x0, 0x6aa4, 0x0, 0x3, 0x3ab}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f0000000000)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) 06:48:56 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x2000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:56 executing program 3 (fault-call:1 fault-nth:94): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:56 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:56 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x2040000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:56 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x3000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:56 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1536.139707][T13307] FAULT_INJECTION: forcing a failure. [ 1536.139707][T13307] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1536.152967][T13307] CPU: 1 PID: 13307 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1536.161735][T13307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1536.171905][T13307] Call Trace: [ 1536.175183][T13307] dump_stack+0x137/0x19d [ 1536.179537][T13307] should_fail+0x23c/0x250 [ 1536.183955][T13307] should_fail_usercopy+0x16/0x20 06:48:56 executing program 2: inotify_init() select(0x40, &(0x7f0000000000)={0xa}, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:56 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x4000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1536.189065][T13307] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1536.195473][T13307] ? shmem_write_begin+0x7e/0x100 [ 1536.200499][T13307] generic_perform_write+0x1e4/0x3a0 [ 1536.205843][T13307] ? shmem_write_begin+0x100/0x100 [ 1536.210951][T13307] __generic_file_write_iter+0x161/0x300 [ 1536.216592][T13307] ? generic_write_checks+0x250/0x290 [ 1536.221962][T13307] generic_file_write_iter+0x75/0x130 [ 1536.227326][T13307] vfs_write+0x69d/0x770 [ 1536.231571][T13307] ksys_write+0xce/0x180 06:48:56 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PTP_CLOCK_GETCAPS(r0, 0x80503d01, &(0x7f0000000180)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) [ 1536.235977][T13307] __x64_sys_write+0x3e/0x50 [ 1536.240571][T13307] do_syscall_64+0x4a/0x90 [ 1536.244992][T13307] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1536.250889][T13307] RIP: 0033:0x4665d9 [ 1536.254773][T13307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1536.274608][T13307] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1536.283127][T13307] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1536.291098][T13307] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1536.299077][T13307] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1536.307211][T13307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1536.315284][T13307] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:57 executing program 5: select(0x40, &(0x7f0000000000)={0x0, 0x8000000000000, 0x0, 0x2000000, 0x0, 0x2, 0x0, 0xaa2a}, 0x0, &(0x7f0000000080)={0x7, 0x1000, 0x0, 0x81, 0x2, 0x0, 0xfffffffffffffffc}, &(0x7f0000000040)) 06:48:57 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:57 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x6040000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:57 executing program 2: select(0x40, &(0x7f0000000000)={0xa}, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:57 executing program 3 (fault-call:1 fault-nth:95): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:57 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) 06:48:57 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x220002, 0x0) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x3ff) ioctl$TIOCGPTPEER(r1, 0x5441, 0xffffffffffffff01) ioctl$PTP_PEROUT_REQUEST(r0, 0x40383d03, &(0x7f0000000100)={{0x5, 0x7}, {0x10000}, 0x10001}) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:57 executing program 2: select(0x40, &(0x7f0000000000)={0xa}, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:57 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:57 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x7000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1536.463218][T13341] FAULT_INJECTION: forcing a failure. [ 1536.463218][T13341] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1536.476577][T13341] CPU: 0 PID: 13341 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1536.485439][T13341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1536.495492][T13341] Call Trace: [ 1536.498769][T13341] dump_stack+0x137/0x19d [ 1536.503104][T13341] should_fail+0x23c/0x250 [ 1536.507627][T13341] __alloc_pages+0x102/0x320 06:48:57 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x8000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:57 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:57 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) 06:48:57 executing program 2: select(0x40, &(0x7f0000000000)={0xa}, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:57 executing program 2: inotify_init() select(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0xea60}) [ 1536.512228][T13341] alloc_pages_vma+0x391/0x660 [ 1536.516984][T13341] shmem_getpage_gfp+0x980/0x1410 [ 1536.522015][T13341] shmem_write_begin+0x7e/0x100 [ 1536.526867][T13341] generic_perform_write+0x196/0x3a0 [ 1536.532218][T13341] ? shmem_write_begin+0x100/0x100 [ 1536.537354][T13341] __generic_file_write_iter+0x161/0x300 [ 1536.543006][T13341] ? generic_write_checks+0x250/0x290 [ 1536.548411][T13341] generic_file_write_iter+0x75/0x130 [ 1536.553905][T13341] vfs_write+0x69d/0x770 [ 1536.558143][T13341] ksys_write+0xce/0x180 06:48:57 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x10000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1536.562387][T13341] __x64_sys_write+0x3e/0x50 [ 1536.566978][T13341] do_syscall_64+0x4a/0x90 [ 1536.571477][T13341] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1536.577377][T13341] RIP: 0033:0x4665d9 [ 1536.581321][T13341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1536.600963][T13341] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 06:48:57 executing program 3 (fault-call:1 fault-nth:96): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:57 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) 06:48:57 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:57 executing program 5: r0 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="98000000", @ANYRES16=r0, @ANYBLOB="00002abd7000fddbdf2506000000050001000100000008000400ac1414bb2800070073797374656d5f753a6f626a6563745f723a6d6f64756c65735f636f6e665f743a73300008000400ac1414bb14000300ff020000000000000000000000000001050001000100000014000300fe80000000000000000000000000002314000200ff01000000000000000000000000000146a744c2673636b168b8107e1baf3c4f67542b4f17c966d407336ed6622a10e92ca690d8ed94e0fbe1"], 0x98}, 0x1, 0x0, 0x0, 0x80}, 0x20000040) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_LIST(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2809000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x54, r1, 0x300, 0x270bd29, 0x5, {}, [@NLBL_UNLABEL_A_SECCTX={0x2a, 0x7, 'system_u:object_r:printer_device_t:s0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'syzkaller1\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 06:48:57 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x1d2e4000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1536.609482][T13341] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1536.617542][T13341] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1536.625507][T13341] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1536.633483][T13341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1536.641906][T13341] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:57 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) openat$cgroup_devices(r0, &(0x7f0000000100)='devices.allow\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, &(0x7f0000000080)={0x9, 0x0, 0x8001, 0x6, 0x0, 0x8000}) r1 = perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0xf8, 0x9, 0x1, 0x0, 0x4, 0xc4020, 0xf, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0xf6ac, 0x1, @perf_config_ext={0x2, 0xfffffffffffffffe}, 0x5406, 0x3ff, 0x7, 0x2, 0x0, 0x4, 0xfff9, 0x0, 0x800}, 0x0, 0x11, 0xffffffffffffffff, 0x8) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000040)={0x140, @time={0x2, 0x8}, 0x3, {0x2, 0x40}, 0x8, 0x2, 0xd8}) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r3) 06:48:57 executing program 2: inotify_init() select(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:57 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) 06:48:57 executing program 4: madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:57 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x20000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1536.711519][T13375] FAULT_INJECTION: forcing a failure. [ 1536.711519][T13375] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1536.724637][T13375] CPU: 1 PID: 13375 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1536.733407][T13375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1536.743489][T13375] Call Trace: [ 1536.746961][T13375] dump_stack+0x137/0x19d [ 1536.751504][T13375] should_fail+0x23c/0x250 [ 1536.755939][T13375] should_fail_usercopy+0x16/0x20 06:48:57 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) 06:48:57 executing program 2: inotify_init() select(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0xea60}) [ 1536.761032][T13375] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1536.767277][T13375] ? shmem_write_begin+0x7e/0x100 [ 1536.772323][T13375] generic_perform_write+0x1e4/0x3a0 [ 1536.777603][T13375] ? shmem_write_begin+0x100/0x100 [ 1536.782734][T13375] __generic_file_write_iter+0x161/0x300 [ 1536.788366][T13375] ? generic_write_checks+0x250/0x290 [ 1536.793793][T13375] generic_file_write_iter+0x75/0x130 [ 1536.799166][T13375] vfs_write+0x69d/0x770 [ 1536.803495][T13375] ksys_write+0xce/0x180 [ 1536.807733][T13375] __x64_sys_write+0x3e/0x50 [ 1536.812313][T13375] do_syscall_64+0x4a/0x90 [ 1536.816734][T13375] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1536.822693][T13375] RIP: 0033:0x4665d9 [ 1536.826585][T13375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1536.846294][T13375] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1536.854749][T13375] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1536.862720][T13375] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1536.870711][T13375] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1536.878680][T13375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1536.886981][T13375] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:57 executing program 3 (fault-call:1 fault-nth:97): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:57 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000100)={'sit0\x00', 0x0, 0x2f, 0x0, 0x20, 0x2, 0x25, @loopback, @local, 0x7800, 0x0, 0x7}}) 06:48:57 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e1f000/0x3000)=nil, 0x3000) 06:48:57 executing program 4: madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:57 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x20e1f000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:57 executing program 2: inotify_init() select(0x40, &(0x7f0000000000), 0x0, 0x0, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:57 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x40000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1536.993416][T13399] FAULT_INJECTION: forcing a failure. [ 1536.993416][T13399] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1537.006799][T13399] CPU: 1 PID: 13399 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1537.015819][T13399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1537.026046][T13399] Call Trace: [ 1537.029338][T13399] dump_stack+0x137/0x19d [ 1537.033674][T13399] should_fail+0x23c/0x250 [ 1537.038184][T13399] __alloc_pages+0x102/0x320 06:48:57 executing program 4: madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:57 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xff) sendmsg$TEAM_CMD_PORT_LIST_GET(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5848310c5f4a803b1c7600c423784da83b99b469a9016dcee52156e78fc510701d01beaf476195b87b153fb2b4019650122ae439a6b7885d8c1966f90fa0b8d4cc18d7ebf5724d1a90d79e797b09386dd848eb39d2913f21fae04bb2a4f7f44805fd08c2bd8afe369be2b9926c8704711ec908a2bcdcbca4a620be06000099bcbb1265d75de6dc479485557763e1c2c97c5dc6f28296e75e2168a8b923e10400", @ANYRES16=0x0, @ANYBLOB="0300000000000000df2503002635801b64000008000100a640dbcadb1c1f92e122482d12e3c560e91a96690000000000000000", @ANYRES32=0x0, @ANYBLOB="3c00028038000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000005000300030000000800040081000000"], 0x58}, 0x1, 0x0, 0x0, 0xc000}, 0x80) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) mremap(&(0x7f0000e33000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:57 executing program 2: inotify_init() select(0x40, &(0x7f0000000000), 0x0, 0x0, &(0x7f00000000c0)={0x0, 0xea60}) [ 1537.042789][T13399] alloc_pages_vma+0x391/0x660 [ 1537.047591][T13399] shmem_getpage_gfp+0x980/0x1410 [ 1537.052625][T13399] shmem_write_begin+0x7e/0x100 [ 1537.057496][T13399] generic_perform_write+0x196/0x3a0 [ 1537.062783][T13399] ? shmem_write_begin+0x100/0x100 [ 1537.067893][T13399] __generic_file_write_iter+0x161/0x300 [ 1537.073527][T13399] ? generic_write_checks+0x250/0x290 [ 1537.078954][T13399] generic_file_write_iter+0x75/0x130 [ 1537.084329][T13399] vfs_write+0x69d/0x770 [ 1537.088574][T13399] ksys_write+0xce/0x180 06:48:57 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x42000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:57 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x7f000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1537.092811][T13399] __x64_sys_write+0x3e/0x50 [ 1537.097390][T13399] do_syscall_64+0x4a/0x90 [ 1537.101867][T13399] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1537.107792][T13399] RIP: 0033:0x4665d9 [ 1537.111677][T13399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1537.131367][T13399] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 06:48:57 executing program 3 (fault-call:1 fault-nth:98): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:57 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xd8010000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:57 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:57 executing program 2: inotify_init() select(0x40, &(0x7f0000000000), 0x0, 0x0, &(0x7f00000000c0)={0x0, 0xea60}) 06:48:57 executing program 5: select(0x40, &(0x7f0000000040), 0x0, &(0x7f0000000080)={0x3}, &(0x7f00000000c0)={0x0, 0xea60}) [ 1537.139923][T13399] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1537.147963][T13399] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1537.155947][T13399] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1537.164175][T13399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1537.172331][T13399] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:57 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1537.219351][T13430] FAULT_INJECTION: forcing a failure. [ 1537.219351][T13430] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1537.232434][T13430] CPU: 1 PID: 13430 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1537.241250][T13430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1537.251672][T13430] Call Trace: [ 1537.255292][T13430] dump_stack+0x137/0x19d [ 1537.259948][T13430] should_fail+0x23c/0x250 [ 1537.264362][T13430] should_fail_usercopy+0x16/0x20 06:48:57 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xff) sendmsg$TEAM_CMD_PORT_LIST_GET(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5848310c5f4a803b1c7600c423784da83b99b469a9016dcee52156e78fc510701d01beaf476195b87b153fb2b4019650122ae439a6b7885d8c1966f90fa0b8d4cc18d7ebf5724d1a90d79e797b09386dd848eb39d2913f21fae04bb2a4f7f44805fd08c2bd8afe369be2b9926c8704711ec908a2bcdcbca4a620be06000099bcbb1265d75de6dc479485557763e1c2c97c5dc6f28296e75e2168a8b923e10400", @ANYRES16=0x0, @ANYBLOB="0300000000000000df2503002635801b64000008000100a640dbcadb1c1f92e122482d12e3c560e91a96690000000000000000", @ANYRES32=0x0, @ANYBLOB="3c00028038000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000005000300030000000800040081000000"], 0x58}, 0x1, 0x0, 0x0, 0xc000}, 0x80) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) mremap(&(0x7f0000e33000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:57 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xda010000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1537.269443][T13430] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 1537.275506][T13430] ? shmem_write_begin+0x7e/0x100 [ 1537.280553][T13430] generic_perform_write+0x1e4/0x3a0 [ 1537.285853][T13430] ? shmem_write_begin+0x100/0x100 [ 1537.291013][T13430] __generic_file_write_iter+0x161/0x300 [ 1537.296728][T13430] ? generic_write_checks+0x250/0x290 [ 1537.302334][T13430] generic_file_write_iter+0x75/0x130 [ 1537.307758][T13430] vfs_write+0x69d/0x770 [ 1537.311995][T13430] ksys_write+0xce/0x180 06:48:58 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1537.316240][T13430] __x64_sys_write+0x3e/0x50 [ 1537.320834][T13430] do_syscall_64+0x4a/0x90 [ 1537.325245][T13430] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1537.331271][T13430] RIP: 0033:0x4665d9 [ 1537.335179][T13430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1537.355018][T13430] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 06:48:58 executing program 2: inotify_init() select(0x40, &(0x7f0000000000)={0xa}, 0x0, 0x0, 0x0) 06:48:58 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xfeffffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:58 executing program 5: select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000001c0)={0x0, 0xea60}) setgid(0xffffffffffffffff) select(0x40, &(0x7f0000000040)={0x8, 0x4, 0x2, 0x7fff, 0x80000000, 0xfffffffffffffac1, 0x5, 0x2}, &(0x7f0000000100)={0x100000001, 0x6, 0x500000, 0x6, 0xfff, 0x400, 0xd89e, 0x1d}, &(0x7f0000000140)={0xfffffffffffffffb, 0x5, 0x100, 0x5, 0x7, 0x100000001, 0x197d, 0xfffffffffffffffe}, &(0x7f0000000180)={0x0, 0xea60}) select(0x40, &(0x7f00000000c0)={0x5, 0x1, 0x4, 0x6, 0x2, 0x8667, 0xff, 0x483d}, &(0x7f0000000200)={0x2, 0x101, 0x7, 0x1, 0x5, 0xf1b, 0xffffffffffffff81, 0x8}, &(0x7f0000000240)={0x7ff, 0x1, 0x1, 0x100000000, 0x3, 0x9, 0x91b, 0x9}, &(0x7f0000000280)) [ 1537.363430][T13430] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1537.371542][T13430] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1537.379512][T13430] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1537.387479][T13430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1537.395533][T13430] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:58 executing program 3 (fault-call:1 fault-nth:99): r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:58 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xff) sendmsg$TEAM_CMD_PORT_LIST_GET(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5848310c5f4a803b1c7600c423784da83b99b469a9016dcee52156e78fc510701d01beaf476195b87b153fb2b4019650122ae439a6b7885d8c1966f90fa0b8d4cc18d7ebf5724d1a90d79e797b09386dd848eb39d2913f21fae04bb2a4f7f44805fd08c2bd8afe369be2b9926c8704711ec908a2bcdcbca4a620be06000099bcbb1265d75de6dc479485557763e1c2c97c5dc6f28296e75e2168a8b923e10400", @ANYRES16=0x0, @ANYBLOB="0300000000000000df2503002635801b64000008000100a640dbcadb1c1f92e122482d12e3c560e91a96690000000000000000", @ANYRES32=0x0, @ANYBLOB="3c00028038000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000005000300030000000800040081000000"], 0x58}, 0x1, 0x0, 0x0, 0xc000}, 0x80) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) mremap(&(0x7f0000e33000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:48:58 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:48:58 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xff600000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:58 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xffff8000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1537.545459][T13462] FAULT_INJECTION: forcing a failure. [ 1537.545459][T13462] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1537.558874][T13462] CPU: 1 PID: 13462 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1537.567716][T13462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1537.577768][T13462] Call Trace: [ 1537.581068][T13462] dump_stack+0x137/0x19d [ 1537.585450][T13462] should_fail+0x23c/0x250 [ 1537.589865][T13462] __alloc_pages+0x102/0x320 06:48:58 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xffffc000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1537.594457][T13462] alloc_pages_vma+0x391/0x660 [ 1537.599259][T13462] shmem_getpage_gfp+0x980/0x1410 [ 1537.604367][T13462] shmem_write_begin+0x7e/0x100 [ 1537.609297][T13462] generic_perform_write+0x196/0x3a0 [ 1537.614587][T13462] ? shmem_write_begin+0x100/0x100 [ 1537.619763][T13462] __generic_file_write_iter+0x161/0x300 [ 1537.625559][T13462] ? generic_write_checks+0x250/0x290 [ 1537.630937][T13462] generic_file_write_iter+0x75/0x130 [ 1537.636429][T13462] vfs_write+0x69d/0x770 [ 1537.640669][T13462] ksys_write+0xce/0x180 06:48:58 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xfffffffe}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:58 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xff) sendmsg$TEAM_CMD_PORT_LIST_GET(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5848310c5f4a803b1c7600c423784da83b99b469a9016dcee52156e78fc510701d01beaf476195b87b153fb2b4019650122ae439a6b7885d8c1966f90fa0b8d4cc18d7ebf5724d1a90d79e797b09386dd848eb39d2913f21fae04bb2a4f7f44805fd08c2bd8afe369be2b9926c8704711ec908a2bcdcbca4a620be06000099bcbb1265d75de6dc479485557763e1c2c97c5dc6f28296e75e2168a8b923e10400", @ANYRES16=0x0, @ANYBLOB="0300000000000000df2503002635801b64000008000100a640dbcadb1c1f92e122482d12e3c560e91a96690000000000000000", @ANYRES32=0x0, @ANYBLOB="3c00028038000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000005000300030000000800040081000000"], 0x58}, 0x1, 0x0, 0x0, 0xc000}, 0x80) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) [ 1537.644910][T13462] __x64_sys_write+0x3e/0x50 [ 1537.649496][T13462] do_syscall_64+0x4a/0x90 [ 1537.653975][T13462] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1537.659864][T13462] RIP: 0033:0x4665d9 [ 1537.663748][T13462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1537.683354][T13462] RSP: 002b:00007fb272dc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 06:48:58 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xffffffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1537.691764][T13462] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1537.699743][T13462] RDX: 0000000008800000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1537.707719][T13462] RBP: 00007fb272dc01d0 R08: 0000000000000000 R09: 0000000000000000 [ 1537.715690][T13462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 1537.723654][T13462] R13: 00007ffd3c5c7c1f R14: 00007fb272dc0300 R15: 0000000000022000 06:48:58 executing program 2: inotify_init() select(0x40, &(0x7f0000000000)={0xa}, 0x0, 0x0, 0x0) 06:48:58 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r0, 0x330f, 0x9) 06:48:58 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:48:58 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:48:58 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:58 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:48:58 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:48:58 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x2}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:58 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:48:58 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x3}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:59 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xff) sendmsg$TEAM_CMD_PORT_LIST_GET(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5848310c5f4a803b1c7600c423784da83b99b469a9016dcee52156e78fc510701d01beaf476195b87b153fb2b4019650122ae439a6b7885d8c1966f90fa0b8d4cc18d7ebf5724d1a90d79e797b09386dd848eb39d2913f21fae04bb2a4f7f44805fd08c2bd8afe369be2b9926c8704711ec908a2bcdcbca4a620be06000099bcbb1265d75de6dc479485557763e1c2c97c5dc6f28296e75e2168a8b923e10400", @ANYRES16=0x0, @ANYBLOB="0300000000000000df2503002635801b64000008000100a640dbcadb1c1f92e122482d12e3c560e91a96690000000000000000", @ANYRES32=0x0, @ANYBLOB="3c00028038000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000005000300030000000800040081000000"], 0x58}, 0x1, 0x0, 0x0, 0xc000}, 0x80) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:48:59 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x4}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:59 executing program 2: inotify_init() select(0x40, &(0x7f0000000000)={0xa}, 0x0, 0x0, 0x0) 06:48:59 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) select(0x40, &(0x7f0000000040)={0xffffe00000000000, 0x800, 0x60, 0xf868, 0x7, 0x1, 0x96, 0x8}, &(0x7f0000000100)={0x100000001, 0x81, 0x1ffc0000000, 0x9, 0x0, 0x2, 0x5, 0xfffffffffffffffc}, &(0x7f0000000140)={0x9, 0x8, 0x4, 0x1af, 0x800, 0x100000001, 0x81, 0xdad7}, &(0x7f00000001c0)={r0, r1/1000+60000}) socket$nl_generic(0x10, 0x3, 0x10) 06:48:59 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:48:59 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x7}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:59 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xff) sendmsg$TEAM_CMD_PORT_LIST_GET(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5848310c5f4a803b1c7600c423784da83b99b469a9016dcee52156e78fc510701d01beaf476195b87b153fb2b4019650122ae439a6b7885d8c1966f90fa0b8d4cc18d7ebf5724d1a90d79e797b09386dd848eb39d2913f21fae04bb2a4f7f44805fd08c2bd8afe369be2b9926c8704711ec908a2bcdcbca4a620be06000099bcbb1265d75de6dc479485557763e1c2c97c5dc6f28296e75e2168a8b923e10400", @ANYRES16=0x0, @ANYBLOB="0300000000000000df2503002635801b64000008000100a640dbcadb1c1f92e122482d12e3c560e91a96690000000000000000", @ANYRES32=0x0, @ANYBLOB="3c00028038000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000005000300030000000800040081000000"], 0x58}, 0x1, 0x0, 0x0, 0xc000}, 0x80) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:48:59 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x2000) 06:48:59 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x3000) 06:48:59 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x8}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:59 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:48:59 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x4000) 06:48:59 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x10}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:48:59 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xff) sendmsg$TEAM_CMD_PORT_LIST_GET(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5848310c5f4a803b1c7600c423784da83b99b469a9016dcee52156e78fc510701d01beaf476195b87b153fb2b4019650122ae439a6b7885d8c1966f90fa0b8d4cc18d7ebf5724d1a90d79e797b09386dd848eb39d2913f21fae04bb2a4f7f44805fd08c2bd8afe369be2b9926c8704711ec908a2bcdcbca4a620be06000099bcbb1265d75de6dc479485557763e1c2c97c5dc6f28296e75e2168a8b923e10400", @ANYRES16=0x0, @ANYBLOB="0300000000000000df2503002635801b64000008000100a640dbcadb1c1f92e122482d12e3c560e91a96690000000000000000", @ANYRES32=0x0, @ANYBLOB="3c00028038000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000005000300030000000800040081000000"], 0x58}, 0x1, 0x0, 0x0, 0xc000}, 0x80) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:00 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0xff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:00 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x5000) 06:49:00 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x42}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:00 executing program 5: ioctl$MON_IOCQ_URB_LEN(0xffffffffffffffff, 0x9201) r0 = perf_event_open$cgroup(&(0x7f0000000200)={0x5, 0x80, 0x0, 0x40, 0x5, 0xe1, 0x0, 0xc13, 0x5010, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x5, 0x0, @perf_bp={&(0x7f00000001c0), 0x41892f71a7e66603}, 0x20, 0x3f90, 0x0, 0x3, 0x8, 0x0, 0x7, 0x0, 0x9, 0x0, 0x1}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x8) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x10000, 0x40, 0x0, 0x0, 0x0, 0x40000000000000}, 0x0, &(0x7f0000000080)={0x5, 0x0, 0x5, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x3}, &(0x7f00000000c0)={0x77359400}) select(0x40, &(0x7f0000000040)={0xbcbc, 0x816b, 0x5, 0x1, 0x9fa, 0x54, 0x5, 0x101}, &(0x7f0000000100)={0x9f, 0xce, 0x9b, 0x0, 0x7, 0x1, 0x8, 0x10000}, &(0x7f0000000140)={0x3, 0x0, 0xbd, 0x9, 0x401, 0x1000000003801, 0x80000001}, &(0x7f0000000180)={0x77359400}) 06:49:00 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:00 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) shmget(0x3, 0x2000, 0x80, &(0x7f0000e35000/0x2000)=nil) shmget(0x3, 0x3000, 0x1, &(0x7f0000ffd000/0x3000)=nil) mlock(&(0x7f0000e34000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:00 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x60}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:00 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) shmget(0x3, 0x2000, 0x80, &(0x7f0000e35000/0x2000)=nil) shmget(0x3, 0x3000, 0x1, &(0x7f0000ffd000/0x3000)=nil) mlock(&(0x7f0000e34000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:00 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x6000) 06:49:00 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x1d8}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:00 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) shmget(0x3, 0x2000, 0x80, &(0x7f0000e35000/0x2000)=nil) shmget(0x3, 0x3000, 0x1, &(0x7f0000ffd000/0x3000)=nil) mlock(&(0x7f0000e34000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:00 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x1da}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:00 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:00 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x7000) 06:49:00 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:01 executing program 5: select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x400}, 0x0, &(0x7f0000000080)={0x7, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000000}, &(0x7f00000000c0)={0x0, 0xea60}) ioctl$PTP_PEROUT_REQUEST2(0xffffffffffffffff, 0x40383d0c, &(0x7f0000000040)={{0x5, 0x8001}, {0x0, 0x5}, 0xbc4, 0x1}) 06:49:01 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) shmget(0x3, 0x2000, 0x80, &(0x7f0000e35000/0x2000)=nil) shmget(0x3, 0x3000, 0x1, &(0x7f0000ffd000/0x3000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:01 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x204}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:01 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x9000) 06:49:01 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:01 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:01 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xa000) 06:49:01 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x300}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:01 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) shmget(0x3, 0x2000, 0x80, &(0x7f0000e35000/0x2000)=nil) shmget(0x3, 0x3000, 0x1, &(0x7f0000ffd000/0x3000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:01 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) shmget(0x3, 0x2000, 0x80, &(0x7f0000e35000/0x2000)=nil) shmget(0x3, 0x3000, 0x1, &(0x7f0000ffd000/0x3000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:01 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xb000) 06:49:01 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:01 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) sendmsg$NET_DM_CMD_START(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, 0x0, 0x100, 0x70bd2c, 0x25dfdbfc, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10) 06:49:01 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x1c) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:01 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x402}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:01 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) shmget(0x3, 0x2000, 0x80, &(0x7f0000e35000/0x2000)=nil) mlock(&(0x7f0000e34000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:01 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xc000) 06:49:01 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mlock(&(0x7f0000e34000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:01 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x406}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:01 executing program 2: mlock(&(0x7f0000e34000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:01 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:01 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xd000) 06:49:01 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x604}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:01 executing program 2: mlock(&(0x7f0000e34000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:01 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f00000000c0)={0x0, 0xea60}) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f0000000100)={0x40, 0x9, 0x1, 'queue1\x00', 0xda}) 06:49:01 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:01 executing program 2: mlock(&(0x7f0000e34000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:01 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xe000) 06:49:01 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x700}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:01 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xf000) 06:49:01 executing program 2: mlock(&(0x7f0000e34000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:01 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x2000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:01 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:01 executing program 2: mlock(&(0x7f0000e34000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e1d000/0x3000)=nil, 0x3000, 0x1000008, 0x13, r0, 0x91577000) read$usbmon(r0, &(0x7f0000000080)=""/81, 0x51) 06:49:01 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x11000) 06:49:01 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0x100) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 5: select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x200000000, 0x0, 0x0, 0x80000}, 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, &(0x7f00000000c0)={0x0, 0xea60}) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x4000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 2: mlock(&(0x7f0000e34000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e1d000/0x3000)=nil, 0x3000, 0x1000008, 0x13, r0, 0x91577000) read$usbmon(r0, &(0x7f0000000080)=""/81, 0x51) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x12000) 06:49:02 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x13000) 06:49:02 executing program 2: mlock(&(0x7f0000e34000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e1d000/0x3000)=nil, 0x3000, 0x1000008, 0x13, r0, 0x91577000) read$usbmon(r0, &(0x7f0000000080)=""/81, 0x51) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x4200}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) inotify_rm_watch(r1, r2) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 2: mlock(&(0x7f0000e34000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e1d000/0x3000)=nil, 0x3000, 0x1000008, 0x13, r0, 0x91577000) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x6000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x14000) 06:49:02 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000040)={0x3, 0x200, 0xaa2, 0x7, 0x8, 0x81, 0x31ee8290, 0x4}, &(0x7f0000000100)={0x0, 0x48b, 0x1, 0x100000001, 0x5, 0x4, 0x3, 0x3ff}, &(0x7f0000000140)={0xdaa, 0x5e70, 0x4, 0x0, 0x9, 0x7, 0xfc0, 0x3}, &(0x7f0000000180)={0x0, 0x3938700}, &(0x7f0000000200)={&(0x7f00000001c0)={[0xf6]}, 0x8}) 06:49:02 executing program 2: mlock(&(0x7f0000e34000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) 06:49:02 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x15000) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x60ff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 2: mlock(&(0x7f0000e34000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x7f00}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x16000) 06:49:02 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x400) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 2: mlock(&(0x7f0000e34000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x9700}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x17000) 06:49:02 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x40200, 0x0) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:49:02 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0xd801}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 2: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x18000) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0xda01}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 2: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x19000) 06:49:02 executing program 4: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x40000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 2: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:02 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x1a000) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x80000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 2: mlock(&(0x7f0000e34000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x1b000) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x91000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 2: mlock(&(0x7f0000e34000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:02 executing program 4: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x1c000) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x100900}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 2: mlock(&(0x7f0000e34000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:02 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000180)={'ip6_vti0\x00', 0x0, 0x2f, 0x8, 0x9, 0x9, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7800, 0x8, 0x7, 0x8000}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000002c0)={'syztnl0\x00', &(0x7f0000000240)={'syztnl1\x00', 0x0, 0x2f, 0x7, 0x3, 0xfffffff8, 0x2d, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, 0x7, 0x7, 0x8, 0x8}}) select(0x40, &(0x7f0000000740)={0x2, 0x8, 0xffffffffffffffff, 0x813, 0x100, 0x3, 0x7245, 0x8}, &(0x7f0000000780)={0x6, 0x3, 0x9, 0x7, 0x0, 0x9, 0x6, 0x101}, &(0x7f00000007c0)={0x8, 0x3, 0x5, 0x8001, 0x20, 0x0, 0xab9, 0x8}, &(0x7f0000000800)={0x0, 0x2710}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f00000003c0)={'ip6gre0\x00', &(0x7f0000000340)={'ip6tnl0\x00', 0x0, 0x2f, 0x3f, 0x2, 0x4, 0x11, @empty, @mcast2, 0x7800, 0x700, 0x4, 0x5}}) sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000400)={0x298, 0x0, 0x4, 0x70bd2b, 0x25dfdbff, {}, [{{0x8}, {0x4}}, {{0x8}, {0xf4, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8, 0x1, r0}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}]}}, {{0x8, 0x1, r1}, {0x130, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7f}}, {0x8, 0x6, r3}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}]}}]}, 0x298}, 0x1, 0x0, 0x0, 0x4}, 0x8000) ioctl$RNDADDTOENTCNT(0xffffffffffffffff, 0x40045201, &(0x7f0000000040)=0x4) inotify_init() 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x104000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x1d000) 06:49:02 executing program 2: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x105400}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x1e000) 06:49:02 executing program 4: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x200000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x1f000) 06:49:02 executing program 5: prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000240)) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000040)={0x7, 0x2, 0x2, 0x5, 0x51, 0x80, 0x5, 0x12}, &(0x7f0000000100)={0xc2e, 0xed, 0x0, 0x3ff, 0xffff, 0x1, 0x8e, 0x7}, &(0x7f0000000140)={0x7ff, 0x30d, 0xffffffff, 0xe3e1, 0xfffffffffffffffc, 0x41, 0x100000001, 0x9880}, &(0x7f0000000180)={0x77359400}, &(0x7f0000000200)={&(0x7f00000001c0)={[0x4]}, 0x8}) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x400000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x20000) 06:49:02 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x401000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 2: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x21000) 06:49:02 executing program 4: mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:02 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0x10001}, &(0x7f00000000c0)={0x0, 0xea60}) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x402e1d}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:02 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x22000) 06:49:02 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x4af000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 1: ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x4fd000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x23000) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x24000) 06:49:03 executing program 4: mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 2: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x541000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000004c0), 0x980c2, 0x0) setsockopt$inet_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000500)=@ccm_128={{0x304}, "5ff4d621af0d7765", "f777716925fa95941a3fcfb4e937940f", "080ff109", "0b9fe1aca08dfdb3"}, 0x28) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) mq_timedreceive(r0, &(0x7f0000000400)=""/45, 0x2d, 0x8, &(0x7f0000000480)={r1, r2+10000000}) recvmsg(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000100)=""/77, 0x4d}, {&(0x7f0000000040)=""/47, 0x2f}, {&(0x7f0000000180)=""/144, 0x90}, {&(0x7f0000000240)=""/41, 0x29}], 0x4, &(0x7f00000002c0)=""/240, 0xf0}, 0x100) select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xd4}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x25000) 06:49:03 executing program 4: mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000, 0x2, &(0x7f0000e1f000/0x3000)=nil) sigaltstack(&(0x7f0000e1f000/0x3000)=nil, &(0x7f0000000140)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private2}}, &(0x7f0000000080)=0x80, 0x80000) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000e32000/0x2000)=nil, 0x2000}, &(0x7f0000000100)=0x10) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x600000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x26000) 06:49:03 executing program 4: mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x80ffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x27000) 06:49:03 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000, 0x2, &(0x7f0000e1f000/0x3000)=nil) sigaltstack(&(0x7f0000e1f000/0x3000)=nil, &(0x7f0000000140)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private2}}, &(0x7f0000000080)=0x80, 0x80000) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000e32000/0x2000)=nil, 0x2000}, &(0x7f0000000100)=0x10) 06:49:03 executing program 2: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:03 executing program 5: clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, &(0x7f0000000080)={0xffffffffffffffb0}, &(0x7f00000000c0)={r0, r1/1000+10000}) 06:49:03 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x970000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000, 0x2, &(0x7f0000e1f000/0x3000)=nil) sigaltstack(&(0x7f0000e1f000/0x3000)=nil, &(0x7f0000000140)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private2}}, &(0x7f0000000080)=0x80, 0x80000) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000e32000/0x2000)=nil, 0x2000}, &(0x7f0000000100)=0x10) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x28000) 06:49:03 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000, 0x2, &(0x7f0000e1f000/0x3000)=nil) sigaltstack(&(0x7f0000e1f000/0x3000)=nil, &(0x7f0000000140)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) accept4(0xffffffffffffffff, &(0x7f0000000000)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private2}}, &(0x7f0000000080)=0x80, 0x80000) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0xc04a01}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 5: select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f0000000080)={0x7, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000040)={0x1f, 0x4, 0x2, 0x7fffffff, 0x6, 0x9c, 0x4a, 0x80000001}, &(0x7f0000000100)={0x4, 0x2, 0x20000, 0xfffffffffffffff7, 0x1f800, 0x8000, 0x1000, 0x2}, &(0x7f0000000140)={0x5, 0x7fff, 0x8, 0x10000, 0xffffffff, 0x8, 0x6, 0x7221}, &(0x7f0000000180), &(0x7f0000000200)={&(0x7f00000001c0)={[0x3ff]}, 0x8}) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x29000) 06:49:03 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000, 0x2, &(0x7f0000e1f000/0x3000)=nil) sigaltstack(&(0x7f0000e1f000/0x3000)=nil, &(0x7f0000000140)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 2: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:03 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0xc0ffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x2a000) 06:49:03 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000, 0x2, &(0x7f0000e1f000/0x3000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 4: mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000, 0x2, &(0x7f0000e1f000/0x3000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 4: mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000, 0x2, &(0x7f0000e1f000/0x3000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 5: ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000040)='\x00') select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) ioctl$PTP_PIN_GETFUNC2(0xffffffffffffffff, 0xc0603d0f, &(0x7f0000000100)={'\x00', 0x7fffffff, 0x3, 0x8001}) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0xd04f00}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x2b000) 06:49:03 executing program 2: mlock(&(0x7f0000800000/0x800000)=nil, 0x800000) 06:49:03 executing program 4: mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0xf04a00}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) sigaltstack(&(0x7f0000e1f000/0x3000)=nil, &(0x7f0000000140)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x2c000) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x2d000) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0xf0e120}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 5: recvmsg(0xffffffffffffffff, &(0x7f0000001580)={&(0x7f0000000100)=@nfc, 0x80, &(0x7f0000001480)=[{&(0x7f0000000180)=""/75, 0x4b}, {&(0x7f0000000040)=""/3, 0x3}, {&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000001200)=""/174, 0xae}, {&(0x7f00000012c0)=""/172, 0xac}, {&(0x7f0000001380)=""/53, 0x35}, {&(0x7f00000013c0)=""/15, 0xf}, {&(0x7f0000001400)=""/76, 0x4c}], 0x8, &(0x7f0000001500)=""/69, 0x45}, 0x2040) select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xed97}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) ioctl$PTP_PEROUT_REQUEST(0xffffffffffffffff, 0x40383d03, &(0x7f0000001600)={{0x8001, 0xfff}, {0x10, 0x80}, 0x2}) 06:49:03 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x12) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x7) 06:49:03 executing program 1: sigaltstack(&(0x7f0000e1f000/0x3000)=nil, &(0x7f0000000140)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x2e000) 06:49:03 executing program 1: sigaltstack(&(0x7f0000e1f000/0x3000)=nil, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x1000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x12) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x7) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x2f000) 06:49:03 executing program 1: sigaltstack(&(0x7f0000e1f000/0x3000)=nil, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 5: ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}) 06:49:03 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:03 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:03 executing program 1: sigaltstack(&(0x7f0000e1f000/0x3000)=nil, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x12) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x7) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x14ac000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x30000) 06:49:03 executing program 5: modify_ldt$write(0x1, &(0x7f0000000180)={0x9, 0x20001000, 0xffffffffffffffff, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1}, 0x10) r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x111040, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000100)=ANY=[@ANYBLOB="ffffff7f5f00000041750b7b6a0193ca3814092cd8edc2496785be7a388082e216e529748e27c58966e5e564fa725a33c8025061bdc6896d4f19c2d8fd412cb9e5baf68912c55faef815efbbf15443393fbe70c4c777a2ff4485660ed9865f0afedd88ac9b34c8"]) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:49:03 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x31000) 06:49:03 executing program 1: sigaltstack(&(0x7f0000e1f000/0x3000)=nil, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x2000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x12) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x2f000) 06:49:03 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:03 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x2040000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x32000) 06:49:03 executing program 5: inotify_rm_watch(0xffffffffffffffff, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) inotify_rm_watch(r0, 0x0) ioctl$PTP_PIN_GETFUNC(r0, 0xc0603d06, &(0x7f0000000100)={'\x00', 0xffffffff, 0x2, 0x8000}) select(0x40, &(0x7f0000000040)={0x0, 0x0, 0xdfffffffffffffff}, 0x0, &(0x7f0000000080)={0x7, 0x0, 0x9}, &(0x7f00000000c0)={0x0, 0xea60}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000000)={'syztnl0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x4, 0x4a, 0x0, 0x9, 0x0, @local, @local, 0x10, 0x7800, 0x8, 0x1}}) 06:49:03 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e20000/0x4000)=nil, &(0x7f0000000000)) r0 = shmget$private(0x0, 0x2000, 0x2, &(0x7f0000ffc000/0x2000)=nil) shmat(r0, &(0x7f0000ffa000/0x3000)=nil, 0x0) 06:49:03 executing program 2: syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x3000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e20000/0x4000)=nil, &(0x7f0000000000)) r0 = shmget$private(0x0, 0x2000, 0x2, &(0x7f0000ffc000/0x2000)=nil) shmat(r0, &(0x7f0000ffa000/0x3000)=nil, 0x0) 06:49:03 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:03 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x33000) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x4000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e20000/0x4000)=nil, &(0x7f0000000000)) r0 = shmget$private(0x0, 0x2000, 0x2, &(0x7f0000ffc000/0x2000)=nil) shmat(r0, &(0x7f0000ffa000/0x3000)=nil, 0x0) 06:49:03 executing program 2: syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:03 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={0x0}}, 0x0) ioctl$PTP_CLOCK_GETCAPS(0xffffffffffffffff, 0x80503d01, &(0x7f0000000540)) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f0000000140)={'syztnl2\x00', 0x0, 0x4, 0x8, 0x2, 0x3800, 0x20, @local, @private0, 0x1, 0x20, 0x101, 0x75}}) sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000200)={0x2ac, 0x0, 0x10, 0x70bd29, 0x25dfdbfe, {}, [{{0x8}, {0x290, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x44, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x14, 0x4, [{0x2, 0x0, 0xa7, 0x20}, {0x3, 0x1f, 0x1, 0x1}]}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x2, 0x7, 0x1, 0x9}, {0x7, 0x0, 0x0, 0x1}, {0x0, 0xe0, 0x0, 0x3ff}, {0x2, 0xff, 0x1, 0x8e}, {0xc9, 0x80, 0x5, 0x10000}, {0x6, 0xff, 0x6, 0x915}]}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x100}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfff}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r3}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x10000}}}]}}]}, 0x2ac}, 0x1, 0x0, 0x0, 0xc1}, 0x40) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7, 0x0, 0x3}, &(0x7f00000000c0)={0x0, 0xea60}) 06:49:03 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x6040000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:03 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x34000) 06:49:04 executing program 2: syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:04 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e20000/0x4000)=nil, &(0x7f0000000000)) shmget$private(0x0, 0x2000, 0x2, &(0x7f0000ffc000/0x2000)=nil) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x7000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 4: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x12) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x35000) 06:49:04 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x8000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e20000/0x4000)=nil, &(0x7f0000000000)) 06:49:04 executing program 5: r0 = mq_open(&(0x7f0000000100)='./cgroup/syz1\x00', 0x1, 0x1c1, &(0x7f0000000140)={0x1, 0x4, 0x9}) mq_timedsend(r0, &(0x7f0000000180)="f6f6e59663f8732d734922f95fc590684bfa9cf1f6483d62caae53bb4bdc09297055a9ff21473e0b204dfdceed81d5590449336528da442d5d", 0x39, 0x9, 0x0) select(0x40, &(0x7f0000000000)={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x2}, 0x0, &(0x7f0000000080)={0x7, 0x0, 0xfffffffffffffffe, 0x4, 0x0, 0x100}, &(0x7f00000000c0)={0x0, 0xea60}) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x200002, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f0000fff000/0x1000)=nil, 0x1000}, &(0x7f0000000200)=0x10) 06:49:04 executing program 4: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x36000) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x10000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:04 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) sigaltstack(&(0x7f0000e20000/0x4000)=nil, &(0x7f0000000000)) 06:49:04 executing program 4: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x1d2e4000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$PTP_PEROUT_REQUEST(r0, 0x40383d03, &(0x7f0000000100)={{0x14, 0x1}, {0x2, 0x7}, 0x4}) ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000140)=0x3) ioctl$TIOCGICOUNT(0xffffffffffffffff, 0x545d, 0x0) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000180)) 06:49:04 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) sigaltstack(&(0x7f0000e20000/0x4000)=nil, &(0x7f0000000000)) 06:49:04 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x1f39, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x37000) 06:49:04 executing program 4: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x20000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x38000) 06:49:04 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) sigaltstack(&(0x7f0000e20000/0x4000)=nil, &(0x7f0000000000)) 06:49:04 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, 0x0, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:04 executing program 4: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x12) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x39000) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x20e1f000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ff9000/0x4000)=nil, 0x4000}, &(0x7f00000001c0)=0x10) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000100)={{0x8, 0x1}, 'port1\x00', 0x80, 0x4, 0x1, 0x7, 0x8353, 0x5, 0x10000002, 0x0, 0x0, 0x9}) 06:49:04 executing program 4: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x12) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, 0x0, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:04 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e20000/0x4000)=nil, &(0x7f0000000000)) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x3a000) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x40000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 4: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x12) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e20000/0x4000)=nil, &(0x7f0000000000)) 06:49:04 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, 0x0, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x3b000) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x42000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 4: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x12) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e20000/0x4000)=nil, &(0x7f0000000000)) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x3c000) 06:49:04 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:04 executing program 4: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x12) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 5: ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f0000000e00)=ANY=[@ANYBLOB="ff030000b96300000055be69597732bedc9b72f8aef95869732404f49c8abfd77140aba9d9aef45b1a41f754f8cbc030316b9528d815340600444572ffd8bcd1582b1090c9f46d00bd929c88ab25a7748370dc0ce8359a08c495e133af53362fc0c36023aacef5d74eaf907015e55183e4e4928e57b081fd9be2385fc43a964a46991baa6517899686cc30f9b1c2ca9b6e6527e04e22777c8eed80d219b1eff04f4e76b1d0c5ac53f0045117a8bad8097a1ee0873f5686dc559dcfd220f3db369ea8d8f96a4db475fd2658cfc5e67b63659f8b1751dec1ace63fdc3e274fe051370cfbf831c4c0177883a70b77ad4a9f2d43375b461d403a44f0835415feca802ec305493938c1f2261fd097619c40ec28b11b6a716f25ba06186a8e10bf60d0a120f7e28d61bd9efd624136906b907f2dcdc6d3f2f026e39bfe8f55fa9238ab2ae176bdd10b5b8356dba0b067019a65a995fa68b050257d54ac29c9b08d87ccc9f5db8f2f764c704420cec3b220a7e4b3bf4dfb9d102d28e848b45e1d46724d70e6a013d8cd7477e897e14641661e7b0dbdeb4f6bbf32c051d26fbde30407c54c0ce0e96f038f06be74c8cab1f25bb63b4c1ca37a3e9e075efc53fffac1c2be1e425c153425560f8551dabea55f"]) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) getresuid(&(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000400)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) sendmsg$AUDIT_GET_FEATURE(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x10, 0x3fb, 0x300, 0x70bd25, 0x25dfdbfc, "", ["", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4000080}, 0x20000000) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000440), 0x480, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x4) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, 0xffffffffffffffff) r5 = syz_genetlink_get_family_id$team(&(0x7f00000005c0), r0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000680)={'sit0\x00', &(0x7f0000000600)={'syztnl1\x00', 0x0, 0x2f, 0x5, 0x3, 0x0, 0x71, @private1, @private0, 0x80, 0x700, 0x1, 0x61f4248b}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000740)={'syztnl0\x00', &(0x7f00000006c0)={'syztnl1\x00', 0x0, 0x17, 0x0, 0x1, 0x9, 0x0, @private0, @dev={0xfe, 0x80, '\x00', 0x13}, 0x10, 0x8000, 0x6, 0xf9}}) accept4(r0, &(0x7f0000000780)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000800)=0x80, 0x8ba0bc2fdf0747c6) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000980)={'ip6tnl0\x00', &(0x7f0000000900)={'ip6tnl0\x00', 0x0, 0x29, 0xda, 0x80, 0x2, 0x4, @dev={0xfe, 0x80, '\x00', 0x2d}, @remote, 0x20, 0x66, 0x8, 0x2}}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) mq_timedsend(0xffffffffffffffff, &(0x7f0000000840)="b847016c684aab6414447204d34c2470e6ba1e4222e8868138e814620f85eae812bb4e070af8e9ed574f7a6944b2e01b9933486a41ffb13695537a59d8a8451594b58e8cc4ca8ae4edc96f", 0x4b, 0x8bec, &(0x7f00000008c0)={0x0, 0x3938700}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000a40)={'syztnl2\x00', &(0x7f00000009c0)={'sit0\x00', 0x0, 0x2f, 0x2, 0x54, 0x8, 0x8, @mcast1, @mcast2, 0x20, 0x1, 0xb2, 0x1}}) sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000dc0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000d80)={&(0x7f0000000a80)={0x2bc, r5, 0x304, 0x70bd25, 0x25dfdbff, {}, [{{0x8, 0x1, r6}, {0x224, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x34, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x4}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x7f}}, {0x8, 0x6, r8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x401}}, {0x8, 0x6, r9}}}]}}, {{0x8}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xbb}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r10}}}]}}]}, 0x2bc}, 0x1, 0x0, 0x0, 0x4000}, 0x8054) pselect6(0x40, &(0x7f0000000040)={0x4, 0xdc, 0x3, 0x9, 0x7, 0x7f, 0x6, 0x8}, &(0x7f0000000200)={0xffffffffffff889d, 0x0, 0x3, 0x6fe0, 0x6, 0x3, 0x3, 0x3ff}, &(0x7f0000000240)={0x6, 0xfffffffffffffff9, 0x7, 0x5, 0xffffffffffffa932, 0xffff, 0x8, 0x6}, &(0x7f00000002c0)={r2, r3+10000000}, &(0x7f0000000340)={&(0x7f0000000300)={[0x7f]}, 0x8}) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x7f000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0xd8010000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e20000/0x4000)=nil, &(0x7f0000000000)) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x3d000) 06:49:04 executing program 4: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x12) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:04 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e20000/0x4000)=nil, 0x0) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0xda010000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x325}, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:04 executing program 5: select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000040)={0x401, 0x4, 0x11ecef42, 0x1, 0x0, 0x118, 0x5, 0x5}, &(0x7f0000000100)={0x8, 0x2974, 0x9, 0x7d23, 0x3, 0x7, 0x8, 0xd8}, &(0x7f0000000140)={0x8001, 0x7f, 0x2, 0x6, 0x1ff, 0x8, 0x1ff, 0x800}, &(0x7f0000000180), &(0x7f0000000200)={&(0x7f00000001c0)={[0x80]}, 0x8}) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x3e000) 06:49:04 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000e32000/0x3000)=nil, 0x4000) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x3000)=nil, 0x3000}, &(0x7f0000000040)=0x10) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:04 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, &(0x7f0000000000), &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x3f000) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0xfeffffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000e32000/0x3000)=nil, 0x4000) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x3000)=nil, 0x3000}, &(0x7f0000000040)=0x10) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:04 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0xff600000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x40000) 06:49:04 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, &(0x7f0000000000), &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, 0x0, &(0x7f00000000c0)) 06:49:04 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000100)={0x21, 0x4, 0xffffffff, 0x4a26, 0x200, 0x3, 0x92bf, 0x8}, &(0x7f0000000140)={0xfffffffffffffff9, 0x80000000, 0x4, 0x1, 0x1, 0xffff, 0x1, 0x9}, &(0x7f00000002c0)={0x5, 0xc24, 0x5, 0x400, 0x0, 0x3, 0xffffffffffff0000, 0xffff}, &(0x7f0000000200)={r1, r2+10000000}, &(0x7f0000000280)={&(0x7f0000000240)={[0xffff]}, 0x8}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000040)='!}\x00') 06:49:04 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000e32000/0x3000)=nil, 0x4000) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x3000)=nil, 0x3000}, &(0x7f0000000040)=0x10) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0xffff8000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x41000) 06:49:04 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, &(0x7f0000000000), &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, 0x0, &(0x7f00000000c0)) 06:49:04 executing program 4: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0xffffc000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, &(0x7f0000000000), &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, 0x0, &(0x7f00000000c0)) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x42000) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0xfffffffe}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 4: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)) 06:49:04 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000e32000/0x3000)=nil, 0x4000) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:04 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, &(0x7f0000000000), &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), 0x0) 06:49:04 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0xffffffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:04 executing program 4: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:04 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x43000) 06:49:04 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000e32000/0x3000)=nil, 0x4000) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x3000)=nil, 0x3000}, &(0x7f0000000040)=0x10) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:05 executing program 5: select(0x40, &(0x7f0000000040), 0x0, &(0x7f0000000080)={0x7, 0x1000000, 0x0, 0x0, 0x60, 0x0, 0xfffffffffffffff9}, &(0x7f00000000c0)={0x0, 0xea60}) sigaltstack(&(0x7f0000ffe000/0x1000)=nil, 0x0) 06:49:05 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, &(0x7f0000000000), &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), 0x0) 06:49:05 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:05 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x44000) 06:49:05 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x448, &(0x7f0000000000), &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), 0x0) 06:49:05 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000e32000/0x3000)=nil, 0x4000) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x3000)=nil, 0x3000}, &(0x7f0000000040)=0x10) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:05 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:05 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x45000) 06:49:05 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:05 executing program 2: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x44000) 06:49:05 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000e32000/0x3000)=nil, 0x4000) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x3000)=nil, 0x3000}, &(0x7f0000000040)=0x10) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:05 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) select(0x40, &(0x7f0000000040)={0x7, 0x69, 0xfffffffffffff2b9, 0x1, 0x1, 0x800, 0xfffffffffffffff8, 0xfffffffffffffe00}, &(0x7f0000000100)={0x754, 0x10000, 0x4, 0xe85, 0x6, 0x1, 0x9, 0x20}, &(0x7f0000000140)={0x7, 0x80000001, 0x3, 0x4, 0x31, 0x1, 0x0, 0x9}, &(0x7f00000001c0)={r0, r1/1000+60000}) 06:49:05 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:05 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x46000) 06:49:05 executing program 2: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r2, 0x55143000) mincore(&(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/209) 06:49:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x47000) 06:49:05 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:05 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000e32000/0x3000)=nil, 0x4000) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x3000)=nil, 0x3000}, &(0x7f0000000040)=0x10) 06:49:05 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:05 executing program 2: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r2, 0x55143000) mincore(&(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/209) 06:49:05 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000e32000/0x3000)=nil, 0x4000) 06:49:05 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x7}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:05 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000040)={0x7, 0x6, 0x1, 0x80, 0x6, 0x5, 0x5, 0x2}, &(0x7f0000000100)={0x10001, 0x1b9, 0x53, 0x6, 0x34b2, 0x54e, 0xfffffffffffffffa, 0xa7aa}, &(0x7f0000000140)={0x1, 0x5, 0x4, 0xfffffffffffffc00, 0x3f, 0x80000001, 0x1, 0x5b6}, &(0x7f0000000180)={0x77359400}, &(0x7f0000000200)={&(0x7f00000001c0)={[0xd01]}, 0x8}) 06:49:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x48000) 06:49:05 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:05 executing program 2: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r2, 0x55143000) mincore(&(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/209) 06:49:05 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x8}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:05 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) 06:49:05 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:05 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) 06:49:05 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x10}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:05 executing program 2: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x0, 0x100010, r2, 0x55143000) 06:49:05 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x49000) 06:49:05 executing program 5: select(0x9e, &(0x7f0000000000)={0x4000000000000, 0x0, 0x4000000, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x0, &(0x7f0000000080)={0x7, 0x0, 0xfffffffffffffffe}, &(0x7f00000000c0)={0x0, 0xea60}) modify_ldt$write2(0x11, &(0x7f0000000180)={0x2, 0x0, 0x1000, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1}, 0x10) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x48c100, 0x0) read$snapshot(r0, &(0x7f0000000100)=""/117, 0x75) 06:49:05 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x4a000) 06:49:05 executing program 2: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) 06:49:05 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x42}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:05 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x4b000) 06:49:05 executing program 2: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) 06:49:05 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:05 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:05 executing program 5: perf_event_open$cgroup(&(0x7f0000000140)={0x1, 0x80, 0xfb, 0x4, 0xfb, 0x1, 0x0, 0x4, 0x4000, 0x8, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, @perf_bp={&(0x7f0000000100), 0xe}, 0x1d008, 0xff, 0x0, 0x1, 0x3, 0x1, 0x1003, 0x0, 0x4, 0x0, 0xfff}, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x600000, 0x0) ioctl$TIOCGICOUNT(r0, 0x545d, 0x0) ioctl$PIO_FONTRESET(0xffffffffffffffff, 0x4b6d, 0x0) r1 = mq_open(&(0x7f00000001c0)='/dev/bsg\x00', 0x1, 0x1c6, &(0x7f0000000200)={0x0, 0x82c8, 0x20, 0x6d}) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) mq_timedsend(r1, &(0x7f0000000240)="e8b767f4e15025e1d6947e3db8ca9a4aa5d40c65944ce545d542354385266055a8a1910ea69793ec02d96a8715f814bd88fc7263d765ef", 0x37, 0x3f, &(0x7f00000002c0)={r2, r3+10000000}) 06:49:05 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x60}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x4c000) 06:49:05 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:05 executing program 2: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:05 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:05 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1d8}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x4d000) 06:49:05 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0xb) 06:49:05 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:05 executing program 2: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:05 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x4003, 0x0) sendmsg$AUDIT_TTY_GET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x10, 0x3f8, 0x2, 0x70bd28, 0x25dfdbff, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4048084}, 0x50) write$cgroup_int(r0, &(0x7f0000000700)=0x2, 0x12) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) sendmsg$AUDIT_ADD_RULE(r0, &(0x7f00000006c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000680)={&(0x7f0000000240)=ANY=[@ANYBLOB="30040000f303000428bd7000fddbdf2501000000010000003d0000008c0000001e030000080000005200000003000000010000000f040000524bcc7c8000000000000080fe14000009000000030000003f0000000500000005000000060000001704000000000000050000000600000078f3ffff080000000010000006000000000000100000100028ffffff0800000001010000ff7f000009000000030000000000000002000000000000000800000000000000000080000700000000000000010000803e0005000000bd00000008000000040000000001000001000000fbffffffe5e700000080000020000000482f000001000000030000005ac60000ffff000001000000ff030000030000003f000000ff0700000200000004000000060000000004000006000000fdffffff010000000900000006000000ff0100000500000003000000fdffffff08000000060000000500000059b2000081ffffff0900000001000000f7ffffff050000000300000007000000f9ffffff01000000faffffff010400004900000002000000ffffffff01000000ffff0000ef0000000800000005000000000400000008000007000000000001000600000081000000050000003f0000003f000000010000000200000003000000000001000500000000000080ff03000009000000060000000300000002000000d50d000006000000ff000000e104000001000000feffffff00000000670000000600000000000100030000000100000007000000fa691c24ff000000000000009d0000007f0000000100000002000000f7ffffff2604000002000000f20000000600000000000080180f00000000008001010000010000000c10000042060000010000001f0000000001000050417f4d08000000000800000000000002000000000000000400000009000000070000003f000000060b00000700000003000000ff0300000600000000000000400000003ad1ca27070000000200000000000000060000000104000003000000070000007f000000090000000100008001000100030000003f000000a4810000020000001f0000000400000001000000010000004a0000007f00000075070000010000000800000002000000010000800400000002000000f505000002000000070000000500000009000000810000007502000003000000060000000001000100000000070000000300000005000000000000005d0500008c000000ff0f0000010400000200000000000000ac0000000000000009000000ff7f0000020000001d0e0000540e0000200000000500000005000000030000007f0000000100000000000080a5b200000400000004000000000000000500000001000000c1ffffff4c0f000001000000c66a65626b00000008000000e00f0000720d00000500000000000000ff00000009000000ffff00000500000020050000100000002f6465762f627367005e252e277b2100"], 0x430}, 0x1, 0x0, 0x0, 0x8804}, 0x8000) 06:49:05 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1da}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:05 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0x0) 06:49:05 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x4e000) 06:49:05 executing program 2: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:05 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0x0) 06:49:05 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:05 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x204}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x4f000) 06:49:05 executing program 2: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)=0x0) timer_getoverrun(r1) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:05 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0x0) 06:49:05 executing program 5: ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(0xffffffffffffffff, 0x40505330, &(0x7f00000002c0)={{0x46}, {0x40, 0x17}, 0x6, 0x4, 0x8}) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x2002, 0x0) recvmsg(r0, &(0x7f0000000280)={&(0x7f0000000100)=@generic, 0x80, &(0x7f0000000180), 0x0, &(0x7f00000001c0)=""/140, 0x8c}, 0x2000) 06:49:05 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x300}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:05 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x50000) 06:49:05 executing program 2: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) timer_create(0x0, &(0x7f0000000100)={0x0, 0xa, 0x4, @tid=r0}, &(0x7f0000000180)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:05 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0x0) 06:49:05 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:05 executing program 2: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:05 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:05 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x402}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x51000) 06:49:05 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, &(0x7f0000000000)=""/31) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, r1) mmap$usbmon(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4, 0x110, r0, 0x8) 06:49:05 executing program 2: getpid() mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:05 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0x0) 06:49:05 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x0) 06:49:05 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x406}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:05 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x8141) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r1, 0x0, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x4058}, 0x20) r2 = accept4(0xffffffffffffffff, &(0x7f0000000200)=@in6={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000280)=0x80, 0x80000) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000000380)={'ip6tnl0\x00', &(0x7f0000000300)={'ip6tnl0\x00', 0x0, 0x4, 0x0, 0xfc, 0x3f, 0x40, @mcast2, @mcast1, 0xc0, 0x80, 0x7, 0x400}}) sendmsg$nl_xfrm(r2, &(0x7f00000004c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)=@updpolicy={0xc0, 0x19, 0x2, 0x70bd28, 0x25dfdbfb, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x4e22, 0xce12, 0x4e23, 0x3, 0x2, 0xa0, 0x60, 0x3c, r3, 0xee01}, {0x28000000000000, 0x6, 0x5, 0xca9, 0x20, 0x8000, 0x7ff, 0x1}, {0x1, 0x0, 0x7fff, 0x2}, 0x6d15b1d4, 0x6e6bba, 0x0, 0x1, 0x1, 0x1}, [@etimer_thresh={0x8, 0xc, 0x7}]}, 0xc0}, 0x1, 0x0, 0x0, 0x24000001}, 0x4000040) select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x0, &(0x7f0000000080)={0x7, 0x0, 0xfffffffffffffffc}, &(0x7f00000000c0)={0x0, 0xea60}) 06:49:05 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x52000) 06:49:05 executing program 2: getpid() mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:05 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x0) 06:49:05 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0x0) 06:49:06 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x604}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:06 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x53000) 06:49:06 executing program 2: getpid() mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:06 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x700}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:06 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x0) 06:49:06 executing program 5: select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa9c5}, 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x6}, &(0x7f00000000c0)={0x77359400}) pselect6(0x40, &(0x7f0000000100)={0x2, 0x0, 0x3f, 0x3, 0x3, 0x9, 0x3, 0xfffffffffffffffe}, &(0x7f0000000140)={0x7f, 0x8001, 0x2, 0x528, 0x80000000, 0xffff, 0x9, 0x4}, &(0x7f0000000180)={0x6, 0x2, 0x1, 0x608, 0x6, 0x5, 0x7ff, 0x80000001}, &(0x7f00000001c0)={0x0, 0x989680}, &(0x7f0000000240)={&(0x7f0000000200)={[0x500000000000000]}, 0x8}) r0 = getpid() sched_getparam(r0, &(0x7f0000000040)) ioprio_set$pid(0x3, 0xffffffffffffffff, 0x2004) select(0x40, &(0x7f0000000280)={0x8000, 0x412, 0x5, 0x6, 0xaa, 0x1, 0x2, 0x8001}, &(0x7f00000002c0)={0x3, 0xba6, 0x22c34738, 0x800, 0x4, 0x1000, 0x100010000, 0x6}, &(0x7f0000000300)={0x3, 0x8000, 0x5f, 0x3, 0x8, 0x20, 0x228, 0x1}, &(0x7f0000000340)) syz_open_dev$ptys(0xc, 0x3, 0x0) 06:49:06 executing program 1: madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0x0) 06:49:06 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x54000) 06:49:06 executing program 2: sched_getparam(0x0, &(0x7f0000000540)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:06 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:06 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x53000) 06:49:06 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x55000) 06:49:06 executing program 1: madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0x0) 06:49:06 executing program 2: sched_getparam(0x0, 0x0) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:06 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:06 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:06 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x56000) 06:49:06 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) select(0x40, &(0x7f0000000040)={0x6, 0x10000000000000, 0x9, 0x20, 0x1ff, 0x100, 0x0, 0x9}, &(0x7f0000000100)={0x100000001, 0x3, 0xd5bb, 0x4, 0xe5c, 0xf3d2, 0x2952, 0x8}, &(0x7f0000000140)={0xffffffffffffffe0, 0x9, 0x8cc, 0x96e, 0x3ff, 0x9, 0x8}, &(0x7f0000000180)={0x0, 0xea60}) 06:49:06 executing program 1: madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0x0) 06:49:06 executing program 2: sched_getparam(0x0, 0x0) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:06 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x4200}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:06 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:06 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x57000) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x6000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x58000) 06:49:07 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0x0) 06:49:07 executing program 2: sched_getparam(0x0, 0x0) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:07 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x60ff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0x0) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x59000) 06:49:07 executing program 2: sched_getparam(0x0, &(0x7f0000000540)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:07 executing program 4: madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x7f00}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x5a000) 06:49:07 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0x0) 06:49:07 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000180)={'syztnl0\x00', &(0x7f0000000100)={'ip6gre0\x00', 0x0, 0x29, 0x1, 0xf8, 0x7ff, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, @local, 0x0, 0x8000, 0x4, 0x4}}) sigaltstack(&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000040)) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000280)={'ip6gre0\x00', &(0x7f0000000200)={'syztnl0\x00', r1, 0x2f, 0x8, 0xfd, 0x1, 0x32, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast2, 0x7, 0x1, 0x54b, 0xa5a}}) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f00000001c0)={0x80000001, 0x16}) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) inotify_rm_watch(r3, 0x0) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, 0xffffffffffffffff) ioctl$TIOCEXCL(r2, 0x540c) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_RESET(r3, 0x2403, 0x9) 06:49:07 executing program 2: sched_getparam(0x0, &(0x7f0000000540)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:07 executing program 4: madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x9700}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x5b000) 06:49:07 executing program 2: sched_getparam(0x0, &(0x7f0000000540)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xd801}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 1: sched_getparam(0x0, 0x0) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:07 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x4000)=nil, 0x4000, 0x2000004, 0x8010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_setup(0x622d, &(0x7f0000000100)={0x0, 0x1625, 0x10, 0x0, 0x254}, &(0x7f0000e23000/0x1000)=nil, &(0x7f0000002000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_submit(r0, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x6, 0x8000, 0x0, 0x0, 0x1e, 0x0, {0x1}}, 0x2) 06:49:07 executing program 4: madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x15) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xda01}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x4000)=nil, 0x4000, 0x2000004, 0x8010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_setup(0x622d, &(0x7f0000000100)={0x0, 0x1625, 0x10, 0x0, 0x254}, &(0x7f0000e23000/0x1000)=nil, &(0x7f0000002000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_submit(r0, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x6, 0x8000, 0x0, 0x0, 0x1e, 0x0, {0x1}}, 0x2) 06:49:07 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x0) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x5c000) 06:49:07 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x4000)=nil, 0x4000, 0x2000004, 0x8010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_setup(0x622d, &(0x7f0000000100)={0x0, 0x1625, 0x10, 0x0, 0x254}, &(0x7f0000e23000/0x1000)=nil, &(0x7f0000002000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_submit(r0, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x6, 0x8000, 0x0, 0x0, 0x1e, 0x0, {0x1}}, 0x2) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x40000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x4000)=nil, 0x4000, 0x2000004, 0x8010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_setup(0x622d, &(0x7f0000000100)={0x0, 0x1625, 0x10, 0x0, 0x254}, &(0x7f0000e23000/0x1000)=nil, &(0x7f0000002000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_submit(r0, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x6, 0x8000, 0x0, 0x0, 0x1e, 0x0, {0x1}}, 0x2) 06:49:07 executing program 5: getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f0000000480)=0x10) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000200)={0x800, 0x4, 0x6, 0x5a6, 0x1, 0x6, 0x40, 0xfff}, &(0x7f0000000240)={0x0, 0x7, 0x4, 0xffffffffffff0000, 0x2, 0x9, 0x1, 0x9}, &(0x7f0000000280)={0x3, 0x5, 0xff, 0x4, 0x40, 0x8, 0x1, 0xa7}, &(0x7f00000002c0), &(0x7f0000000340)={&(0x7f0000000300), 0x8}) futex(&(0x7f0000000380)=0x1, 0x8c, 0x2, &(0x7f00000003c0), &(0x7f0000000440), 0x2) r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x110, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)=0x0) r2 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000640)='./file0\x00', 0x80000020) inotify_rm_watch(0xffffffffffffffff, r2) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) syz_io_uring_submit(r0, r1, &(0x7f00000001c0)=@IORING_OP_NOP={0x0, 0x5}, 0x1) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x5d000) 06:49:07 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x0) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x80000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x4000)=nil, 0x4000, 0x2000004, 0x8010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_setup(0x622d, &(0x7f0000000100)={0x0, 0x1625, 0x10, 0x0, 0x254}, &(0x7f0000e23000/0x1000)=nil, &(0x7f0000002000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_submit(r0, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x6, 0x8000, 0x0, 0x0, 0x1e, 0x0, {0x1}}, 0x2) 06:49:07 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x4000)=nil, 0x4000, 0x2000004, 0x8010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_setup(0x622d, &(0x7f0000000100)={0x0, 0x1625, 0x10, 0x0, 0x254}, &(0x7f0000e23000/0x1000)=nil, &(0x7f0000002000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_submit(r0, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x6, 0x8000, 0x0, 0x0, 0x1e, 0x0, {0x1}}, 0x2) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x5e000) 06:49:07 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x4000)=nil, 0x4000, 0x2000004, 0x8010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_setup(0x622d, &(0x7f0000000100)={0x0, 0x1625, 0x10, 0x0, 0x254}, &(0x7f0000e23000/0x1000)=nil, &(0x7f0000002000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) 06:49:07 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) madvise(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x0) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x91000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x4000)=nil, 0x4000, 0x2000004, 0x8010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_setup(0x622d, &(0x7f0000000100)={0x0, 0x1625, 0x10, 0x0, 0x254}, &(0x7f0000e23000/0x1000)=nil, &(0x7f0000002000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) 06:49:07 executing program 5: select(0x40, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, &(0x7f0000000080)={0x7, 0x20000000000000, 0x0, 0x0, 0x0, 0x0, 0x7be}, &(0x7f00000000c0)={0x0, 0xea60}) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x5f000) 06:49:07 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x4000)=nil, 0x4000, 0x2000004, 0x8010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) syz_io_uring_setup(0x622d, &(0x7f0000000100)={0x0, 0x1625, 0x10, 0x0, 0x254}, &(0x7f0000e23000/0x1000)=nil, &(0x7f0000002000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) 06:49:07 executing program 4: getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f0000000480)=0x10) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000200)={0x800, 0x4, 0x6, 0x5a6, 0x1, 0x6, 0x40, 0xfff}, &(0x7f0000000240)={0x0, 0x7, 0x4, 0xffffffffffff0000, 0x2, 0x9, 0x1, 0x9}, &(0x7f0000000280)={0x3, 0x5, 0xff, 0x4, 0x40, 0x8, 0x1, 0xa7}, &(0x7f00000002c0), &(0x7f0000000340)={&(0x7f0000000300), 0x8}) futex(&(0x7f0000000380)=0x1, 0x8c, 0x2, &(0x7f00000003c0), &(0x7f0000000440), 0x2) r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x110, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)=0x0) r2 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000640)='./file0\x00', 0x80000020) inotify_rm_watch(0xffffffffffffffff, r2) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) syz_io_uring_submit(r0, r1, &(0x7f00000001c0)=@IORING_OP_NOP={0x0, 0x5}, 0x1) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x100900}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x4000)=nil, 0x4000, 0x2000004, 0x8010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) syz_io_uring_setup(0x622d, &(0x7f0000000100)={0x0, 0x1625, 0x10, 0x0, 0x254}, &(0x7f0000e23000/0x1000)=nil, &(0x7f0000002000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x104000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x60000) 06:49:07 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x4000)=nil, 0x4000, 0x2000004, 0x8010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:07 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x4000)=nil, 0x4000, 0x2000004, 0x8010, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x61000) 06:49:07 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:07 executing program 5: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) sendmsg$AUDIT_SET(0xffffffffffffffff, &(0x7f0000001200)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001180)={0x38, 0x3e9, 0x800, 0x70bd2b, 0x25dfdbfe, {0x23, 0x1, 0x2, r0, 0x7f, 0xfff, 0x5, 0x1, 0x0, 0x2}}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x10048) ioctl$MON_IOCX_GET(0xffffffffffffffff, 0x40189206, &(0x7f0000001100)={&(0x7f0000000040), &(0x7f0000000100)=""/4096, 0x1000}) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x105400}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 4: getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f0000000480)=0x10) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000200)={0x800, 0x4, 0x6, 0x5a6, 0x1, 0x6, 0x40, 0xfff}, &(0x7f0000000240)={0x0, 0x7, 0x4, 0xffffffffffff0000, 0x2, 0x9, 0x1, 0x9}, &(0x7f0000000280)={0x3, 0x5, 0xff, 0x4, 0x40, 0x8, 0x1, 0xa7}, &(0x7f00000002c0), &(0x7f0000000340)={&(0x7f0000000300), 0x8}) futex(&(0x7f0000000380)=0x1, 0x8c, 0x2, &(0x7f00000003c0), &(0x7f0000000440), 0x2) r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x110, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)=0x0) r2 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000640)='./file0\x00', 0x80000020) inotify_rm_watch(0xffffffffffffffff, r2) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) syz_io_uring_submit(r0, r1, &(0x7f00000001c0)=@IORING_OP_NOP={0x0, 0x5}, 0x1) 06:49:07 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x4000)=nil, 0x4000, 0x2000004, 0x8010, 0xffffffffffffffff, 0x0) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x62000) 06:49:07 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x200000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x63000) 06:49:07 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x400000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x64000) 06:49:07 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) inotify_rm_watch(r0, 0x0) 06:49:07 executing program 4: getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f0000000480)=0x10) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000200)={0x800, 0x4, 0x6, 0x5a6, 0x1, 0x6, 0x40, 0xfff}, &(0x7f0000000240)={0x0, 0x7, 0x4, 0xffffffffffff0000, 0x2, 0x9, 0x1, 0x9}, &(0x7f0000000280)={0x3, 0x5, 0xff, 0x4, 0x40, 0x8, 0x1, 0xa7}, &(0x7f00000002c0), &(0x7f0000000340)={&(0x7f0000000300), 0x8}) futex(&(0x7f0000000380)=0x1, 0x8c, 0x2, &(0x7f00000003c0), &(0x7f0000000440), 0x2) r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x110, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)=0x0) r2 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000640)='./file0\x00', 0x80000020) inotify_rm_watch(0xffffffffffffffff, r2) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) syz_io_uring_submit(r0, r1, &(0x7f00000001c0)=@IORING_OP_NOP={0x0, 0x5}, 0x1) 06:49:07 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x401000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x65000) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x402e1d}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x66000) 06:49:07 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:07 executing program 5: ioctl$KDSETKEYCODE(0xffffffffffffffff, 0x4b4d, &(0x7f0000000040)={0x4d2e, 0x1}) select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x2, 0x0, 0x62ac}, 0x0, &(0x7f0000000080)={0x7, 0x1, 0x9}, &(0x7f00000000c0)={0x77359400}) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x67000) 06:49:07 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:07 executing program 4: getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f0000000480)=0x10) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000200)={0x800, 0x4, 0x6, 0x5a6, 0x1, 0x6, 0x40, 0xfff}, &(0x7f0000000240)={0x0, 0x7, 0x4, 0xffffffffffff0000, 0x2, 0x9, 0x1, 0x9}, &(0x7f0000000280)={0x3, 0x5, 0xff, 0x4, 0x40, 0x8, 0x1, 0xa7}, &(0x7f00000002c0), &(0x7f0000000340)={&(0x7f0000000300), 0x8}) futex(&(0x7f0000000380)=0x1, 0x8c, 0x2, &(0x7f00000003c0), &(0x7f0000000440), 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x110, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) r0 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000640)='./file0\x00', 0x80000020) inotify_rm_watch(0xffffffffffffffff, r0) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x4af000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 1: mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x68000) 06:49:07 executing program 2: mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:07 executing program 1: mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) 06:49:07 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x4fd000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:07 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x69000) 06:49:07 executing program 2: mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:08 executing program 5: select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x77359400}) prctl$PR_SET_NAME(0xf, &(0x7f0000000040)=',\x00') 06:49:08 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x541000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:08 executing program 1: mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) 06:49:08 executing program 4: getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f0000000480)=0x10) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000200)={0x800, 0x4, 0x6, 0x5a6, 0x1, 0x6, 0x40, 0xfff}, &(0x7f0000000240)={0x0, 0x7, 0x4, 0xffffffffffff0000, 0x2, 0x9, 0x1, 0x9}, &(0x7f0000000280)={0x3, 0x5, 0xff, 0x4, 0x40, 0x8, 0x1, 0xa7}, &(0x7f00000002c0), &(0x7f0000000340)={&(0x7f0000000300), 0x8}) futex(&(0x7f0000000380)=0x1, 0x8c, 0x2, &(0x7f00000003c0), &(0x7f0000000440), 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x110, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000640)='./file0\x00', 0x80000020) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:08 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x6a000) 06:49:08 executing program 2: mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:08 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x6b000) 06:49:08 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x600000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:08 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:08 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000e31000/0x1000)=nil) 06:49:08 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x6c000) 06:49:08 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x80ffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:09 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x282000, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000002, 0x30, r0, 0x8000000) select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, &(0x7f0000000080)={0x7, 0x8, 0x5, 0x0, 0x0, 0x0, 0x10001, 0x7ff}, &(0x7f00000000c0)={0x0, 0xea60}) 06:49:09 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:09 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x970000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:09 executing program 4: getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f0000000480)=0x10) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000200)={0x800, 0x4, 0x6, 0x5a6, 0x1, 0x6, 0x40, 0xfff}, &(0x7f0000000240)={0x0, 0x7, 0x4, 0xffffffffffff0000, 0x2, 0x9, 0x1, 0x9}, &(0x7f0000000280)={0x3, 0x5, 0xff, 0x4, 0x40, 0x8, 0x1, 0xa7}, &(0x7f00000002c0), &(0x7f0000000340)={&(0x7f0000000300), 0x8}) futex(&(0x7f0000000380)=0x1, 0x8c, 0x2, &(0x7f00000003c0), &(0x7f0000000440), 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x110, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:09 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000e31000/0x1000)=nil) 06:49:09 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x6d000) 06:49:09 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000e31000/0x1000)=nil) 06:49:09 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xc04a01}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:09 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x6e000) 06:49:09 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:09 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1d729000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:09 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1d729000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:09 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xc0ffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:09 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x6f000) 06:49:09 executing program 4: getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f0000000480)=0x10) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000200)={0x800, 0x4, 0x6, 0x5a6, 0x1, 0x6, 0x40, 0xfff}, &(0x7f0000000240)={0x0, 0x7, 0x4, 0xffffffffffff0000, 0x2, 0x9, 0x1, 0x9}, &(0x7f0000000280)={0x3, 0x5, 0xff, 0x4, 0x40, 0x8, 0x1, 0xa7}, &(0x7f00000002c0), &(0x7f0000000340)={&(0x7f0000000300), 0x8}) futex(&(0x7f0000000380)=0x1, 0x8c, 0x2, &(0x7f00000003c0), &(0x7f0000000440), 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x110, 0xffffffffffffffff, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:09 executing program 5: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0) ioctl$SNAPSHOT_FREE(r0, 0x3305) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PTP_PIN_GETFUNC(r1, 0xc0603d06, &(0x7f0000000200)={'\x00', 0x1, 0x3, 0xff}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$MON_IOCX_GET(r1, 0x40189206, &(0x7f00000001c0)={&(0x7f0000000100), &(0x7f0000000140)=""/120, 0x78}) 06:49:09 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x0, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:09 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1d729000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:09 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xd04f00}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:09 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x0, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:09 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x70000) 06:49:09 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1d729000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1549.168282][T14818] Restarting kernel threads ... done. 06:49:09 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x0, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:09 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x71000) 06:49:09 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1d729000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:09 executing program 4: getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f0000000480)=0x10) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000200)={0x800, 0x4, 0x6, 0x5a6, 0x1, 0x6, 0x40, 0xfff}, &(0x7f0000000240)={0x0, 0x7, 0x4, 0xffffffffffff0000, 0x2, 0x9, 0x1, 0x9}, &(0x7f0000000280)={0x3, 0x5, 0xff, 0x4, 0x40, 0x8, 0x1, 0xa7}, &(0x7f00000002c0), &(0x7f0000000340)={&(0x7f0000000300), 0x8}) futex(&(0x7f0000000380)=0x1, 0x8c, 0x2, &(0x7f00000003c0), &(0x7f0000000440), 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x110, 0xffffffffffffffff, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:09 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x72000) [ 1549.237280][T14818] Restarting kernel threads ... done. 06:49:09 executing program 5: select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) getitimer(0x1, &(0x7f0000000040)) 06:49:09 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xf04a00}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:09 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, 0x0, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:09 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1d729000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:09 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x73000) 06:49:09 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, 0x0, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:10 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xf0e120}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:10 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x74000) 06:49:10 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1d729000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:10 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, 0x0, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:10 executing program 4: getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f0000000480)=0x10) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000200)={0x800, 0x4, 0x6, 0x5a6, 0x1, 0x6, 0x40, 0xfff}, &(0x7f0000000240)={0x0, 0x7, 0x4, 0xffffffffffff0000, 0x2, 0x9, 0x1, 0x9}, &(0x7f0000000280)={0x3, 0x5, 0xff, 0x4, 0x40, 0x8, 0x1, 0xa7}, &(0x7f00000002c0), &(0x7f0000000340)={&(0x7f0000000300), 0x8}) futex(&(0x7f0000000380)=0x1, 0x8c, 0x2, &(0x7f00000003c0), &(0x7f0000000440), 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x110, 0xffffffffffffffff, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:10 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:10 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, 0x0, &(0x7f00000000c0)) 06:49:10 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x75000) 06:49:10 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xc04a01}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:10 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x14ac000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:10 executing program 4: getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f0000000480)=0x10) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000200)={0x800, 0x4, 0x6, 0x5a6, 0x1, 0x6, 0x40, 0xfff}, &(0x7f0000000240)={0x0, 0x7, 0x4, 0xffffffffffff0000, 0x2, 0x9, 0x1, 0x9}, &(0x7f0000000280)={0x3, 0x5, 0xff, 0x4, 0x40, 0x8, 0x1, 0xa7}, &(0x7f00000002c0), &(0x7f0000000340)={&(0x7f0000000300), 0x8}) futex(&(0x7f0000000380)=0x1, 0x8c, 0x2, &(0x7f00000003c0), &(0x7f0000000440), 0x2) syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:10 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:10 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:10 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x76000) 06:49:10 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:10 executing program 5: mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xe, 0x20010, 0xffffffffffffffff, 0x10000000) r0 = syz_io_uring_setup(0x723c, &(0x7f0000000200)={0x0, 0x78b4, 0x10, 0x3, 0x14d}, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000280), &(0x7f00000002c0)) mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000009, 0x30, r0, 0x10000000) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000040)='\x00') getpid() r2 = getpid() ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000080)={{0x6, 0xb3}, 'port1\x00', 0x1, 0xa0000, 0xcd, 0x7, 0x3, 0x6, 0x0, 0x0, 0x3, 0x2f}) sched_getparam(r2, &(0x7f0000000540)) ptrace$peekuser(0x3, r2, 0xfffffffffffffffc) ptrace$peekuser(0x3, r2, 0x7c3) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) r4 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r4, 0x0) r5 = gettid() getpid() shmctl$IPC_SET(r4, 0x1, &(0x7f0000000380)={{0x2, 0x0, 0x0, 0xee00, 0xee01, 0xc0, 0x7}, 0x40000005, 0xfffffffffffffffb, 0x5, 0x4d5, 0xffffffffffffffff, r5, 0x7}) perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x81, 0x7f, 0x81, 0x31, 0x0, 0x3ff, 0x24082, 0xf, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x7, 0x4, @perf_bp={&(0x7f0000000140), 0x2}, 0x0, 0x7f, 0x8, 0x9, 0x401, 0x80, 0x2, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x7, r3, 0x3) 06:49:10 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, 0x0, &(0x7f00000000c0)) 06:49:10 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2040000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:10 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x77000) 06:49:10 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:10 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, 0x0, &(0x7f00000000c0)) 06:49:10 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x3000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:10 executing program 4: getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f0000000480)=0x10) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000200)={0x800, 0x4, 0x6, 0x5a6, 0x1, 0x6, 0x40, 0xfff}, &(0x7f0000000240)={0x0, 0x7, 0x4, 0xffffffffffff0000, 0x2, 0x9, 0x1, 0x9}, &(0x7f0000000280)={0x3, 0x5, 0xff, 0x4, 0x40, 0x8, 0x1, 0xa7}, &(0x7f00000002c0), &(0x7f0000000340)={&(0x7f0000000300), 0x8}) syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:10 executing program 5: shmget(0x0, 0x4000, 0x200, &(0x7f0000ffb000/0x4000)=nil) select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001, 0x400000000000}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000040)={0x6, 0xfffffffffffffff4, 0x6b1, 0x54c, 0x8001, 0xfffffffffffff001, 0x100000000, 0x8}, &(0x7f0000000100)={0x3f, 0x101, 0x9f9, 0x20, 0xbd30, 0x0, 0x7, 0x8}, &(0x7f0000000140)={0x4, 0x6, 0x1ff, 0x7, 0x0, 0xfffffffffffffffa, 0x0, 0x200}, &(0x7f0000000180), &(0x7f0000000200)={&(0x7f00000001c0)={[0x101]}, 0x8}) 06:49:10 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x78000) 06:49:10 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), 0x0) 06:49:10 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x4000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:10 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:10 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x6040000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:10 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x79000) 06:49:10 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:10 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), 0x0) 06:49:10 executing program 4: getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f0000000480)=0x10) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:10 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), 0x0) 06:49:10 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000040)={0xffffffff00000000, 0x1, 0x73, 0x3ff, 0xfffffffffffffde1, 0x2, 0xffff, 0x9}, &(0x7f0000000100)={0xfffffffffffffe01, 0x200000000000, 0x100, 0x20, 0x20}, &(0x7f0000000140)={0x10000, 0xfdd7, 0x1, 0x7, 0x100, 0x40000000000, 0xffffffffffff9665, 0xffff}, &(0x7f00000001c0)={r0, r1+60000000}, &(0x7f0000000240)={&(0x7f0000000200)={[0x2a3]}, 0x8}) 06:49:10 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x7000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:10 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, 0x0, &(0x7f00000000c0)) 06:49:10 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x7a000) 06:49:10 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:10 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x8000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:10 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:10 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x7b000) 06:49:10 executing program 2: syz_io_uring_setup(0x0, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0xf48, &(0x7f0000000180), &(0x7f0000e30000/0x3000)=nil, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000240)) syz_io_uring_setup(0x7e10, &(0x7f0000000080)={0x0, 0x9856, 0x10, 0x0, 0x11d}, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) 06:49:10 executing program 4: getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f0000000480)=0x10) syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:10 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x10000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:10 executing program 2: syz_io_uring_setup(0x0, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0xf48, &(0x7f0000000180), &(0x7f0000e30000/0x3000)=nil, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000240)) syz_io_uring_setup(0x7e10, &(0x7f0000000080)={0x0, 0x9856, 0x10, 0x0, 0x11d}, &(0x7f0000c49000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) 06:49:10 executing program 5: sendmsg$NLBL_UNLABEL_C_ACCEPT(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="00000000e7136d829ce6a2cc374a0200ffff16e44add23486de38da733e8001d0b7a8f92f62f4293af234701674bc13faa3a8fe3b4bf2fb9078bc1000000000000000000", @ANYRES16=0x0, @ANYBLOB="010027bd7000ffdbdf250100000014000300000000000000000000000000000000011400060073797a5f74756e0000000000000000002900070073797374656d5f753a6f626a6563745f723a67657474795f7661725f72756e5f743a73300000000008000400e0000001050001000000000005000100010000000500010000000000"], 0x88}, 0x1, 0x0, 0x0, 0x40}, 0x20048060) select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) clock_nanosleep(0x3, 0x1, &(0x7f0000000100)={r0, r1+60000000}, 0x0) 06:49:10 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x7c000) 06:49:10 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:10 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:10 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1d2e4000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:10 executing program 2 (fault-call:2 fault-nth:0): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:10 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x7d000) [ 1549.941526][T14982] FAULT_INJECTION: forcing a failure. [ 1549.941526][T14982] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1549.954682][T14982] CPU: 0 PID: 14982 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1549.963461][T14982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1549.973509][T14982] Call Trace: [ 1549.976784][T14982] dump_stack+0x137/0x19d [ 1549.981156][T14982] should_fail+0x23c/0x250 [ 1549.985666][T14982] should_fail_usercopy+0x16/0x20 06:49:10 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:10 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x20000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:10 executing program 4: syz_io_uring_setup(0x0, &(0x7f0000000100)={0x0, 0xb9bd, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:10 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x7e000) 06:49:10 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x7f000) [ 1549.990787][T14982] _copy_from_user+0x1c/0xd0 [ 1549.995383][T14982] __x64_sys_io_uring_setup+0x4b/0x120 [ 1550.000883][T14982] ? fput+0x2d/0x130 [ 1550.004813][T14982] ? ksys_write+0x157/0x180 [ 1550.009640][T14982] ? fpregs_assert_state_consistent+0x7d/0x90 [ 1550.015715][T14982] ? exit_to_user_mode_prepare+0x65/0x190 [ 1550.021443][T14982] do_syscall_64+0x4a/0x90 [ 1550.025864][T14982] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1550.031841][T14982] RIP: 0033:0x4665d9 [ 1550.035733][T14982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1550.055338][T14982] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1550.063752][T14982] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1550.071724][T14982] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1550.079774][T14982] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 06:49:10 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) pselect6(0x40, &(0x7f0000000040)={0x0, 0x101, 0x1, 0x8, 0x101, 0xff, 0x200, 0x7}, &(0x7f0000000100)={0x6, 0x80, 0x1f, 0x99, 0x63, 0x40, 0x7, 0x8366}, &(0x7f0000000140)={0x20, 0x7, 0x7, 0x5, 0xff00000000000000, 0x5}, &(0x7f0000000180), &(0x7f0000000200)={&(0x7f00000001c0)={[0x2]}, 0x8}) 06:49:10 executing program 4: syz_io_uring_setup(0x0, &(0x7f0000000100)={0x0, 0xb9bd, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:10 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x80000) 06:49:10 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x20e1f000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:10 executing program 1 (fault-call:1 fault-nth:0): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:10 executing program 2 (fault-call:2 fault-nth:1): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1550.087776][T14982] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1550.095742][T14982] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1550.145571][T15010] FAULT_INJECTION: forcing a failure. [ 1550.145571][T15010] name failslab, interval 1, probability 0, space 0, times 0 [ 1550.158204][T15010] CPU: 1 PID: 15010 Comm: syz-executor.1 Not tainted 5.13.0-rc4-syzkaller #0 [ 1550.160926][T15013] FAULT_INJECTION: forcing a failure. [ 1550.160926][T15013] name failslab, interval 1, probability 0, space 0, times 0 [ 1550.167379][T15010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1550.167392][T15010] Call Trace: [ 1550.167399][T15010] dump_stack+0x137/0x19d [ 1550.167420][T15010] should_fail+0x23c/0x250 [ 1550.167435][T15010] ? vm_area_dup+0x44/0x120 [ 1550.207025][T15010] __should_failslab+0x81/0x90 [ 1550.211913][T15010] should_failslab+0x5/0x20 [ 1550.216416][T15010] kmem_cache_alloc+0x46/0x2f0 [ 1550.221211][T15010] vm_area_dup+0x44/0x120 [ 1550.225604][T15010] ? __alloc_pages+0x194/0x320 [ 1550.230367][T15010] ? __mod_memcg_lruvec_state+0xaa/0x190 [ 1550.235987][T15010] ? kstrtoull+0x30e/0x350 [ 1550.240505][T15010] __split_vma+0x82/0x320 [ 1550.244817][T15010] ? vmacache_find+0x2d2/0x320 [ 1550.249563][T15010] __do_munmap+0x27c/0x1340 [ 1550.254199][T15010] ? get_pid_task+0x8b/0xc0 [ 1550.258830][T15010] do_munmap+0x2c/0x40 [ 1550.262885][T15010] __do_sys_mremap+0x6cd/0xc20 [ 1550.267730][T15010] __x64_sys_mremap+0x63/0x70 [ 1550.272422][T15010] do_syscall_64+0x4a/0x90 [ 1550.276830][T15010] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1550.282717][T15010] RIP: 0033:0x4665d9 [ 1550.286598][T15010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1550.309440][T15010] RSP: 002b:00007f6998425188 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1550.318026][T15010] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1550.325978][T15010] RDX: 0000000000004000 RSI: 0000000000012000 RDI: 0000000020e1f000 [ 1550.334023][T15010] RBP: 00007f69984251d0 R08: 0000000020e31000 R09: 0000000000000000 06:49:11 executing program 4: syz_io_uring_setup(0x0, &(0x7f0000000100)={0x0, 0xb9bd, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:11 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x81000) [ 1550.341974][T15010] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 1550.349936][T15010] R13: 00007fff40914b3f R14: 00007f6998425300 R15: 0000000000022000 [ 1550.358104][T15013] CPU: 0 PID: 15013 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1550.366869][T15013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1550.376931][T15013] Call Trace: [ 1550.380211][T15013] dump_stack+0x137/0x19d [ 1550.384593][T15013] should_fail+0x23c/0x250 [ 1550.389002][T15013] __should_failslab+0x81/0x90 06:49:11 executing program 1 (fault-call:1 fault-nth:1): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:11 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x40000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1550.393764][T15013] ? io_uring_create+0x120/0x18d0 [ 1550.398779][T15013] should_failslab+0x5/0x20 [ 1550.403354][T15013] kmem_cache_alloc_trace+0x49/0x310 [ 1550.408641][T15013] io_uring_create+0x120/0x18d0 [ 1550.413499][T15013] ? vfs_write+0x50c/0x770 [ 1550.418238][T15013] ? should_fail+0xd6/0x250 [ 1550.422799][T15013] __x64_sys_io_uring_setup+0xe1/0x120 [ 1550.428275][T15013] do_syscall_64+0x4a/0x90 [ 1550.432752][T15013] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1550.438655][T15013] RIP: 0033:0x4665d9 06:49:11 executing program 4: syz_io_uring_setup(0x2a8d, 0x0, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:11 executing program 5: select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, &(0x7f0000000080)={0x7}, &(0x7f0000000040)={0x0, 0xea60}) ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000001c0), 0x9c080, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = perf_event_open$cgroup(&(0x7f0000000100)={0x2, 0x80, 0x2, 0x3f, 0x8, 0x20, 0x0, 0xa, 0x2, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x571365d401b85a4b, @perf_bp={&(0x7f00000000c0), 0xc}, 0x8109, 0x7, 0x1bb381fe, 0x2, 0x7, 0x80000000, 0x3, 0x0, 0x1, 0x0, 0x2}, r0, 0x3, r0, 0x6) ioctl$PERF_EVENT_IOC_QUERY_BPF(r1, 0xc008240a, &(0x7f0000000180)={0x5, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0]}) mlock(&(0x7f0000ffe000/0x1000)=nil, 0x1000) ioctl$TIOCSBRK(r0, 0x5427) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) r3 = perf_event_open$cgroup(&(0x7f00000002c0)={0x4, 0x80, 0x3, 0x8, 0x3f, 0x3f, 0x0, 0x80000001, 0x6088, 0x5, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0x2}, 0x2, 0x153, 0x7993, 0x0, 0x1f, 0x200, 0x3, 0x0, 0x8000, 0x0, 0x8}, r0, 0x2, r0, 0x4) perf_event_open$cgroup(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x40, 0x49, 0x8, 0x0, 0xfffffffffffffff8, 0x2a, 0x4, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000200), 0x8}, 0x10040, 0x3, 0x2, 0x1, 0x0, 0x47, 0x80, 0x0, 0x7fff, 0x0, 0x4}, r2, 0x1, r3, 0xfefd743f98458fcc) [ 1550.442753][T15013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1550.462454][T15013] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1550.471041][T15013] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1550.479035][T15013] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1550.487000][T15013] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1550.489957][T15029] FAULT_INJECTION: forcing a failure. [ 1550.489957][T15029] name failslab, interval 1, probability 0, space 0, times 0 [ 1550.494990][T15013] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1550.515540][T15013] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1550.523617][T15029] CPU: 1 PID: 15029 Comm: syz-executor.1 Not tainted 5.13.0-rc4-syzkaller #0 [ 1550.532477][T15029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1550.542573][T15029] Call Trace: 06:49:11 executing program 2 (fault-call:2 fault-nth:2): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:11 executing program 4: syz_io_uring_setup(0x2a8d, 0x0, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:11 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x82000) 06:49:11 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x42000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1550.545843][T15029] dump_stack+0x137/0x19d [ 1550.550188][T15029] should_fail+0x23c/0x250 [ 1550.554606][T15029] ? vm_area_dup+0x44/0x120 [ 1550.559168][T15029] __should_failslab+0x81/0x90 [ 1550.563970][T15029] should_failslab+0x5/0x20 [ 1550.568477][T15029] kmem_cache_alloc+0x46/0x2f0 [ 1550.573626][T15029] vm_area_dup+0x44/0x120 [ 1550.578094][T15029] __split_vma+0x82/0x320 [ 1550.582418][T15029] ? vmacache_find+0x2d2/0x320 [ 1550.587267][T15029] __do_munmap+0x2e9/0x1340 [ 1550.591784][T15029] ? get_pid_task+0x8b/0xc0 06:49:11 executing program 4: syz_io_uring_setup(0x2a8d, 0x0, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) [ 1550.596294][T15029] do_munmap+0x2c/0x40 [ 1550.600372][T15029] __do_sys_mremap+0x6cd/0xc20 [ 1550.605158][T15029] __x64_sys_mremap+0x63/0x70 [ 1550.609840][T15029] do_syscall_64+0x4a/0x90 [ 1550.614254][T15029] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1550.620148][T15029] RIP: 0033:0x4665d9 [ 1550.624088][T15029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 06:49:11 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x7f000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1550.643690][T15029] RSP: 002b:00007f6998404188 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1550.652098][T15029] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 1550.656902][T15039] FAULT_INJECTION: forcing a failure. [ 1550.656902][T15039] name failslab, interval 1, probability 0, space 0, times 0 [ 1550.660163][T15029] RDX: 0000000000004000 RSI: 0000000000012000 RDI: 0000000020e1f000 [ 1550.660176][T15029] RBP: 00007f69984041d0 R08: 0000000020e31000 R09: 0000000000000000 [ 1550.660188][T15029] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 1550.696761][T15029] R13: 00007fff40914b3f R14: 00007f6998404300 R15: 0000000000022000 [ 1550.704723][T15039] CPU: 0 PID: 15039 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1550.713488][T15039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1550.723645][T15039] Call Trace: [ 1550.726918][T15039] dump_stack+0x137/0x19d [ 1550.731331][T15039] should_fail+0x23c/0x250 [ 1550.735747][T15039] ? io_uring_create+0x190/0x18d0 [ 1550.740926][T15039] __should_failslab+0x81/0x90 06:49:11 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x83000) 06:49:11 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xd8010000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:11 executing program 1 (fault-call:1 fault-nth:2): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:11 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0x0, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) [ 1550.745692][T15039] should_failslab+0x5/0x20 [ 1550.750187][T15039] __kmalloc+0x66/0x340 [ 1550.754334][T15039] ? kmem_cache_alloc_trace+0x215/0x310 [ 1550.759880][T15039] ? io_uring_create+0x120/0x18d0 [ 1550.765026][T15039] io_uring_create+0x190/0x18d0 [ 1550.769875][T15039] ? vfs_write+0x50c/0x770 [ 1550.774322][T15039] ? should_fail+0xd6/0x250 [ 1550.778827][T15039] __x64_sys_io_uring_setup+0xe1/0x120 [ 1550.784285][T15039] do_syscall_64+0x4a/0x90 [ 1550.788758][T15039] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1550.794833][T15039] RIP: 0033:0x4665d9 [ 1550.798799][T15039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1550.802934][T15060] FAULT_INJECTION: forcing a failure. [ 1550.802934][T15060] name failslab, interval 1, probability 0, space 0, times 0 [ 1550.818403][T15039] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1550.818445][T15039] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1550.847405][T15039] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1550.855371][T15039] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1550.863323][T15039] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1550.871357][T15039] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1550.879314][T15060] CPU: 1 PID: 15060 Comm: syz-executor.1 Not tainted 5.13.0-rc4-syzkaller #0 [ 1550.888337][T15060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1550.898400][T15060] Call Trace: [ 1550.901669][T15060] dump_stack+0x137/0x19d [ 1550.906006][T15060] should_fail+0x23c/0x250 [ 1550.910682][T15060] ? vm_area_dup+0x44/0x120 [ 1550.915194][T15060] __should_failslab+0x81/0x90 [ 1550.920069][T15060] should_failslab+0x5/0x20 [ 1550.924565][T15060] kmem_cache_alloc+0x46/0x2f0 [ 1550.929373][T15060] ? unlink_anon_vmas+0x361/0x370 [ 1550.934389][T15060] vm_area_dup+0x44/0x120 [ 1550.938722][T15060] ? tlb_finish_mmu+0xe8/0x100 [ 1550.943490][T15060] ? unmap_region+0x199/0x1d0 06:49:11 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x84000) 06:49:11 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$AUDIT_ADD_RULE(r0, &(0x7f00000005c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000580)={&(0x7f0000000140)={0x430, 0x3f3, 0x400, 0x70bd27, 0x25dfdbff, {0x5, 0x2, 0x21, [0x4, 0x0, 0x1, 0x6, 0xde, 0xffff, 0x0, 0x5, 0x0, 0x7, 0x10000, 0x6, 0xcf, 0x9, 0x401, 0x400, 0x2, 0x0, 0x5, 0x0, 0x8abf, 0x7, 0x3, 0x1, 0x1e84560, 0x8001, 0x5, 0x200, 0x81, 0x200, 0xbf97, 0x1, 0x7fff, 0x9, 0x5897, 0x0, 0xffff, 0x7f, 0x0, 0x8, 0x5, 0xfffff73e, 0x2, 0xffff, 0xffffffff, 0x1f, 0x100000, 0x3, 0x6, 0x6, 0xcbf, 0x40, 0x1f, 0x296, 0x9, 0x3, 0x3, 0x2, 0x3, 0x8bc7, 0x7fea, 0x800000], [0x2, 0x1ff, 0x10001, 0x7, 0x1, 0x8, 0x1ff, 0x4, 0x28, 0x8, 0x100, 0x4, 0x4, 0xf66, 0x2, 0xb32e, 0x0, 0x200, 0x5, 0x7, 0x80000001, 0xa04, 0x7fffffff, 0x3, 0x9, 0x3, 0x5, 0x8, 0x2, 0x2, 0xfffffc01, 0x81, 0x8, 0xd397, 0x7f, 0x8000, 0x0, 0x1, 0x1, 0x6, 0x6f0, 0x3ff, 0x7fff, 0xfffffb7f, 0x7, 0x8001, 0x9, 0x0, 0xdaa, 0x0, 0x401, 0xadb6, 0x3f, 0x5bcf, 0x5, 0x100, 0x2, 0x3, 0x80000, 0x58, 0xd5, 0xfffff65d, 0x4, 0x4], [0xffff, 0x0, 0x8050, 0x7ee0, 0x2, 0x4, 0x3, 0x80000000, 0x10000, 0x100, 0x44b, 0x2, 0x4, 0x100, 0x8, 0x9, 0x200, 0x8000, 0xffffffff, 0x1, 0x4, 0x3, 0x1000, 0x2, 0xec, 0x1ddf, 0x100, 0x3, 0xffffffff, 0xfff00, 0x401, 0x3, 0x7, 0xfffff0d7, 0x3, 0x9, 0xfffffffb, 0x6f0, 0x7ff, 0x8, 0x4, 0x1f, 0x3e, 0x28000000, 0x0, 0xf9, 0x9, 0x1, 0xd7, 0x3, 0x1, 0xe84, 0x2, 0xa2c3, 0x5, 0x9102, 0xa016, 0x10000, 0x6, 0x4, 0x80, 0x4, 0x4, 0x2], [0x6, 0x9, 0x9, 0x2, 0x5, 0x6, 0x0, 0x5, 0x0, 0xdfb, 0x0, 0xffffffff, 0x8, 0x80, 0x7, 0xffff8000, 0x5, 0x6, 0x300, 0x6, 0x1400, 0x6, 0x10001, 0x5, 0x1000, 0x8, 0x8001, 0x1000, 0xed57, 0x7, 0x0, 0x1, 0x0, 0x40, 0x8, 0x101, 0x7, 0x7, 0xfff, 0x2, 0x7ae, 0x10000, 0x7, 0x7fff, 0x1, 0x8, 0x5, 0x9, 0xfffffffe, 0xff, 0x10, 0xfca1, 0x80000000, 0x2, 0x6, 0x3f, 0x9, 0x2, 0xffff8001, 0x0, 0x2, 0x6, 0xfffffff8, 0xc64], 0xf, [',\'&:$!\x00', '&%\x00', '\x00', '@,{\x00']}, ["", "", "", "", "", ""]}, 0x430}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x4) 06:49:11 executing program 2 (fault-call:2 fault-nth:3): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:11 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0x0, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:11 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xda010000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:11 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xfeffffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1550.948164][T15060] ? vm_area_free+0x24/0x30 [ 1550.952735][T15060] ? ___cache_free+0x3c/0x300 [ 1550.957414][T15060] __split_vma+0x82/0x320 [ 1550.961740][T15060] ? vmacache_find+0x11c/0x320 [ 1550.966505][T15060] __do_munmap+0x27c/0x1340 [ 1550.971165][T15060] do_munmap+0x2c/0x40 [ 1550.975274][T15060] __do_sys_mremap+0x7f0/0xc20 [ 1550.980054][T15060] __x64_sys_mremap+0x63/0x70 [ 1550.984835][T15060] do_syscall_64+0x4a/0x90 [ 1550.989265][T15060] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1550.995159][T15060] RIP: 0033:0x4665d9 06:49:11 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0x0, 0x8, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) [ 1550.999057][T15060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1551.018851][T15060] RSP: 002b:00007f6998425188 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1551.027384][T15060] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1551.035358][T15060] RDX: 0000000000004000 RSI: 0000000000012000 RDI: 0000000020e1f000 06:49:11 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xff600000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1551.043331][T15060] RBP: 00007f69984251d0 R08: 0000000020e31000 R09: 0000000000000000 [ 1551.051341][T15060] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 1551.059310][T15060] R13: 00007fff40914b3f R14: 00007f6998425300 R15: 0000000000022000 [ 1551.059616][T15069] FAULT_INJECTION: forcing a failure. [ 1551.059616][T15069] name failslab, interval 1, probability 0, space 0, times 0 [ 1551.080002][T15069] CPU: 0 PID: 15069 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1551.089005][T15069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1551.099933][T15069] Call Trace: [ 1551.103206][T15069] dump_stack+0x137/0x19d [ 1551.107538][T15069] should_fail+0x23c/0x250 [ 1551.111950][T15069] __should_failslab+0x81/0x90 [ 1551.116731][T15069] ? io_uring_create+0x1e1/0x18d0 [ 1551.121758][T15069] should_failslab+0x5/0x20 [ 1551.126390][T15069] kmem_cache_alloc_trace+0x49/0x310 [ 1551.131682][T15069] ? io_uring_create+0x190/0x18d0 [ 1551.136723][T15069] io_uring_create+0x1e1/0x18d0 [ 1551.141568][T15069] ? vfs_write+0x50c/0x770 [ 1551.145995][T15069] ? should_fail+0xd6/0x250 [ 1551.150497][T15069] __x64_sys_io_uring_setup+0xe1/0x120 [ 1551.155963][T15069] do_syscall_64+0x4a/0x90 [ 1551.160377][T15069] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1551.166272][T15069] RIP: 0033:0x4665d9 [ 1551.170158][T15069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1551.190065][T15069] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1551.198484][T15069] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1551.206454][T15069] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1551.213850][T15096] FAULT_INJECTION: forcing a failure. [ 1551.213850][T15096] name failslab, interval 1, probability 0, space 0, times 0 [ 1551.214417][T15069] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1551.234972][T15069] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1551.242927][T15069] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:11 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd, 0x0, 0x0, 0x150}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:11 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xffff8000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:11 executing program 1 (fault-call:1 fault-nth:3): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:11 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:11 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x85000) [ 1551.250887][T15096] CPU: 1 PID: 15096 Comm: syz-executor.1 Not tainted 5.13.0-rc4-syzkaller #0 [ 1551.259653][T15096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1551.269708][T15096] Call Trace: [ 1551.272989][T15096] dump_stack+0x137/0x19d [ 1551.277397][T15096] should_fail+0x23c/0x250 [ 1551.281947][T15096] ? vm_area_dup+0x44/0x120 [ 1551.286488][T15096] __should_failslab+0x81/0x90 [ 1551.291302][T15096] should_failslab+0x5/0x20 [ 1551.295802][T15096] kmem_cache_alloc+0x46/0x2f0 [ 1551.300667][T15096] ? __vma_adjust+0x196e/0x1b30 [ 1551.305605][T15096] vm_area_dup+0x44/0x120 [ 1551.310068][T15096] __split_vma+0x82/0x320 [ 1551.314397][T15096] ? vmacache_find+0x157/0x320 [ 1551.319170][T15096] __do_munmap+0x27c/0x1340 [ 1551.323745][T15096] do_munmap+0x2c/0x40 [ 1551.327996][T15096] move_vma+0x57c/0x870 [ 1551.332204][T15096] __do_sys_mremap+0x9cb/0xc20 [ 1551.336949][T15096] __x64_sys_mremap+0x63/0x70 [ 1551.341608][T15096] do_syscall_64+0x4a/0x90 06:49:12 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f00000003c0)=0x7) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) select(0x40, &(0x7f00000001c0)={0x2, 0x1, 0xfff, 0x1, 0x10000, 0x0, 0x6, 0x100000001}, &(0x7f0000000200)={0xde, 0x3ff, 0x0, 0x6, 0x6, 0x0, 0x7fff, 0x3}, &(0x7f0000000240)={0x3, 0xc000000000000000, 0x4, 0x1, 0x8, 0xfff, 0x1000, 0x7}, &(0x7f0000000280)={0x77359400}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f00000002c0)='\x00') ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000380)={&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000340)=""/22, 0x16}) r2 = getpid() sched_getparam(r2, &(0x7f0000000540)) sendmsg$AUDIT_SET(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, 0x3e9, 0x4, 0x70bd28, 0x25dfdbfc, {0x4e, 0x0, 0x1, r2, 0x3ff, 0x9, 0x74, 0x7ff, 0x0, 0x8}, [""]}, 0x38}, 0x1, 0x0, 0x0, 0x8800}, 0x800) 06:49:12 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xffffc000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:12 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, &(0x7f0000000180)) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:12 executing program 2 (fault-call:2 fault-nth:4): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:12 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x86000) [ 1551.346019][T15096] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1551.352026][T15096] RIP: 0033:0x4665d9 [ 1551.355909][T15096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1551.375574][T15096] RSP: 002b:00007f6998425188 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1551.384070][T15096] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1551.392092][T15096] RDX: 0000000000004000 RSI: 0000000000012000 RDI: 0000000020e1f000 06:49:12 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xfffffffe}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1551.400065][T15096] RBP: 00007f69984251d0 R08: 0000000020e31000 R09: 0000000000000000 [ 1551.408097][T15096] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 1551.416060][T15096] R13: 00007fff40914b3f R14: 00007f6998425300 R15: 0000000000022000 [ 1551.433621][T15109] FAULT_INJECTION: forcing a failure. [ 1551.433621][T15109] name failslab, interval 1, probability 0, space 0, times 0 06:49:12 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:12 executing program 1 (fault-call:1 fault-nth:4): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:12 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x87000) [ 1551.446521][T15109] CPU: 1 PID: 15109 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1551.455456][T15109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1551.465536][T15109] Call Trace: [ 1551.468808][T15109] dump_stack+0x137/0x19d [ 1551.473306][T15109] should_fail+0x23c/0x250 [ 1551.477725][T15109] __should_failslab+0x81/0x90 [ 1551.482488][T15109] ? percpu_ref_init+0x9e/0x210 [ 1551.487425][T15109] should_failslab+0x5/0x20 [ 1551.491928][T15109] kmem_cache_alloc_trace+0x49/0x310 [ 1551.497221][T15109] percpu_ref_init+0x9e/0x210 06:49:12 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xffffffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1551.501962][T15109] ? io_uring_create+0x18d0/0x18d0 [ 1551.507124][T15109] io_uring_create+0x228/0x18d0 [ 1551.511980][T15109] ? vfs_write+0x50c/0x770 [ 1551.516475][T15109] ? should_fail+0xd6/0x250 [ 1551.521002][T15109] __x64_sys_io_uring_setup+0xe1/0x120 [ 1551.526556][T15109] do_syscall_64+0x4a/0x90 [ 1551.530979][T15109] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1551.537088][T15109] RIP: 0033:0x4665d9 06:49:12 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x88000) 06:49:12 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1551.540995][T15109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1551.560692][T15109] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1551.569181][T15109] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1551.577196][T15109] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1551.585189][T15109] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1551.593171][T15109] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1551.601133][T15109] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1551.611517][T15130] FAULT_INJECTION: forcing a failure. [ 1551.611517][T15130] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1551.624610][T15130] CPU: 0 PID: 15130 Comm: syz-executor.1 Not tainted 5.13.0-rc4-syzkaller #0 [ 1551.633370][T15130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1551.643418][T15130] Call Trace: [ 1551.646689][T15130] dump_stack+0x137/0x19d 06:49:12 executing program 5: select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x8000000000000}, &(0x7f00000000c0)={0x0, 0xea60}) 06:49:12 executing program 2 (fault-call:2 fault-nth:5): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:12 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x89000) 06:49:12 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:12 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x0, 0x0, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) [ 1551.651067][T15130] should_fail+0x23c/0x250 [ 1551.655558][T15130] should_fail_usercopy+0x16/0x20 [ 1551.660574][T15130] _copy_to_user+0x1c/0x90 [ 1551.665006][T15130] simple_read_from_buffer+0xab/0x120 [ 1551.670444][T15130] proc_fail_nth_read+0xf6/0x140 [ 1551.675434][T15130] ? rw_verify_area+0x136/0x250 [ 1551.680351][T15130] ? proc_fault_inject_write+0x200/0x200 [ 1551.686105][T15130] vfs_read+0x154/0x5d0 [ 1551.690302][T15130] ? up_write+0x25/0xc0 [ 1551.694544][T15130] ? __fget_light+0x21b/0x260 [ 1551.694796][T15142] FAULT_INJECTION: forcing a failure. [ 1551.694796][T15142] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1551.699215][T15130] ? __cond_resched+0x11/0x40 [ 1551.699235][T15130] ksys_read+0xce/0x180 [ 1551.721187][T15130] __x64_sys_read+0x3e/0x50 [ 1551.725677][T15130] do_syscall_64+0x4a/0x90 [ 1551.730088][T15130] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1551.735965][T15130] RIP: 0033:0x41935c [ 1551.739926][T15130] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1551.759524][T15130] RSP: 002b:00007f6998425170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1551.767918][T15130] RAX: ffffffffffffffda RBX: 0000000020e31000 RCX: 000000000041935c [ 1551.775868][T15130] RDX: 000000000000000f RSI: 00007f69984251e0 RDI: 0000000000000003 [ 1551.783852][T15130] RBP: 00007f69984251d0 R08: 0000000000000000 R09: 0000000000000000 [ 1551.791890][T15130] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 1551.799841][T15130] R13: 00007fff40914b3f R14: 00007f6998425300 R15: 0000000000022000 [ 1551.807794][T15142] CPU: 1 PID: 15142 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1551.816554][T15142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1551.826600][T15142] Call Trace: [ 1551.829964][T15142] dump_stack+0x137/0x19d [ 1551.834312][T15142] should_fail+0x23c/0x250 [ 1551.838962][T15142] __alloc_pages+0x102/0x320 [ 1551.843688][T15142] alloc_pages+0x21d/0x310 [ 1551.848102][T15142] __get_free_pages+0x8/0x30 06:49:12 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8a000) 06:49:12 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:12 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x3}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:12 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$AUDIT_ADD_RULE(r0, &(0x7f00000005c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000580)={&(0x7f0000000140)={0x430, 0x3f3, 0x400, 0x70bd27, 0x25dfdbff, {0x5, 0x2, 0x21, [0x4, 0x0, 0x1, 0x6, 0xde, 0xffff, 0x0, 0x5, 0x0, 0x7, 0x10000, 0x6, 0xcf, 0x9, 0x401, 0x400, 0x2, 0x0, 0x5, 0x0, 0x8abf, 0x7, 0x3, 0x1, 0x1e84560, 0x8001, 0x5, 0x200, 0x81, 0x200, 0xbf97, 0x1, 0x7fff, 0x9, 0x5897, 0x0, 0xffff, 0x7f, 0x0, 0x8, 0x5, 0xfffff73e, 0x2, 0xffff, 0xffffffff, 0x1f, 0x100000, 0x3, 0x6, 0x6, 0xcbf, 0x40, 0x1f, 0x296, 0x9, 0x3, 0x3, 0x2, 0x3, 0x8bc7, 0x7fea, 0x800000], [0x2, 0x1ff, 0x10001, 0x7, 0x1, 0x8, 0x1ff, 0x4, 0x28, 0x8, 0x100, 0x4, 0x4, 0xf66, 0x2, 0xb32e, 0x0, 0x200, 0x5, 0x7, 0x80000001, 0xa04, 0x7fffffff, 0x3, 0x9, 0x3, 0x5, 0x8, 0x2, 0x2, 0xfffffc01, 0x81, 0x8, 0xd397, 0x7f, 0x8000, 0x0, 0x1, 0x1, 0x6, 0x6f0, 0x3ff, 0x7fff, 0xfffffb7f, 0x7, 0x8001, 0x9, 0x0, 0xdaa, 0x0, 0x401, 0xadb6, 0x3f, 0x5bcf, 0x5, 0x100, 0x2, 0x3, 0x80000, 0x58, 0xd5, 0xfffff65d, 0x4, 0x4], [0xffff, 0x0, 0x8050, 0x7ee0, 0x2, 0x4, 0x3, 0x80000000, 0x10000, 0x100, 0x44b, 0x2, 0x4, 0x100, 0x8, 0x9, 0x200, 0x8000, 0xffffffff, 0x1, 0x4, 0x3, 0x1000, 0x2, 0xec, 0x1ddf, 0x100, 0x3, 0xffffffff, 0xfff00, 0x401, 0x3, 0x7, 0xfffff0d7, 0x3, 0x9, 0xfffffffb, 0x6f0, 0x7ff, 0x8, 0x4, 0x1f, 0x3e, 0x28000000, 0x0, 0xf9, 0x9, 0x1, 0xd7, 0x3, 0x1, 0xe84, 0x2, 0xa2c3, 0x5, 0x9102, 0xa016, 0x10000, 0x6, 0x4, 0x80, 0x4, 0x4, 0x2], [0x6, 0x9, 0x9, 0x2, 0x5, 0x6, 0x0, 0x5, 0x0, 0xdfb, 0x0, 0xffffffff, 0x8, 0x80, 0x7, 0xffff8000, 0x5, 0x6, 0x300, 0x6, 0x1400, 0x6, 0x10001, 0x5, 0x1000, 0x8, 0x8001, 0x1000, 0xed57, 0x7, 0x0, 0x1, 0x0, 0x40, 0x8, 0x101, 0x7, 0x7, 0xfff, 0x2, 0x7ae, 0x10000, 0x7, 0x7fff, 0x1, 0x8, 0x5, 0x9, 0xfffffffe, 0xff, 0x10, 0xfca1, 0x80000000, 0x2, 0x6, 0x3f, 0x9, 0x2, 0xffff8001, 0x0, 0x2, 0x6, 0xfffffff8, 0xc64], 0xf, [',\'&:$!\x00', '&%\x00', '\x00', '@,{\x00']}, ["", "", "", "", "", ""]}, 0x430}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x4) 06:49:12 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1551.852714][T15142] io_uring_create+0x887/0x18d0 [ 1551.857568][T15142] ? should_fail+0xd6/0x250 [ 1551.862074][T15142] __x64_sys_io_uring_setup+0xe1/0x120 [ 1551.867704][T15142] do_syscall_64+0x4a/0x90 [ 1551.872144][T15142] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1551.878059][T15142] RIP: 0033:0x4665d9 [ 1551.881944][T15142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 06:49:12 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:12 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8b000) 06:49:12 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x7}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1551.901644][T15142] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1551.910051][T15142] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1551.918196][T15142] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1551.926163][T15142] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1551.934136][T15142] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1551.942355][T15142] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:12 executing program 2 (fault-call:2 fault-nth:6): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:12 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0xe000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:12 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8c000) [ 1552.020993][T15169] FAULT_INJECTION: forcing a failure. [ 1552.020993][T15169] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1552.034552][T15169] CPU: 0 PID: 15169 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1552.043301][T15169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1552.053792][T15169] Call Trace: [ 1552.057103][T15169] dump_stack+0x137/0x19d [ 1552.061444][T15169] should_fail+0x23c/0x250 [ 1552.066110][T15169] __alloc_pages+0x102/0x320 [ 1552.070828][T15169] alloc_pages+0x21d/0x310 [ 1552.075241][T15169] __get_free_pages+0x8/0x30 [ 1552.079807][T15169] io_uring_create+0x9b9/0x18d0 [ 1552.084635][T15169] ? should_fail+0xd6/0x250 [ 1552.089167][T15169] __x64_sys_io_uring_setup+0xe1/0x120 [ 1552.094822][T15169] do_syscall_64+0x4a/0x90 [ 1552.099286][T15169] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1552.105208][T15169] RIP: 0033:0x4665d9 [ 1552.109078][T15169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1552.128678][T15169] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1552.137173][T15169] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1552.145388][T15169] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1552.153346][T15169] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1552.161414][T15169] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1552.169400][T15169] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:13 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x0, 0x0, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:13 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x8}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:13 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$AUDIT_ADD_RULE(r0, &(0x7f00000005c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000580)={&(0x7f0000000140)={0x430, 0x3f3, 0x400, 0x70bd27, 0x25dfdbff, {0x5, 0x2, 0x21, [0x4, 0x0, 0x1, 0x6, 0xde, 0xffff, 0x0, 0x5, 0x0, 0x7, 0x10000, 0x6, 0xcf, 0x9, 0x401, 0x400, 0x2, 0x0, 0x5, 0x0, 0x8abf, 0x7, 0x3, 0x1, 0x1e84560, 0x8001, 0x5, 0x200, 0x81, 0x200, 0xbf97, 0x1, 0x7fff, 0x9, 0x5897, 0x0, 0xffff, 0x7f, 0x0, 0x8, 0x5, 0xfffff73e, 0x2, 0xffff, 0xffffffff, 0x1f, 0x100000, 0x3, 0x6, 0x6, 0xcbf, 0x40, 0x1f, 0x296, 0x9, 0x3, 0x3, 0x2, 0x3, 0x8bc7, 0x7fea, 0x800000], [0x2, 0x1ff, 0x10001, 0x7, 0x1, 0x8, 0x1ff, 0x4, 0x28, 0x8, 0x100, 0x4, 0x4, 0xf66, 0x2, 0xb32e, 0x0, 0x200, 0x5, 0x7, 0x80000001, 0xa04, 0x7fffffff, 0x3, 0x9, 0x3, 0x5, 0x8, 0x2, 0x2, 0xfffffc01, 0x81, 0x8, 0xd397, 0x7f, 0x8000, 0x0, 0x1, 0x1, 0x6, 0x6f0, 0x3ff, 0x7fff, 0xfffffb7f, 0x7, 0x8001, 0x9, 0x0, 0xdaa, 0x0, 0x401, 0xadb6, 0x3f, 0x5bcf, 0x5, 0x100, 0x2, 0x3, 0x80000, 0x58, 0xd5, 0xfffff65d, 0x4, 0x4], [0xffff, 0x0, 0x8050, 0x7ee0, 0x2, 0x4, 0x3, 0x80000000, 0x10000, 0x100, 0x44b, 0x2, 0x4, 0x100, 0x8, 0x9, 0x200, 0x8000, 0xffffffff, 0x1, 0x4, 0x3, 0x1000, 0x2, 0xec, 0x1ddf, 0x100, 0x3, 0xffffffff, 0xfff00, 0x401, 0x3, 0x7, 0xfffff0d7, 0x3, 0x9, 0xfffffffb, 0x6f0, 0x7ff, 0x8, 0x4, 0x1f, 0x3e, 0x28000000, 0x0, 0xf9, 0x9, 0x1, 0xd7, 0x3, 0x1, 0xe84, 0x2, 0xa2c3, 0x5, 0x9102, 0xa016, 0x10000, 0x6, 0x4, 0x80, 0x4, 0x4, 0x2], [0x6, 0x9, 0x9, 0x2, 0x5, 0x6, 0x0, 0x5, 0x0, 0xdfb, 0x0, 0xffffffff, 0x8, 0x80, 0x7, 0xffff8000, 0x5, 0x6, 0x300, 0x6, 0x1400, 0x6, 0x10001, 0x5, 0x1000, 0x8, 0x8001, 0x1000, 0xed57, 0x7, 0x0, 0x1, 0x0, 0x40, 0x8, 0x101, 0x7, 0x7, 0xfff, 0x2, 0x7ae, 0x10000, 0x7, 0x7fff, 0x1, 0x8, 0x5, 0x9, 0xfffffffe, 0xff, 0x10, 0xfca1, 0x80000000, 0x2, 0x6, 0x3f, 0x9, 0x2, 0xffff8001, 0x0, 0x2, 0x6, 0xfffffff8, 0xc64], 0xf, [',\'&:$!\x00', '&%\x00', '\x00', '@,{\x00']}, ["", "", "", "", "", ""]}, 0x430}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x4) 06:49:13 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x1cb89000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:13 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8d000) 06:49:13 executing program 2 (fault-call:2 fault-nth:7): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1552.539892][T15180] FAULT_INJECTION: forcing a failure. [ 1552.539892][T15180] name failslab, interval 1, probability 0, space 0, times 0 [ 1552.552621][T15180] CPU: 0 PID: 15180 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1552.561562][T15180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1552.571928][T15180] Call Trace: [ 1552.575196][T15180] dump_stack+0x137/0x19d [ 1552.579524][T15180] should_fail+0x23c/0x250 [ 1552.583941][T15180] __should_failslab+0x81/0x90 [ 1552.588739][T15180] ? io_uring_create+0x13f7/0x18d0 [ 1552.593853][T15180] should_failslab+0x5/0x20 [ 1552.598353][T15180] kmem_cache_alloc_trace+0x49/0x310 [ 1552.603848][T15180] ? alloc_pages+0x21d/0x310 [ 1552.608431][T15180] io_uring_create+0x13f7/0x18d0 [ 1552.613371][T15180] ? should_fail+0xd6/0x250 [ 1552.617872][T15180] __x64_sys_io_uring_setup+0xe1/0x120 [ 1552.623508][T15180] do_syscall_64+0x4a/0x90 [ 1552.627918][T15180] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1552.633821][T15180] RIP: 0033:0x4665d9 06:49:13 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8e000) 06:49:13 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x10}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:13 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x12000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:13 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x42}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:13 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1cf000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:13 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x60}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1552.637779][T15180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1552.657379][T15180] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1552.665863][T15180] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1552.673839][T15180] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1552.681924][T15180] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1552.690060][T15180] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1552.698031][T15180] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:14 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x0, 0x0, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:14 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:14 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1d8}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:14 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8f000) 06:49:14 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$AUDIT_ADD_RULE(r0, &(0x7f00000005c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000580)={&(0x7f0000000140)={0x430, 0x3f3, 0x400, 0x70bd27, 0x25dfdbff, {0x5, 0x2, 0x21, [0x4, 0x0, 0x1, 0x6, 0xde, 0xffff, 0x0, 0x5, 0x0, 0x7, 0x10000, 0x6, 0xcf, 0x9, 0x401, 0x400, 0x2, 0x0, 0x5, 0x0, 0x8abf, 0x7, 0x3, 0x1, 0x1e84560, 0x8001, 0x5, 0x200, 0x81, 0x200, 0xbf97, 0x1, 0x7fff, 0x9, 0x5897, 0x0, 0xffff, 0x7f, 0x0, 0x8, 0x5, 0xfffff73e, 0x2, 0xffff, 0xffffffff, 0x1f, 0x100000, 0x3, 0x6, 0x6, 0xcbf, 0x40, 0x1f, 0x296, 0x9, 0x3, 0x3, 0x2, 0x3, 0x8bc7, 0x7fea, 0x800000], [0x2, 0x1ff, 0x10001, 0x7, 0x1, 0x8, 0x1ff, 0x4, 0x28, 0x8, 0x100, 0x4, 0x4, 0xf66, 0x2, 0xb32e, 0x0, 0x200, 0x5, 0x7, 0x80000001, 0xa04, 0x7fffffff, 0x3, 0x9, 0x3, 0x5, 0x8, 0x2, 0x2, 0xfffffc01, 0x81, 0x8, 0xd397, 0x7f, 0x8000, 0x0, 0x1, 0x1, 0x6, 0x6f0, 0x3ff, 0x7fff, 0xfffffb7f, 0x7, 0x8001, 0x9, 0x0, 0xdaa, 0x0, 0x401, 0xadb6, 0x3f, 0x5bcf, 0x5, 0x100, 0x2, 0x3, 0x80000, 0x58, 0xd5, 0xfffff65d, 0x4, 0x4], [0xffff, 0x0, 0x8050, 0x7ee0, 0x2, 0x4, 0x3, 0x80000000, 0x10000, 0x100, 0x44b, 0x2, 0x4, 0x100, 0x8, 0x9, 0x200, 0x8000, 0xffffffff, 0x1, 0x4, 0x3, 0x1000, 0x2, 0xec, 0x1ddf, 0x100, 0x3, 0xffffffff, 0xfff00, 0x401, 0x3, 0x7, 0xfffff0d7, 0x3, 0x9, 0xfffffffb, 0x6f0, 0x7ff, 0x8, 0x4, 0x1f, 0x3e, 0x28000000, 0x0, 0xf9, 0x9, 0x1, 0xd7, 0x3, 0x1, 0xe84, 0x2, 0xa2c3, 0x5, 0x9102, 0xa016, 0x10000, 0x6, 0x4, 0x80, 0x4, 0x4, 0x2], [0x6, 0x9, 0x9, 0x2, 0x5, 0x6, 0x0, 0x5, 0x0, 0xdfb, 0x0, 0xffffffff, 0x8, 0x80, 0x7, 0xffff8000, 0x5, 0x6, 0x300, 0x6, 0x1400, 0x6, 0x10001, 0x5, 0x1000, 0x8, 0x8001, 0x1000, 0xed57, 0x7, 0x0, 0x1, 0x0, 0x40, 0x8, 0x101, 0x7, 0x7, 0xfff, 0x2, 0x7ae, 0x10000, 0x7, 0x7fff, 0x1, 0x8, 0x5, 0x9, 0xfffffffe, 0xff, 0x10, 0xfca1, 0x80000000, 0x2, 0x6, 0x3f, 0x9, 0x2, 0xffff8001, 0x0, 0x2, 0x6, 0xfffffff8, 0xc64], 0xf, [',\'&:$!\x00', '&%\x00', '\x00', '@,{\x00']}, ["", "", "", "", "", ""]}, 0x430}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x4) 06:49:14 executing program 2 (fault-call:2 fault-nth:8): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:14 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x200000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1553.415513][T15212] FAULT_INJECTION: forcing a failure. [ 1553.415513][T15212] name failslab, interval 1, probability 0, space 0, times 0 [ 1553.428387][T15212] CPU: 0 PID: 15212 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1553.437159][T15212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1553.447253][T15212] Call Trace: [ 1553.450532][T15212] dump_stack+0x137/0x19d [ 1553.454862][T15212] should_fail+0x23c/0x250 [ 1553.459301][T15212] __should_failslab+0x81/0x90 [ 1553.464141][T15212] ? percpu_ref_init+0x9e/0x210 [ 1553.469042][T15212] should_failslab+0x5/0x20 [ 1553.473585][T15212] kmem_cache_alloc_trace+0x49/0x310 [ 1553.478877][T15212] percpu_ref_init+0x9e/0x210 [ 1553.483555][T15212] ? __io_register_rsrc_update+0x1260/0x1260 [ 1553.489533][T15212] io_uring_create+0x1419/0x18d0 [ 1553.494468][T15212] ? should_fail+0xd6/0x250 [ 1553.499035][T15212] __x64_sys_io_uring_setup+0xe1/0x120 [ 1553.504507][T15212] do_syscall_64+0x4a/0x90 [ 1553.508916][T15212] entry_SYSCALL_64_after_hwframe+0x44/0xae 06:49:14 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1da}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:14 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x90000) 06:49:14 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1cb89000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:14 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x91000) 06:49:14 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1f1cf000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1553.514811][T15212] RIP: 0033:0x4665d9 [ 1553.518702][T15212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1553.538393][T15212] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1553.546936][T15212] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1553.554917][T15212] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1553.562869][T15212] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1553.570953][T15212] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1553.579349][T15212] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:14 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1f1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:14 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x0, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:14 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x92000) 06:49:14 executing program 5: select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x7}, &(0x7f00000000c0)={0x0, 0xea60}) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:14 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x204}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:14 executing program 2 (fault-call:2 fault-nth:9): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1554.255611][T15235] FAULT_INJECTION: forcing a failure. [ 1554.255611][T15235] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1554.268705][T15235] CPU: 0 PID: 15235 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1554.277464][T15235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1554.287541][T15235] Call Trace: [ 1554.290818][T15235] dump_stack+0x137/0x19d [ 1554.295300][T15235] should_fail+0x23c/0x250 [ 1554.299728][T15235] should_fail_usercopy+0x16/0x20 06:49:14 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x0, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:14 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x300}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:14 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x40000000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:15 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x402}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1554.304770][T15235] _copy_to_user+0x1c/0x90 [ 1554.309315][T15235] io_uring_create+0x159f/0x18d0 [ 1554.314467][T15235] ? should_fail+0xd6/0x250 [ 1554.319241][T15235] __x64_sys_io_uring_setup+0xe1/0x120 [ 1554.324758][T15235] do_syscall_64+0x4a/0x90 [ 1554.329209][T15235] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1554.335176][T15235] RIP: 0033:0x4665d9 06:49:15 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x93000) 06:49:15 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x94000) [ 1554.339060][T15235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1554.358698][T15235] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1554.367109][T15235] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1554.375087][T15235] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1554.383088][T15235] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1554.391162][T15235] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 06:49:15 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x406}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:15 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x0, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) [ 1554.399335][T15235] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:15 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x7fffdf1ce000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:15 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:15 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x95000) 06:49:15 executing program 2 (fault-call:2 fault-nth:10): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:15 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x604}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:15 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x7fffdf1e0000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:15 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x0, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:15 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x96000) [ 1554.492453][T15272] FAULT_INJECTION: forcing a failure. [ 1554.492453][T15272] name failslab, interval 1, probability 0, space 0, times 0 [ 1554.505095][T15272] CPU: 0 PID: 15272 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1554.513956][T15272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1554.524061][T15272] Call Trace: [ 1554.527338][T15272] dump_stack+0x137/0x19d [ 1554.531675][T15272] should_fail+0x23c/0x250 [ 1554.536261][T15272] ? sock_alloc_inode+0x23/0x90 06:49:15 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x7ffffffff000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:15 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x2, &(0x7f0000e31000/0x4000)=nil) [ 1554.541295][T15272] __should_failslab+0x81/0x90 [ 1554.546058][T15272] ? sockfs_init_fs_context+0x70/0x70 [ 1554.551468][T15272] should_failslab+0x5/0x20 [ 1554.556047][T15272] kmem_cache_alloc+0x46/0x2f0 [ 1554.560881][T15272] ? selinux_socket_create+0x7c/0x170 [ 1554.566261][T15272] ? sockfs_init_fs_context+0x70/0x70 [ 1554.571784][T15272] sock_alloc_inode+0x23/0x90 [ 1554.576558][T15272] ? sockfs_init_fs_context+0x70/0x70 [ 1554.581933][T15272] new_inode_pseudo+0x38/0x1c0 [ 1554.586697][T15272] __sock_create+0x122/0x4f0 06:49:15 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x0, 0x0, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:15 executing program 5: socketpair(0x0, 0x2, 0x3f, &(0x7f0000000040)) [ 1554.591314][T15272] ? should_fail+0xd6/0x250 [ 1554.595823][T15272] sock_create_kern+0x34/0x40 [ 1554.600554][T15272] io_uring_create+0x15e5/0x18d0 [ 1554.605515][T15272] ? should_fail+0xd6/0x250 [ 1554.610038][T15272] __x64_sys_io_uring_setup+0xe1/0x120 [ 1554.615671][T15272] do_syscall_64+0x4a/0x90 [ 1554.620145][T15272] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1554.626051][T15272] RIP: 0033:0x4665d9 06:49:15 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x700}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:15 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x8, &(0x7f0000e31000/0x4000)=nil) 06:49:15 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000e32000/0x1000)=nil, 0x1000, 0xf1cee56dabb3b564, 0x8010, 0xffffffffffffffff, 0x8000000) ioctl$KDGETLED(0xffffffffffffffff, 0x4b31, &(0x7f0000000000)) [ 1554.629937][T15272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1554.649768][T15272] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1554.658185][T15272] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1554.666162][T15272] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1554.674342][T15272] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1554.682312][T15272] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 06:49:15 executing program 2 (fault-call:2 fault-nth:11): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:15 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x97000) 06:49:15 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x2000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:15 executing program 5: socketpair(0x0, 0x2, 0x3f, &(0x7f0000000040)) 06:49:15 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x0, 0x0, 0x0, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) [ 1554.690275][T15272] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1554.698462][T15272] socket: no more sockets 06:49:15 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x24800, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_SQES(&(0x7f0000e31000/0x4000)=nil, 0x4000, 0x3000000, 0x80110, r0, 0x10000000) [ 1554.774249][T15316] FAULT_INJECTION: forcing a failure. [ 1554.774249][T15316] name failslab, interval 1, probability 0, space 0, times 0 [ 1554.786926][T15316] CPU: 1 PID: 15316 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1554.795771][T15316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1554.805834][T15316] Call Trace: [ 1554.809106][T15316] dump_stack+0x137/0x19d [ 1554.813645][T15316] should_fail+0x23c/0x250 [ 1554.818284][T15316] ? security_inode_alloc+0x30/0x180 06:49:15 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:15 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:15 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4200}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:15 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) [ 1554.823681][T15316] __should_failslab+0x81/0x90 [ 1554.828463][T15316] should_failslab+0x5/0x20 [ 1554.832963][T15316] kmem_cache_alloc+0x46/0x2f0 [ 1554.837744][T15316] security_inode_alloc+0x30/0x180 [ 1554.842847][T15316] inode_init_always+0x20b/0x420 [ 1554.847871][T15316] ? sockfs_init_fs_context+0x70/0x70 [ 1554.853628][T15316] new_inode_pseudo+0x73/0x1c0 [ 1554.858460][T15316] __sock_create+0x122/0x4f0 [ 1554.863229][T15316] ? should_fail+0xd6/0x250 [ 1554.867729][T15316] sock_create_kern+0x34/0x40 06:49:15 executing program 5: socketpair(0x0, 0x2, 0x3f, &(0x7f0000000040)) 06:49:15 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x98000) [ 1554.872408][T15316] io_uring_create+0x15e5/0x18d0 [ 1554.877349][T15316] ? should_fail+0xd6/0x250 [ 1554.881874][T15316] __x64_sys_io_uring_setup+0xe1/0x120 [ 1554.887461][T15316] do_syscall_64+0x4a/0x90 [ 1554.891874][T15316] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1554.897765][T15316] RIP: 0033:0x4665d9 [ 1554.901657][T15316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1554.921263][T15316] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1554.929683][T15316] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1554.937725][T15316] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1554.945981][T15316] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1554.953961][T15316] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1554.961971][T15316] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1554.970046][T15316] socket: no more sockets 06:49:15 executing program 2 (fault-call:2 fault-nth:12): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:15 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x99000) 06:49:15 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x6000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:15 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000e34000/0x3000)=nil, 0x3000) 06:49:15 executing program 5: socketpair(0xa, 0x0, 0x3f, &(0x7f0000000040)) 06:49:15 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) [ 1555.017463][T15346] FAULT_INJECTION: forcing a failure. [ 1555.017463][T15346] name failslab, interval 1, probability 0, space 0, times 0 [ 1555.030149][T15346] CPU: 1 PID: 15346 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1555.038916][T15346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1555.048981][T15346] Call Trace: [ 1555.052271][T15346] dump_stack+0x137/0x19d [ 1555.056596][T15346] should_fail+0x23c/0x250 [ 1555.061106][T15346] ? sk_prot_alloc+0x41/0x190 06:49:15 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x9}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:15 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x60ff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:15 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x9a000) [ 1555.065781][T15346] __should_failslab+0x81/0x90 [ 1555.070542][T15346] should_failslab+0x5/0x20 [ 1555.075049][T15346] kmem_cache_alloc+0x46/0x2f0 [ 1555.079878][T15346] sk_prot_alloc+0x41/0x190 [ 1555.084470][T15346] sk_alloc+0x2e/0x220 [ 1555.088542][T15346] unix_create1+0x74/0x3c0 [ 1555.093063][T15346] unix_create+0xdc/0x100 [ 1555.097391][T15346] __sock_create+0x2c7/0x4f0 [ 1555.101999][T15346] sock_create_kern+0x34/0x40 [ 1555.106753][T15346] io_uring_create+0x15e5/0x18d0 [ 1555.111694][T15346] ? should_fail+0xd6/0x250 06:49:15 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x9b000) 06:49:15 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x9}, 0x0, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) [ 1555.116213][T15346] __x64_sys_io_uring_setup+0xe1/0x120 [ 1555.121699][T15346] do_syscall_64+0x4a/0x90 [ 1555.126124][T15346] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1555.132016][T15346] RIP: 0033:0x4665d9 [ 1555.135910][T15346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1555.155682][T15346] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 06:49:15 executing program 5: socketpair(0xa, 0x0, 0x3f, &(0x7f0000000040)) 06:49:15 executing program 2 (fault-call:2 fault-nth:13): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:15 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x100000b, 0x8010, 0xffffffffffffffff, 0x0) ioctl$TCSBRKP(0xffffffffffffffff, 0x5425, 0x87f134e) sched_rr_get_interval(0xffffffffffffffff, &(0x7f0000000040)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:15 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x9c000) 06:49:15 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x9}, 0x0, 0x0, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:15 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x7f00}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1555.164228][T15346] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1555.172192][T15346] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1555.180160][T15346] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1555.188127][T15346] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1555.196103][T15346] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:15 executing program 5: socketpair(0xa, 0x0, 0x3f, &(0x7f0000000040)) 06:49:15 executing program 1: mlock(&(0x7f0000e34000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x1000, 0x54000000, &(0x7f0000e32000/0x1000)=nil) 06:49:15 executing program 1: mlock(&(0x7f0000e35000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e33000/0x4000)=nil) 06:49:15 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x9d000) [ 1555.275978][T15386] FAULT_INJECTION: forcing a failure. [ 1555.275978][T15386] name failslab, interval 1, probability 0, space 0, times 0 [ 1555.288957][T15386] CPU: 1 PID: 15386 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1555.297809][T15386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1555.307903][T15386] Call Trace: [ 1555.311177][T15386] dump_stack+0x137/0x19d [ 1555.315509][T15386] should_fail+0x23c/0x250 [ 1555.320016][T15386] __should_failslab+0x81/0x90 06:49:15 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x9}, 0x0, 0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:16 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x9e000) [ 1555.324856][T15386] ? selinux_sk_alloc_security+0x70/0xf0 [ 1555.330583][T15386] should_failslab+0x5/0x20 [ 1555.335088][T15386] kmem_cache_alloc_trace+0x49/0x310 [ 1555.340484][T15386] selinux_sk_alloc_security+0x70/0xf0 [ 1555.345953][T15386] security_sk_alloc+0x45/0x90 [ 1555.350796][T15386] sk_prot_alloc+0xd2/0x190 [ 1555.355318][T15386] sk_alloc+0x2e/0x220 [ 1555.359409][T15386] unix_create1+0x74/0x3c0 [ 1555.363884][T15386] unix_create+0xdc/0x100 [ 1555.368221][T15386] __sock_create+0x2c7/0x4f0 06:49:16 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x9}, 0x0, 0x0, 0x0, 0x0) [ 1555.372843][T15386] sock_create_kern+0x34/0x40 [ 1555.377614][T15386] io_uring_create+0x15e5/0x18d0 [ 1555.382552][T15386] ? should_fail+0xd6/0x250 [ 1555.387062][T15386] __x64_sys_io_uring_setup+0xe1/0x120 [ 1555.392613][T15386] do_syscall_64+0x4a/0x90 [ 1555.397035][T15386] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1555.403100][T15386] RIP: 0033:0x4665d9 [ 1555.406995][T15386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 06:49:16 executing program 2 (fault-call:2 fault-nth:14): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:16 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x9f000) 06:49:16 executing program 4: mlock(&(0x7f0000e34000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x1000, 0x54000000, &(0x7f0000e32000/0x1000)=nil) 06:49:16 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x9700}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:16 executing program 5: socketpair(0xa, 0x2, 0x0, &(0x7f0000000040)) 06:49:16 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) wait4(0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)) mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000, 0x7, &(0x7f0000ffc000/0x2000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1555.426852][T15386] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1555.435348][T15386] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1555.443532][T15386] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1555.451505][T15386] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1555.459480][T15386] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1555.467476][T15386] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1555.500226][T15412] FAULT_INJECTION: forcing a failure. [ 1555.500226][T15412] name failslab, interval 1, probability 0, space 0, times 0 [ 1555.513135][T15412] CPU: 0 PID: 15412 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1555.521912][T15412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1555.531970][T15412] Call Trace: [ 1555.535291][T15412] dump_stack+0x137/0x19d [ 1555.539629][T15412] should_fail+0x23c/0x250 [ 1555.544042][T15412] ? __d_alloc+0x36/0x370 06:49:16 executing program 4: mlock(&(0x7f0000e34000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x1000, 0x54000000, &(0x7f0000e32000/0x1000)=nil) 06:49:16 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xa0000) 06:49:16 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000007, 0x110, r0, 0x8000000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffc000/0x2000)=nil) shmget(0x0, 0x1000, 0x80, &(0x7f0000ffc000/0x1000)=nil) 06:49:16 executing program 5: socketpair(0xa, 0x2, 0x0, &(0x7f0000000040)) [ 1555.548393][T15412] __should_failslab+0x81/0x90 [ 1555.553162][T15412] should_failslab+0x5/0x20 [ 1555.557658][T15412] kmem_cache_alloc+0x46/0x2f0 [ 1555.562493][T15412] __d_alloc+0x36/0x370 [ 1555.566650][T15412] d_alloc_pseudo+0x1a/0x50 [ 1555.571146][T15412] alloc_file_pseudo+0x63/0x130 [ 1555.575990][T15412] anon_inode_getfile+0x9f/0x120 [ 1555.580935][T15412] io_uring_create+0x163b/0x18d0 [ 1555.585866][T15412] ? should_fail+0xd6/0x250 [ 1555.590375][T15412] __x64_sys_io_uring_setup+0xe1/0x120 [ 1555.595906][T15412] do_syscall_64+0x4a/0x90 06:49:16 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xd801}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:16 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xa1000) [ 1555.600339][T15412] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1555.606245][T15412] RIP: 0033:0x4665d9 [ 1555.610221][T15412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1555.629826][T15412] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1555.638385][T15412] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 06:49:16 executing program 2 (fault-call:2 fault-nth:15): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:16 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xa2000) 06:49:16 executing program 4: mlock(&(0x7f0000e34000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x1000, 0x54000000, &(0x7f0000e32000/0x1000)=nil) 06:49:16 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000e31000/0x2000)=nil) 06:49:16 executing program 5: socketpair(0xa, 0x2, 0x0, &(0x7f0000000040)) 06:49:16 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xda01}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1555.646365][T15412] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1555.654349][T15412] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1555.662323][T15412] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1555.670311][T15412] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1555.719390][T15445] FAULT_INJECTION: forcing a failure. [ 1555.719390][T15445] name failslab, interval 1, probability 0, space 0, times 0 [ 1555.732220][T15445] CPU: 1 PID: 15445 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1555.740975][T15445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1555.751031][T15445] Call Trace: [ 1555.754333][T15445] dump_stack+0x137/0x19d [ 1555.758749][T15445] should_fail+0x23c/0x250 [ 1555.763235][T15445] ? __alloc_file+0x2e/0x1a0 06:49:16 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xa3000) 06:49:16 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r1, 0x0) r2 = shmget(0x2, 0x2000, 0x40, &(0x7f0000e1f000/0x2000)=nil) shmat(r2, &(0x7f0000e32000/0x1000)=nil, 0x6000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:16 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xa4000) [ 1555.767886][T15445] __should_failslab+0x81/0x90 [ 1555.772654][T15445] should_failslab+0x5/0x20 [ 1555.777162][T15445] kmem_cache_alloc+0x46/0x2f0 [ 1555.782021][T15445] __alloc_file+0x2e/0x1a0 [ 1555.786437][T15445] alloc_empty_file+0xcd/0x1c0 [ 1555.791210][T15445] alloc_file+0x3a/0x280 [ 1555.795452][T15445] alloc_file_pseudo+0xe2/0x130 [ 1555.800308][T15445] anon_inode_getfile+0x9f/0x120 [ 1555.805252][T15445] io_uring_create+0x163b/0x18d0 [ 1555.810197][T15445] ? should_fail+0xd6/0x250 06:49:16 executing program 4: syz_io_uring_setup(0x2a8d, &(0x7f0000000100)={0x0, 0xb9bd}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0) pselect6(0x40, &(0x7f00000004c0)={0x0, 0x8fd, 0xfffffffffffffff7, 0x7, 0x6, 0x2, 0x5b6411e6, 0x7}, &(0x7f0000000500)={0x3, 0x0, 0x800, 0xd00, 0x1, 0x0, 0x3, 0x6}, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x4, 0x7, 0x7, 0x8, 0xd1}, &(0x7f0000000580)={0x77359400}, &(0x7f0000000600)={&(0x7f00000005c0)={[0x7fffffff]}, 0x8}) 06:49:16 executing program 5: socketpair(0xa, 0x2, 0x3f, 0x0) [ 1555.814904][T15445] __x64_sys_io_uring_setup+0xe1/0x120 [ 1555.820450][T15445] do_syscall_64+0x4a/0x90 [ 1555.824870][T15445] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1555.830858][T15445] RIP: 0033:0x4665d9 [ 1555.834917][T15445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1555.854615][T15445] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 06:49:16 executing program 5: socketpair(0xa, 0x2, 0x3f, 0x0) 06:49:16 executing program 2 (fault-call:2 fault-nth:16): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:16 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x40000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:16 executing program 1: getresgid(&(0x7f0000000940), &(0x7f0000000980), &(0x7f00000009c0)=0x0) r1 = geteuid() shmctl$IPC_SET(0xffffffffffffffff, 0x1, &(0x7f0000000a00)={{0x2, 0xffffffffffffffff, r0, r1, 0x0, 0x21}, 0x4, 0x4, 0x401, 0x7}) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000040)={'ip6tnl0\x00', 0x0, 0x29, 0x9, 0x2, 0x7, 0x9, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @local, 0x8, 0x7, 0x3, 0x7}}) sendmsg$nl_xfrm(r2, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)=@expire={0x110, 0x18, 0x400, 0x70bd2d, 0x25dfdbfc, {{{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in=@broadcast, 0x4e20, 0x101, 0x4e22, 0x9, 0x2, 0x70, 0x0, 0x0, r3, r1}, {@in6=@remote, 0x4d2, 0x32}, @in6=@private0, {0x51, 0x0, 0x9, 0x33, 0x90b6, 0x6, 0x489d, 0x9}, {0xfffffffffffffff8, 0x1f, 0x5, 0x2}, {0x5, 0x7, 0x1ff}, 0x70bd25, 0x3500, 0xa, 0x1, 0x98}}, [@offload={0xc, 0x1c, {0x0, 0x1}}, @offload={0xc, 0x1c, {0x0, 0x1}}]}, 0x110}, 0x1, 0x0, 0x0, 0x400c080}, 0x20040840) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000, 0x4, &(0x7f0000ffc000/0x2000)=nil) 06:49:16 executing program 5: socketpair(0xa, 0x2, 0x3f, 0x0) 06:49:16 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x92000) [ 1555.863041][T15445] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1555.871040][T15445] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1555.879172][T15445] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1555.887248][T15445] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1555.895222][T15445] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:16 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xa5000) [ 1555.975987][T15479] FAULT_INJECTION: forcing a failure. [ 1555.975987][T15479] name failslab, interval 1, probability 0, space 0, times 0 [ 1555.988660][T15479] CPU: 0 PID: 15479 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1555.997509][T15479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1556.007565][T15479] Call Trace: [ 1556.010860][T15479] dump_stack+0x137/0x19d [ 1556.015205][T15479] should_fail+0x23c/0x250 [ 1556.019621][T15479] ? security_file_alloc+0x30/0x190 06:49:16 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xa6000) 06:49:16 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x80000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:16 executing program 1: ioctl$MON_IOCQ_URB_LEN(0xffffffffffffffff, 0x9201) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:16 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:16 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x8141) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x58, 0x0, 0x100, 0x70bd29, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:dhcpd_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'sit0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @loopback}]}, 0x58}, 0x1, 0x0, 0x0, 0x40088}, 0x24040814) mq_open(&(0x7f0000000000)='{\x00', 0x1, 0x80, &(0x7f0000000040)={0x6f, 0x0, 0xffff, 0x20}) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(0xffffffffffffffff, 0x40505330, &(0x7f0000000080)={{0x20, 0x80}, {0x0, 0x3f}, 0x1, 0x1, 0x8}) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000200), r2) sendmsg$NET_DM_CMD_STOP(r3, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000240)={0x14, r4, 0xa, 0x70bd2a, 0x25dfdbfc, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}}, 0x4) sendmsg$NET_DM_CMD_STOP(r1, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, r4, 0x400, 0x70bd2d, 0x25dfdbfc, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40040084}, 0x4000000) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x1000)=nil, 0x1000, 0x1000001, 0x10, 0xffffffffffffffff, 0x8000000) [ 1556.024824][T15479] __should_failslab+0x81/0x90 [ 1556.029600][T15479] should_failslab+0x5/0x20 [ 1556.034107][T15479] kmem_cache_alloc+0x46/0x2f0 [ 1556.038875][T15479] security_file_alloc+0x30/0x190 [ 1556.043899][T15479] __alloc_file+0x83/0x1a0 [ 1556.048371][T15479] alloc_empty_file+0xcd/0x1c0 [ 1556.053225][T15479] alloc_file+0x3a/0x280 [ 1556.057472][T15479] alloc_file_pseudo+0xe2/0x130 [ 1556.062320][T15479] anon_inode_getfile+0x9f/0x120 [ 1556.067264][T15479] io_uring_create+0x163b/0x18d0 06:49:16 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1556.072207][T15479] ? should_fail+0xd6/0x250 [ 1556.076824][T15479] __x64_sys_io_uring_setup+0xe1/0x120 [ 1556.082292][T15479] do_syscall_64+0x4a/0x90 [ 1556.086738][T15479] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1556.092665][T15479] RIP: 0033:0x4665d9 [ 1556.096556][T15479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1556.116167][T15479] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 06:49:16 executing program 2 (fault-call:2 fault-nth:17): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:16 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x91000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:16 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xa7000) 06:49:16 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:16 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8a000) 06:49:16 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) modify_ldt$write(0x1, &(0x7f0000000000)={0x800, 0x20000800, 0x1000, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, 0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1556.124600][T15479] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1556.132582][T15479] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1556.140678][T15479] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1556.148671][T15479] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1556.156663][T15479] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:16 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x100900}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1556.216658][T15515] FAULT_INJECTION: forcing a failure. [ 1556.216658][T15515] name failslab, interval 1, probability 0, space 0, times 0 [ 1556.229344][T15515] CPU: 1 PID: 15515 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1556.238108][T15515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1556.248356][T15515] Call Trace: [ 1556.251637][T15515] dump_stack+0x137/0x19d [ 1556.255973][T15515] should_fail+0x23c/0x250 [ 1556.260419][T15515] __should_failslab+0x81/0x90 [ 1556.265286][T15515] ? io_uring_alloc_task_context+0x49/0x2b0 [ 1556.271215][T15515] should_failslab+0x5/0x20 [ 1556.275755][T15515] kmem_cache_alloc_trace+0x49/0x310 [ 1556.281051][T15515] ? errseq_sample+0x2b/0x40 [ 1556.285645][T15515] ? _find_next_bit+0x16a/0x190 [ 1556.286736][T15524] FAULT_INJECTION: forcing a failure. [ 1556.286736][T15524] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1556.290522][T15515] io_uring_alloc_task_context+0x49/0x2b0 [ 1556.290546][T15515] ? alloc_fd+0x388/0x3e0 [ 1556.313763][T15515] io_uring_add_task_file+0x68/0x200 [ 1556.319041][T15515] io_uring_create+0x1734/0x18d0 [ 1556.323964][T15515] ? should_fail+0xd6/0x250 [ 1556.328542][T15515] __x64_sys_io_uring_setup+0xe1/0x120 [ 1556.334034][T15515] do_syscall_64+0x4a/0x90 [ 1556.338444][T15515] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1556.344327][T15515] RIP: 0033:0x4665d9 [ 1556.348215][T15515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1556.367996][T15515] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1556.376425][T15515] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1556.384397][T15515] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1556.392365][T15515] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1556.400389][T15515] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1556.408389][T15515] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:16 executing program 5: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x20e1f000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:16 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x104000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:16 executing program 5 (fault-call:0 fault-nth:0): socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:17 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:17 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xa8000) 06:49:17 executing program 2 (fault-call:2 fault-nth:18): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:17 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x105400}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1556.416380][T15524] CPU: 0 PID: 15524 Comm: syz-executor.5 Not tainted 5.13.0-rc4-syzkaller #0 [ 1556.425277][T15524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1556.435363][T15524] Call Trace: [ 1556.438652][T15524] dump_stack+0x137/0x19d [ 1556.443120][T15524] should_fail+0x23c/0x250 [ 1556.447540][T15524] __alloc_pages+0x102/0x320 [ 1556.452210][T15524] alloc_pages+0x21d/0x310 [ 1556.456645][T15524] pte_alloc_one+0x29/0xb0 [ 1556.461070][T15524] __pte_alloc+0x2f/0x210 06:49:17 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap(&(0x7f0000e33000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x1e4ce000) [ 1556.465413][T15524] do_anonymous_page+0x79b/0x8b0 [ 1556.470394][T15524] ? get_page_from_freelist+0x53e/0x800 [ 1556.475948][T15524] handle_mm_fault+0x96f/0x1a70 [ 1556.480882][T15524] do_user_addr_fault+0x60c/0xc00 [ 1556.485953][T15524] ? __fsnotify_parent+0x32f/0x430 [ 1556.491191][T15524] exc_page_fault+0x94/0x230 [ 1556.495904][T15524] asm_exc_page_fault+0x1e/0x30 [ 1556.498314][T15535] FAULT_INJECTION: forcing a failure. [ 1556.498314][T15535] name failslab, interval 1, probability 0, space 0, times 0 [ 1556.500840][T15524] RIP: 0010:__put_user_nocheck_4+0x3/0x11 [ 1556.500898][T15524] Code: 00 00 48 39 d9 73 54 0f 1f 00 66 89 01 31 c9 0f 1f 00 c3 0f 1f 44 00 00 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 1f 00 <89> 01 31 c9 0f 1f 00 c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f [ 1556.500913][T15524] RSP: 0018:ffffc90007267e80 EFLAGS: 00010293 [ 1556.500924][T15524] RAX: 0000000000000004 RBX: 00007fffffffeffd RCX: 0000000020000040 [ 1556.500934][T15524] RDX: ffff88811cc01040 RSI: 0000000000000005 RDI: 00000000ffffffff [ 1556.500944][T15524] RBP: 000000000000000a R08: ffffffff824241b6 R09: 0001ffff83a3259f [ 1556.500954][T15524] R10: 0001888115565787 R11: 0000000000000000 R12: 0000000000000002 [ 1556.500963][T15524] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000000000005 [ 1556.585000][T15524] ? __sys_socketpair+0x96/0x800 [ 1556.589931][T15524] __sys_socketpair+0xb2/0x800 [ 1556.594843][T15524] ? ksys_write+0x157/0x180 [ 1556.599350][T15524] ? fpregs_assert_state_consistent+0x7d/0x90 [ 1556.605599][T15524] __x64_sys_socketpair+0x4e/0x60 [ 1556.610613][T15524] do_syscall_64+0x4a/0x90 [ 1556.615048][T15524] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1556.620984][T15524] RIP: 0033:0x4665d9 [ 1556.624861][T15524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1556.644489][T15524] RSP: 002b:00007f1597e6c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1556.653009][T15524] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1556.660964][T15524] RDX: 000000000000003f RSI: 0000000000000002 RDI: 000000000000000a [ 1556.668989][T15524] RBP: 00007f1597e6c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1556.676950][T15524] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 1556.684926][T15524] R13: 00007ffe14b345af R14: 00007f1597e6c300 R15: 0000000000022000 [ 1556.692902][T15535] CPU: 1 PID: 15535 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1556.701669][T15535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1556.711725][T15535] Call Trace: [ 1556.715009][T15535] dump_stack+0x137/0x19d [ 1556.719362][T15535] should_fail+0x23c/0x250 [ 1556.723819][T15535] __should_failslab+0x81/0x90 [ 1556.728655][T15535] ? io_uring_alloc_task_context+0xc0/0x2b0 [ 1556.734585][T15535] should_failslab+0x5/0x20 [ 1556.739104][T15535] kmem_cache_alloc_trace+0x49/0x310 [ 1556.744417][T15535] ? _raw_spin_unlock_irqrestore+0x27/0x40 [ 1556.750309][T15535] io_uring_alloc_task_context+0xc0/0x2b0 [ 1556.756067][T15535] ? alloc_fd+0x388/0x3e0 [ 1556.760401][T15535] io_uring_add_task_file+0x68/0x200 06:49:17 executing program 5 (fault-call:0 fault-nth:1): socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:17 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x200000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:17 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:17 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xa9000) 06:49:17 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e33000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:17 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x400000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1556.765714][T15535] io_uring_create+0x1734/0x18d0 [ 1556.770653][T15535] ? should_fail+0xd6/0x250 [ 1556.775152][T15535] __x64_sys_io_uring_setup+0xe1/0x120 [ 1556.780821][T15535] do_syscall_64+0x4a/0x90 [ 1556.785255][T15535] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1556.791146][T15535] RIP: 0033:0x4665d9 [ 1556.795069][T15535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1556.815058][T15535] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1556.819559][T15551] FAULT_INJECTION: forcing a failure. [ 1556.819559][T15551] name failslab, interval 1, probability 0, space 0, times 0 [ 1556.823507][T15535] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1556.823533][T15535] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1556.823545][T15535] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1556.823557][T15535] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1556.867916][T15535] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1556.875881][T15551] CPU: 0 PID: 15551 Comm: syz-executor.5 Not tainted 5.13.0-rc4-syzkaller #0 [ 1556.884671][T15551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1556.894743][T15551] Call Trace: [ 1556.898023][T15551] dump_stack+0x137/0x19d [ 1556.902358][T15551] should_fail+0x23c/0x250 [ 1556.906827][T15551] ? __anon_vma_prepare+0x41/0x2d0 [ 1556.912037][T15551] __should_failslab+0x81/0x90 [ 1556.916900][T15551] should_failslab+0x5/0x20 [ 1556.921476][T15551] kmem_cache_alloc+0x46/0x2f0 [ 1556.926258][T15551] ? pte_alloc_one+0x84/0xb0 [ 1556.930869][T15551] __anon_vma_prepare+0x41/0x2d0 [ 1556.935894][T15551] do_anonymous_page+0x7bc/0x8b0 [ 1556.940940][T15551] ? get_page_from_freelist+0x53e/0x800 [ 1556.946486][T15551] handle_mm_fault+0x96f/0x1a70 [ 1556.951431][T15551] do_user_addr_fault+0x60c/0xc00 [ 1556.956452][T15551] ? __fsnotify_parent+0x32f/0x430 [ 1556.961571][T15551] exc_page_fault+0x94/0x230 06:49:17 executing program 2 (fault-call:2 fault-nth:19): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:17 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f0000ffa000/0x3000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e32000/0x1000)=nil, 0x1000, 0x0, 0x7269347bc921db5d, r0, 0x70963000) 06:49:17 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:17 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xaa000) 06:49:17 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x401000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:17 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x402e1d}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1556.966162][T15551] asm_exc_page_fault+0x1e/0x30 [ 1556.971069][T15551] RIP: 0010:__put_user_nocheck_4+0x3/0x11 [ 1556.976814][T15551] Code: 00 00 48 39 d9 73 54 0f 1f 00 66 89 01 31 c9 0f 1f 00 c3 0f 1f 44 00 00 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 1f 00 <89> 01 31 c9 0f 1f 00 c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f [ 1556.988561][T15561] FAULT_INJECTION: forcing a failure. [ 1556.988561][T15561] name failslab, interval 1, probability 0, space 0, times 0 [ 1556.996418][T15551] RSP: 0018:ffffc9000763be80 EFLAGS: 00010293 [ 1556.996438][T15551] RAX: 0000000000000004 RBX: 00007fffffffeffd RCX: 0000000020000040 [ 1556.996455][T15551] RDX: ffff88811dda9040 RSI: 0000000000000005 RDI: 00000000ffffffff [ 1557.031038][T15551] RBP: 000000000000000a R08: ffffffff824241b6 R09: 0001ffff83a3259f [ 1557.039175][T15551] R10: 000188811d86f707 R11: 0000000000000000 R12: 0000000000000002 [ 1557.047215][T15551] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000000000005 [ 1557.055174][T15551] ? __sys_socketpair+0x96/0x800 [ 1557.060241][T15551] __sys_socketpair+0xb2/0x800 [ 1557.065034][T15551] ? ksys_write+0x157/0x180 [ 1557.069519][T15551] ? fpregs_assert_state_consistent+0x7d/0x90 [ 1557.075767][T15551] __x64_sys_socketpair+0x4e/0x60 [ 1557.080867][T15551] do_syscall_64+0x4a/0x90 [ 1557.085273][T15551] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1557.091263][T15551] RIP: 0033:0x4665d9 [ 1557.095140][T15551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1557.114824][T15551] RSP: 002b:00007f1597e6c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1557.123249][T15551] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1557.131201][T15551] RDX: 000000000000003f RSI: 0000000000000002 RDI: 000000000000000a [ 1557.139314][T15551] RBP: 00007f1597e6c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1557.147274][T15551] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 1557.155236][T15551] R13: 00007ffe14b345af R14: 00007f1597e6c300 R15: 0000000000022000 06:49:17 executing program 5 (fault-call:0 fault-nth:2): socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) [ 1557.163194][T15561] CPU: 1 PID: 15561 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1557.172108][T15561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1557.182243][T15561] Call Trace: [ 1557.185611][T15561] dump_stack+0x137/0x19d [ 1557.192994][T15561] should_fail+0x23c/0x250 [ 1557.197429][T15561] __should_failslab+0x81/0x90 [ 1557.202373][T15561] ? io_wq_create+0x6a/0x6e0 [ 1557.206965][T15561] should_failslab+0x5/0x20 [ 1557.211472][T15561] kmem_cache_alloc_trace+0x49/0x310 [ 1557.216849][T15561] io_wq_create+0x6a/0x6e0 06:49:17 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xab000) 06:49:17 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:17 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4af000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1557.221260][T15561] ? io_uring_alloc_task_context+0xc0/0x2b0 [ 1557.227178][T15561] io_uring_alloc_task_context+0x15a/0x2b0 [ 1557.232989][T15561] ? io_free_work+0x30/0x30 [ 1557.237541][T15561] ? tctx_task_work+0x3d0/0x3d0 [ 1557.242477][T15561] io_uring_add_task_file+0x68/0x200 [ 1557.247864][T15561] io_uring_create+0x1734/0x18d0 [ 1557.252910][T15561] ? should_fail+0xd6/0x250 [ 1557.257411][T15561] __x64_sys_io_uring_setup+0xe1/0x120 [ 1557.263011][T15561] do_syscall_64+0x4a/0x90 06:49:17 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4fd000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:17 executing program 4 (fault-call:0 fault-nth:0): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1557.267478][T15561] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1557.273579][T15561] RIP: 0033:0x4665d9 [ 1557.277526][T15561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1557.297125][T15561] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1557.305567][T15561] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1557.313628][T15561] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1557.321799][T15561] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1557.329772][T15561] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1557.337896][T15561] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1557.345644][T15578] FAULT_INJECTION: forcing a failure. [ 1557.345644][T15578] name failslab, interval 1, probability 0, space 0, times 0 [ 1557.358488][T15578] CPU: 0 PID: 15578 Comm: syz-executor.5 Not tainted 5.13.0-rc4-syzkaller #0 [ 1557.358753][T15585] FAULT_INJECTION: forcing a failure. [ 1557.358753][T15585] name failslab, interval 1, probability 0, space 0, times 0 [ 1557.367413][T15578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1557.367427][T15578] Call Trace: [ 1557.367435][T15578] dump_stack+0x137/0x19d [ 1557.397873][T15578] should_fail+0x23c/0x250 [ 1557.402357][T15578] ? __anon_vma_prepare+0x92/0x2d0 [ 1557.407453][T15578] __should_failslab+0x81/0x90 [ 1557.412377][T15578] should_failslab+0x5/0x20 [ 1557.416865][T15578] kmem_cache_alloc+0x46/0x2f0 [ 1557.421614][T15578] ? __anon_vma_prepare+0x41/0x2d0 [ 1557.426775][T15578] __anon_vma_prepare+0x92/0x2d0 [ 1557.431739][T15578] do_anonymous_page+0x7bc/0x8b0 [ 1557.436701][T15578] ? get_page_from_freelist+0x53e/0x800 [ 1557.442430][T15578] handle_mm_fault+0x96f/0x1a70 [ 1557.447276][T15578] do_user_addr_fault+0x60c/0xc00 [ 1557.452288][T15578] ? __fsnotify_parent+0x32f/0x430 [ 1557.457431][T15578] exc_page_fault+0x94/0x230 [ 1557.462006][T15578] asm_exc_page_fault+0x1e/0x30 [ 1557.466839][T15578] RIP: 0010:__put_user_nocheck_4+0x3/0x11 [ 1557.472543][T15578] Code: 00 00 48 39 d9 73 54 0f 1f 00 66 89 01 31 c9 0f 1f 00 c3 0f 1f 44 00 00 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 1f 00 <89> 01 31 c9 0f 1f 00 c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f [ 1557.492221][T15578] RSP: 0018:ffffc90007703e80 EFLAGS: 00010293 [ 1557.498278][T15578] RAX: 0000000000000004 RBX: 00007fffffffeffd RCX: 0000000020000040 [ 1557.506330][T15578] RDX: ffff888109626080 RSI: 0000000000000005 RDI: 00000000ffffffff [ 1557.514288][T15578] RBP: 000000000000000a R08: ffffffff824241b6 R09: 0001ffff83a3259f [ 1557.522239][T15578] R10: 00018881047c6f87 R11: 0000000000000000 R12: 0000000000000002 [ 1557.530192][T15578] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000000000005 [ 1557.538147][T15578] ? __sys_socketpair+0x96/0x800 [ 1557.543164][T15578] __sys_socketpair+0xb2/0x800 [ 1557.548001][T15578] ? ksys_write+0x157/0x180 [ 1557.552482][T15578] ? fpregs_assert_state_consistent+0x7d/0x90 [ 1557.558554][T15578] __x64_sys_socketpair+0x4e/0x60 [ 1557.563570][T15578] do_syscall_64+0x4a/0x90 [ 1557.568051][T15578] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1557.573928][T15578] RIP: 0033:0x4665d9 [ 1557.577801][T15578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1557.597499][T15578] RSP: 002b:00007f1597e6c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1557.605902][T15578] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1557.613853][T15578] RDX: 000000000000003f RSI: 0000000000000002 RDI: 000000000000000a [ 1557.621878][T15578] RBP: 00007f1597e6c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1557.632173][T15578] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 1557.640172][T15578] R13: 00007ffe14b345af R14: 00007f1597e6c300 R15: 0000000000022000 [ 1557.648136][T15585] CPU: 1 PID: 15585 Comm: syz-executor.4 Not tainted 5.13.0-rc4-syzkaller #0 [ 1557.656995][T15585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1557.667169][T15585] Call Trace: 06:49:18 executing program 2 (fault-call:2 fault-nth:20): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:18 executing program 1: mlock(&(0x7f0000ffc000/0x1000)=nil, 0x1000) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2800000, 0xc9150, 0xffffffffffffffff, 0x2341d000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000ffc000/0x4000)=nil) 06:49:18 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x541000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:18 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xac000) 06:49:18 executing program 5 (fault-call:0 fault-nth:3): socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) [ 1557.670499][T15585] dump_stack+0x137/0x19d [ 1557.674934][T15585] should_fail+0x23c/0x250 [ 1557.679341][T15585] ? vm_area_dup+0x44/0x120 [ 1557.684010][T15585] __should_failslab+0x81/0x90 [ 1557.688782][T15585] should_failslab+0x5/0x20 [ 1557.693346][T15585] kmem_cache_alloc+0x46/0x2f0 [ 1557.698267][T15585] vm_area_dup+0x44/0x120 [ 1557.702665][T15585] ? __alloc_pages+0x194/0x320 [ 1557.707513][T15585] ? __mod_memcg_lruvec_state+0xaa/0x190 [ 1557.712901][T15590] FAULT_INJECTION: forcing a failure. [ 1557.712901][T15590] name failslab, interval 1, probability 0, space 0, times 0 [ 1557.713146][T15585] ? kstrtoull+0x30e/0x350 [ 1557.730314][T15585] __split_vma+0x82/0x320 [ 1557.734633][T15585] ? vmacache_find+0x2df/0x320 [ 1557.739476][T15585] __do_munmap+0x27c/0x1340 [ 1557.744016][T15585] ? kcsan_setup_watchpoint+0x213/0x380 [ 1557.749616][T15585] do_munmap+0x2c/0x40 [ 1557.753755][T15585] __do_sys_mremap+0x6cd/0xc20 [ 1557.758590][T15585] __x64_sys_mremap+0x63/0x70 [ 1557.763256][T15585] do_syscall_64+0x4a/0x90 [ 1557.767658][T15585] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1557.773544][T15585] RIP: 0033:0x4665d9 [ 1557.777506][T15585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1557.797117][T15585] RSP: 002b:00007f098da5a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1557.805535][T15585] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1557.813488][T15585] RDX: 00000000001e1000 RSI: 0000000000012000 RDI: 0000000020e1f000 [ 1557.821441][T15585] RBP: 00007f098da5a1d0 R08: 0000000020e31000 R09: 0000000000000000 [ 1557.829392][T15585] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 1557.837342][T15585] R13: 00007ffe6c69cd8f R14: 00007f098da5a300 R15: 0000000000022000 [ 1557.845298][T15590] CPU: 0 PID: 15590 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1557.854061][T15590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1557.864139][T15590] Call Trace: [ 1557.867414][T15590] dump_stack+0x137/0x19d [ 1557.871736][T15590] should_fail+0x23c/0x250 [ 1557.876270][T15590] ? io_wq_create+0x96/0x6e0 [ 1557.880922][T15590] __should_failslab+0x81/0x90 [ 1557.885687][T15590] should_failslab+0x5/0x20 [ 1557.890216][T15590] __kmalloc+0x66/0x340 [ 1557.894377][T15590] ? kmem_cache_alloc_trace+0x215/0x310 [ 1557.899940][T15590] ? io_wq_create+0x6a/0x6e0 [ 1557.904696][T15590] io_wq_create+0x96/0x6e0 [ 1557.909124][T15590] ? io_uring_alloc_task_context+0xc0/0x2b0 [ 1557.915033][T15590] io_uring_alloc_task_context+0x15a/0x2b0 [ 1557.920375][T15594] FAULT_INJECTION: forcing a failure. [ 1557.920375][T15594] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1557.920852][T15590] ? io_free_work+0x30/0x30 [ 1557.938542][T15590] ? tctx_task_work+0x3d0/0x3d0 [ 1557.943468][T15590] io_uring_add_task_file+0x68/0x200 [ 1557.948773][T15590] io_uring_create+0x1734/0x18d0 [ 1557.953695][T15590] ? should_fail+0xd6/0x250 [ 1557.958346][T15590] __x64_sys_io_uring_setup+0xe1/0x120 [ 1557.963790][T15590] do_syscall_64+0x4a/0x90 [ 1557.968190][T15590] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1557.974178][T15590] RIP: 0033:0x4665d9 [ 1557.978217][T15590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1557.997813][T15590] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1558.006293][T15590] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1558.014251][T15590] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 06:49:18 executing program 4 (fault-call:0 fault-nth:1): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:18 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xad000) 06:49:18 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x600000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1558.022307][T15590] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1558.030359][T15590] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1558.038310][T15590] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1558.046342][T15594] CPU: 1 PID: 15594 Comm: syz-executor.5 Not tainted 5.13.0-rc4-syzkaller #0 [ 1558.055111][T15594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1558.057898][T15602] FAULT_INJECTION: forcing a failure. [ 1558.057898][T15602] name failslab, interval 1, probability 0, space 0, times 0 [ 1558.065168][T15594] Call Trace: [ 1558.065177][T15594] dump_stack+0x137/0x19d [ 1558.085744][T15594] should_fail+0x23c/0x250 [ 1558.090149][T15594] __alloc_pages+0x102/0x320 [ 1558.094725][T15594] alloc_pages_vma+0x391/0x660 [ 1558.099473][T15594] ? __anon_vma_prepare+0x236/0x2d0 [ 1558.104751][T15594] do_anonymous_page+0x16e/0x8b0 [ 1558.109675][T15594] handle_mm_fault+0x96f/0x1a70 [ 1558.114565][T15594] do_user_addr_fault+0x60c/0xc00 [ 1558.119660][T15594] ? __fsnotify_parent+0x32f/0x430 [ 1558.124757][T15594] exc_page_fault+0x94/0x230 [ 1558.129678][T15594] asm_exc_page_fault+0x1e/0x30 [ 1558.134623][T15594] RIP: 0010:__put_user_nocheck_4+0x3/0x11 [ 1558.140457][T15594] Code: 00 00 48 39 d9 73 54 0f 1f 00 66 89 01 31 c9 0f 1f 00 c3 0f 1f 44 00 00 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 1f 00 <89> 01 31 c9 0f 1f 00 c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f [ 1558.160218][T15594] RSP: 0018:ffffc90007983e80 EFLAGS: 00010293 [ 1558.166272][T15594] RAX: 0000000000000004 RBX: 00007fffffffeffd RCX: 0000000020000040 [ 1558.174229][T15594] RDX: ffff88811de9d080 RSI: 0000000000000005 RDI: 00000000ffffffff [ 1558.182197][T15594] RBP: 000000000000000a R08: ffffffff824241b6 R09: 0001ffff83a3259f [ 1558.190171][T15594] R10: 0001888106c16a07 R11: 0000000000000000 R12: 0000000000000002 [ 1558.198128][T15594] R13: 0000000020000040 R14: 0000000000000000 R15: 0000000000000005 [ 1558.206246][T15594] ? __sys_socketpair+0x96/0x800 [ 1558.211184][T15594] __sys_socketpair+0xb2/0x800 [ 1558.216069][T15594] ? ksys_write+0x157/0x180 [ 1558.220577][T15594] ? fpregs_assert_state_consistent+0x7d/0x90 [ 1558.226750][T15594] __x64_sys_socketpair+0x4e/0x60 [ 1558.232109][T15594] do_syscall_64+0x4a/0x90 [ 1558.236748][T15594] ? irqentry_exit_to_user_mode+0x5/0x20 [ 1558.242600][T15594] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1558.248498][T15594] RIP: 0033:0x4665d9 [ 1558.252388][T15594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1558.272025][T15594] RSP: 002b:00007f1597e6c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1558.280453][T15594] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1558.288571][T15594] RDX: 000000000000003f RSI: 0000000000000002 RDI: 000000000000000a [ 1558.296632][T15594] RBP: 00007f1597e6c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1558.304591][T15594] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 1558.312559][T15594] R13: 00007ffe14b345af R14: 00007f1597e6c300 R15: 0000000000022000 [ 1558.320575][T15602] CPU: 0 PID: 15602 Comm: syz-executor.4 Not tainted 5.13.0-rc4-syzkaller #0 [ 1558.329340][T15602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1558.339471][T15602] Call Trace: [ 1558.342752][T15602] dump_stack+0x137/0x19d [ 1558.347087][T15602] should_fail+0x23c/0x250 [ 1558.351672][T15602] ? vm_area_dup+0x44/0x120 [ 1558.356249][T15602] __should_failslab+0x81/0x90 [ 1558.361032][T15602] should_failslab+0x5/0x20 [ 1558.365624][T15602] kmem_cache_alloc+0x46/0x2f0 [ 1558.370387][T15602] ? __vma_adjust+0x196e/0x1b30 [ 1558.375234][T15602] vm_area_dup+0x44/0x120 [ 1558.379576][T15602] __split_vma+0x82/0x320 [ 1558.383966][T15602] ? vmacache_find+0x157/0x320 [ 1558.388748][T15602] __do_munmap+0x27c/0x1340 [ 1558.393431][T15602] do_munmap+0x2c/0x40 [ 1558.397583][T15602] move_vma+0x57c/0x870 [ 1558.401798][T15602] __do_sys_mremap+0x9cb/0xc20 [ 1558.406633][T15602] __x64_sys_mremap+0x63/0x70 [ 1558.411315][T15602] do_syscall_64+0x4a/0x90 [ 1558.413474][T15609] FAULT_INJECTION: forcing a failure. [ 1558.413474][T15609] name failslab, interval 1, probability 0, space 0, times 0 [ 1558.415928][T15602] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1558.415973][T15602] RIP: 0033:0x4665d9 [ 1558.438363][T15602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1558.458016][T15602] RSP: 002b:00007f098da5a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1558.466416][T15602] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 06:49:19 executing program 5 (fault-call:0 fault-nth:4): socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:19 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x80ffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:19 executing program 2 (fault-call:2 fault-nth:21): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:19 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xae000) [ 1558.474371][T15602] RDX: 00000000001e1000 RSI: 0000000000012000 RDI: 0000000020e1f000 [ 1558.482428][T15602] RBP: 00007f098da5a1d0 R08: 0000000020e31000 R09: 0000000000000000 [ 1558.490624][T15602] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 1558.498701][T15602] R13: 00007ffe6c69cd8f R14: 00007f098da5a300 R15: 0000000000022000 [ 1558.506657][T15609] CPU: 1 PID: 15609 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1558.515422][T15609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1558.525541][T15609] Call Trace: [ 1558.528606][T15611] FAULT_INJECTION: forcing a failure. [ 1558.528606][T15611] name failslab, interval 1, probability 0, space 0, times 0 [ 1558.528811][T15609] dump_stack+0x137/0x19d [ 1558.545682][T15609] should_fail+0x23c/0x250 [ 1558.550141][T15609] __should_failslab+0x81/0x90 [ 1558.554897][T15609] should_failslab+0x5/0x20 [ 1558.559459][T15609] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 1558.565164][T15609] ? __cpuhp_state_add_instance_cpuslocked+0x1dc/0x330 [ 1558.572001][T15609] ? io_wq_create+0x257/0x6e0 [ 1558.576869][T15609] io_wq_create+0x257/0x6e0 [ 1558.581357][T15609] io_uring_alloc_task_context+0x15a/0x2b0 [ 1558.587148][T15609] ? io_free_work+0x30/0x30 [ 1558.591635][T15609] ? tctx_task_work+0x3d0/0x3d0 [ 1558.596484][T15609] io_uring_add_task_file+0x68/0x200 [ 1558.603519][T15609] io_uring_create+0x1734/0x18d0 [ 1558.608516][T15609] ? should_fail+0xd6/0x250 [ 1558.613046][T15609] __x64_sys_io_uring_setup+0xe1/0x120 [ 1558.618514][T15609] do_syscall_64+0x4a/0x90 [ 1558.622981][T15609] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1558.628877][T15609] RIP: 0033:0x4665d9 [ 1558.632774][T15609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1558.652377][T15609] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1558.660771][T15609] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1558.668726][T15609] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1558.676680][T15609] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1558.684635][T15609] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1558.692601][T15609] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1558.700563][T15611] CPU: 0 PID: 15611 Comm: syz-executor.5 Not tainted 5.13.0-rc4-syzkaller #0 [ 1558.709336][T15611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1558.719565][T15611] Call Trace: [ 1558.722889][T15611] dump_stack+0x137/0x19d [ 1558.727289][T15611] should_fail+0x23c/0x250 [ 1558.731710][T15611] ? sock_alloc_inode+0x23/0x90 [ 1558.736642][T15611] __should_failslab+0x81/0x90 [ 1558.741412][T15611] ? sockfs_init_fs_context+0x70/0x70 [ 1558.746911][T15611] should_failslab+0x5/0x20 [ 1558.751415][T15611] kmem_cache_alloc+0x46/0x2f0 [ 1558.756265][T15611] ? selinux_socket_create+0xec/0x170 [ 1558.761818][T15611] ? sockfs_init_fs_context+0x70/0x70 [ 1558.767389][T15611] sock_alloc_inode+0x23/0x90 [ 1558.772210][T15611] ? sockfs_init_fs_context+0x70/0x70 06:49:19 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xaf000) 06:49:19 executing program 2 (fault-call:2 fault-nth:22): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:19 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = shmget(0x0, 0x3000, 0x80, &(0x7f0000e31000/0x3000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) getresuid(&(0x7f0000000000), &(0x7f0000000040)=0x0, &(0x7f0000000080)) r2 = getpid() sched_getparam(r2, &(0x7f0000000540)) shmctl$IPC_SET(r0, 0x1, &(0x7f00000000c0)={{0x1, 0x0, 0x0, r1, 0xffffffffffffffff, 0x28, 0x3}, 0x7, 0x1, 0x7ff, 0x8, r2, 0x0, 0x45}) r3 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r3, 0x0) shmat(r3, &(0x7f0000ffc000/0x3000)=nil, 0x0) 06:49:19 executing program 4 (fault-call:0 fault-nth:2): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:19 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x970000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1558.777587][T15611] new_inode_pseudo+0x38/0x1c0 [ 1558.782360][T15611] __sock_create+0x122/0x4f0 [ 1558.786973][T15611] __sys_socketpair+0x180/0x800 [ 1558.791834][T15611] ? ksys_write+0x157/0x180 [ 1558.796332][T15611] ? fpregs_assert_state_consistent+0x7d/0x90 [ 1558.802432][T15611] __x64_sys_socketpair+0x4e/0x60 [ 1558.807503][T15611] do_syscall_64+0x4a/0x90 [ 1558.812077][T15611] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1558.818028][T15611] RIP: 0033:0x4665d9 06:49:19 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xc04a01}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1558.821922][T15611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1558.841717][T15611] RSP: 002b:00007f1597e6c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1558.850181][T15611] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1558.858160][T15611] RDX: 000000000000003f RSI: 0000000000000002 RDI: 000000000000000a [ 1558.863420][T15621] FAULT_INJECTION: forcing a failure. [ 1558.863420][T15621] name failslab, interval 1, probability 0, space 0, times 0 [ 1558.866156][T15611] RBP: 00007f1597e6c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1558.866172][T15611] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 1558.894769][T15611] R13: 00007ffe14b345af R14: 00007f1597e6c300 R15: 0000000000022000 [ 1558.902733][T15621] CPU: 1 PID: 15621 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1558.902823][T15611] socket: no more sockets [ 1558.911538][T15621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1558.911549][T15621] Call Trace: [ 1558.911555][T15621] dump_stack+0x137/0x19d [ 1558.924054][T15626] FAULT_INJECTION: forcing a failure. [ 1558.924054][T15626] name failslab, interval 1, probability 0, space 0, times 0 [ 1558.925963][T15621] should_fail+0x23c/0x250 [ 1558.950678][T15621] __should_failslab+0x81/0x90 [ 1558.955444][T15621] ? io_uring_add_task_file+0xdc/0x200 [ 1558.960888][T15621] should_failslab+0x5/0x20 [ 1558.965405][T15621] kmem_cache_alloc_trace+0x49/0x310 [ 1558.970949][T15621] ? xa_load+0x249/0x260 [ 1558.975177][T15621] io_uring_add_task_file+0xdc/0x200 [ 1558.980444][T15621] io_uring_create+0x1734/0x18d0 [ 1558.985371][T15621] ? should_fail+0xd6/0x250 [ 1558.989859][T15621] __x64_sys_io_uring_setup+0xe1/0x120 [ 1558.995315][T15621] do_syscall_64+0x4a/0x90 [ 1558.999841][T15621] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1559.005974][T15621] RIP: 0033:0x4665d9 [ 1559.009881][T15621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1559.029568][T15621] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1559.038052][T15621] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1559.046014][T15621] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1559.054334][T15621] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1559.062417][T15621] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1559.070398][T15621] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:19 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xb0000) 06:49:19 executing program 2 (fault-call:2 fault-nth:23): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1559.078447][T15626] CPU: 0 PID: 15626 Comm: syz-executor.4 Not tainted 5.13.0-rc4-syzkaller #0 [ 1559.087393][T15626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1559.097592][T15626] Call Trace: [ 1559.100870][T15626] dump_stack+0x137/0x19d [ 1559.105203][T15626] should_fail+0x23c/0x250 [ 1559.109627][T15626] ? vm_area_dup+0x44/0x120 [ 1559.114144][T15626] __should_failslab+0x81/0x90 [ 1559.118914][T15626] should_failslab+0x5/0x20 [ 1559.123410][T15626] kmem_cache_alloc+0x46/0x2f0 06:49:19 executing program 5 (fault-call:0 fault-nth:5): socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:19 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e33000/0x1000)=nil, 0x1000, 0x4000, 0x7, &(0x7f0000ffb000/0x4000)=nil) 06:49:19 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xc0ffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1559.128365][T15626] vm_area_dup+0x44/0x120 [ 1559.132887][T15626] __split_vma+0x82/0x320 [ 1559.137224][T15626] ? vmacache_find+0x2df/0x320 [ 1559.141994][T15626] __do_munmap+0x2e9/0x1340 [ 1559.146559][T15626] do_munmap+0x2c/0x40 [ 1559.150678][T15626] move_vma+0x57c/0x870 [ 1559.154922][T15626] __do_sys_mremap+0x9cb/0xc20 [ 1559.159685][T15626] __x64_sys_mremap+0x63/0x70 [ 1559.164412][T15626] do_syscall_64+0x4a/0x90 [ 1559.168931][T15626] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1559.174839][T15626] RIP: 0033:0x4665d9 06:49:19 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) 06:49:19 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xb1000) [ 1559.179170][T15626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1559.198979][T15626] RSP: 002b:00007f098da5a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1559.207476][T15626] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1559.215448][T15626] RDX: 00000000001e1000 RSI: 0000000000012000 RDI: 0000000020e1f000 [ 1559.220931][T15636] FAULT_INJECTION: forcing a failure. [ 1559.220931][T15636] name failslab, interval 1, probability 0, space 0, times 0 [ 1559.223633][T15626] RBP: 00007f098da5a1d0 R08: 0000000020e31000 R09: 0000000000000000 [ 1559.223647][T15626] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 1559.223658][T15626] R13: 00007ffe6c69cd8f R14: 00007f098da5a300 R15: 0000000000022000 [ 1559.260215][T15636] CPU: 1 PID: 15636 Comm: syz-executor.5 Not tainted 5.13.0-rc4-syzkaller #0 [ 1559.269008][T15636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1559.279058][T15636] Call Trace: [ 1559.282346][T15636] dump_stack+0x137/0x19d [ 1559.286676][T15636] should_fail+0x23c/0x250 [ 1559.288796][T15635] FAULT_INJECTION: forcing a failure. [ 1559.288796][T15635] name failslab, interval 1, probability 0, space 0, times 0 [ 1559.291093][T15636] ? security_inode_alloc+0x30/0x180 [ 1559.308945][T15636] __should_failslab+0x81/0x90 [ 1559.313705][T15636] should_failslab+0x5/0x20 [ 1559.318194][T15636] kmem_cache_alloc+0x46/0x2f0 [ 1559.322961][T15636] security_inode_alloc+0x30/0x180 [ 1559.328060][T15636] inode_init_always+0x20b/0x420 [ 1559.332980][T15636] ? sockfs_init_fs_context+0x70/0x70 [ 1559.338340][T15636] new_inode_pseudo+0x73/0x1c0 [ 1559.343333][T15636] __sock_create+0x122/0x4f0 [ 1559.347925][T15636] __sys_socketpair+0x180/0x800 [ 1559.352819][T15636] ? ksys_write+0x157/0x180 [ 1559.357392][T15636] ? fpregs_assert_state_consistent+0x7d/0x90 [ 1559.363572][T15636] __x64_sys_socketpair+0x4e/0x60 [ 1559.368588][T15636] do_syscall_64+0x4a/0x90 [ 1559.373122][T15636] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1559.379002][T15636] RIP: 0033:0x4665d9 [ 1559.382882][T15636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1559.402561][T15636] RSP: 002b:00007f1597e6c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1559.410970][T15636] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1559.419001][T15636] RDX: 000000000000003f RSI: 0000000000000002 RDI: 000000000000000a 06:49:20 executing program 1: mlock(&(0x7f0000e33000/0xa000)=nil, 0xa000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:20 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xd04f00}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1559.426956][T15636] RBP: 00007f1597e6c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1559.434910][T15636] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 1559.442950][T15636] R13: 00007ffe14b345af R14: 00007f1597e6c300 R15: 0000000000022000 [ 1559.451010][T15635] CPU: 0 PID: 15635 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1559.451086][T15636] socket: no more sockets [ 1559.459773][T15635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1559.474158][T15635] Call Trace: [ 1559.477435][T15635] dump_stack+0x137/0x19d 06:49:20 executing program 4 (fault-call:0 fault-nth:3): mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:20 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xb2000) 06:49:20 executing program 5 (fault-call:0 fault-nth:6): socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) [ 1559.481793][T15635] should_fail+0x23c/0x250 [ 1559.486204][T15635] ? xas_create+0x96b/0xb30 [ 1559.490710][T15635] __should_failslab+0x81/0x90 [ 1559.495496][T15635] should_failslab+0x5/0x20 [ 1559.499994][T15635] kmem_cache_alloc+0x46/0x2f0 [ 1559.504827][T15635] xas_create+0x96b/0xb30 [ 1559.509246][T15635] xas_store+0x70/0xca0 [ 1559.513442][T15635] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1559.519484][T15635] __xa_store+0xcb/0x320 [ 1559.523735][T15635] xa_store+0x30/0x70 [ 1559.527722][T15635] io_uring_add_task_file+0x111/0x200 [ 1559.532622][T15647] FAULT_INJECTION: forcing a failure. [ 1559.532622][T15647] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1559.533111][T15635] io_uring_create+0x1734/0x18d0 [ 1559.551120][T15635] ? should_fail+0xd6/0x250 [ 1559.555691][T15635] __x64_sys_io_uring_setup+0xe1/0x120 [ 1559.561176][T15635] do_syscall_64+0x4a/0x90 [ 1559.565694][T15635] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1559.571925][T15635] RIP: 0033:0x4665d9 [ 1559.575801][T15635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1559.595393][T15635] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1559.603796][T15635] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1559.611781][T15635] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1559.619868][T15635] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1559.627864][T15635] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1559.635856][T15635] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1559.643869][T15647] CPU: 1 PID: 15647 Comm: syz-executor.4 Not tainted 5.13.0-rc4-syzkaller #0 [ 1559.652718][T15647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1559.662845][T15647] Call Trace: [ 1559.666145][T15647] dump_stack+0x137/0x19d [ 1559.670598][T15647] should_fail+0x23c/0x250 [ 1559.675110][T15647] should_fail_usercopy+0x16/0x20 [ 1559.680136][T15647] _copy_to_user+0x1c/0x90 [ 1559.684571][T15647] simple_read_from_buffer+0xab/0x120 [ 1559.689937][T15647] proc_fail_nth_read+0xf6/0x140 [ 1559.695230][T15647] ? rw_verify_area+0x136/0x250 [ 1559.700119][T15647] ? proc_fault_inject_write+0x200/0x200 [ 1559.705751][T15647] vfs_read+0x154/0x5d0 [ 1559.709969][T15647] ? up_write+0x25/0xc0 [ 1559.714134][T15647] ? __fget_light+0x21b/0x260 [ 1559.718852][T15647] ? __cond_resched+0x11/0x40 [ 1559.723526][T15647] ksys_read+0xce/0x180 [ 1559.727695][T15647] __x64_sys_read+0x3e/0x50 [ 1559.732200][T15647] do_syscall_64+0x4a/0x90 [ 1559.736619][T15647] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1559.739365][T15658] FAULT_INJECTION: forcing a failure. [ 1559.739365][T15658] name failslab, interval 1, probability 0, space 0, times 0 [ 1559.742831][T15647] RIP: 0033:0x41935c [ 1559.742845][T15647] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 06:49:20 executing program 2 (fault-call:2 fault-nth:24): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:20 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xb3000) 06:49:20 executing program 1: ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1c000/0x4000)=nil, 0x4000, 0x4000, 0x4, &(0x7f0000e31000/0x4000)=nil) 06:49:20 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xf04a00}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1559.742860][T15647] RSP: 002b:00007f098da5a170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1559.742878][T15647] RAX: ffffffffffffffda RBX: 0000000020e31000 RCX: 000000000041935c [ 1559.795536][T15647] RDX: 000000000000000f RSI: 00007f098da5a1e0 RDI: 0000000000000003 [ 1559.803496][T15647] RBP: 00007f098da5a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1559.811887][T15647] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 1559.819840][T15647] R13: 00007ffe6c69cd8f R14: 00007f098da5a300 R15: 0000000000022000 [ 1559.827798][T15658] CPU: 0 PID: 15658 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1559.836570][T15653] FAULT_INJECTION: forcing a failure. [ 1559.836570][T15653] name failslab, interval 1, probability 0, space 0, times 0 [ 1559.836754][T15658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1559.836765][T15658] Call Trace: [ 1559.836773][T15658] dump_stack+0x137/0x19d [ 1559.867152][T15658] should_fail+0x23c/0x250 [ 1559.871572][T15658] ? xas_create+0x96b/0xb30 [ 1559.876091][T15658] __should_failslab+0x81/0x90 [ 1559.880842][T15658] should_failslab+0x5/0x20 [ 1559.885413][T15658] kmem_cache_alloc+0x46/0x2f0 [ 1559.890273][T15658] ? xas_create+0x96b/0xb30 [ 1559.894846][T15658] xas_create+0x96b/0xb30 [ 1559.899227][T15658] xas_store+0x70/0xca0 [ 1559.903408][T15658] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1559.909456][T15658] __xa_store+0xcb/0x320 [ 1559.913688][T15658] xa_store+0x30/0x70 [ 1559.917666][T15658] io_uring_add_task_file+0x111/0x200 [ 1559.927117][T15658] io_uring_create+0x1734/0x18d0 [ 1559.932105][T15658] ? should_fail+0xd6/0x250 [ 1559.936600][T15658] __x64_sys_io_uring_setup+0xe1/0x120 [ 1559.942133][T15658] do_syscall_64+0x4a/0x90 [ 1559.946611][T15658] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1559.952579][T15658] RIP: 0033:0x4665d9 [ 1559.956732][T15658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1559.976414][T15658] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1559.984827][T15658] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1559.992785][T15658] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1560.000909][T15658] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1560.009050][T15658] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1560.017008][T15658] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1560.024962][T15653] CPU: 1 PID: 15653 Comm: syz-executor.5 Not tainted 5.13.0-rc4-syzkaller #0 [ 1560.033729][T15653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1560.043792][T15653] Call Trace: [ 1560.047064][T15653] dump_stack+0x137/0x19d [ 1560.051455][T15653] should_fail+0x23c/0x250 [ 1560.055871][T15653] __should_failslab+0x81/0x90 [ 1560.060633][T15653] ? __request_module+0x1ae/0x630 [ 1560.065698][T15653] should_failslab+0x5/0x20 [ 1560.070198][T15653] kmem_cache_alloc_trace+0x49/0x310 [ 1560.075574][T15653] ? inet6_create+0x1c1/0x730 06:49:20 executing program 2 (fault-call:2 fault-nth:25): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:20 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:20 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xf0e120}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:20 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x20, 0x8, 0x0, 0x0, 0x5, 0x4000, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x2, @perf_config_ext={0x2, 0x100000001}, 0x8, 0x8, 0x3f1, 0x0, 0x1, 0x7, 0x20, 0x0, 0x2, 0x0, 0x2}, 0xffffffffffffffff, 0x4, r1, 0x1) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x4, 0x81, 0x5, 0x5cc, 0x2}}) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x4000010, 0xffffffffffffffff, 0xcbc71000) ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f0000000040)) 06:49:20 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) [ 1560.080363][T15653] __request_module+0x1ae/0x630 [ 1560.085215][T15653] ? kmem_cache_alloc+0x201/0x2f0 [ 1560.090335][T15653] ? security_inode_alloc+0x30/0x180 [ 1560.095615][T15653] ? selinux_inode_alloc_security+0xf6/0x110 [ 1560.101599][T15653] inet6_create+0x1c1/0x730 [ 1560.106102][T15653] __sock_create+0x2c7/0x4f0 [ 1560.110708][T15653] __sys_socketpair+0x180/0x800 [ 1560.115639][T15653] ? ksys_write+0x157/0x180 [ 1560.120134][T15653] ? fpregs_assert_state_consistent+0x7d/0x90 [ 1560.126255][T15653] __x64_sys_socketpair+0x4e/0x60 06:49:20 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xb4000) [ 1560.131284][T15653] do_syscall_64+0x4a/0x90 [ 1560.135735][T15653] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1560.141881][T15653] RIP: 0033:0x4665d9 [ 1560.146053][T15653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1560.162462][T15673] FAULT_INJECTION: forcing a failure. [ 1560.162462][T15673] name failslab, interval 1, probability 0, space 0, times 0 [ 1560.165757][T15653] RSP: 002b:00007f1597e6c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1560.165779][T15653] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1560.194660][T15653] RDX: 000000000000003f RSI: 0000000000000002 RDI: 000000000000000a [ 1560.202634][T15653] RBP: 00007f1597e6c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1560.210586][T15653] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 1560.221428][T15653] R13: 00007ffe14b345af R14: 00007f1597e6c300 R15: 0000000000022000 [ 1560.229392][T15673] CPU: 0 PID: 15673 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1560.238150][T15673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1560.248237][T15673] Call Trace: [ 1560.251522][T15673] dump_stack+0x137/0x19d [ 1560.255913][T15673] should_fail+0x23c/0x250 [ 1560.260398][T15673] ? xas_create+0x96b/0xb30 [ 1560.265022][T15673] __should_failslab+0x81/0x90 [ 1560.269786][T15673] should_failslab+0x5/0x20 [ 1560.274452][T15673] kmem_cache_alloc+0x46/0x2f0 [ 1560.279308][T15673] ? xas_create+0x96b/0xb30 [ 1560.283808][T15673] xas_create+0x96b/0xb30 [ 1560.288391][T15673] xas_store+0x70/0xca0 [ 1560.292830][T15673] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1560.298811][T15673] __xa_store+0xcb/0x320 [ 1560.303065][T15673] xa_store+0x30/0x70 [ 1560.307047][T15673] io_uring_add_task_file+0x111/0x200 [ 1560.312554][T15673] io_uring_create+0x1734/0x18d0 [ 1560.317488][T15673] ? should_fail+0xd6/0x250 [ 1560.321988][T15673] __x64_sys_io_uring_setup+0xe1/0x120 [ 1560.326889][T15686] FAULT_INJECTION: forcing a failure. [ 1560.326889][T15686] name failslab, interval 1, probability 0, space 0, times 0 [ 1560.327441][T15673] do_syscall_64+0x4a/0x90 [ 1560.344387][T15673] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1560.350378][T15673] RIP: 0033:0x4665d9 [ 1560.354260][T15673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1560.373982][T15673] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 06:49:20 executing program 1: socket$nl_audit(0x10, 0x3, 0x9) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_WRITE={0x17, 0x1, 0x4004, @fd_index=0x6, 0x2000000, &(0x7f0000000000)="19e0416d08ac52e2a3d02080a92f52414825663367ffcc7387a5a958dcae3545a2dac4bba902d5152a4caebe9e13daefa4fbc9373cc9a878de0c5257716f9a8c26", 0x41, 0x1e}, 0x7) 06:49:20 executing program 5 (fault-call:0 fault-nth:7): socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:20 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:20 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12002, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:20 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xb5000) [ 1560.382469][T15673] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1560.390425][T15673] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1560.398573][T15673] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1560.406636][T15673] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1560.414601][T15673] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1560.422571][T15686] CPU: 1 PID: 15686 Comm: syz-executor.5 Not tainted 5.13.0-rc4-syzkaller #0 [ 1560.431337][T15686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1560.441477][T15686] Call Trace: [ 1560.444816][T15686] dump_stack+0x137/0x19d [ 1560.449231][T15686] should_fail+0x23c/0x250 [ 1560.453645][T15686] ? __request_module+0x1c9/0x630 [ 1560.458757][T15686] __should_failslab+0x81/0x90 [ 1560.463525][T15686] should_failslab+0x5/0x20 [ 1560.468048][T15686] __kmalloc_track_caller+0x64/0x340 [ 1560.473341][T15686] ? kmem_cache_alloc_trace+0x215/0x310 [ 1560.478954][T15686] kstrdup+0x31/0x70 06:49:21 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x14ac000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:21 executing program 2 (fault-call:2 fault-nth:26): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:21 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xb6000) 06:49:21 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12004, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1560.482951][T15686] __request_module+0x1c9/0x630 [ 1560.488073][T15686] ? kmem_cache_alloc+0x201/0x2f0 [ 1560.493104][T15686] ? security_inode_alloc+0x30/0x180 [ 1560.498397][T15686] ? selinux_inode_alloc_security+0xf6/0x110 [ 1560.504396][T15686] inet6_create+0x1c1/0x730 [ 1560.508894][T15686] __sock_create+0x2c7/0x4f0 [ 1560.513496][T15686] __sys_socketpair+0x180/0x800 [ 1560.518353][T15686] ? ksys_write+0x157/0x180 [ 1560.522855][T15686] ? fpregs_assert_state_consistent+0x7d/0x90 [ 1560.529034][T15686] __x64_sys_socketpair+0x4e/0x60 06:49:21 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x1cf000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:21 executing program 1: mlock(&(0x7f0000ffd000/0x1000)=nil, 0x1000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:21 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x2000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1560.534178][T15686] do_syscall_64+0x4a/0x90 [ 1560.538766][T15686] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1560.544817][T15686] RIP: 0033:0x4665d9 [ 1560.548710][T15686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1560.568430][T15686] RSP: 002b:00007f1597e6c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1560.576957][T15686] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 06:49:21 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000003, 0x110, r0, 0x10000000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1560.584927][T15686] RDX: 000000000000003f RSI: 0000000000000002 RDI: 000000000000000a [ 1560.592932][T15686] RBP: 00007f1597e6c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1560.600970][T15686] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 1560.608940][T15686] R13: 00007ffe14b345af R14: 00007f1597e6c300 R15: 0000000000022000 [ 1560.633150][T15709] FAULT_INJECTION: forcing a failure. [ 1560.633150][T15709] name failslab, interval 1, probability 0, space 0, times 0 [ 1560.645904][T15709] CPU: 0 PID: 15709 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1560.654662][T15709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1560.664738][T15709] Call Trace: [ 1560.668016][T15709] dump_stack+0x137/0x19d [ 1560.672354][T15709] should_fail+0x23c/0x250 [ 1560.676768][T15709] ? xas_create+0x96b/0xb30 [ 1560.681265][T15709] __should_failslab+0x81/0x90 [ 1560.686041][T15709] should_failslab+0x5/0x20 [ 1560.690542][T15709] kmem_cache_alloc+0x46/0x2f0 [ 1560.695397][T15709] ? xas_create+0x96b/0xb30 [ 1560.699900][T15709] xas_create+0x96b/0xb30 [ 1560.704231][T15709] xas_store+0x70/0xca0 [ 1560.706923][T15719] FAULT_INJECTION: forcing a failure. [ 1560.706923][T15719] name failslab, interval 1, probability 0, space 0, times 0 [ 1560.708389][T15709] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1560.726926][T15709] __xa_store+0xcb/0x320 [ 1560.731159][T15709] xa_store+0x30/0x70 [ 1560.735132][T15709] io_uring_add_task_file+0x111/0x200 [ 1560.740683][T15709] io_uring_create+0x1734/0x18d0 [ 1560.745603][T15709] ? should_fail+0xd6/0x250 [ 1560.750086][T15709] __x64_sys_io_uring_setup+0xe1/0x120 [ 1560.755534][T15709] do_syscall_64+0x4a/0x90 [ 1560.759994][T15709] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1560.765880][T15709] RIP: 0033:0x4665d9 06:49:21 executing program 5 (fault-call:0 fault-nth:8): socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:21 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x2040000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:21 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x1e1000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:21 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xb7000) 06:49:21 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e31000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = inotify_init() mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000000, 0x4000010, r0, 0x5d971000) r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2, 0x50, 0xffffffffffffffff, 0x8000000) syz_io_uring_setup(0x2775, &(0x7f0000000000)={0x0, 0x724f, 0x0, 0x2, 0x4a}, &(0x7f0000e32000/0x1000)=nil, &(0x7f0000e33000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_SEND={0x1a, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000100)="e812922a784c031fee8024f8a86c658921f4d005b480a7f26fd28ea1e6e5bf4c5d167dcc9c4b9e58243bb75e017eccac8df546415dcac1fb0860fb99167f6226d4c8cd71d0a5c8d8d9151ac825371eb5354b74cbdac236338ad3c0a0547800390f66ca8cae4d57e5531d07f1eeba80f6dbdd3a3a04936fb5548e4bce22ae4935378a4bc7b2f0e20a14fca603be652ffb2c3938fdfc7f78524eedac0a6c56ed22cfe0c8128194d9891343c8ebc80946abbca9700b887153", 0xb7, 0x4040000}, 0xfffffff7) [ 1560.769756][T15709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1560.789343][T15709] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1560.797741][T15709] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1560.805703][T15709] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1560.813670][T15709] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1560.821710][T15709] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1560.829728][T15709] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1560.837698][T15719] CPU: 1 PID: 15719 Comm: syz-executor.5 Not tainted 5.13.0-rc4-syzkaller #0 [ 1560.846644][T15719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1560.856779][T15719] Call Trace: [ 1560.860052][T15719] dump_stack+0x137/0x19d [ 1560.864400][T15719] should_fail+0x23c/0x250 [ 1560.868804][T15719] __should_failslab+0x81/0x90 [ 1560.873591][T15719] ? call_usermodehelper_setup+0x81/0x160 [ 1560.879377][T15719] should_failslab+0x5/0x20 06:49:21 executing program 2 (fault-call:2 fault-nth:27): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:21 executing program 1: ioctl$PTP_SYS_OFFSET(0xffffffffffffffff, 0x43403d05, &(0x7f0000000000)={0xd}) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:21 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x1d0b8000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:21 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xb8000) [ 1560.883875][T15719] kmem_cache_alloc_trace+0x49/0x310 [ 1560.889161][T15719] call_usermodehelper_setup+0x81/0x160 [ 1560.894780][T15719] ? __request_module+0x630/0x630 [ 1560.899794][T15719] __request_module+0x24e/0x630 [ 1560.904633][T15719] ? kmem_cache_alloc+0x201/0x2f0 [ 1560.909669][T15719] ? security_inode_alloc+0x30/0x180 [ 1560.914958][T15719] ? selinux_inode_alloc_security+0xf6/0x110 [ 1560.920976][T15719] inet6_create+0x1c1/0x730 [ 1560.925584][T15719] __sock_create+0x2c7/0x4f0 [ 1560.930185][T15719] __sys_socketpair+0x180/0x800 06:49:21 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x3000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1560.935036][T15719] ? ksys_write+0x157/0x180 [ 1560.939532][T15719] ? fpregs_assert_state_consistent+0x7d/0x90 [ 1560.945683][T15719] __x64_sys_socketpair+0x4e/0x60 [ 1560.950707][T15719] do_syscall_64+0x4a/0x90 [ 1560.953973][T15732] FAULT_INJECTION: forcing a failure. [ 1560.953973][T15732] name failslab, interval 1, probability 0, space 0, times 0 [ 1560.955194][T15719] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1560.973714][T15719] RIP: 0033:0x4665d9 [ 1560.977705][T15719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1560.997447][T15719] RSP: 002b:00007f1597e6c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1561.005842][T15719] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1561.013812][T15719] RDX: 000000000000003f RSI: 0000000000000002 RDI: 000000000000000a [ 1561.021851][T15719] RBP: 00007f1597e6c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1561.029802][T15719] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 1561.037775][T15719] R13: 00007ffe14b345af R14: 00007f1597e6c300 R15: 0000000000022000 [ 1561.045787][T15732] CPU: 0 PID: 15732 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1561.054874][T15732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1561.065177][T15732] Call Trace: [ 1561.068468][T15732] dump_stack+0x137/0x19d [ 1561.072803][T15732] should_fail+0x23c/0x250 [ 1561.077214][T15732] ? xas_create+0x96b/0xb30 [ 1561.081795][T15732] __should_failslab+0x81/0x90 [ 1561.086599][T15732] should_failslab+0x5/0x20 [ 1561.091091][T15732] kmem_cache_alloc+0x46/0x2f0 [ 1561.096129][T15732] ? xas_create+0x96b/0xb30 [ 1561.100694][T15732] xas_create+0x96b/0xb30 [ 1561.105130][T15732] xas_store+0x70/0xca0 [ 1561.109332][T15732] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1561.115892][T15732] __xa_store+0xcb/0x320 [ 1561.120384][T15732] xa_store+0x30/0x70 [ 1561.124701][T15732] io_uring_add_task_file+0x111/0x200 [ 1561.130160][T15732] io_uring_create+0x1734/0x18d0 06:49:21 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x4000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:21 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x1f1cf000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:21 executing program 5 (fault-call:0 fault-nth:9): socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:21 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xb9000) 06:49:21 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:21 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x6040000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1561.135204][T15732] ? should_fail+0xd6/0x250 [ 1561.139723][T15732] __x64_sys_io_uring_setup+0xe1/0x120 [ 1561.145297][T15732] do_syscall_64+0x4a/0x90 [ 1561.149809][T15732] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1561.155727][T15732] RIP: 0033:0x4665d9 [ 1561.159804][T15732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1561.179762][T15732] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 06:49:21 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x1f1e1000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1561.188298][T15732] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1561.196275][T15732] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1561.204286][T15732] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1561.212287][T15732] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1561.220258][T15732] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:21 executing program 2 (fault-call:2 fault-nth:28): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:21 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000e32000/0x2000)=nil) 06:49:21 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xba000) [ 1561.250087][T15756] FAULT_INJECTION: forcing a failure. [ 1561.250087][T15756] name failslab, interval 1, probability 0, space 0, times 0 [ 1561.262743][T15756] CPU: 0 PID: 15756 Comm: syz-executor.5 Not tainted 5.13.0-rc4-syzkaller #0 [ 1561.271507][T15756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1561.281624][T15756] Call Trace: [ 1561.284906][T15756] dump_stack+0x137/0x19d [ 1561.289234][T15756] should_fail+0x23c/0x250 [ 1561.293638][T15756] __should_failslab+0x81/0x90 06:49:21 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x7000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:21 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x40000000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:22 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) msync(&(0x7f0000e33000/0x2000)=nil, 0x2000, 0x4) sigaltstack(&(0x7f0000e31000/0x3000)=nil, &(0x7f0000000000)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1561.298491][T15756] ? __request_module+0x1ae/0x630 [ 1561.303579][T15756] should_failslab+0x5/0x20 [ 1561.308074][T15756] kmem_cache_alloc_trace+0x49/0x310 [ 1561.313365][T15756] ? inet6_create+0x176/0x730 [ 1561.318042][T15756] __request_module+0x1ae/0x630 [ 1561.322898][T15756] ? inet6_create+0x152/0x730 [ 1561.327596][T15756] ? kmem_cache_alloc+0x201/0x2f0 [ 1561.332900][T15756] ? security_inode_alloc+0x30/0x180 [ 1561.338215][T15756] ? selinux_inode_alloc_security+0xf6/0x110 [ 1561.344392][T15756] inet6_create+0x176/0x730 06:49:22 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x7fffdf1e0000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1561.348889][T15756] __sock_create+0x2c7/0x4f0 [ 1561.353524][T15756] __sys_socketpair+0x180/0x800 [ 1561.358642][T15756] ? ksys_write+0x157/0x180 [ 1561.363141][T15756] ? fpregs_assert_state_consistent+0x7d/0x90 [ 1561.369313][T15756] __x64_sys_socketpair+0x4e/0x60 [ 1561.374336][T15756] do_syscall_64+0x4a/0x90 [ 1561.378766][T15756] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1561.384693][T15756] RIP: 0033:0x4665d9 [ 1561.388576][T15756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1561.406818][T15778] FAULT_INJECTION: forcing a failure. [ 1561.406818][T15778] name failslab, interval 1, probability 0, space 0, times 0 [ 1561.408350][T15756] RSP: 002b:00007f1597e6c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1561.429588][T15756] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1561.437558][T15756] RDX: 000000000000003f RSI: 0000000000000002 RDI: 000000000000000a [ 1561.445656][T15756] RBP: 00007f1597e6c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1561.453611][T15756] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000002 [ 1561.461573][T15756] R13: 00007ffe14b345af R14: 00007f1597e6c300 R15: 0000000000022000 [ 1561.469723][T15778] CPU: 1 PID: 15778 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1561.478489][T15778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1561.488841][T15778] Call Trace: [ 1561.492156][T15778] dump_stack+0x137/0x19d [ 1561.496508][T15778] should_fail+0x23c/0x250 [ 1561.500920][T15778] ? xas_create+0x96b/0xb30 [ 1561.505550][T15778] __should_failslab+0x81/0x90 [ 1561.510311][T15778] should_failslab+0x5/0x20 [ 1561.514799][T15778] kmem_cache_alloc+0x46/0x2f0 [ 1561.519562][T15778] ? xas_create+0x96b/0xb30 [ 1561.524098][T15778] xas_create+0x96b/0xb30 [ 1561.528490][T15778] xas_store+0x70/0xca0 [ 1561.532643][T15778] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1561.538639][T15778] __xa_store+0xcb/0x320 [ 1561.542913][T15778] xa_store+0x30/0x70 06:49:22 executing program 5 (fault-call:0 fault-nth:10): socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:22 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x12000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:22 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x8000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:22 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) 06:49:22 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xbb000) [ 1561.546928][T15778] io_uring_add_task_file+0x111/0x200 [ 1561.552302][T15778] io_uring_create+0x1734/0x18d0 [ 1561.557590][T15778] ? should_fail+0xd6/0x250 [ 1561.562100][T15778] __x64_sys_io_uring_setup+0xe1/0x120 [ 1561.567566][T15778] do_syscall_64+0x4a/0x90 [ 1561.571975][T15778] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1561.577907][T15778] RIP: 0033:0x4665d9 [ 1561.581813][T15778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1561.591795][T15786] FAULT_INJECTION: forcing a failure. [ 1561.591795][T15786] name failslab, interval 1, probability 0, space 0, times 0 [ 1561.601524][T15778] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1561.601547][T15778] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1561.601557][T15778] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1561.601567][T15778] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1561.646417][T15778] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1561.654480][T15778] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1561.662446][T15786] CPU: 0 PID: 15786 Comm: syz-executor.5 Not tainted 5.13.0-rc4-syzkaller #0 [ 1561.671247][T15786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1561.681303][T15786] Call Trace: [ 1561.684579][T15786] dump_stack+0x137/0x19d [ 1561.688907][T15786] should_fail+0x23c/0x250 [ 1561.693333][T15786] ? __request_module+0x1c9/0x630 06:49:22 executing program 2 (fault-call:2 fault-nth:29): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:22 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xbc000) 06:49:22 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x10000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:22 executing program 1: io_uring_setup(0x6a5a, &(0x7f0000000300)={0x0, 0xf8f, 0x8, 0x3, 0x139}) timer_create(0x0, &(0x7f0000000140)={0x0, 0x3f, 0x7, @thr={&(0x7f0000000000)="feddb57f29d880b62deb85ef7a54b6dff554429741bfbaf8a8ba485e03b19f8fd70895fa3b1c984b2af055e03a0d8b521b91eb0c7423621b0cc2065db80a50a1fe1d958be4ec12b9aba8cbf6fed26901e0bae05c048f9acae741a211a93b1c65cc4322ad1bdaa5592b0fbf2f3e6740ea966cc4b3bbfadb53511cc5f7b2b67f581f84730797d5f755384599df8ee96bce965e841a652203ee99fced41cf5a288193de414f3d", &(0x7f00000000c0)="99d539e63a2501a120aac66fc27317fb3b19ee94d1efcf554f20371f7fd536fbe141efab1762016bee566cfb2316a1756aa363b2db9574a8b09543ceda037efc73e9195584aaf64e6d026e9fab7fb20324f9d04edfad15be043dfe6aed5e123b4dac65f06fda9827b565a7422d772f660a4af376de34d5acbad38f7c9c"}}, &(0x7f0000000180)) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8010, 0xffffffffffffffff, 0x8000000) syz_io_uring_setup(0x2051, &(0x7f00000001c0)={0x0, 0x144f, 0x10, 0x3, 0x1a3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000e32000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)=0x0) syz_io_uring_submit(r0, r1, &(0x7f00000002c0)=@IORING_OP_WRITE_FIXED={0x5, 0x3, 0x2004, @fd, 0xfffffffffffff000, 0x10000, 0x830, 0x9, 0x1, {0x1}}, 0x401) 06:49:22 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1002, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:22 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1004, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1561.698531][T15786] __should_failslab+0x81/0x90 [ 1561.703324][T15786] should_failslab+0x5/0x20 [ 1561.708041][T15786] __kmalloc_track_caller+0x64/0x340 [ 1561.713392][T15786] ? kmem_cache_alloc_trace+0x215/0x310 [ 1561.718938][T15786] kstrdup+0x31/0x70 [ 1561.722908][T15786] __request_module+0x1c9/0x630 [ 1561.727774][T15786] ? inet6_create+0x152/0x730 [ 1561.732446][T15786] ? kmem_cache_alloc+0x201/0x2f0 [ 1561.737512][T15786] ? security_inode_alloc+0x30/0x180 [ 1561.742800][T15786] ? selinux_inode_alloc_security+0xf6/0x110 06:49:22 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1d2e4000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1561.748780][T15786] inet6_create+0x176/0x730 [ 1561.753384][T15786] __sock_create+0x2c7/0x4f0 [ 1561.758018][T15786] __sys_socketpair+0x180/0x800 [ 1561.763134][T15786] ? ksys_write+0x157/0x180 [ 1561.767626][T15786] ? fpregs_assert_state_consistent+0x7d/0x90 [ 1561.773713][T15786] __x64_sys_socketpair+0x4e/0x60 [ 1561.778739][T15786] do_syscall_64+0x4a/0x90 [ 1561.783236][T15786] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1561.789121][T15786] RIP: 0033:0x4665d9 [ 1561.793013][T15786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1561.798504][T15800] FAULT_INJECTION: forcing a failure. [ 1561.798504][T15800] name failslab, interval 1, probability 0, space 0, times 0 [ 1561.812709][T15786] RSP: 002b:00007f1597e6c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1561.812731][T15786] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1561.842163][T15786] RDX: 000000000000003f RSI: 0000000000000002 RDI: 000000000000000a [ 1561.850145][T15786] RBP: 00007f1597e6c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1561.858137][T15786] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000002 [ 1561.866122][T15786] R13: 00007ffe14b345af R14: 00007f1597e6c300 R15: 0000000000022000 [ 1561.874097][T15800] CPU: 1 PID: 15800 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1561.882879][T15800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1561.892942][T15800] Call Trace: [ 1561.896220][T15800] dump_stack+0x137/0x19d [ 1561.900548][T15800] should_fail+0x23c/0x250 [ 1561.904972][T15800] ? xas_create+0x96b/0xb30 [ 1561.909472][T15800] __should_failslab+0x81/0x90 [ 1561.914332][T15800] should_failslab+0x5/0x20 [ 1561.919085][T15800] kmem_cache_alloc+0x46/0x2f0 [ 1561.923904][T15800] ? xas_create+0x96b/0xb30 [ 1561.928496][T15800] xas_create+0x96b/0xb30 [ 1561.932837][T15800] xas_store+0x70/0xca0 [ 1561.937012][T15800] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1561.942998][T15800] __xa_store+0xcb/0x320 [ 1561.947324][T15800] xa_store+0x30/0x70 06:49:22 executing program 5 (fault-call:0 fault-nth:11): socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:22 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x7fffdf1ce000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:22 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xbd000) 06:49:22 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x20000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:22 executing program 1: mmap$IORING_OFF_CQ_RING(&(0x7f0000e1f000/0x3000)=nil, 0x3000, 0x1, 0x40010, 0xffffffffffffffff, 0x8000000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mincore(&(0x7f0000e34000/0x4000)=nil, 0x4000, &(0x7f0000000000)=""/45) [ 1561.951318][T15800] io_uring_add_task_file+0x111/0x200 [ 1561.956706][T15800] io_uring_create+0x1734/0x18d0 [ 1561.961650][T15800] ? should_fail+0xd6/0x250 [ 1561.966173][T15800] __x64_sys_io_uring_setup+0xe1/0x120 [ 1561.971688][T15800] do_syscall_64+0x4a/0x90 [ 1561.976346][T15800] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1561.982308][T15800] RIP: 0033:0x4665d9 [ 1561.986199][T15800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1562.005912][T15800] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1562.014372][T15800] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1562.022351][T15800] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1562.030321][T15800] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1562.038286][T15800] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1562.046257][T15800] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1562.047022][T15818] FAULT_INJECTION: forcing a failure. [ 1562.047022][T15818] name failslab, interval 1, probability 0, space 0, times 0 [ 1562.067361][T15818] CPU: 0 PID: 15818 Comm: syz-executor.5 Not tainted 5.13.0-rc4-syzkaller #0 [ 1562.076235][T15818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1562.086286][T15818] Call Trace: [ 1562.089562][T15818] dump_stack+0x137/0x19d [ 1562.093909][T15818] should_fail+0x23c/0x250 [ 1562.098325][T15818] __should_failslab+0x81/0x90 [ 1562.102236][T15827] FAULT_INJECTION: forcing a failure. [ 1562.102236][T15827] name failslab, interval 1, probability 0, space 0, times 0 [ 1562.103119][T15818] ? call_usermodehelper_setup+0x81/0x160 [ 1562.121420][T15818] should_failslab+0x5/0x20 [ 1562.126024][T15818] kmem_cache_alloc_trace+0x49/0x310 [ 1562.131306][T15818] call_usermodehelper_setup+0x81/0x160 [ 1562.136873][T15818] ? __request_module+0x630/0x630 [ 1562.141915][T15818] __request_module+0x24e/0x630 [ 1562.146894][T15818] ? inet6_create+0x152/0x730 [ 1562.151563][T15818] ? kmem_cache_alloc+0x201/0x2f0 [ 1562.156610][T15818] ? security_inode_alloc+0x30/0x180 [ 1562.162063][T15818] ? selinux_inode_alloc_security+0xf6/0x110 [ 1562.168078][T15818] inet6_create+0x176/0x730 [ 1562.172581][T15818] __sock_create+0x2c7/0x4f0 [ 1562.177173][T15818] __sys_socketpair+0x180/0x800 [ 1562.182104][T15818] ? ksys_write+0x157/0x180 [ 1562.186610][T15818] ? fpregs_assert_state_consistent+0x7d/0x90 [ 1562.192719][T15818] __x64_sys_socketpair+0x4e/0x60 [ 1562.197799][T15818] do_syscall_64+0x4a/0x90 [ 1562.202299][T15818] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1562.208180][T15818] RIP: 0033:0x4665d9 [ 1562.212075][T15818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1562.231823][T15818] RSP: 002b:00007f1597e6c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1562.240507][T15818] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 06:49:22 executing program 2 (fault-call:2 fault-nth:30): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:22 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x20e1f000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:22 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x7ffffffff000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:22 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xbe000) 06:49:22 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mincore(&(0x7f0000ffe000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/158) [ 1562.248541][T15818] RDX: 000000000000003f RSI: 0000000000000002 RDI: 000000000000000a [ 1562.256496][T15818] RBP: 00007f1597e6c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1562.264537][T15818] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000002 [ 1562.272505][T15818] R13: 00007ffe14b345af R14: 00007f1597e6c300 R15: 0000000000022000 [ 1562.280501][T15827] CPU: 1 PID: 15827 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1562.289321][T15827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1562.299389][T15827] Call Trace: 06:49:22 executing program 5 (fault-call:0 fault-nth:12): socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:23 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xbf000) [ 1562.302722][T15827] dump_stack+0x137/0x19d [ 1562.307052][T15827] should_fail+0x23c/0x250 [ 1562.311480][T15827] ? xas_create+0x96b/0xb30 [ 1562.315983][T15827] __should_failslab+0x81/0x90 [ 1562.321047][T15827] should_failslab+0x5/0x20 [ 1562.325573][T15827] kmem_cache_alloc+0x46/0x2f0 [ 1562.330339][T15827] ? xas_create+0x96b/0xb30 [ 1562.334918][T15827] xas_create+0x96b/0xb30 [ 1562.339249][T15827] xas_store+0x70/0xca0 [ 1562.343442][T15827] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1562.349418][T15827] __xa_store+0xcb/0x320 06:49:23 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x2, &(0x7f0000e31000/0x4000)=nil) 06:49:23 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x40000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:23 executing program 1: r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x8) ioctl$TCSBRKP(r0, 0x5425, 0x2) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1562.353668][T15827] xa_store+0x30/0x70 [ 1562.357664][T15827] io_uring_add_task_file+0x111/0x200 [ 1562.363030][T15827] io_uring_create+0x1734/0x18d0 [ 1562.367971][T15827] ? should_fail+0xd6/0x250 [ 1562.372479][T15827] __x64_sys_io_uring_setup+0xe1/0x120 [ 1562.378130][T15827] do_syscall_64+0x4a/0x90 [ 1562.382770][T15827] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1562.388670][T15827] RIP: 0033:0x4665d9 06:49:23 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x4, &(0x7f0000e31000/0x4000)=nil) [ 1562.392554][T15827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1562.412295][T15827] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1562.420786][T15827] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1562.428833][T15827] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1562.436796][T15827] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1562.444777][T15827] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 06:49:23 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xc0000) [ 1562.452740][T15827] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1562.485828][T15838] FAULT_INJECTION: forcing a failure. [ 1562.485828][T15838] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1562.498927][T15838] CPU: 0 PID: 15838 Comm: syz-executor.5 Not tainted 5.13.0-rc4-syzkaller #0 [ 1562.507678][T15838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1562.517889][T15838] Call Trace: [ 1562.521158][T15838] dump_stack+0x137/0x19d [ 1562.525556][T15838] should_fail+0x23c/0x250 [ 1562.529992][T15838] should_fail_usercopy+0x16/0x20 [ 1562.535013][T15838] _copy_to_user+0x1c/0x90 [ 1562.539480][T15838] simple_read_from_buffer+0xab/0x120 [ 1562.544992][T15838] proc_fail_nth_read+0xf6/0x140 [ 1562.549950][T15838] ? rw_verify_area+0x136/0x250 [ 1562.554819][T15838] ? proc_fault_inject_write+0x200/0x200 [ 1562.555551][T15863] FAULT_INJECTION: forcing a failure. [ 1562.555551][T15863] name failslab, interval 1, probability 0, space 0, times 0 [ 1562.560578][T15838] vfs_read+0x154/0x5d0 [ 1562.560597][T15838] ? __sock_create+0x481/0x4f0 [ 1562.560620][T15838] ? __fget_light+0x21b/0x260 [ 1562.586692][T15838] ? __cond_resched+0x11/0x40 [ 1562.591467][T15838] ksys_read+0xce/0x180 [ 1562.595613][T15838] __x64_sys_read+0x3e/0x50 [ 1562.600095][T15838] do_syscall_64+0x4a/0x90 [ 1562.604509][T15838] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1562.610415][T15838] RIP: 0033:0x41935c [ 1562.614301][T15838] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1562.633955][T15838] RSP: 002b:00007f1597e6c170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1562.642451][T15838] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000041935c 06:49:23 executing program 2 (fault-call:2 fault-nth:31): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:23 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x494082, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) mq_timedsend(r1, &(0x7f0000000000)="0dc408dcb600d75bda60e2bde35c8547540255fab0f40ffd83c5740c0aafd01b224d316d4227fd26daced216926505cd0a464519ec029b5034c47a89", 0x3c, 0x3, &(0x7f0000000040)) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000c, 0x12, r0, 0x10000000) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) syz_io_uring_submit(0x0, r2, &(0x7f0000000080)=@IORING_OP_TEE={0x21, 0x5, 0x0, @fd=r0, 0x0, 0x0, 0x9, 0x3, 0x0, {0x0, 0x0, r3}}, 0x0) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:23 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xc1000) 06:49:23 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x42000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:23 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x8, &(0x7f0000e31000/0x4000)=nil) [ 1562.650410][T15838] RDX: 000000000000000f RSI: 00007f1597e6c1e0 RDI: 0000000000000003 [ 1562.658363][T15838] RBP: 00007f1597e6c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1562.666316][T15838] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000002 [ 1562.674267][T15838] R13: 00007ffe14b345af R14: 00007f1597e6c300 R15: 0000000000022000 [ 1562.682223][T15863] CPU: 1 PID: 15863 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1562.690985][T15863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1562.701063][T15863] Call Trace: 06:49:23 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:23 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x7f000000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:23 executing program 4: r0 = shmget(0x0, 0x3000, 0x1000, &(0x7f0000ffb000/0x3000)=nil) shmat(r0, &(0x7f0000ffd000/0x3000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = syz_io_uring_setup(0xbd6, &(0x7f0000000000)={0x0, 0xd00c, 0x2, 0x1, 0x26f, 0x0, r1}, &(0x7f0000e1f000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) syz_io_uring_setup(0x7193, &(0x7f0000000100)={0x0, 0xff3e, 0x1, 0x0, 0x287, 0x0, r2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000180)=0x0, &(0x7f00000001c0)) syz_io_uring_submit(r4, r3, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0xf4, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1}}, 0x3) [ 1562.704354][T15863] dump_stack+0x137/0x19d [ 1562.708693][T15863] should_fail+0x23c/0x250 [ 1562.713114][T15863] ? xas_create+0x96b/0xb30 [ 1562.717608][T15863] __should_failslab+0x81/0x90 [ 1562.722383][T15863] should_failslab+0x5/0x20 [ 1562.726885][T15863] kmem_cache_alloc+0x46/0x2f0 [ 1562.731650][T15863] ? xas_create+0x96b/0xb30 [ 1562.736155][T15863] xas_create+0x96b/0xb30 [ 1562.740476][T15863] xas_store+0x70/0xca0 [ 1562.744706][T15863] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1562.750692][T15863] __xa_store+0xcb/0x320 06:49:23 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xc2000) 06:49:23 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xd8010000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1562.754951][T15863] xa_store+0x30/0x70 [ 1562.758966][T15863] io_uring_add_task_file+0x111/0x200 [ 1562.764385][T15863] io_uring_create+0x1734/0x18d0 [ 1562.769420][T15863] ? should_fail+0xd6/0x250 [ 1562.773924][T15863] __x64_sys_io_uring_setup+0xe1/0x120 [ 1562.779427][T15863] do_syscall_64+0x4a/0x90 [ 1562.783896][T15863] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1562.789817][T15863] RIP: 0033:0x4665d9 06:49:23 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000000)="d68c22e6e1c2fef64a906602be3bacf5", 0x10) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f0000e1f000/0x3000)=nil) 06:49:23 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xda010000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1562.793795][T15863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1562.813490][T15863] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1562.822156][T15863] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1562.830619][T15863] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1562.838612][T15863] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1562.846820][T15863] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 06:49:23 executing program 2 (fault-call:2 fault-nth:32): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:23 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xc3000) 06:49:23 executing program 4: mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) mincore(&(0x7f0000ffe000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/116) mmap$IORING_OFF_SQES(&(0x7f0000e30000/0x1000)=nil, 0x1000, 0x6, 0x8010, 0xffffffffffffffff, 0x10000000) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000e33000/0x1000)=nil, 0x6000) mincore(&(0x7f0000e31000/0x4000)=nil, 0x4000, &(0x7f0000000080)=""/128) msync(&(0x7f0000e30000/0x4000)=nil, 0x4000, 0x4) 06:49:23 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xfeffffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:23 executing program 5: socketpair(0x2, 0x2, 0x3f, &(0x7f0000000040)) 06:49:23 executing program 1: mlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mincore(&(0x7f0000e32000/0x4000)=nil, 0x4000, &(0x7f0000000040)=""/59) mmap(&(0x7f0000e33000/0x2000)=nil, 0x2000, 0x1, 0x2010, 0xffffffffffffffff, 0x1795e000) [ 1562.854785][T15863] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:23 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) move_pages(0xffffffffffffffff, 0x7, &(0x7f0000000000)=[&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000e34000/0x1000)=nil, &(0x7f0000e32000/0x2000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000e1f000/0x2000)=nil], &(0x7f0000000040)=[0x5, 0x401, 0x1000, 0x40], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x2) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:23 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xff600000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1562.940117][T15903] FAULT_INJECTION: forcing a failure. [ 1562.940117][T15903] name failslab, interval 1, probability 0, space 0, times 0 [ 1562.952939][T15903] CPU: 1 PID: 15903 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1562.961704][T15903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1562.971755][T15903] Call Trace: [ 1562.975035][T15903] dump_stack+0x137/0x19d [ 1562.979373][T15903] should_fail+0x23c/0x250 [ 1562.983807][T15903] ? xas_create+0x96b/0xb30 06:49:23 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xc4000) 06:49:23 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_setup(0x3593, &(0x7f0000000000)={0x0, 0x499f, 0x10, 0x1, 0x82}, &(0x7f0000e1e000/0x2000)=nil, &(0x7f0000e1c000/0x5000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) syz_io_uring_submit(r0, r1, &(0x7f0000000140)=@IORING_OP_OPENAT={0x12, 0x2, 0x0, r2, 0x0, &(0x7f0000000100)='./file0\x00', 0x106, 0x8040}, 0x1) syz_io_uring_setup(0x393b, &(0x7f0000000180)={0x0, 0x1fcf, 0x10, 0x1, 0xf, 0x0, r2}, &(0x7f0000e32000/0x3000)=nil, &(0x7f0000e1e000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) mmap(&(0x7f0000e1e000/0xa000)=nil, 0xa000, 0x3, 0x100010, r3, 0xba23d000) 06:49:23 executing program 1: mlock(&(0x7f0000e1f000/0xa000)=nil, 0xa000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x113000, 0x0) openat$cgroup_int(r0, &(0x7f0000000040)='cgroup.max.depth\x00', 0x2, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_open_dev$usbmon(&(0x7f0000000080), 0x5, 0x24100) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000100)={&(0x7f00000000c0)=[0x0], 0x1, 0x222}) [ 1562.988311][T15903] __should_failslab+0x81/0x90 [ 1562.993083][T15903] should_failslab+0x5/0x20 [ 1562.997643][T15903] kmem_cache_alloc+0x46/0x2f0 [ 1563.002403][T15903] ? xas_create+0x96b/0xb30 [ 1563.006917][T15903] xas_create+0x96b/0xb30 [ 1563.011254][T15903] xas_store+0x70/0xca0 [ 1563.015525][T15903] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1563.021542][T15903] __xa_store+0xcb/0x320 [ 1563.025800][T15903] xa_store+0x30/0x70 [ 1563.029837][T15903] io_uring_add_task_file+0x111/0x200 [ 1563.035211][T15903] io_uring_create+0x1734/0x18d0 06:49:23 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xffff8000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1563.040156][T15903] ? should_fail+0xd6/0x250 [ 1563.044664][T15903] __x64_sys_io_uring_setup+0xe1/0x120 [ 1563.050181][T15903] do_syscall_64+0x4a/0x90 [ 1563.054696][T15903] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1563.060672][T15903] RIP: 0033:0x4665d9 [ 1563.064582][T15903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 06:49:23 executing program 2 (fault-call:2 fault-nth:33): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:23 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_CQ_RING(&(0x7f0000e33000/0x3000)=nil, 0x3000, 0x2000008, 0x10, r0, 0x8000000) 06:49:23 executing program 5: socketpair(0x5, 0x2, 0x3f, &(0x7f0000000040)) 06:49:23 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xffffc000}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:23 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xc5000) [ 1563.084279][T15903] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1563.092707][T15903] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1563.100682][T15903] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1563.108696][T15903] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1563.116676][T15903] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1563.124684][T15903] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:23 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000001240)=ANY=[@ANYBLOB="ff03000000100000c111724c9cf7ad981f458db2f5f46e73dd21cc9fd0652c0d208222cae6137f9c28ddce24f92aa53a86762be187943b8388e6cffaa388ae6e0c63b2a618d08358028c2ea37f4e2c395be9d98fcb2822972b29b84adab4d1f9560ef5566d807a5155d544291505cd4ecde94a08135b822e3108e74f8d4d08eaa821f06da32df18b5370ea122c4b76e443df2c73e42f437a375ca22f34324597cb27f5739cb3cbd6a85dd8763aa43f851fb1a3f9c5acd38a788b70934829aa16870bab56b973ad3cff601050b558145da31452347a5bc0e8617f717570bf99ea5d73792f7248e681ee60e9587543ff3284bfce4a48d4def9a0556fa54279e82ebcdd44dcf0d5ab00573267a690f565fa234238ba8a1f473e8d69675af0f57dd3a23727705a0c10ea49b4b1f4130a8e52fe87882dd8ab0be5dc98c47b41708ca91af20516ac75eeedff6a553d1d7d50f416b5e633908dc270ccda157eada4b85cc7a439bbbe5c10abbb9e214b4a363a8da320ae5ba5843d6576be50029cc297478242029b3f6d872f60888dfdb7dcb27614dd3616f2b8cbd03a627e07c71fc7227f1db53b8e2376eddb41305e8f3d14bc54926bd2db6788b7e4fdf48108dbf23f02a3147dac86d2bf24276c40ab93068b19f41158fcbe092f4941f9a237692cc0a36f41b311ea4a09a7dfb1995db0e8003986a66a87876fb4b528974a06b10cb6904cc6f572c22acb3c0dd1d7f72fb3b98dbb0c9cbb0b093575c2ccbb6132139e319a76e22335db097f90df2b6de04b063b55da64efcca4f84c9656306b2ec3a8554c158bbf401f3fe805cebb3b2c72599ba46feb4710b6dfd272b5ebcbcf00b2e11e4f727bab6183813e26b2765b3dd7a255572eb02dd0eecc873df1b177435a10c6eb946f2421664345e24a2c42fc1ebeae238a2f7af110152f833085664bbedac6834fe67510ce5d6906fe55f459230b59ac8164b1baa116948b0a1261376bca49e9d95355b9de8d29260a87d62ac0284cab28d92fb404c70c76f98db37eaeac0a62b585ed4a5c9f335326edae4d6fa0d0e325e3556481654a0fe6cca247b3282efa421e535e18128e9fd1ef46362b6834468ba1454da357ada01900a2453ac43912c60f6848089686138213768fb6b384cef13de31d3c89f10650eb06cba97ab4854cacd54d935935eecc746b61486723965e5f9e3ac09558aa1134245b2f36e08060c0f2110d113a1846e030ca24f51ad8da91c2e9efede89817a7f32edf0fcac5b13ac0171aa27d7b50fc3fca42e298f3c3407a09fdfe08c124bbb8eb1710c3c4cfff1d68f17a6a6da1aed55a6173c0fa13dda8e6dca872e7b3a20d5120c744146bde755c753f38e0d6414deedb8c79a58e5d90bb309dde2bc3cc1f1eac032be7eb96605e158d54092ed5402a928ce321546d51be84bf1d3b1b46b5d0cc8d550c7248594240c395a99e24e05e9b469300d5aaa70a42150610a7ade28539cf7cb1f212730571cbc3ed4bad062d5f2fd6910e84189891498f294aeb3f373326f437e0db88ecc51b3b8a6300d3070430201f0cd31c8a03bbf07ff57e8021f1952d1909208a6976cd662fa240e8dde9ea437c3c6cc92887d0def57a78f4cffcbe6cfcfb0f6dcc6980cd1405f8f3fa6a35e92eb57ddfb964b0f9aee77fc0e8208ef723b20460baf202ccc3fc502d1286bb7faf0be0b6fd3b6330563871ae883c7fc33275bf3e2c681bcf255d0ee0e5f4751e73c599ae6329fd7d2a914e84a8fea1770d14b37ff7fe7680285805c93ddc5b26b517668771744511858f9520fe0459103207ca7d1f1bedc51b90109fd8dc2539d7702303fa59d44fa0bcff5b4c29e52f6d532b6486986b3c11987ed8a3ae857ba48a22c678cc7e41bd7bff2bb5da6a928b17fcce7537c59db616f838afd703091a1a35400a51102a21560648862f322a633e5f31349c925ac26f3bb5ac8925dbb9ba4f6d2ec1236e7f2f458623a122fc098ca5b4d2be0de36008f007aa82818d5e3adf2da9565b861dff0cc39d741fba35db8acb7212999f27ef616056ed0b1e89c52352e0094f43255582503e204f4aadddf720ac5c48663cdf70fef1c40f757b7637693bd37e57579dc438a92e1951b4e6cc513dc0f5be3bd0ad85b1c905a679ce26d118c78a97953a4e8fbd7cf50637a4e311f1e14da01ff6b434ce78ebdfb2b23364f08172c454240fb0b15ac78ed578be9e61c0a0213aa5b5e580793a92b525e109ed36d8a28abdcbe4e695237697ffdeb79c85a6d96d663aeb80dc0521887093bb29be41bd8be7f968ba52345500b8fcccc9053c2d0f7b63747880cde7b9c8463765e4ccc333ff0ee56a7449a3a3027051c0ee7c06d7cecb2e54dff98511ba2c3673e55377b40a8da53d451c4e362e4b48273ad176b96d39c2cbf3c491e6ea1ed213c7cd953ec709f715cf2e03199444a474d29e7d5c2e760cbab4eeb57a4f1ee0fe96478be3794b3a267894ed6af5ee2b383891eb5353ad310412afe765badec04ca7f6deedf04e8c3f1579ff55604de7b9385582ba483eae49af7ec2ca34f51123779ccd502bd76b320adb1c35eb23e2ed2d0035f6c9e34ddc197697b333879f845536bf94ff3e6449aa76b7bc477466b1ecd84fb09f714adbe50ba39fef05a8f579e0cd8f84ccc25cf52116a61705b3b92d1852ef93b17788d640fa7191c89ba4a62b7604809f666ed1551c8876c7a2838ecafc30872b736b02e085b53b8048f46f74f7aa61f092a6205d3a438cb958eb4e50e503cb075c1b750bb9044d2784f7ff3eda91d3a27acc1d04efb33df0675843faf8f97d263b2cb26289c588cff950fdf87a37177de43b7cd85c35a995a4039fb843956f1eff0ce586784e73e6f6d6bbba1e498e32dbda5a6d360464c6a15dc0c6b114c97b1aff52ae18c578b32ef0097c7bd73d997cce99fa2ca0c155a16e6cded9adc129c92f417f57926d555fb56c8458d3ba028c7cf66a2a7d8084c55f7914718f4185ef2d4f51f085e3188d2d3c846d89fe2f2ec6d1eb43488200f689431affc444b99b3b48d4d3c8da7cf6352cf26c76fe4362d14f641573302f2a5b45c7651bba6520dfa8630a42697fb5d95b3154b9fc6c11088f79778593f21dcd9a49e15de54d716eab42e5abd648e2162d0bdbccfc34c1af50ca0b710019f08a342c4d55f4471afa9a04beb7f974554c25062ef8076291af7556058c35d990e7cd04cf480346d1c33402e91662e0088a56166d4e23155c452933bda69abc0e31a732738b8350fdcf9fec53202336da692b5605781ec091ea2e55c7ad091c27008e87d9a94e4a5331bc4e747cbea25337b5f8c152f9fb5041c42eea4d81988e974757d8ac80ec069f2bddcfe55b40d16c55580262decec504a74ea650d3cad2c683be3eb5c8ac78de4593b5773d93236e26106b2a9bafeba517640abfebbc69233662e836594c207c47e71748facfb47f91045b655a1eafca56602051b6d031a2b1abe1f42b4647f6143218678a3be797ad67d8652aa8aa6790c2e8fdb18a01102f7ffb6f7e73bc97ef4a3c9d3a9cbe97b5aa31cdf55ab6ec50b78d347f9bf8e4162136b5237ace948ffb0b400d7eceff5bc4ae313996ecf2216f4576cfbacb56da3c1938557f30d250e2380bcd1eb30d6f81c3462efd1d1bd38ea090118b8f1d64234f829f59ec434cb81b507c026d25f908bff1273285d00918841e1162a5f2f0f88d3171f90835c83c7d5e34776f495165a166de5cc6610c62e234acfd9d9133066ccbddf8ce17b3c0131f0401badc42fe967c4e457b12d8723377ccdf01904dffbd2c5464df2c256ef777144a71d6a88f35a338e5c917e6726497cdbf2e2e9403949ceb494cfe1b46e5036a43fe6d261e35e023590d19e2577b9b6781c52bb2ad2c1c1fc6e3f23b638ac279a7c02e029bf5fab2e1440cfc05bd6ccd64f8045e1bc6eb33153a5f505bf9f7b3357454166bdb322135835d0d07809f332b4b68493d22947fab049834071a1bbeb2d1f962b608166d162e809d5c533925bea9e839bcd7b78e48f8b8209146990567d7b523931c57e530096299524451290cea3b29c851c237f9f5b9d2f32fe6fe19edfc095d47b046cd3e316986e3171a42a9167bc4f124b7dc2b664d6082066a8667c8e8397f8a8c6fe3fc6d7b6d1d3c2c0249641ca8e4c7a27637604deef11a1f17b7880e51b628a4a6a45b10bc7910a2e2b92d803bb68f3e84f5f5b657c0d79e2c84869766736bb04ef44dc197b9cd3d09822b65d4fd8d9c3753ac98ceb82f8befeb3b1dd8c7cc0a6cfa574523757fe3cbf690ebd14f47d35d8cf3134db83b81e48a09b981200ae2e091c070adb0c7e4d726fff85f0679692b9790266e0bda1bc2f9d022a34d3d2912955a1d04cba6c0c300785e25878929ae1ecad9f98dd5e4555f926b8acd124535486fadc5c635fe4cedd75a483fd2b3c4995da49351cff70c45ffd8fa8a5824eb1728186affa0ca70c83823969c3077a08f14a291b136ce4f18983e0b1f21d5f7fef5edf19491faa4ccec38bb1ee479b22fb489cbea1faa52fb52230dcf164c738050e56bff54bf1107af1540c2af31d96ee1d86ef1f17fec341ecfe7191256a09157d7ea03be75305f8af262436c39c802b561e19cba88194c81c1e1224308ae10c5e0109a98311b3ceaf9492c2bab3691694fbd37c0f1b97386c58e093511ea43ff58ab1a776aaf788d9d556d6a57e1fbd7a67317f3c652fe4534d8836086830eee0bc1d68ca04674a7fc3ec213201c4df8e5e07d7366eec59b6e59d868ce36aa238845c6f2cee8b37a5956bee24ca585a468a479fbaa526258b28d6a745610d1a0de44c77c1b605582226d79355dbd201e433428b172c3d27f413903b35ef73dec67dbb670dfb689d570f69a681a8d178f3b87f7fb68afc85f0890a14eeddb4c81f9daf4f609e57cc4a3e545c90b06457480cb6a1942bc1b65f7c68790ee6243f4c4f088339a9567f80ff39ef63ebceef2dade558a253d1898097deeb34f36367d237e1dc9bdd17d6929a5a8c5b93f0f5db3d22ab9afe8a44b3cb072d0d15091a226c9cddaa2aae7f3c17c1e48b906e0fa571883b9a4ee350ff311c11eb84c2ebd6f5f4055fd487d631932651f97da2fa7bdc3f1627c8b82927fc40bcc7f1a73931b5b5f613e5d7fb06dbda0acc55b2abe70408148d658f16dfc7961a1c3dd65f551186c5ed3d1525ab8b906d4a0eda1f80fe91fe23f153177266faaa247f2183d220edae975723c31a5c9c22d627dc216e5f5b19ac53e49f45f3d08e09d63fdc45502bdf547558622a8476255128639f1144aa9ec034fe555be2e3e6ab4222f5ede7f6c34890af53efb93f6fe307e76e58676265682b22ea6042f1574ed3cb1dbe46e6f4f2ef2295154286168657eeabf480d9ec71bb824a077f9bbf5383a90f4c9b227eacbb797b98bff60a3aa40316a1017ba4cc6d6c9b6dbdb8e74e84b5eb7e45bd6f9e904792872377dfae6ba018f9e0c19c96e4ac93f453c756dcea89f10b7585b227eb9767bdcacefb6021184c350531b501ab1e3443f76f3b297095a826a8bb8ebf74ee68fc369e3b882beb50b69690c32b0d11687333b198d57afdcacbae675bf29b4bc2db6e883cbbe95ebfd1da08241d73a0eaa8a7d3191640ca04b5bace87f8379b9a24b1e20558523076669cefd6847aaae39b012bcb965e4271735dbc7c54c59d207c238639b27d54172920731def85c8a3778ff4755f66d6adec03de6060d0c889e9c9f972f0104cced63db6ad7fff65131e1f6764e44b100e49a3d04a7ac977dc786bcc2c7fc7eae11bf"]) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0x40a85321, &(0x7f0000000040)={{0xb5, 0x8}, 'port0\x00', 0x19, 0x20800, 0x1, 0xfffffffd, 0x7, 0x8000, 0x1, 0x0, 0x2, 0x2}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000001180)=0x5) perf_event_open(&(0x7f00000011c0)={0x5, 0x80, 0x3, 0x5, 0x80, 0xff, 0x0, 0xfffffffffffffffb, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc3b, 0x0, @perf_config_ext={0x1, 0x9}, 0x20, 0x1, 0x9, 0x1, 0x0, 0x7ff, 0x81, 0x0, 0x4, 0x0, 0x8}, 0x0, 0xc, r2, 0xb) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, 0xffffffffffffffff) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, r4) mremap(&(0x7f0000e35000/0x3000)=nil, 0x3000, 0x2000, 0x0, &(0x7f0000ffd000/0x2000)=nil) ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000100)=0x951) [ 1563.179069][T15935] FAULT_INJECTION: forcing a failure. [ 1563.179069][T15935] name failslab, interval 1, probability 0, space 0, times 0 [ 1563.191808][T15935] CPU: 1 PID: 15935 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1563.200597][T15935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1563.210735][T15935] Call Trace: [ 1563.214020][T15935] dump_stack+0x137/0x19d [ 1563.218417][T15935] should_fail+0x23c/0x250 [ 1563.222839][T15935] ? xas_create+0x96b/0xb30 06:49:23 executing program 5: socketpair(0xf, 0x2, 0x3f, &(0x7f0000000040)) 06:49:23 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSBRK(r0, 0x5427) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) ioctl$TIOCSRS485(r1, 0x542f, &(0x7f0000000040)={0x7f, 0x1, 0x8}) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:23 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xfffffffe}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:23 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xc6000) [ 1563.227347][T15935] __should_failslab+0x81/0x90 [ 1563.232190][T15935] should_failslab+0x5/0x20 [ 1563.236691][T15935] kmem_cache_alloc+0x46/0x2f0 [ 1563.241553][T15935] ? xas_create+0x96b/0xb30 [ 1563.246072][T15935] xas_create+0x96b/0xb30 [ 1563.250442][T15935] xas_store+0x70/0xca0 [ 1563.254699][T15935] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 1563.260688][T15935] __xa_store+0xcb/0x320 [ 1563.264953][T15935] xa_store+0x30/0x70 [ 1563.268944][T15935] io_uring_add_task_file+0x111/0x200 [ 1563.274325][T15935] io_uring_create+0x1734/0x18d0 06:49:23 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xc7000) 06:49:23 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x3000, 0x4, &(0x7f0000e1e000/0x3000)=nil) r0 = getpid() mincore(&(0x7f0000e25000/0x3000)=nil, 0x3000, &(0x7f00000001c0)=""/4096) move_pages(r0, 0x5, &(0x7f0000000100)=[&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil], &(0x7f0000000140)=[0x7, 0x7, 0x1, 0x9, 0x7, 0x7], &(0x7f0000000180)=[0x0], 0x0) shmget(0x2, 0x2000, 0x100, &(0x7f0000e1e000/0x2000)=nil) syz_io_uring_setup(0x717e, &(0x7f0000000000)={0x0, 0xe6cf, 0x20, 0x0, 0x219}, &(0x7f0000e1f000/0xc000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000001280)={&(0x7f0000ffd000/0x2000)=nil, 0x2000}, &(0x7f00000012c0)=0x10) r2 = gettid() move_pages(r2, 0x1, &(0x7f00000011c0)=[&(0x7f0000ffa000/0x4000)=nil], &(0x7f0000001200)=[0x9, 0x0, 0x8, 0x6, 0x0, 0x3f, 0x8001, 0x9b5], &(0x7f0000001240)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0) [ 1563.279294][T15935] ? should_fail+0xd6/0x250 [ 1563.283795][T15935] __x64_sys_io_uring_setup+0xe1/0x120 [ 1563.289433][T15935] do_syscall_64+0x4a/0x90 [ 1563.293849][T15935] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1563.299835][T15935] RIP: 0033:0x4665d9 [ 1563.303722][T15935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 06:49:24 executing program 2 (fault-call:2 fault-nth:34): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:24 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) move_pages(0x0, 0x4, &(0x7f0000000000)=[&(0x7f0000e1d000/0x3000)=nil, &(0x7f0000e30000/0x3000)=nil, &(0x7f0000e30000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil], &(0x7f0000000040)=[0x7fff, 0x7fff, 0x40, 0x3, 0x41f9de98, 0x5, 0x5, 0x80000000], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x4) 06:49:24 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xffffffff}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:24 executing program 4: getsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x1a, &(0x7f0000000000)=""/32, &(0x7f0000000040)=0x20) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = io_uring_setup(0x2793, &(0x7f0000000080)={0x0, 0xa00a, 0x8, 0x1, 0x197}) mmap$IORING_OFF_SQES(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x2, 0x30, r0, 0x10000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x80000b, 0xc010, r0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r1, 0xc0105303, &(0x7f0000000100)={0x0, 0xff, 0x40}) [ 1563.323583][T15935] RSP: 002b:00007f585708f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1563.332130][T15935] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 1563.340221][T15935] RDX: 0000000020ffa000 RSI: 0000000020000000 RDI: 0000000000006762 [ 1563.348383][T15935] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0 [ 1563.356349][T15935] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0 [ 1563.364319][T15935] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:24 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xc8000) 06:49:24 executing program 5: socketpair(0x10, 0x2, 0x3f, &(0x7f0000000040)) 06:49:24 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) ioctl$SNAPSHOT_S2RAM(0xffffffffffffffff, 0x330b) 06:49:24 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) madvise(&(0x7f0000e31000/0x4000)=nil, 0x4000, 0x11) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) syz_io_uring_setup(0x1a66, &(0x7f0000000000)={0x0, 0xaed5, 0x1, 0x3, 0x293, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000e1e000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:24 executing program 4: ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'ip6_vti0\x00', 0x0, 0x2d, 0x2, 0x3, 0x7fffffff, 0x18, @dev={0xfe, 0x80, '\x00', 0x23}, @ipv4={'\x00', '\xff\xff', @local}, 0x8, 0x1, 0x8, 0x4}}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f0000000140)={'ip6tnl0\x00', 0x0, 0x4, 0x80, 0x2, 0x1, 0x21, @remote, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x40, 0x80, 0x5, 0x5}}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000000380)={'syztnl0\x00', &(0x7f0000000300)={'ip6_vti0\x00', 0x0, 0x4, 0x6, 0x9, 0x8, 0x10, @private1={0xfc, 0x1, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @local}, 0x700, 0x7800, 0x6, 0x11c0}}) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000980)={&(0x7f00000003c0)={0x5c0, 0x0, 0xa903fea2ffa58ddc, 0x70bd2a, 0x25dfdbff, {}, [{{0x8}, {0x90, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}, {{0x8}, {0x140, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3f}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8897}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x40}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r0}}}]}}, {{0x8, 0x1, r1}, {0x27c, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x8000, 0x81, 0x8, 0xffff}, {0x7, 0x2, 0x7f, 0x2cc78241}, {0x4, 0x1f, 0x20, 0x800}, {0x100, 0x6, 0x7, 0x8}]}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7fff}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r2}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}]}}, {{0x8, 0x1, r3}, {0xbc, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xeca}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x5511}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}]}}]}, 0x5c0}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000ffd000/0x1000)=nil) [ 1563.448189][T15981] FAULT_INJECTION: forcing a failure. [ 1563.448189][T15981] name failslab, interval 1, probability 0, space 0, times 0 [ 1563.460852][T15981] CPU: 1 PID: 15981 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1563.469626][T15981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1563.479735][T15981] Call Trace: [ 1563.483135][T15981] dump_stack+0x137/0x19d [ 1563.487484][T15981] should_fail+0x23c/0x250 [ 1563.492983][T15981] ? vm_area_dup+0x44/0x120 06:49:24 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000080)={&(0x7f0000cc4000/0x2000)=nil, 0x2000}, &(0x7f00000000c0)=0x10) mincore(&(0x7f0000e33000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/86) 06:49:24 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f0000e31000/0x4000)=nil) [ 1563.497496][T15981] __should_failslab+0x81/0x90 [ 1563.502508][T15981] should_failslab+0x5/0x20 [ 1563.507081][T15981] kmem_cache_alloc+0x46/0x2f0 [ 1563.511850][T15981] vm_area_dup+0x44/0x120 [ 1563.516190][T15981] ? kmem_cache_alloc+0x201/0x2f0 [ 1563.521229][T15981] ? xas_create+0x96b/0xb30 [ 1563.525790][T15981] ? xas_create+0xae3/0xb30 [ 1563.530307][T15981] __split_vma+0x82/0x320 [ 1563.534726][T15981] ? vmacache_find+0x2df/0x320 [ 1563.539543][T15981] __do_munmap+0x27c/0x1340 [ 1563.544054][T15981] ? __xas_nomem+0xfc/0x270 06:49:24 executing program 4: pselect6(0x40, &(0x7f0000000000)={0x2, 0x3, 0x0, 0x400, 0x3, 0x2, 0x1, 0x1}, &(0x7f0000000040)={0x401, 0x4, 0x89, 0x1f2, 0xd699, 0xce, 0xd82f, 0x46}, &(0x7f0000000080)={0x0, 0x4, 0xfffffffffffffffb, 0x9bf, 0x0, 0x7, 0x1f, 0x8000000000000}, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f0000000140)={&(0x7f0000000100)={[0x2]}, 0x8}) r0 = mq_open(&(0x7f0000000180)='\x00', 0x40, 0x110, &(0x7f00000001c0)={0x80000000, 0x6, 0x9, 0x4}) mq_timedsend(r0, &(0x7f0000000200)="1dbe1fd342bf18519d77914741955819469027b7e96c31443fc51b59cb9eed313c63363a625f6a2a02866bdae02a7b95fc88cc77c4cbdd712ad17c7496f942303adc7c50b83af5323e8b771b2f454e5a524a7007cc79ba60f917f528e7abaf8593b9d2e815341c603e6bb3def5108cd449b456f5e8274a94ea10d3fa329c05d320c5407022a3fa7c0de29b40d67bb12ebd14c791c6585246268e94a77b91860959ad908522e2383b02b788c996102be41a815983cbaa59a5ebdac6891ad7f133f3013ec830cc75f4164e075fe9cb53fc654582de8a6932e350952fb3c316500e609f7e001ef43bd5bf3f85733d20f562228d2cfe2796059df7fd6fc07020857b51044ae56227bcf6584b25425b45df3dd29e13ed39a4c0abc077db09f35591088391e3deb128b1e70f86ea01bb05c86c822533fd7c60eaa0cf5015e25e985e60472d9b55022b4f5454a285a9bce0226a92ca9c9ac4372d39e0b0b69254e289b6ff6fe36092c5acba68e200c8f1782de4855dca24e70a9b42da394fbf806b30703c86d7a1b8dbf21dce974fb94099ad3cf85acecede2bd827813bc1a47ec612d6267ef0c5b156f95b427424b03e69b268970b2eac952d1f4c7c16c188fb8b87fb109eaf9fabf7ff73a7612614d5f868135f49dc0c43e710bb809705b55a35f2b2502459b682742cb3421ae34534e14d448f6d425cd3466eb59f6acefda111015f095940860652170d4a26e1ab05279691bd61d4181ad796991e85f579c69aee91da516eccd20a70d55f21bbc3b29c46f33517dbea31f44f0c0f46a60e2921924527ba23687af714cf6f2362ebcf290f42dcd7d13b04be4d47b6420fa483d1c04029b19dde5add89cbb072f7f727acfbcf462726cdccc309ec80843ccc67deaa6947bc982c8352349ec9461330eafb012df809fe9c6c964c1cee4b0be6b383cae81875aa8708d35e17b3f856f1e9cc2164209785bc3e6bb7f272379c0c5bedee46216af344e1b28d5eb730f4b699875fd0b0669397c6f58ce9847b5c58b0dbcb88d99fbaffaf3d631d9e1bd8dc300b64afc717b5200fd4ba5342d6c15ed6baeaa7f21ff2653f0b82716c2734640dcdf51be162dd0c305ff802e811b0fb83f75b8992fc2904e590cbade825e5de451a9653d75c2ff83604eec06a8fd57ed903aaa792b317fade6cca0e4b94b9e42e1e83b4d254b94bff7f950bcddfe3d20c54a4614726bd3363c1b5a693db846be9620e93df3c9fd7821a8849428b7bea4cb9b57f602a06d8f57eab18736a85f7d1304b2c8e7bb9148c6df203eede2872c9495b485a945e00c7bceaa0bf73f4c8c7d6ee5cb2b4106fbe360d3ec7698aaad3728221d304f71782eb261fd573008e8489d174a3eb8edb4e7cf5679707ef7422caf79c5787084c73b9135a80d4359df25e17c4e3a86e982a8864e45860c056a343e28a2db7dc6776092ffdc7668600c8892382b220cc88925e57ff882eb02ff094c906ba910188032fd3a0640e2686f4eb0bbbd36f086decf54b4c45eddb3f1437cde6773013b16d62b830da4ed4096027473915d510eb414d2269791a915bf6307e8c0d13dabf9e168ddf32ae8be9faa2e662c31b3ed70bf95ad32b88554b05d7f4e9e44d0971e2f2efe86bfe4e2d8793acea963c1437cd458aba5f1978ae18647572e7b2e3340ca13d622750c9f89bd98b38202bcf63bf1504a1e2ce1777998816170e50926a4d4701bdb1be61b257ce42c948fad1c4db8bd8a6a4113f686d2ef219313b18112d821abeadaa37da7024f7f0a5562475e2bfd501a68bbae821bc462f3a8e2f776c899f18ddaf51a923c4a70221b2741ad32dfca2356372e1eeb6cf45eca665ad3b1fbd0f2f7ce549b75065796d4e29c87e9018581bc067d761c073e45b8d6eb8aa4f12e9681dc90c4b78e794fd2d50228628b5fa069cacaac44bcf3959083a4ff6c3bf8e91ad7f9f28ec4b5feeea1f0a1f961975f1e3aa0ee1552c785eed202467d7a643f911679a659c2bcc4514463f76d0b25a77407d2831313b3f9eae36f3a49753d64f18fea6cc9c1848c6a0fee3b4a1ac0a410b22d64d3f3ad35fdd5f322574bb987c673900daa81bf654ad281584d59144482ca9ad6c0c4da2f44fd2c74286a44b1029081198b85b8194eb50a47f1f85099dd61c0123cc6c51840456eb31cd6095749a5481be0f19f9e44afeeead79c86681685a241ca5e57b0719caf606f94dd11535f2f66abf2b72307b81b329308754161ff10713aeecbd01759a9c8191eb982c515e59357885578cc92699410f346b4a28746c4f2d03154cda94c72cb6257d618c9c7433e7ce815a2591cdad4ec347bd41dc6f34f1f206f1f073233af2377e8417699efaec1000e8675a0d19b323eb30d4507cd23282a3fd59c6b4a22e018da84b49dd4f796b5114ae997740c601cdf0e173f4d64b28265ca15f9cfa4281dfb9cdf41d7933a1fdef9eb56a2c7f47e721d1b23fd8cf9200445d1f0b0874bdfd42965a304119f6e4df0886a00ccd41036488d821750e2b4234781f5c46bd82ad5966ceb8daae058d7d53681600366e43638c12ee09d527274977b44b35ae367925e21bb1f35f6f2e75d8dda682de9ff1e3559e5f255dd95dae498caf3644ef35ff4ef9612c0a9f911325eb7d5c57939124e6397f167ba8bfe5bb409222e027121a9bd29831f73024c8c1f568f428585be1d46e8a2b032cba28bfd2cced6b5df2c3a28b94bf996b60551ab9f2b4524b533febeecb5f6ed06b8e5620045d2c9d8b09fae19cf5b9c780d04d7c4ddc5829072955f60e291eb3c4594ffd903bff55937a70809ce022aa17117bac7f3314b872c264dbd572a5ac00ea10c21c42d2c241f8896b18db039bd8158a9d95dcbacf343dbfbe8b627d58949216fc2a3760a3911b632fa4bd8e56f2e3325bd4fef3c7c3b87c3d1cf71481646bdd868d8abcceeaaa9d8ded9625cc7cd4728c3921c7f27ea6cf9087be4102637d48a01f2d2729af1beb66371781de6d48feee0ccfbc4d8c0b1c501c2e985c23956a101d4abcec072c7868f88e2f748c09e3aaed0beb47a87b75bfef3d1772373e92b8fb6142f96e91d3cbd84a57765d35a973fcfc75bf7412b4aa9e43ab566cd6f0b73a839feb77a49d452344e4c55d35b4ef61139298e7b47e6730c9f8ce145a6515a80302d58b93c6ca29f5f7a00deaea1dabdefe4612d457dfb58ed2299c08859fe6726a923c8a2c02d5c283a59468441ddbcf65bef31549053d4b5ea79831db3e3fc4dd487880879d0e05cdce6d432c8e3cf0392d94728f5706f0e5b5b29343ce56167fd28190ac99b64f991271022048b20dd2a4efbc5ddd65bc292510daf37d94aedfc5341500ffd2a0b425e16c04e8acec6e2a8e38f30ddb4543c313e6685b34c95169a7f2dad42acb3326da77fe801153b80050943e6672ceb656be03be2fe09c41656d8b9626b34ead45e8101b393ad90034ddc32f32f03624b424a6c259a940ebaabfc30b16d6a9e23d6a92c16d13921731105edd1c5b9feca4aa19754612423ba4b38286169828f91d96d54fcd09d05c5db65f0151f62d22b1c8cdbdb60a163cf10ab460eb9f4ef9337eb6c1775339bdbdd22879f7624492ef34ea88497a086cf1c7edf7e5faf712de78e6ad281b97eee471ce7696c62db89227bc40bcc93b46cca804f32b38289bfdc72e3fc2026acef295e56c820c5bfb99fd81c43d8a84cf139d792876b86958013a9b7789594f7e1402f4d48c614ff949b8f7682e200c900046f16798ca699c35a645413d59279114212330f6cc3f4d9791b7fd8b0bce22a3aaee212cfd979a322b3090f750a78ec00b3c1c1ee4f45010c330b03a666102af4fc829664a711591fd2394cf28668e77b5db1328446f0605d3d4a2deb7d07f1e5d89c6d5ab8a1479ad8ec36352fd89e31f28427554af9a315b298d4a2f4ccacaee892ada9c4da380e77240b9b37fd6b103be5eff2e4ba566096e6efcfbf32534616f6d9d3c4709f024e8d9e95d0ca054a5465527aff2c62639defb562c1d6c79783899a08bbdcdc57c12d9ec9bc88258a100e4a8b90b5237054cce26346cfd0b7cc2e8424490019001419ea00cef43c329e67e66c11710f13216dab74e3697f7948a91e3912f1d668ce486a51f5a3a2473d5496d88b01f4ec8ea149853d8f912a5cebde6466551be99b1ffaf98dd72125f08cb86e926bcaa0d1eae24a62f6cc3d60b3ceebe991a327dc7195c27d48c91e842d605ac8d352877657ec89879cf356a90b03ef37895e07dd155b43270d1d0b39cf038a362e1d37c6bbda3ff9462f76fb54ff6c301f582417662c8242f80a78e1dbc1b11c002c726aacbeafa9e2995750fd534a911880ff8cadb828f122536933f8cc83c28ebb4099a2eec2b98b153d72b5ded50a9105dfc88ab0527887b22d97a898fcdae6f96933ac8e402d8ba8c0c01ec83f7b23ed1eec6c42260f229cf33f5ba4a86d780357a8a8b18a879e10bb120cc795dd3f589d8e03ef54e3c1b09c50a20571049c14522cda150e06526e3296701819623aee67d08ac160222ca8ff81250ca4242ff4e3f5eee8a3468f00f8b877e84f04127f64584a8077424436fb7aa989d3eb8e3d229e5f63969b7d5d28250daa06f48c3dc6eb9a2d7ef2a8ef0599a867c7d400f26987a5c608254137bbed4c8eecf3e940c040c630e4b8e546e338cd334ea1312b8b3f1b1c82927dfcf70b884078d2652ffeabb79f3508816df7189371aa3af175be49ba893530e3182c05914375351a29842cdfe80e9b57bd07c19a0b19ceada6b8789d3da52f25369ac035425dd702e5608d4f37b63d98abe4b6b011bcf9d19473f5cc3bf1585268b3fa092f69190c8a41e5473e82549ce865106487b6c24fa2e67d4366a13bbb693415eaaac15de0f3e57fcb93c1963bdc8e30e10ba8ce95ab3324b2fe183002d4751e055955a44d20190ddfefb79772b1af609ed3f9b01335a0c1f3bf63e0c1bd7fa488d29cd5b1e70b7b08b1593a4dc48a8ccbe63518e978bc68351f6b0e93c34bf1681cde2cefea9d8972af43df56673848a5bb2158ce8a22bb231093db8512b7a6f7b92cd04459080cc4ed89db6b8c71247bd3094c24ec9656884116d20be816f22c72a923890942c3a4fda0324dee41fb092b89935241e040070fd144caceb86cb0f64b3916d1be1e952f70ad29ae187681f65e6e0385500d3beee1a8d6effcd21a0aa2c57ac11111bde52d23abcbacacb69cf1f7d44d13f4d409e80d69da5b2aef498247c81f6b713da5ef38ede8f0dcbee785b8474a27820e0bb15d3f0cacacf92076dcaba487af66e8fd3adcf603d0b2bdb6dda7a4d8b1bf6a7755b82dd3ac3824b13918a0c3b4b158a325915e1e21ba09e738ea1413d58006c7bba8706afa94d5486ff741494729a54187b79344710e0c30fe11d3d07c7215e5c2e05f1fb020e4cf33d832d26d4baa62d812708d5120db94ab1d76f767606b89072883b17ede72d78579fbd830840733cfc11171bf69f446ba25f280e899ad22f16a09db9e89f62f62e42282b670ebc8b69bbdf785afffa78c64a210d92b27b1fe9a20b990c6fac8c38e022107ac70f77316de089053b435943b391acb9af326003bd7c13df03bd21c115879f3dcd2a54fca719bf53609083ffe708808bee2c5046f88a9362f1cce889db7c776c9c44949f923b36cbea61a48611faa53db68315fa380f01cf02bd6b357f98a1fe031bf143e1d4e4823fef6f0dc0f2e071b62845e9ec57408dc8b67c83cdf83df69519cf39826a14bf63da3ee1b3a760", 0x1000, 0x4, &(0x7f0000001200)={0x77359400}) [ 1563.548602][T15981] mmap_region+0x58a/0x13e0 [ 1563.553166][T15981] ? security_mmap_addr+0x78/0x90 [ 1563.558210][T15981] do_mmap+0x77d/0xc90 [ 1563.562271][T15981] vm_mmap_pgoff+0xfc/0x1d0 [ 1563.566793][T15981] ksys_mmap_pgoff+0x2a8/0x380 [ 1563.571648][T15981] do_syscall_64+0x4a/0x90 [ 1563.576069][T15981] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1563.581966][T15981] RIP: 0033:0x466622 [ 1563.585886][T15981] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1563.605526][T15981] RSP: 002b:00007f585708f0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1563.613945][T15981] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 0000000000466622 [ 1563.621910][T15981] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffa000 [ 1563.629933][T15981] RBP: 0000000020ffa000 R08: 0000000000000004 R09: 0000000000000000 [ 1563.637896][T15981] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0 06:49:24 executing program 2 (fault-call:2 fault-nth:35): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:24 executing program 0: mremap(&(0x7f0000e1e000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000e33000/0x3000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x5, 0x10002) mlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000) mlock(&(0x7f0000e34000/0x2000)=nil, 0x2000) ioctl$MON_IOCX_GET(r0, 0x40189206, &(0x7f0000000180)={&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000080)=""/213, 0xd5}) 06:49:24 executing program 5: socketpair(0x11, 0x2, 0x3f, &(0x7f0000000040)) 06:49:24 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xc9000) 06:49:24 executing program 4: mremap(&(0x7f0000e33000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000e35000/0x4000)=nil) 06:49:24 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) msync(&(0x7f0000e31000/0x2000)=nil, 0x2000, 0x0) msync(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x3) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) sigaltstack(&(0x7f0000e31000/0x2000)=nil, &(0x7f0000000000)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1000, 0x4, &(0x7f0000ffd000/0x1000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x13, r0, 0x0) [ 1563.645859][T15981] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:24 executing program 5: socketpair(0x2c, 0x2, 0x3f, &(0x7f0000000040)) 06:49:24 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = syz_io_uring_setup(0x3124, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000e34000/0x3000)=nil, 0x0, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r0, 0x10000000) [ 1563.724261][T16024] FAULT_INJECTION: forcing a failure. [ 1563.724261][T16024] name failslab, interval 1, probability 0, space 0, times 0 [ 1563.737092][T16024] CPU: 0 PID: 16024 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1563.745910][T16024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1563.756081][T16024] Call Trace: [ 1563.759360][T16024] dump_stack+0x137/0x19d [ 1563.763789][T16024] should_fail+0x23c/0x250 [ 1563.768303][T16024] ? vm_area_alloc+0x28/0xa0 06:49:24 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e34000/0x2000)=nil, 0x2000, 0x9) shmget(0x3, 0x4000, 0x12c5, &(0x7f0000ffa000/0x4000)=nil) 06:49:24 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffc000/0x3000)=nil, 0x3000}, &(0x7f0000000040)=0x10) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000080)={&(0x7f0000ffc000/0x1000)=nil, 0x1000}, &(0x7f00000000c0)=0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:24 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xca000) 06:49:24 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap$IORING_OFF_SQES(&(0x7f0000e32000/0x2000)=nil, 0x2000, 0x2, 0x8013, 0xffffffffffffffff, 0x10000000) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1563.772911][T16024] __should_failslab+0x81/0x90 [ 1563.777674][T16024] should_failslab+0x5/0x20 [ 1563.782245][T16024] kmem_cache_alloc+0x46/0x2f0 [ 1563.787204][T16024] vm_area_alloc+0x28/0xa0 [ 1563.791640][T16024] mmap_region+0x721/0x13e0 [ 1563.796252][T16024] ? security_mmap_addr+0x78/0x90 [ 1563.801302][T16024] do_mmap+0x77d/0xc90 [ 1563.805385][T16024] vm_mmap_pgoff+0xfc/0x1d0 [ 1563.809976][T16024] ksys_mmap_pgoff+0x2a8/0x380 [ 1563.814759][T16024] do_syscall_64+0x4a/0x90 [ 1563.819195][T16024] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1563.825261][T16024] RIP: 0033:0x466622 [ 1563.829145][T16024] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1563.849038][T16024] RSP: 002b:00007f585708f0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1563.857446][T16024] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 0000000000466622 [ 1563.865404][T16024] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffa000 06:49:24 executing program 2 (fault-call:2 fault-nth:36): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:24 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xcb000) 06:49:24 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mincore(&(0x7f0000ff9000/0x4000)=nil, 0x4000, &(0x7f0000000000)=""/169) syz_io_uring_setup(0x2ea5, &(0x7f00000000c0)={0x0, 0x1e16, 0x1, 0x3, 0x52}, &(0x7f0000e32000/0x1000)=nil, &(0x7f0000e33000/0x4000)=nil, &(0x7f00000002c0), &(0x7f0000000180)=0x0) r1 = perf_event_open$cgroup(&(0x7f0000000200)={0x3, 0x80, 0xc, 0x7f, 0x6a, 0xfe, 0x0, 0x3, 0x420, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x4, 0x4, @perf_bp={&(0x7f00000001c0), 0x1}, 0xc08, 0x100000001, 0x7, 0x4, 0xa5, 0x6, 0x806, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0xa) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) r3 = perf_event_open(&(0x7f0000000380)={0x3, 0x80, 0x56, 0xf3, 0x5, 0x7f, 0x0, 0x1, 0x4480, 0xb, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7f, 0x1, @perf_config_ext={0x80000001, 0x3a9}, 0x100c8, 0x7fffffff, 0x5, 0x2, 0x6, 0x8, 0x8, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x1) perf_event_open$cgroup(&(0x7f0000000300)={0x2, 0x80, 0x7a, 0x4b, 0x2, 0x91, 0x0, 0x8, 0x400, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext={0xde3, 0x1}, 0x8001, 0xffffffff, 0x9, 0xd, 0x9, 0x80, 0x8, 0x0, 0x97, 0x0, 0x1}, r2, 0xfc13, r3, 0x3) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000140), 0x41, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000e33000/0x3000)=nil, 0x3000, 0x0, 0x2010, r4, 0x10000000) syz_io_uring_submit(0x0, r0, &(0x7f0000000280)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r1, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x7f) 06:49:24 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) timer_create(0x7, &(0x7f0000001040)={0x0, 0x41, 0x0, @thr={&(0x7f0000000000)="b851972316849088bed1b402da6a9f213ab007bfe5e29d83f28ee89483d81b636bf1037705bad0aab72378fa222f05233af02645181eb2aaedbf044d3aa7c7d0a4f8292d9ece5227ca24a6ffd640781216812e6ec811ad39f7596583bf7e34553bd833d2db62edfd52c82b3b3df201af69b6aa5fe6206d0754e3726adb542ad739312478d8da29176cd6ad77e00f60d36330a75300e197da07cd87852735618ef2710df74295049ecd9ce56a475cac377ed62dcc41f415fbc3ba12c8a23a85b55c0d98854ecc08c831414dced4a2959b71dc11e66966cec3c9f7dca1c5cc088ecb356e0c8096ccc74c32e05f87e4c92fda6c11295ba54da2e2a1f5c18c635e540f8c43ef561746d1e83fe428659919cf5a6be343dcc5b6f18c7c4dc8e1dd27c0e35037a6fcb30df17f99a8a8e7e3689e6352fa8303f3e620f0afae0b5c13fbeead166c9db1b46247497ffb3a1925086c56b6f3cf6b545267210333a7cfd9fee348951ad06dcc2d9f7cd82d4906ff6da462fbca1444928b32e63f1f6cc906a87d3336aee8557b393c41d74e872a3f2f68b8ecd8853b2cf77e5e2ea1c313864a68b446dec25ac37d6e6350c9826e69e0aeb589015a5a0c8eb6e826be36cd8336c1a19f644dcdcd8e71677eec199ef37341c54073d85b4dbd654162117b6b9824a904bd14d11fe73e9659531b03b66080f76e9ca3496af1e340a4e0672f5374b1c8ed30370085c7f67f7993564719c867cd2f12d2cf84e24d76069a1ce779956796b9314baf4071770d30745a7a6e797a1a06c36abfb6389685f267c68d779ef78b8f7e1ced5586ece50b182fa1be24eaa70f8cf2bcd30b6b344be9e058108e3cc1bdeed90953fcdd1138d5050e126ffb38944f54ffb30a4f202d656db0212163d8966673d0ce153c42565f39419bce29e26d597bc706082527fc4525892ef110d361e21a77538d53c2a3042e77048b9961e9e3b4a7d407fc74c7c8d38900a3be1b87e95cddbd470ae07e1362fc29cf339f784cfe4a6e3ad5e355dae9c76ec8caac73eab84bb38565293ceedaf28acb6b87daab1015b3b7c14664e0d9433917ee72687b94e5de6e8fb0dd8a4baf8bffac2f9e1bfc78f49ac2b93a8c5cf8829f7ec4dbc798209c8dab7eb75368f08a0f30d872cb18b5150e3541040c161f467708454f74d0eb568300e2b8d2c74e7140ced1f8a1a77892a329ce8601dabb041c78fa34527c49d419dd53732f1246f1295e962da132b6ce0aed698e869de7eb392fde89cbf551b3c1fccfb9d60d54948abfc62b90e976c3b5352df2056b965596bcd6f9daf72d7b68506fa7f87f3eae375d678a54b186cba6f574c5d7acfe51026fe1f704b4217302a6794df512da886e48211752fda16f487af1209e7f2b02d14c66d6263454c6a87716bba46213079d3183984b6ff378aa04c358ddb2ee78d5331fceb86e6ad8302525962e6248ac19c6a4fc6ad5eef26c2478d79bc11833c2c14dcf0369ca46830c2a3827a6faecf5e143044ea0f36e59f2ece1c9cfd388aeb83596879c379c54a58e952010cd7fc76e76e2f3be3adc39c4a4c320011ac32309bc012fa12c3f8823a361dd49f4846ceaa80c0622012c228fe3ed90178cdc59c017c77950722746171ddee8010b61655435a2f38bac8a4946ee37806484f38b154e44477d3ffdaf9a404522a629ba403ecc63eb97ca39e69d9b5987508fcceaf81b55635d0582a9b72e49cbe5be6d4c3b04304c03672cc322d4dfbaa634fbeb47de878b22ccb6ac8bd1505ae01bfa2cb4bac052ee3b5deccf735be02e900517719265b3c3c381cb6da7c88755b67a12361d03825f4272d5a5eced6ab763ec6b354e8e59479336fc4da38b3998eae86662399ace4ed7041b67620521ef15c3b7a2542ebd9a5378d4832fdabbbc599ff43592e1a69c50ee5e9a096e6e6349e56e3ad7f276d89da86ceaa12e0ecf8d1a6f52a8d7fea895c702425e2fbdd6cb930331c570a526be8ed7a147375681a19b0d3233e2df2e65815c881b2af40748826aaba4aa72dee1308a2bfec0fecfd6c5c15c0eefebbf0fe2267e214220deab46333b721fdf356be4163a10cb6bcd42b92b8125bc871a2c0f6f1245b5e7b3d1f89d2ac4cf269eb6292893dcabed0e3abfbbb2736f7102e681ecd97ed6bcf035b1b702ad94b77f69a4ad5b766bda1edcc7637efbe717398e6a7640337f7486a6b9e9f32d21b7a4d344194ff2e1004440d2348d4da08bfbb6dcb0ee6e410b659bbb34cd3860ce2314807c3222066735f6b2f43a3aa09db012fe7d97dc0c8da9352fd314034a4f11758014833138d1b60f63ab133741c764ca0acde4c13df027024fdbbd22ab41c8ef19d42c7a85d5b8c2c0744735141098951881c38211062a0a505342c8bb7f17cbba27eb1d3b3ac18710f1e18d9769adba1bf42fef1ec21992f9ce7d5e3e9118ff9806cae0fe8b14631830dc487841e0618d74f928a0e2f7a99c7943489e0cfa4173268df02eb6f215364dd3ccb75bd328006f17ca5d0f7201c5d40af6bbecb0ff961c2d1ea07ce5ab76f08366992b82b8504148b5fdbc6aebc7bf7ed35f441cbb3821a58afe6433f3f2f4ee237a251fd09667ee2ead8735402c191314d8c257b26367813fc821265fc76fef8e8a4e0a80014fef8d0335f73a0d2487a0ee636132de6c2560636143234765f01786aa92844a2600719bf035a27b99faa191885b9bc7577170fad5da0f69b11557f1f919cd0b8136329c74ea7b7962c975f3ae6411699bb09e3dcd60c9fe86e6246f57cf06295430598b9e84a6f64bc8d3036f06562605955efdee4f33014c76555ce627e001da64f99ed556a86649f64ced9f006f382ebb317e228493b6ceac2528cd727b9efb42b7e535fe757fe2f17d3f953d03b32c6ed8c92ce537c322e3fae17bfc9326143e6f3f7f282cdfb162a246ce9766ce8a511321cbff231648e53b5b79712b2b4a675a71b2352b911db8bd4a18dc48f92943991bbcc2f4fbde8d8286dba8d99f3ce658fbb857d816ca1c834509b8ae2d5cc55b682111bf9e8b206eb727f2cba91e9fa4d5e908fc0d3a9312ce2b7dd79e9a19e272df3007d708e69a2d8d3f374bb5c5b27b6070954437e97626140e99493da33d99d16a9d70b49d6913a3c1638e0177bc2be7028f9c128a317381cd501aad85692b42aee7520982099b683a10240bc6d24e25f19f0fbf6e229625d640b42e55eacf5697161dad7e0b5d863418f0fcb1cd38a82cd5e7f99667a540982ca289197ef1a6bd0e66616f89e7ed4f58f8e21b8d9ae2bede064080218bfa7a9599f0f43dfa53e2405cbbf9dbe3262f25dac8b3f2f619749b9c5a91844855bbe452b83b951064c76c7864e96f191d40dcb811f4a0a98ebe87c905d4486f36da3ef5cc5b86d5e063cdc99930b5afc7c209ef7612c318d20dd97f1c5f7fb3d3e32aed4ea89e0908ddfaf1fb5e0e37eefc143e8cc8c66aa71f5d21ea1dbf5d8540a29fcdf48ed4a2bf370533c574c530940fe839cba672910c78c2f7548bcc74d69fcfb361db1e6f0a49f58d2910db060618761a1f205960e42a804cab1492f6030168957bc1a828345a5025165f1caff3e1c1eb60f15ebad21179e62371bac2979eb4a09aee9a98712a5bcd1d06bf7446c281d3e3a41d764db4592f3473f9ed43765e8d40187bea15c02b7d95dd07b2da7b70feea921250fc48895307e77ae495685496f931147bac2b69497fba52bad15ae0947021cb0fd9474e6ae229055621f30826e9bdcd8fc681aaacffb6c36bca0153333c9a05fd0c437f2c3b7683462e9094418a338e17f623226558baf925ff0f7555a919503f336e17a9b9a8261436f53e8226e4832c9b1b3cae6da39a055edfdf8526f0462b7bd60221b60b7e7edec26cae9533c88451aa03e2660cb3be407fbd6f5837c5266c1784899ff83c59dda4b28ffd91008a68bc3367e6d8a2d22e4fb72e48f62119be79923a9c3c742a483d1e6529f9c2c95742c5164f36157b25269f2b5cc6d59d280e3ce5ff91878dc46070063c0ee6cb5d9fbddc39d0db33fe678125608f3e6c892580999f2b03def38faac5e8b9e9a96719f6085f656daffc8664056332d94050932400b124faebe774e4f91362c7891d40a8bef4c91655af19d623b3849f8c6eccc22acd8bb03e0163f2477036eee83e69fe79071f9db36b09594734804c03b2937db3e9a010b40a51c7b1ebb97d17abacd20119d2c666f1ee063222d07241b4642011f7ddda754454ac3a0cfbd1aaf9446f32d766d34087ce387f72ad06d55ed0c763621ae096e82dce650d613fa3215d13e297d7e6386e1b317a56673820e789a75027435de275cd1dacbc1c99e151c3ac58ae616d093a3177ea0c9c8bcf411a3a1aa21cabec1af5d901077b35e0e71e9c66f6da978da53b7b8f27966fcbf6deec69f1cbc6de3566fdfce609b873c7da4a96f9bbdbf7bfb57a0ab64774bbbbe000197a1927044db026fef4feca4b6bab614206719940ae6848c79e30d8153d776fdd31edb65acb0da7173c2f6fb54c994a5708d43d8bba7162dcda8287ea30c7bd06608203331bbf9f537849fcf92e1cdcfd6e3c5be20eeae638d2b7c8575ffa17b52b1f29e85af915f0eff05f39c35e1020c7ba48a4769787e8d512f8deed7871aba85bac01d11c0fc3b200c4fcf980351f1e5b3fdfa55e82777f5da073113806cc8bbdeb1d2dac9d585fd994d33b233814f4c149bbc25452439c034815b753e563642ce04bcba7df0c1dd421dc7945fca12655dbeb6bd8643138cda1a1f86ba73b5e3234743257cb78212820d7882945d341939ef42eed9545f3082276ec5915e7d36de62334de1aa4047911ccfd80f7505090944d2beddc83c5c99bf35aa79160d38efe5ea11e6f84d685fc36b5fb54a9ad0c21b4c14d3208a67b9bf9dbcd32e9830cb3301a64364b96c32cee0427d01c6bce3100b97fc5038552894d8c531c8e2268274256f3e4f99a9940e69707b80b7e4174d801301dc9748f7ccd068589ddab78f84a0869dff81fc3fa3648ecf278cb460f180a2a634343ff04778f77331fbf2e1049316d0f6e31fc754b1fe43a209f5124dc0c34dec028d21b48375c352ff1cf368e106e8f5f3e6dae425a2785bdc9376d681a042651ba24a97fad41a85ebb06ecc4183a3e71937870c3fe0b4d3f13456aa28f63d222e0594807612f7a6c169f7613c24b9951628dea733a99b2c34941762155acc826408f4953e6389b9a6cfb7caf4305efe4fefaa98211f60e873b6a1ba39a1cae971b4651f214a165467474eb571bbf4a19115eee62d326632ca55e0372e5946eed920a7fe7cf04414a3593d27fb1df7eb902509ef5f8ee9523ffbca9d5ab9fbb822973af7e5e07e5e9f9359b40e6a8475af8e344c96650dd91b2e903b2bb6a45ba7ba6ae2bfe05f252fbcf792ad8aa7ddc8c40f833936c75a15b1b111f3418a6e125fa54d4463799653fc83a7ed62124ceb0880bdea6477dfdea3a73ad2597576471374c9cbbcbd22e1876393e8429c7d9527e20a3ffe260c6bafae691229bb1bdcf33eb82fc05d7d9fdff62984e2dbb32fc742d842b9a446e2e605b3967158f3555aba2a1c71ffc16f0298d42c835b8e6fb616cc298e2d9c2ef47e6e887a83628b1a09ca1eeb9326cba6fde4dfb6595cfbf3b1dd91b5a74a6da12681a44b0043d2233d5dbbce80d379a8b82375000397267a3d67c68c65491dbcae0fe6d8d6344839e43f89c8a4f69b1fd1a4af41a24910825a9647ab3b092f61ae95d8d18b0eed593dc20969939619d65", &(0x7f0000001000)="f2b6dc7ea895b352ce225d202dcf33aa9dae022e168d"}}, &(0x7f0000001080)) 06:49:24 executing program 5: socketpair(0x64, 0x2, 0x3f, &(0x7f0000000040)) 06:49:24 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3122, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x803, 0x2000}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) [ 1563.873414][T16024] RBP: 0000000020ffa000 R08: 0000000000000004 R09: 0000000000000000 [ 1563.881503][T16024] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0 [ 1563.889467][T16024] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1563.936657][T16058] FAULT_INJECTION: forcing a failure. [ 1563.936657][T16058] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1563.949935][T16058] CPU: 0 PID: 16058 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1563.958689][T16058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1563.968830][T16058] Call Trace: [ 1563.972103][T16058] dump_stack+0x137/0x19d [ 1563.976530][T16058] should_fail+0x23c/0x250 [ 1563.980994][T16058] __alloc_pages+0x102/0x320 06:49:24 executing program 0: r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) r1 = perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x4, 0x1, 0xff, 0x4, 0x0, 0x2f, 0x11044, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x80000000, 0x4, @perf_bp={&(0x7f0000000080), 0x3}, 0x16, 0xffff, 0x2, 0x6, 0x9, 0xfffffffe, 0x3f, 0x0, 0x2, 0x0, 0x400}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x1, 0x7, 0x8, 0x25, 0x0, 0x100000000, 0x188c8, 0x5, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x9, 0x2, @perf_config_ext={0x1, 0x8000000000000}, 0x200, 0x400, 0x401, 0x1, 0xd04c, 0x101, 0x1a42, 0x0, 0x6, 0x0, 0x4}, r0, 0x10, r1, 0x3) msync(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) sendmsg$AUDIT_SET_FEATURE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x20, 0x3fa, 0x10, 0x70bd26, 0x25dfdbfc, {0x1, 0x1}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x40810}, 0x240000d4) 06:49:24 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap(&(0x7f0000e32000/0x1000)=nil, 0x1000, 0x300000b, 0x50, r0, 0x8c5e1000) r1 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x4, 0x5, 0x1, 0x1, 0x0, 0x3, 0x1000, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x40008, 0x10000, 0x6, 0x5, 0x4, 0x28, 0xb467, 0x0, 0x0, 0x0, 0x361}, 0x0, 0xb, 0xffffffffffffffff, 0xa) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) r3 = perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x9, 0x69, 0xc1, 0x4, 0x0, 0xc1, 0x22001, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x9, 0x2, @perf_config_ext={0xa02}, 0x50313, 0x7, 0xe4, 0x8, 0x1, 0xfffffffd, 0x9, 0x0, 0x8, 0x0, 0x85a}, 0xffffffffffffffff, 0xd, r0, 0xa) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, r1) getresgid(&(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000080)={&(0x7f0000ffa000/0x3000)=nil, 0x3000}, &(0x7f0000000040)=0x7) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000200), 0x800, 0x0) openat$cgroup_type(r2, &(0x7f00000002c0), 0x2, 0x0) 06:49:24 executing program 5: socketpair(0x5f5e0ff, 0x2, 0x3f, &(0x7f0000000040)) 06:49:24 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xcc000) 06:49:24 executing program 4: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x4800) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f0000000040)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) [ 1563.985584][T16058] alloc_pages+0x21d/0x310 [ 1563.990080][T16058] pte_alloc_one+0x29/0xb0 [ 1563.994525][T16058] __pte_alloc+0x2f/0x210 [ 1563.998871][T16058] remap_pfn_range_notrack+0x5b7/0x770 [ 1564.004331][T16058] remap_pfn_range+0x87/0xe0 [ 1564.008977][T16058] io_uring_mmap+0x23b/0x260 [ 1564.013577][T16058] mmap_region+0xbb6/0x13e0 [ 1564.018073][T16058] do_mmap+0x77d/0xc90 [ 1564.022136][T16058] vm_mmap_pgoff+0xfc/0x1d0 [ 1564.026649][T16058] ksys_mmap_pgoff+0x2a8/0x380 [ 1564.031412][T16058] do_syscall_64+0x4a/0x90 06:49:24 executing program 5: socketpair(0xa, 0x4, 0x3f, &(0x7f0000000040)) [ 1564.035933][T16058] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1564.041832][T16058] RIP: 0033:0x466622 [ 1564.045722][T16058] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1564.065328][T16058] RSP: 002b:00007f585708f0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1564.073766][T16058] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 0000000000466622 06:49:24 executing program 2 (fault-call:2 fault-nth:37): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:24 executing program 1: mlock(&(0x7f0000ffe000/0x1000)=nil, 0x1000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e36000/0x1000)=nil) 06:49:24 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xcd000) 06:49:24 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0x1d8d, &(0x7f0000000000)={0x0, 0xdb77, 0x0, 0x0, 0x190, 0x0, r0}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000e32000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000140)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000100)="6805057eec20", 0x2, 0x0, 0x0, {0x1}}, 0x10001) 06:49:24 executing program 4: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) ioctl$RNDCLEARPOOL(r0, 0x5206, &(0x7f0000000040)=0x5) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000100), 0x440080, 0x0) r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x191280, 0x0) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000e33000/0x4000)=nil, 0x4000, 0x3, 0x12, 0xffffffffffffffff, 0x8000000) syz_io_uring_submit(r3, 0x0, &(0x7f00000001c0)=@IORING_OP_SPLICE={0x1e, 0x5, 0x0, @fd_index=0x3, 0x640, {0x0, r1}, 0x7, 0x7, 0x0, {0x0, 0x0, r1}}, 0x0) ioctl$RNDZAPENTCNT(r2, 0x5204, &(0x7f00000000c0)) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0x40401, 0x0) ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000140)=0xfff) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:24 executing program 5: socketpair(0xa, 0x5, 0x3f, &(0x7f0000000040)) [ 1564.081731][T16058] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffa000 [ 1564.089700][T16058] RBP: 0000000020ffa000 R08: 0000000000000004 R09: 0000000000000000 [ 1564.097745][T16058] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0 [ 1564.105707][T16058] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 [ 1564.189741][T16097] FAULT_INJECTION: forcing a failure. [ 1564.189741][T16097] name failslab, interval 1, probability 0, space 0, times 0 [ 1564.202449][T16097] CPU: 0 PID: 16097 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1564.211194][T16097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1564.211204][T16097] Call Trace: [ 1564.211211][T16097] dump_stack+0x137/0x19d [ 1564.228866][T16097] should_fail+0x23c/0x250 [ 1564.233281][T16097] ? vm_area_alloc+0x28/0xa0 [ 1564.237998][T16097] __should_failslab+0x81/0x90 [ 1564.245920][T16097] should_failslab+0x5/0x20 [ 1564.250436][T16097] kmem_cache_alloc+0x46/0x2f0 [ 1564.255209][T16097] vm_area_alloc+0x28/0xa0 [ 1564.259777][T16097] mmap_region+0x721/0x13e0 [ 1564.264361][T16097] ? security_mmap_addr+0x78/0x90 [ 1564.269377][T16097] do_mmap+0x77d/0xc90 [ 1564.273440][T16097] vm_mmap_pgoff+0xfc/0x1d0 [ 1564.273460][T16097] ksys_mmap_pgoff+0x2a8/0x380 [ 1564.282690][T16097] do_syscall_64+0x4a/0x90 [ 1564.287098][T16097] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1564.292996][T16097] RIP: 0033:0x466622 [ 1564.296963][T16097] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1564.316672][T16097] RSP: 002b:00007f585708f0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1564.325112][T16097] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 0000000000466622 06:49:25 executing program 4: syz_io_uring_setup(0x6762, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0xfffffffe}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000e32000/0x3000)=nil) 06:49:25 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0) ioctl$SNAPSHOT_CREATE_IMAGE(r0, 0x40043311, &(0x7f0000000040)) 06:49:25 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$MON_IOCH_MFLUSH(r0, 0x9208, 0x6) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000000)=ANY=[@ANYBLOB="040000000000000000000000000000ebffffffffffffff00"]) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f0000000040)={0xff, 0x3, 0x1}) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f0000000100)={0x1f, 0xfa}) get_thread_area(&(0x7f0000000080)={0x0, 0x20000000, 0x2000, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1}) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000180)={0x401, 0x2, {0xffffffffffffffff, 0x3, 0x8c, 0x3, 0x44}, 0x5}) modify_ldt$write(0x1, &(0x7f00000000c0)={0xfffffffb, 0x1000, 0x2000, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1}, 0x10) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x4}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) ioctl$RNDCLEARPOOL(r0, 0x5206, &(0x7f0000000140)=0x80000001) 06:49:25 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xce000) 06:49:25 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xcf000) [ 1564.333312][T16097] RDX: 0000000000000003 RSI: 0000000000200000 RDI: 0000000020ffa000 [ 1564.341275][T16097] RBP: 0000000020ffa000 R08: 0000000000000004 R09: 0000000010000000 [ 1564.349274][T16097] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0 [ 1564.357395][T16097] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:25 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x2000, 0x40, &(0x7f0000e32000/0x2000)=nil) syz_io_uring_setup(0x133, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x0, 0x0) r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) move_pages(r0, 0xa, &(0x7f0000000080)=[&(0x7f0000e30000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000cc4000/0x2000)=nil, &(0x7f0000e33000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000e30000/0x4000)=nil, &(0x7f0000cc4000/0x2000)=nil, &(0x7f0000e35000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil], 0x0, &(0x7f0000000100)=[0x0, 0x0], 0x6) syz_io_uring_setup(0x4e73, &(0x7f0000000140)={0x0, 0x1, 0x3c, 0x2, 0x27a}, &(0x7f0000e33000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$FIONREAD(r1, 0x541b, &(0x7f0000000040)) r2 = shmget$private(0x0, 0x2000, 0x78000000, &(0x7f0000cc4000/0x2000)=nil) shmctl$IPC_RMID(r2, 0x0) 06:49:25 executing program 2 (fault-call:2 fault-nth:38): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:25 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r0, 0x3312, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x4d2103, 0x0) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r1, 0x3309) 06:49:25 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e1f000/0x1000)=nil, 0x1000}, &(0x7f0000000040)=0x10) 06:49:25 executing program 5: socketpair(0xa, 0x6, 0x3f, &(0x7f0000000040)) 06:49:25 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) syz_io_uring_submit(r0, 0x0, &(0x7f0000000080)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd=r1, 0x5, 0x0, 0xb06e}, 0x2) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000000)=0x9) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:25 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xd0000) 06:49:25 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xd1000) 06:49:25 executing program 5: socketpair(0xa, 0x7, 0x3f, &(0x7f0000000040)) [ 1564.495464][T16135] FAULT_INJECTION: forcing a failure. [ 1564.495464][T16135] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1564.508937][T16135] CPU: 0 PID: 16135 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1564.517692][T16135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1564.527852][T16135] Call Trace: [ 1564.531130][T16135] dump_stack+0x137/0x19d [ 1564.535528][T16135] should_fail+0x23c/0x250 [ 1564.539995][T16135] __alloc_pages+0x102/0x320 06:49:25 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0xa0feb) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:25 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) io_uring_setup(0x6b3b, &(0x7f0000000000)={0x0, 0xc022, 0x20, 0x6, 0x3d5, 0x0, r0}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r1, 0x408c5333, &(0x7f00000000c0)={0x9593, 0x9, 0x1, 'queue0\x00', 0x7}) sendmsg$AUDIT_GET_FEATURE(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x10, 0x3fb, 0x20, 0x70bd26, 0x25dfdbff, "", ["", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x8844}, 0x8040) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) ioctl$MON_IOCG_STATS(r1, 0x80089203, &(0x7f0000000180)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x2000, 0x2, &(0x7f0000ffd000/0x2000)=nil) mmap$usbmon(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000001, 0x30, 0xffffffffffffffff, 0xfd) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000080), 0x400482, 0x0) 06:49:25 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f0000e31000/0x4000)=nil) 06:49:25 executing program 0: syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x295}, &(0x7f0000cc4000/0x4000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000040)={0x1, 0x0, {0xd7a8de6907ea937e, 0x3, 0x4e, 0x0, 0x4}, 0x4}) [ 1564.544699][T16135] alloc_pages+0x21d/0x310 [ 1564.549112][T16135] pte_alloc_one+0x29/0xb0 [ 1564.553667][T16135] __pte_alloc+0x2f/0x210 [ 1564.558127][T16135] remap_pfn_range_notrack+0x5b7/0x770 [ 1564.563635][T16135] remap_pfn_range+0x87/0xe0 [ 1564.568290][T16135] io_uring_mmap+0x23b/0x260 [ 1564.573097][T16135] mmap_region+0xbb6/0x13e0 [ 1564.577716][T16135] do_mmap+0x77d/0xc90 [ 1564.581781][T16135] vm_mmap_pgoff+0xfc/0x1d0 [ 1564.586366][T16135] ksys_mmap_pgoff+0x2a8/0x380 [ 1564.591304][T16135] do_syscall_64+0x4a/0x90 [ 1564.595727][T16135] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1564.601620][T16135] RIP: 0033:0x466622 [ 1564.605540][T16135] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1564.625226][T16135] RSP: 002b:00007f585708f0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1564.633657][T16135] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 0000000000466622 06:49:25 executing program 2 (fault-call:2 fault-nth:39): mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:25 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$SNAPSHOT_ATOMIC_RESTORE(r0, 0x3304) 06:49:25 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xd2000) 06:49:25 executing program 4: mremap(&(0x7f0000e33000/0x1000)=nil, 0x1000, 0x1000, 0x4, &(0x7f0000e33000/0x1000)=nil) 06:49:25 executing program 1: sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0xe8, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [{{0x8}, {0xcc, 0x2, 0x0, 0x1, [{0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}}]}}]}, 0xe8}, 0x1, 0x0, 0x0, 0x20000800}, 0x5) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e34000/0x1000)=nil, 0x1000, 0x1000, 0x2, &(0x7f0000ffd000/0x1000)=nil) [ 1564.641629][T16135] RDX: 0000000000000003 RSI: 0000000000200000 RDI: 0000000020ffa000 [ 1564.649671][T16135] RBP: 0000000020ffa000 R08: 0000000000000004 R09: 0000000010000000 [ 1564.657632][T16135] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0 [ 1564.665609][T16135] R13: 0000000020ffa000 R14: 0000000020000080 R15: 0000000020ffa000 06:49:25 executing program 5: socketpair(0xa, 0xa, 0x3f, &(0x7f0000000040)) 06:49:25 executing program 1: mlock(&(0x7f0000e1d000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000e20000/0x2000)=nil) 06:49:25 executing program 4: mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4000, 0x4, &(0x7f0000e31000/0x4000)=nil) mmap$IORING_OFF_SQES(&(0x7f0000e32000/0x2000)=nil, 0x2000, 0x8, 0x11, 0xffffffffffffffff, 0x10000000) [ 1564.719637][T16171] FAULT_INJECTION: forcing a failure. [ 1564.719637][T16171] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1564.732748][T16171] CPU: 0 PID: 16171 Comm: syz-executor.2 Not tainted 5.13.0-rc4-syzkaller #0 [ 1564.741514][T16171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1564.751659][T16171] Call Trace: [ 1564.754930][T16171] dump_stack+0x137/0x19d [ 1564.759260][T16171] should_fail+0x23c/0x250 [ 1564.763808][T16171] should_fail_usercopy+0x16/0x20 06:49:25 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xd3000) [ 1564.768923][T16171] _copy_to_user+0x1c/0x90 [ 1564.773473][T16171] simple_read_from_buffer+0xab/0x120 [ 1564.778844][T16171] proc_fail_nth_read+0xf6/0x140 [ 1564.783802][T16171] ? rw_verify_area+0x136/0x250 [ 1564.788659][T16171] ? proc_fault_inject_write+0x200/0x200 [ 1564.794352][T16171] vfs_read+0x154/0x5d0 [ 1564.798526][T16171] ? __fget_light+0x21b/0x260 [ 1564.803198][T16171] ? __cond_resched+0x11/0x40 [ 1564.807867][T16171] ksys_read+0xce/0x180 [ 1564.812016][T16171] __x64_sys_read+0x3e/0x50 06:49:25 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget(0x2, 0x2000, 0x6ff7d94d4cb237b, &(0x7f0000e34000/0x2000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:25 executing program 4: prctl$PR_GET_TIMERSLACK(0x1e) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) mmap$IORING_OFF_SQES(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0xa, 0x30, 0xffffffffffffffff, 0x10000000) [ 1564.816517][T16171] do_syscall_64+0x4a/0x90 [ 1564.820947][T16171] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1564.827038][T16171] RIP: 0033:0x41935c [ 1564.831037][T16171] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 1564.850646][T16171] RSP: 002b:00007f585708f170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1564.859247][T16171] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000041935c 06:49:25 executing program 0: epoll_create1(0x80000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap(&(0x7f0000e32000/0x2000)=nil, 0x2000, 0x200000c, 0x10, 0xffffffffffffffff, 0x7cdab000) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:25 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:25 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3129, &(0x7f0000000280)={0x0, 0x5ee4}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) mlock(&(0x7f0000ffe000/0x1000)=nil, 0x1000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x4, 0x49, 0x81, 0x4, 0x22, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2, 0x40, 0x7, 0xd6a7, 0x2b1}}) 06:49:25 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xd4000) 06:49:25 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0xfffffffffffffffc, &(0x7f0000000180)) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000005, 0x4010, 0xffffffffffffffff, 0x8000000) move_pages(0xffffffffffffffff, 0x7, &(0x7f0000000000)=[&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil], &(0x7f0000000040)=[0x6500f37c, 0x3f, 0x7fff, 0x9, 0x200, 0x2, 0x101, 0x8, 0x0, 0x7], &(0x7f0000000080)=[0x0, 0x0, 0x0], 0x0) move_pages(0xffffffffffffffff, 0x2, &(0x7f00000000c0)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x1000)=nil], &(0x7f0000000100)=[0x8000, 0x0, 0x9], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], 0x6) 06:49:25 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x2000, 0x4, &(0x7f0000e20000/0x2000)=nil) r0 = getpid() move_pages(r0, 0x2, &(0x7f0000000000)=[&(0x7f0000e21000/0x3000)=nil, &(0x7f0000e22000/0x3000)=nil], &(0x7f0000000040)=[0xb26b38d, 0x1, 0xa098, 0x81, 0x5], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2) 06:49:25 executing program 5: socketpair(0xa, 0x11, 0x3f, &(0x7f0000000040)) [ 1564.867311][T16171] RDX: 000000000000000f RSI: 00007f585708f1e0 RDI: 0000000000000003 [ 1564.875285][T16171] RBP: 00007f585708f1d0 R08: 0000000000000000 R09: 0000000010000000 [ 1564.883256][T16171] R10: 0000000000008011 R11: 0000000000000246 R12: 0000000000000002 [ 1564.891225][T16171] R13: 00007ffc183614bf R14: 00007f585708f300 R15: 0000000000022000 06:49:25 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ff4000/0x2000)=nil, 0x2000, 0x3000, 0x7, &(0x7f0000fed000/0x3000)=nil) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x0, &(0x7f0000e1f000/0x4000)=nil) shmget$private(0x0, 0x4000, 0x78000000, &(0x7f0000ffc000/0x4000)=nil) mmap$IORING_OFF_CQ_RING(&(0x7f0000fec000/0x14000)=nil, 0x14000, 0xc, 0x11, 0xffffffffffffffff, 0x8000000) 06:49:25 executing program 4: r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$TIOCGPTPEER(r0, 0x5441, 0xffffffffffffffff) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e1f000/0x1000)=nil, &(0x7f0000000000)) 06:49:25 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xd5000) 06:49:25 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:25 executing program 5: socketpair(0xa, 0x300, 0x3f, &(0x7f0000000040)) 06:49:25 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) msync(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x6) 06:49:25 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0xd8478ece94027f76, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x2, 0x2010, r0, 0x4d41d000) mmap$IORING_OFF_CQ_RING(&(0x7f0000e16000/0xa000)=nil, 0xa000, 0x0, 0x10, 0xffffffffffffffff, 0x8000000) 06:49:25 executing program 1: r0 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$TCXONC(r0, 0x540a, 0x2) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:25 executing program 5: socketpair(0xa, 0x2, 0xa, &(0x7f0000000040)) 06:49:25 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xd6000) 06:49:25 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x2}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:25 executing program 4: mremap(&(0x7f0000e34000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000e32000/0x3000)=nil) 06:49:25 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x9) sigaltstack(&(0x7f0000ffc000/0x2000)=nil, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0xe7a, 0x10c41) mmap$usbmon(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x80010, r0, 0x20) syz_io_uring_setup(0x7ae0, &(0x7f0000000280)={0x0, 0xff77, 0x1, 0x6, 0x27b}, &(0x7f0000e31000/0x1000)=nil, &(0x7f0000e2f000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)) syz_io_uring_setup(0x41f0, &(0x7f0000000140)={0x0, 0xa189, 0x20, 0x2, 0x3c4}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000e20000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)=0x0) mremap(&(0x7f0000e2f000/0x4000)=nil, 0x4000, 0x2000, 0x7, &(0x7f0000ffb000/0x2000)=nil) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_POLL_ADD={0x6, 0x5, 0x0, @fd_index=0x2, 0x0, 0x0, 0x0, {0xa00c}}, 0x10001) 06:49:25 executing program 1: mlock(&(0x7f0000e20000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000000)={0x7f, 0x80, 0x20}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) syz_io_uring_setup(0x724, &(0x7f0000000100)={0x0, 0xfde6, 0x0, 0x0, 0x34d}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r1 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_ADD_RULE(r1, &(0x7f0000000600)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000005c0)={&(0x7f0000000180)={0x438, 0x3f3, 0x33c, 0x70bd2b, 0x25dfdbfd, {0x4, 0x2, 0x32, [0x9, 0xfffffffe, 0x7f, 0x7fffffff, 0x5, 0x401, 0xfffffffa, 0x3, 0x6, 0x6, 0x80000001, 0x6, 0x8, 0xc6a, 0x8, 0x1afa00, 0x8, 0x100, 0x9, 0x9, 0x2, 0x81, 0x4, 0x5, 0x72, 0xacc, 0x101, 0x74, 0x7ff, 0x3, 0x3, 0x5, 0x4, 0x8001, 0x3, 0x5, 0x3ff, 0xffffffff, 0x100, 0x8, 0x5, 0x1, 0x3, 0x7, 0x400, 0x3f, 0x130a, 0xff, 0x6, 0x7, 0x4, 0xb4, 0x101, 0x8, 0x5, 0x80000001, 0x8, 0x4, 0x401, 0x8001, 0x7, 0x10001, 0x0, 0x8638a6a], [0x20000000, 0x8001, 0x6, 0x68c6, 0x89, 0x5cb, 0x200, 0x3d, 0x40, 0x6, 0x9, 0x5, 0x800, 0x80000000, 0x7, 0x6, 0xf0f, 0x4, 0x8, 0x3f, 0x0, 0x2, 0x27e5, 0x100, 0x2, 0x0, 0xab, 0x5, 0x2, 0x2, 0x8b4, 0x1, 0x4f51c529, 0x0, 0x200, 0x62a6, 0x10001, 0x400000, 0x41, 0x3, 0x1, 0x8, 0xffff, 0x5, 0x3, 0x7, 0x5, 0x1000, 0x20, 0x7ff, 0x8, 0x0, 0x9, 0x80000000, 0x0, 0x10001, 0xffffffff, 0xd36, 0x10001, 0x7, 0x2, 0xffff6f94, 0x6, 0x5], [0x7, 0x1800, 0x1, 0x8, 0x3, 0x2, 0x6, 0x3c46, 0xa1b0, 0x7fffffff, 0x1000, 0x401, 0x9, 0x6, 0x2, 0x1ff, 0x6, 0x6, 0xc5b7, 0x3, 0x9a, 0x3e, 0x1f, 0xfff, 0xa2, 0x3, 0x3, 0x6, 0x280, 0x8c, 0xffff, 0x5, 0xffff, 0x3, 0x38d8, 0x0, 0x0, 0xf5f, 0xff, 0x9, 0x2, 0xffffffbe, 0x789e, 0x1, 0x4, 0x6, 0x200, 0x1e48, 0xfffffffa, 0x10001, 0x7, 0x9, 0x4, 0x1, 0x7fff, 0x80, 0xddd9, 0x1aa2568e, 0x0, 0x3f, 0xb43, 0x7fff, 0xffffffff, 0x6], [0x7, 0xd69, 0x4, 0xffff, 0x1, 0x1, 0x2, 0x6, 0x2, 0x1, 0x1ff, 0x5, 0x1, 0x2c, 0x8000, 0x400, 0xf1, 0x7, 0x4f, 0x200, 0x7, 0x0, 0x1, 0x3, 0x800, 0xffff0001, 0x0, 0x7fffffff, 0xd80, 0x5, 0x2e4b, 0x10001, 0x81, 0x8, 0xffffff24, 0x1f, 0xfffffffd, 0x0, 0x200, 0x7, 0x6, 0x3, 0x0, 0x0, 0x2, 0x5, 0x401, 0x1, 0x1ff, 0x6, 0x40000, 0xdb38, 0x9, 0x2, 0xb3, 0x7ff, 0x2, 0x1, 0x7, 0x5, 0x7fffffff, 0x1, 0x7fffffff, 0x3], 0x17, ['\x00', '\x00', '&\x00', '\x00', '/dev/bsg\x00', '/dev/bsg\x00']}, ["", "", "", "", "", "", ""]}, 0x438}, 0x1, 0x0, 0x0, 0x4}, 0x800) 06:49:25 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xd7000) 06:49:25 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = getpid() move_pages(r0, 0x1, &(0x7f0000000000)=[&(0x7f0000e33000/0x1000)=nil], &(0x7f0000000040)=[0xffff, 0xffffffc1, 0x8001, 0x7, 0xc5a7, 0x3, 0x400], &(0x7f0000000080)=[0x0, 0x0], 0x6) 06:49:25 executing program 5: socketpair(0xa, 0x2, 0x11, &(0x7f0000000040)) 06:49:25 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)=']*}$%}\x16\\+\x00') mmap$usbmon(&(0x7f0000e32000/0x4000)=nil, 0x4000, 0x1000000, 0x30, r0, 0x80000000) 06:49:25 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x3}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:25 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) 06:49:25 executing program 4: syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_WRITE={0x17, 0xe146a114b68ace33, 0x2000, @fd_index=0x5, 0x9, &(0x7f0000000000)="9f0d2200344865cd757b5e3fccbed8f436f13fc05d0a2711c5cab2ebe500eeb62cc4152249ccf8eee894e3b46805a681cab43346abc11acf0520cff7fdac24bc0e1cdccdc9bc0c00f9f5db0268baf63fd4bbc6473635edf706ba37a2f589bc21584f7c8d54e99be61fe988d1b5cb824ade15bab3b417b7a67c0c27d2b5d62d46fcedb407903a59d5b5f9ed948b04330af651af2e04079b7fa0099ba89c33cd626187ee1a77765aa356ca323b30f9a2738d184e59baa5a7916583999c8ebf2ada5240d9f1f34d09ce01b52682482d8df5799b368d97c73094862d86608aa108d5bac16c85b5e66bf0b85036a85e91e463bff0", 0xf2, 0x18}, 0xc3) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_SQES(&(0x7f0000e34000/0x2000)=nil, 0x2000, 0x3000008, 0x20010, r0, 0x10000000) 06:49:25 executing program 5: socketpair(0xa, 0x2, 0x3a, &(0x7f0000000040)) 06:49:25 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xd8000) 06:49:25 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e20000/0x1000)=nil, 0x1000}, &(0x7f0000000040)=0x10) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:25 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f0000ffd000/0x3000)=nil) 06:49:25 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x4}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:25 executing program 4: prctl$PR_SET_NAME(0xf, &(0x7f00000000c0)=':\x00') mlock(&(0x7f0000ffa000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_SPLICE={0x1e, 0x3, 0x0, @fd, 0x7, {}, 0x80, 0x8, 0x1, {0x0, 0x0, r0}}, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, r1) r2 = syz_open_dev$usbmon(&(0x7f00000001c0), 0x80000001, 0x205740) mmap$usbmon(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1800004, 0x80010, r2, 0x7) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x1799) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x9e6, 0xd35, 0xff38, 0x8001}}) ioctl$MON_IOCX_GETX(r3, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000140)=""/14, 0xe}) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x101000, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_QUERY_BPF(r4, 0xc008240a, &(0x7f0000000180)=ANY=[@ANYBLOB="00cb156a012828e99c3ff0561a03eb08fb58f9934454dcff6d"]) 06:49:25 executing program 5: socketpair(0xa, 0x2, 0x64, &(0x7f0000000040)) 06:49:25 executing program 0: socketpair(0x3, 0x3, 0x2, &(0x7f0000000000)) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:25 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xd9000) 06:49:25 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = io_uring_setup(0x66c8, &(0x7f0000000000)={0x0, 0x8d84, 0x4, 0x2, 0x24d}) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x4000010, r0, 0x10000000) 06:49:26 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x7}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:26 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) madvise(&(0x7f0000cc3000/0x3000)=nil, 0x3000, 0x14) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) syz_io_uring_setup(0x48a, &(0x7f0000000000)={0x0, 0x97c8, 0x0, 0x2, 0x1e3, 0x0, r0}, &(0x7f0000e32000/0x2000)=nil, &(0x7f0000e1c000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1d000/0x1000)=nil, 0x1000, 0x3000, 0x4, &(0x7f0000e31000/0x3000)=nil) r1 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r1, 0x0) shmat(r1, &(0x7f0000e31000/0x2000)=nil, 0x3000) 06:49:26 executing program 4: mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x4, &(0x7f0000ffc000/0x4000)=nil) 06:49:26 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xda000) 06:49:26 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap$IORING_OFF_SQES(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x8, 0x11, 0xffffffffffffffff, 0x10000000) madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xa) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x14) 06:49:26 executing program 5: socketpair(0xa, 0x2, 0x88, &(0x7f0000000040)) 06:49:26 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xdb000) 06:49:26 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x1000)=nil, 0x1000}, &(0x7f0000000040)=0x10) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) getsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f0000000100)) 06:49:26 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:26 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x8}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:26 executing program 0: openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:26 executing program 5: socketpair(0xa, 0x2, 0x106, &(0x7f0000000040)) 06:49:26 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000e26000/0x1000)=nil, 0x3000) shmat(0x0, &(0x7f0000e20000/0x7000)=nil, 0x3000) 06:49:26 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x4000, 0x2, &(0x7f0000ffb000/0x4000)=nil) shmget$private(0x0, 0x4000, 0x8, &(0x7f0000e32000/0x4000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) move_pages(0x0, 0x5, &(0x7f0000000100)=[&(0x7f0000e31000/0x4000)=nil, &(0x7f0000e34000/0x1000)=nil, &(0x7f0000e38000/0x2000)=nil, &(0x7f0000e20000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil], &(0x7f0000000140)=[0x7f, 0x8, 0x4, 0x8, 0x5, 0x9, 0x3f], &(0x7f0000000180)=[0x0, 0x0], 0x4) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_SQES(&(0x7f0000e37000/0x3000)=nil, 0x3000, 0x1000000, 0x2010, r1, 0x10000000) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000c, 0x100010, 0xffffffffffffffff, 0x10000000) mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000, 0x2, &(0x7f0000e1f000/0x1000)=nil) syz_io_uring_submit(r0, r2, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x5, &(0x7f0000000000)={0x0, 0x989680}, 0x1, 0x1}, 0x1) shmget$private(0x0, 0x3000, 0x8, &(0x7f0000ffd000/0x3000)=nil) 06:49:26 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) shmget$private(0x0, 0x1000, 0x78000000, &(0x7f0000e33000/0x1000)=nil) msync(&(0x7f0000e33000/0x1000)=nil, 0x1000, 0x2) 06:49:26 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x10}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:26 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_SQ_RING(&(0x7f0000e33000/0x2000)=nil, 0x2000, 0x1000002, 0x2100010, r0, 0x0) 06:49:26 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xdc000) 06:49:26 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x101081, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) io_uring_setup(0x3d45, &(0x7f0000000100)={0x0, 0x197b, 0x4, 0x0, 0xbc, 0x0, r0}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$KDGETLED(r1, 0x4b31, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x1ff) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) perf_event_open$cgroup(&(0x7f0000000180)={0x1, 0x80, 0x80, 0x1f, 0xff, 0x1, 0x0, 0x9, 0x0, 0xe, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0xaa3, 0x2, @perf_bp={&(0x7f0000000080), 0x9}, 0x4, 0x1, 0x3, 0x6, 0x4, 0x71, 0x80, 0x0, 0x5, 0x0, 0x7fffffff}, r2, 0x10, r0, 0x8) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:26 executing program 5: socketpair(0xa, 0x2, 0x5f5e0ff, &(0x7f0000000040)) 06:49:26 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x42}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:26 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) ioctl$MON_IOCQ_RING_SIZE(0xffffffffffffffff, 0x9205) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) ioctl$sock_inet_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) 06:49:26 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xdd000) 06:49:26 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:26 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xde000) 06:49:26 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mincore(&(0x7f0000ffc000/0x2000)=nil, 0x2000, &(0x7f0000000040)=""/34) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) shmget(0x2, 0x3000, 0x40, &(0x7f0000e31000/0x3000)=nil) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000000)=0x2) 06:49:26 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) syz_io_uring_setup(0x6405, &(0x7f0000000040)={0x0, 0xb214, 0x8, 0x1, 0x2be, 0x0, r0}, &(0x7f0000e32000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x9d171) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e20000/0x1000)=nil, &(0x7f0000000000)) 06:49:26 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PTP_PIN_GETFUNC(r0, 0xc0603d06, &(0x7f0000000080)={'\x00', 0x4, 0x0, 0x7000000}) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:26 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x60}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:26 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x3000, 0x7, &(0x7f0000e20000/0x3000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) shmget(0x1, 0x1000, 0x0, &(0x7f0000e32000/0x1000)=nil) 06:49:26 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000200), r1) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_ACCEPT(r4, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0x14, r5, 0x1, 0x70bd27, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x20004081) sendmsg$NET_DM_CMD_STOP(r2, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000240)={0x14, r3, 0xa, 0x70bd2a, 0x25dfdbfc, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}}, 0x4) sendmsg$NET_DM_CMD_START(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r3, 0x20, 0x70bd26, 0x25dfdbff, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x4) r6 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r6, 0x2405, 0xffffffffffffffff) ioctl$SNAPSHOT_ATOMIC_RESTORE(r6, 0x3304) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:26 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xdf000) 06:49:26 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x1ca}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:26 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x300000e, 0x10, r0, 0x0) 06:49:26 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000040)={0x5, 0x80, 0x22, 0x9, 0x5, 0x5f, 0x0, 0xfffffffffffffffb, 0x0, 0xe, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x9f, 0x1, @perf_bp={&(0x7f0000000000), 0xd}, 0x300, 0x81, 0x97a, 0x1, 0x2, 0x4, 0x40, 0x0, 0x7fffffff}) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x2aab, &(0x7f0000000280)={0x0, 0x1ab9}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:26 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x1cc}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:26 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xe0000) 06:49:26 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$usbmon(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x8, 0x50, r0, 0x430) 06:49:26 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$AUDIT_TTY_GET(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x10, 0x3f8, 0x203, 0x70bd2b, 0x25dfdbfc, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x8000}, 0x20000001) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000180), r2) sendmsg$NLBL_UNLABEL_C_LIST(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x50, r4, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:ssh_keysign_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private}, @NLBL_UNLABEL_A_ACPTFLG={0x5}]}, 0x50}}, 0x0) sendmsg$AUDIT_SET(r0, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x38, 0x3e9, 0x300, 0x70bd2a, 0x25dfdbfb, {0x13, 0x0, 0x2, 0x0, 0x9, 0x3, 0x40, 0x0, 0x0, 0x9}, ["", "", "", "", "", "", "", "", "", ""]}, 0x38}, 0x1, 0x0, 0x0, 0xc0}, 0x4) sendmsg$NLBL_UNLABEL_C_ACCEPT(r1, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x34, r4, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @rand_addr=0x64010101}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @rand_addr=0x64010100}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @rand_addr=0x64010102}]}, 0x34}, 0x1, 0x0, 0x0, 0x20004000}, 0x15) ioctl$RNDCLEARPOOL(0xffffffffffffffff, 0x5206, &(0x7f0000000000)) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, 0xffffffffffffffff) recvmsg(r5, &(0x7f0000000280)={&(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @empty}}}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/175, 0xaf}, {&(0x7f00000001c0)=""/176, 0xb0}, {&(0x7f0000000480)=""/35, 0x23}], 0x3, &(0x7f0000000300)=""/63, 0x3f}, 0x2100) 06:49:26 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x3) r0 = syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000e33000/0x4000)=nil, 0x4000, 0x2, 0x40010, r0, 0x8000000) 06:49:26 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) openat$cgroup_type(r0, &(0x7f0000000000), 0x2, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:26 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap(&(0x7f0000e1e000/0x4000)=nil, 0x4000, 0xc, 0x8010, 0xffffffffffffffff, 0x1576c000) 06:49:26 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x20010, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$ptys(0xc, 0x3, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x800001, 0x10, r2, 0x101) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) syz_io_uring_submit(r0, 0x0, &(0x7f0000000040)=@IORING_OP_FILES_UPDATE={0x14, 0x5, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0xffffffffffffffff, r1, r2], 0x3, 0x0, 0x1}, 0x6c04) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:26 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x1d6}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:26 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000fee000/0x11000)=nil, 0x11000, 0x1000, 0x6, &(0x7f0000fff000/0x1000)=nil) mremap(&(0x7f0000e33000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000fff000/0x1000)=nil) 06:49:26 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xe1000) 06:49:26 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff}) r1 = accept4(r0, &(0x7f0000000080)=@alg, &(0x7f0000000000)=0x80, 0x80000) sendmsg$AUDIT_SET_FEATURE(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x82280000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x20, 0x3fa, 0x800, 0x70bd27, 0x25dfdbfe, {0x1, 0x1, 0x1}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0xa048}, 0x4000000) syz_io_uring_setup(0x4b84, &(0x7f0000000200)={0x0, 0x4cac, 0x2, 0x3, 0x39d}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000000280), &(0x7f0000000340)=0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000300)=@IORING_OP_FADVISE={0x18, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0xf1f8, 0x5, 0x1}, 0x1ff) 06:49:26 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000000)=@gcm_256={{0x304}, "76046b14291849c3", "273a37ee2c7fe7c927741f85c7462a05524070cdf9108823887022183d312b69", "eed1b0c0", "8474a5fa2f58e71c"}, 0x38) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xd, 0x20010, r0, 0x431b7000) 06:49:26 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xe2000) 06:49:26 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) mmap$usbmon(&(0x7f0000cc3000/0x2000)=nil, 0x2000, 0x0, 0x40010, 0xffffffffffffffff, 0x7) mmap(&(0x7f0000e31000/0x2000)=nil, 0x2000, 0x1000000, 0x12, r0, 0x8665e000) 06:49:26 executing program 1: ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x7f, 0x3, 0x20, 0x3, 0x1}}) mlock(&(0x7f0000e31000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:26 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x204}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:26 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xb0, r0, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:tetex_data_t:s0\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_SECCTX={0x29, 0x7, 'system_u:object_r:userio_device_t:s0\x00'}, @NLBL_UNLABEL_A_SECCTX={0x22, 0x7, 'system_u:object_r:cgroup_t:s0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'geneve1\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @remote}]}, 0xb0}, 0x1, 0x0, 0x0, 0x48000}, 0x200400c0) mmap(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x2, 0x8013, 0xffffffffffffffff, 0xc9118000) 06:49:26 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xe3000) 06:49:26 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xeadf}, &(0x7f0000cc3000/0x2000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:26 executing program 5: socketpair(0x10, 0x5, 0x10000040, &(0x7f0000000040)) 06:49:26 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = gettid() move_pages(r0, 0x3, &(0x7f0000000000)=[&(0x7f0000ffa000/0x4000)=nil, &(0x7f00003fe000/0xc00000)=nil, &(0x7f0000da4000/0x3000)=nil], &(0x7f0000000040), &(0x7f0000000080)=[0x0, 0x0, 0x0], 0x4) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:26 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap$usbmon(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x7, 0x10010, 0xffffffffffffffff, 0xfff) 06:49:26 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xe4000) 06:49:26 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x232}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:26 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x8) syz_io_uring_setup(0x3f13, &(0x7f0000000080), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, 0x0) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000), 0x4) 06:49:26 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x1080, 0x0) inotify_rm_watch(r0, 0x0) mq_notify(r0, &(0x7f0000000040)={0x0, 0x1, 0x1, @tid=0xffffffffffffffff}) 06:49:26 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000e20000/0x2000)=nil) 06:49:26 executing program 4: mremap(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil) shmat(0xffffffffffffffff, &(0x7f0000e1e000/0x4000)=nil, 0x0) madvise(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x12) ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f0000000000)={0x0, 0xffff}) mmap$IORING_OFF_SQES(&(0x7f0000e22000/0x1000)=nil, 0x1000, 0x3000000, 0x28030, 0xffffffffffffffff, 0x10000000) 06:49:26 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x234}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:26 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xe5000) 06:49:26 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil) 06:49:26 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = gettid() sendmsg$AUDIT_SET(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, 0x3e9, 0x4, 0x70bd25, 0x25dfdbfc, {0x49, 0x0, 0x2, r1, 0x9, 0x1, 0x3, 0x8, 0x0, 0xcc}, ["", "", "", "", ""]}, 0x38}}, 0x4008080) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ff0000/0xd000)=nil, 0xd000, 0x0, 0x2010, r0, 0x0) 06:49:26 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = gettid() sendmsg$AUDIT_SET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x3e9, 0x100, 0x70bd2c, 0x25dfdbfc, {0x30, 0x0, 0x3, r1, 0xfffffffc, 0xdea, 0x71, 0x81, 0x0, 0x8c36}, [""]}, 0x38}, 0x1, 0x0, 0x0, 0x44011}, 0x6000010) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r2 = accept4(r0, &(0x7f0000000100)=@x25={0x9, @remote}, &(0x7f0000000180)=0x80, 0x80800) sendmsg$AUDIT_TTY_SET(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x18, 0x3f9, 0x2, 0x70bd25, 0x25dfdbfe, {0x1, 0x1}, [""]}, 0x18}, 0x1, 0x0, 0x0, 0x4040001}, 0x400c814) 06:49:26 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e31000/0x2000)=nil, 0x2000, 0x2) syz_io_uring_setup(0x3121, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000e1f000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) shmget(0x3, 0x1000, 0x80, &(0x7f0000e20000/0x1000)=nil) 06:49:26 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x300}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:26 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xe6000) 06:49:26 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x4000, 0x8, &(0x7f0000e31000/0x4000)=nil) shmget(0x1, 0x1000, 0x2, &(0x7f0000e20000/0x1000)=nil) 06:49:26 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000fff000/0x1000)=nil) 06:49:26 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xe7000) 06:49:26 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000001, 0x110, 0xffffffffffffffff, 0x10000000) syz_io_uring_setup(0x2b46, &(0x7f0000000180)={0x0, 0x537e, 0x10, 0x3, 0x1a6}, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000e26000/0x10000)=nil, &(0x7f0000000200), &(0x7f0000000240)) syz_io_uring_setup(0x3122, &(0x7f0000000280)={0x0, 0x8}, &(0x7f0000e2e000/0x4000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) syz_io_uring_setup(0x40b2, &(0x7f0000000000)={0x0, 0xacb6, 0x2, 0x0, 0x231}, &(0x7f0000e31000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x100000c, 0x10010, 0xffffffffffffffff, 0x10000000) 06:49:26 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x402}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:26 executing program 5: socketpair(0x10, 0x80004, 0x4, &(0x7f0000000040)) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x8141) sendmsg$NET_DM_CMD_START(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x10, 0x70bd26, 0x25dfdbff, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x44}, 0x8000) 06:49:27 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000e34000/0x1000)=nil) shmat(0x0, &(0x7f0000e34000/0x2000)=nil, 0x5000) 06:49:27 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mincore(&(0x7f0000cc4000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/87) mremap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil) syz_io_uring_setup(0x3102, &(0x7f0000000280)={0x0, 0x0, 0x1, 0x6, 0x3}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) 06:49:27 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = syz_io_uring_setup(0x25ed, &(0x7f0000000000)={0x0, 0xa154, 0x2, 0x0, 0x2a3}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000e32000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x4, 0x10010, r0, 0x0) 06:49:27 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x406}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:27 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$KDSETKEYCODE(r1, 0x4b4d, &(0x7f00000003c0)={0xffff, 0x40}) recvmsg(r0, &(0x7f0000000380)={&(0x7f0000000080)=@ieee802154, 0x80, &(0x7f0000000000)=[{&(0x7f0000000440)=""/31, 0x1f}, {&(0x7f0000000100)=""/48, 0x30}, {&(0x7f0000000140)=""/6, 0x6}, {&(0x7f0000000180)=""/184, 0xb8}], 0x4, &(0x7f0000000280)=""/244, 0xf4}, 0x22102) ioctl$KDGETLED(r1, 0x4b31, &(0x7f0000000400)) ioctl$TIOCSIG(r1, 0x40045436, 0x14) setgid(0xffffffffffffffff) 06:49:27 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xe8000) 06:49:27 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = syz_io_uring_setup(0x6ad9, &(0x7f0000000000)={0x0, 0x3a5b, 0x1, 0x1, 0x248}, &(0x7f0000e1d000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x1000)=nil, 0x1000, 0x3000005, 0x4010, r0, 0x8000000) 06:49:27 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) timer_create(0x6, &(0x7f0000000200)={0x0, 0x25, 0x4, @thr={&(0x7f0000000000)="5cf6107af84cdf565f0de2e9bed9895c307ab3cab4c207e7cb3c55790cad871ac741c695abc5656855945c09878a6098734318f2e5102b926145f3847aafe1d8d122f1950a87a40f63460b79e035ca85ac7352b559e707e24d684b9befa3bbb7f354ffafcd9ed11e06cdfce2ded1654e101a09b4f98c8ade636e166fea30063a19dde47b67df62876eac1edd193272d57a48758a9531098fe212cbc14d1d06736b33432cdb85f67a6b9ecd24fe4c0bdd2e3894f71382c92d63d007299d77edf46423de9e690c6aa038ff000000675ffc177acc608d1e11664e6650783c8d04d27f982ea9e1b07b888f38be7c98f6f8291cdd22f4", &(0x7f0000000100)="05dff631745b32a79b17a0cf1ff365b8cc8c7950ff62dd9fe1a4f9f904a083439396509a35f6e28c160f3d928fb50326a5cafe51ee914ce0d909c57703bf6b3b2abc8f28824d52e96cc64667ff14d29411d82740ce23212a120b055a7b0ec12f2d6f18d40e4a55ce0b73016d34edbce32e90517ae77a88c8dc254f14292aa6a7e7f71c6304d1fb9052dd68a8aacfa0f5c382bad365098572a0a3b38ee5b4e5cc03464a1d64da3a20458ed27909f73adf681fb6851bf51fb741ac9dad34555c1f8c0e7e8b6f694fe9eeb57803022b62"}}, &(0x7f0000000240)=0x0) timer_getoverrun(r0) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:27 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap$usbmon(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0x13, 0x10, 0xffffffffffffffff, 0x1) mmap$IORING_OFF_SQ_RING(&(0x7f0000e33000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 06:49:27 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x604}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:27 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$usbmon(&(0x7f0000e19000/0xa000)=nil, 0xa000, 0x7000008, 0x2010, r0, 0x10000) 06:49:27 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) syz_io_uring_setup(0x7aa3, &(0x7f0000000280)={0x0, 0x0, 0x20, 0x0, 0x0, 0x0, r0}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0) 06:49:27 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xe9000) 06:49:27 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0x40a85321, &(0x7f0000000080)={{0x5, 0x4}, 'port1\x00', 0x1, 0x0, 0xee, 0x1ff, 0x80, 0x80000001, 0x0, 0x0, 0x6, 0x40}) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x3) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000140)={{0x6, 0xd4}, 'port0\x00', 0x4, 0x0, 0x7ff, 0xffffffd4, 0xce6, 0x1, 0xe499}) 06:49:27 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x700}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:27 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000e33000/0x2000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:27 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = epoll_create(0x7f) mmap(&(0x7f0000e31000/0x4000)=nil, 0x4000, 0x8, 0x12, r0, 0x6c5a3000) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x14) 06:49:27 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) select(0x40, &(0x7f0000000000), &(0x7f0000000040)={0x7}, 0x0, &(0x7f00000000c0)={0x0, 0xea60}) msync(&(0x7f0000e33000/0x2000)=nil, 0x2000, 0x6) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) openat$cgroup_devices(r0, &(0x7f0000000100)='devices.deny\x00', 0x2, 0x0) syz_io_uring_setup(0x3125, &(0x7f0000000000)={0x0, 0x0, 0x1}, &(0x7f0000e34000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:27 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xea000) 06:49:27 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) inotify_init() ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$MON_IOCG_STATS(r0, 0x80089203, &(0x7f0000000000)) 06:49:27 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_CQ_RING(&(0x7f0000d50000/0x4000)=nil, 0x4000, 0x1000000, 0x13, r0, 0x8000000) mremap(&(0x7f0000e34000/0x3000)=nil, 0x3000, 0x400000, 0x7, &(0x7f0000bff000/0x400000)=nil) 06:49:27 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x2000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:27 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xaa5a}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000e1f000/0x1000)=nil, 0x0, 0x0) 06:49:27 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x0) 06:49:27 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xeb000) 06:49:27 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e31000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000ffb000/0x4000)=nil) madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x15) 06:49:27 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e34000/0x2000)=nil, 0x2000) shmget(0x3, 0x4000, 0x78000000, &(0x7f0000e1f000/0x4000)=nil) shmat(0xffffffffffffffff, &(0x7f0000e30000/0x2000)=nil, 0x1000) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:27 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mq_getsetattr(r0, &(0x7f00000000c0)={0x101, 0x0, 0x2, 0x9}, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x40400, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x3ff) ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f0000000200)=ANY=[@ANYBLOB="00040000b400000001eadf025ce21832147ca657cdbd40cdf2c47fd2640d4442f13ddc44367fc60303fa4c82f6870a0907b28e6ca93103f9f6cfa65d0d94450f2be48d9d7f42e8fdf173fa86bf47438cc7157c3b92e28c6394a8c07f87b787de52ea96cae441ddc8b2d82f209a6a17ca399f7a71574bab7da1e187d90af66beb89b6454ea7000000000000f634f70c377f6f149f6dfa14d5d0704ebba55bd48dd7f2e9ab6c0e4906d5cae8e1c564d0ae1d5a65ed9d67b0d5ebcdc5d7c964af12ad185f2635801dde85f068bac792eb258165bc024841429ba14df30d8f5c11131e98a6ccde3adbc76b11ce53fe0dd5adc5216d385b206def0b5444a1286f03c95cec1f6cddf501c4b155fa8bc9e36561b4d610e4a7ad0efca7e9ed8fdca2a2b72d5c31f50f40290c01fae2025a0f3de00b00000000000000000000000000cbd9b47328d7a0647cab79ccf859605bbee1e3e6ca3423790b3f7936992f0298676d6c7784be4dc149f58fe39f158778f5d3c6a1e8df8faefc1efd095b61d9acfaa6fd673e34a06257b407146fe8e5c2efaa74acab3e98703110458e14759876ed4d2390abf0b6f1b98bfcdd0871f5c9af3b8da0a64b5b33078655a88bab20655398a07b1a0afa9b68268c6311"]) 06:49:27 executing program 0: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSBRK(r0, 0x5427) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x210000) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000140)={0x35, 0x2, {0x1, 0x3, 0x0, 0x1, 0x3ad4}, 0xffff}) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_buf(r2, 0x6, 0xb, &(0x7f0000000000)=""/177, &(0x7f00000000c0)=0xb1) 06:49:27 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x3202}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:27 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e1f000/0x3000)=nil, &(0x7f0000000000)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x5, 0x10010, 0xffffffffffffffff, 0x0) r0 = getpid() move_pages(r0, 0x3, &(0x7f0000000040)=[&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000e2e000/0x4000)=nil, &(0x7f0000e21000/0x2000)=nil], &(0x7f0000000080)=[0x1000, 0x10000], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6) 06:49:27 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) sendmsg$AUDIT_TTY_SET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x3f9, 0x400, 0x70bd2a, 0x25dfdbfc, {0x1, 0x1}, ["", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x1}, 0x10) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r1, 0x40505331, &(0x7f0000000140)={{0x40, 0x2}, {0x6, 0x40}, 0x6, 0x0, 0x1b}) 06:49:27 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xec000) 06:49:27 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x3402}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:27 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x1000, 0x0, &(0x7f0000e31000/0x1000)=nil) msync(&(0x7f0000e33000/0x4000)=nil, 0x4000, 0x5) 06:49:27 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:27 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000e20000/0x3000)=nil, 0x3000, 0x5, 0x2010, r0, 0x2f341000) 06:49:27 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xed000) 06:49:27 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) shmget(0x1, 0x1000, 0x100, &(0x7f0000e31000/0x1000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:27 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x4000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:27 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xee000) 06:49:27 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget(0x3, 0x1000, 0x1, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:27 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000e32000/0x4000)=nil, 0x4000, 0x2000000, 0x12, r0, 0x0) 06:49:27 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = syz_open_dev$ptys(0xc, 0x3, 0x1) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x12) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$TIOCSIG(0xffffffffffffffff, 0x40045436, 0x2d) r2 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x70) ioctl$TIOCGICOUNT(r2, 0x545d, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) accept4(r1, &(0x7f0000000080)=@ethernet={0x0, @local}, &(0x7f0000000100)=0x80, 0x80000) ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000000)=0x1) 06:49:27 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = io_uring_setup(0x1a6c, &(0x7f0000000000)={0x0, 0x5069, 0x20, 0x0, 0x2f2}) mmap$IORING_OFF_SQ_RING(&(0x7f0000e32000/0x1000)=nil, 0x1000, 0x4, 0x12, r0, 0x0) 06:49:27 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)={0x2, 0x0, @a}, 0x48, 0xfffffffffffffffb) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:27 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x4200}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:27 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xef000) 06:49:27 executing program 5: ioctl$MON_IOCQ_RING_SIZE(0xffffffffffffffff, 0x9205) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:27 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x3) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r1 = io_uring_setup(0x5fea, &(0x7f0000000080)={0x0, 0x492f, 0x2, 0x1, 0x3e0}) mmap$IORING_OFF_SQES(&(0x7f0000e32000/0x1000)=nil, 0x1000, 0x300000c, 0x4010, r1, 0x10000000) syz_io_uring_setup(0x23125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) sendmsg$AUDIT_GET_FEATURE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x10, 0x3fb, 0x1, 0x70bd2d, 0x25dfdbfd, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x83a11e41426fcb96}, 0x20008000) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) io_uring_setup(0x4030, &(0x7f0000000200)={0x0, 0x93d6, 0x2, 0x3, 0xa0, 0x0, r2}) move_pages(0xffffffffffffffff, 0x7, &(0x7f0000000000)=[&(0x7f0000e32000/0x2000)=nil, &(0x7f0000e2f000/0x4000)=nil, &(0x7f0000e31000/0x3000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000e31000/0x2000)=nil, &(0x7f0000cc4000/0x4000)=nil, &(0x7f0000e34000/0x2000)=nil], 0x0, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6) 06:49:27 executing program 4: mremap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) r0 = gettid() timer_create(0x5, &(0x7f0000000180)={0x0, 0x36, 0x0, @thr={&(0x7f0000000100)="146d622dcd245e6f6e01f8e36376a0d12ef2d699b8d9c577931a81f928f0436fc2badbae70c1c8a50b36048a826281fb7b407015d4d263e5d7b916ded86a9362a013f0450c9c6aeece5d1943e1dfec57ef88df70fcfccf0ffaa16577c5c3d840baf44f213f00f3f9840ae30e17619dd966", &(0x7f0000000040)="8fc2c4bc738ba0f9665658691ad0"}}, &(0x7f00000001c0)) move_pages(r0, 0x6, &(0x7f0000000000)=[&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000e32000/0x3000)=nil, &(0x7f0000e1c000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000e20000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil], &(0x7f00000000c0)=[0x1000, 0x7, 0x100, 0x4, 0x4, 0x6, 0x2, 0x2, 0x6], &(0x7f0000000080)=[0x0, 0x0], 0x4) 06:49:27 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) shmget$private(0x0, 0x14000, 0x400, &(0x7f0000e19000/0x14000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:27 executing program 4: r0 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@nfc_llcp, &(0x7f0000000080)=0x80, 0x0) setsockopt$inet_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f00000000c0)=@gcm_128={{0x304}, "a7a3fbb3a336a03f", "77f0f8378176a0686839738694256c0a", "f6601b66", "2109c275b1ff7a2a"}, 0x28) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3000, 0x7, &(0x7f0000ffa000/0x3000)=nil) 06:49:27 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x6000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:27 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xf0000) 06:49:27 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) shmget(0x3, 0x1000, 0x0, &(0x7f0000cc4000/0x1000)=nil) 06:49:27 executing program 5: ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x288402, 0x0) write$snapshot(r0, &(0x7f00000000c0)="d75283cde02b4699c87f139e67011caa6317c934fbf08fbfd82cf8c83227053c8746dad2f1fbd04a58ded6e173db933cd508b22a0fb2196ac8ae66dae22f43e5220bb575025744837bcfa813cda7e124ae5e503a9ea46db0978a16a42df79b72cd112b4cb1f5895c6d3b614995b0f1884ed3a3acc1342be159b6d67d25cd94188ce97967209a68c482ee56cf40fe9db7dd1c67e881b76d6296e24cc5ac8d8fb6da609f79873d2b24f5dabd3eba18b82eef017befe53f5738a5d27ea7bdc3f83da24d06748ea915a63015d528b950462a462b73b102782edb3fea91aba691981fe4c040e70cc6c575ad751375e5e9b36a507bb358517f71fe00d53189", 0xfc) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r2, 0x0) shmctl$IPC_RMID(r2, 0x0) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f00000001c0)={0x1, 0x8000}) ioctl$SNAPSHOT_FREE_SWAP_PAGES(0xffffffffffffffff, 0x3309) 06:49:27 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0xca01}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:27 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000, 0x7, &(0x7f0000ffd000/0x3000)=nil) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x5) 06:49:27 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xf1000) 06:49:27 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e32000/0x2000)=nil, &(0x7f0000000000)) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:27 executing program 5: mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000, 0x7, &(0x7f0000ffc000/0x2000)=nil) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x8141) syz_genetlink_get_family_id$net_dm(&(0x7f0000000000), r0) r2 = shmget(0x0, 0x4000, 0x78000000, &(0x7f0000ffc000/0x4000)=nil) shmat(r2, &(0x7f0000ffc000/0x4000)=nil, 0x3000) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:27 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x2000)=nil, 0x2000}, &(0x7f0000000040)=0x10) 06:49:27 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xf2000) 06:49:27 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0xcc01}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:27 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xf3000) 06:49:27 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x203a, &(0x7f0000000000)={0x0, 0xa4cd, 0x40, 0x0, 0x248}, &(0x7f0000e20000/0x3000)=nil, &(0x7f0000e20000/0xd000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x20}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000e27000/0x2000)=nil, 0x0, 0x0) mmap$usbmon(&(0x7f0000e33000/0x1000)=nil, 0x1000, 0x2000008, 0x12, 0xffffffffffffffff, 0x455) 06:49:27 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffe000/0x1000)=nil, 0x1000}, &(0x7f0000000040)=0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x111000, 0x0) mmap$usbmon(&(0x7f0000e30000/0x4000)=nil, 0x4000, 0x0, 0x40010, r1, 0x9) 06:49:27 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) sendmsg$AUDIT_GET_FEATURE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xde68b8558f84d48a}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x3fb, 0x200, 0x70bd2c, 0x25dfdbff, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20000081}, 0x40001) r1 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_TTY_GET(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x10, 0x3f8, 0x200, 0x70bd2a, 0x25dfdbfb, "", ["", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x80000}, 0x8000) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000001500)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000015c0)={'ip6tnl0\x00', &(0x7f0000001540)={'sit0\x00', 0x0, 0x0, 0x40, 0x8, 0xfffffffb, 0x4, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, @local, 0x7800, 0x40, 0x14}}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000001680)={'syztnl2\x00', &(0x7f0000001600)={'ip6gre0\x00', 0x0, 0x2f, 0x4, 0x1f, 0x9, 0x4, @local, @empty, 0x7800, 0x700, 0x4ae8, 0x7}}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000001740)={'syztnl1\x00', &(0x7f00000016c0)={'ip6gre0\x00', 0x0, 0x29, 0x1, 0x8, 0x0, 0x21, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast1, 0x20, 0x20, 0x3, 0x4}}) sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f0000001c40)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001c00)={&(0x7f0000001780)={0x480, 0x0, 0x20, 0x70bd26, 0x25dfdbff, {}, [{{0x8}, {0x50, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8, 0x1, r3}, {0x78, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0xf4, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x10000}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}]}}, {{0x8}, {0x290, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r6}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x8001}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xff}}}, {0x5c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x2c, 0x4, [{0x29, 0x8, 0x20, 0x5}, {0x7, 0x5, 0x2, 0x2}, {0x1ff, 0x40, 0x0, 0x2}, {0x8, 0x0, 0x84, 0x81}, {0x17, 0x6, 0x3, 0x81}]}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x14}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x401}}}]}}]}, 0x480}, 0x1, 0x0, 0x0, 0x4}, 0x20008001) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:27 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0xd601}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:27 executing program 1: mincore(&(0x7f0000e33000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/143) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) shmget$private(0x0, 0x1000, 0x78000400, &(0x7f0000e33000/0x1000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:27 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) ioctl$PTP_CLOCK_GETCAPS(0xffffffffffffffff, 0x80503d01, &(0x7f0000000000)) 06:49:27 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xf4000) 06:49:27 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) 06:49:27 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x200800, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x940, 0x0) ioctl$SNAPSHOT_S2RAM(r1, 0x330b) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r0, 0x3309) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x1ff) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x10800, 0x0) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000e32000/0x1000)=nil, 0x1000}, &(0x7f0000000180)=0x10) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r3, 0x80083313, &(0x7f00000000c0)) openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000e20000/0x1000)=nil, 0x1000, 0x1000000, 0x30, r2, 0x8000000) 06:49:27 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x40000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:27 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = gettid() move_pages(r0, 0x2, &(0x7f0000000000)=[&(0x7f0000e1f000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil], &(0x7f0000000040)=[0x2, 0x9, 0x4, 0x2], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000100)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x1ff}) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:27 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:28 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xf5000) 06:49:28 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x80000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:28 executing program 0: shmat(0x0, &(0x7f0000ffd000/0x2000)=nil, 0x6000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$usbmon(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1, 0x13, r0, 0x3a) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000080)={&(0x7f0000000040)=[0x0, 0x0], 0x2, 0x7}) 06:49:28 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mincore(&(0x7f0000e31000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/133) 06:49:28 executing program 5: socketpair(0xa, 0x6, 0x3f, &(0x7f0000000040)) r0 = syz_open_dev$ptys(0xc, 0x3, 0x0) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000000)={0xfd9a, 0x8c6}) r1 = perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x80, 0x80, 0x1, 0xfc, 0x0, 0x5, 0x8800, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40, 0x0, @perf_config_ext={0x3, 0x123a}, 0x40420, 0xfffffffffffffff8, 0x7, 0x8, 0x9, 0x6, 0x5a26, 0x0, 0x7, 0x0, 0x238}, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x8) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000100)=0x5) 06:49:28 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x200002, 0x0) ioctl$PTP_PIN_GETFUNC(0xffffffffffffffff, 0xc0603d06, &(0x7f0000000080)={'\x00', 0x1, 0x3, 0x4}) openat$cgroup_devices(r0, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0) perf_event_open$cgroup(&(0x7f00000001c0)={0x5, 0x80, 0x7, 0x6, 0x0, 0x9, 0x0, 0x1ff, 0x45228, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x101, 0x7}, 0x1004d, 0x8000, 0x200, 0x7, 0x7, 0x6c, 0x4, 0x0, 0x1, 0x0, 0x6}, r0, 0x6, 0xffffffffffffffff, 0xc) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, r2) perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x8e, 0x1, 0x5, 0x80, 0x0, 0x800, 0x2040, 0x6, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0xffffffb9, 0x2, @perf_config_ext={0x7, 0x5}, 0x220, 0x2, 0x4, 0x9, 0x9, 0x9, 0x7, 0x0, 0xffff4eba, 0x0, 0x7ff}, 0xffffffffffffffff, 0xe, r1, 0x8) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e20000/0x4000)=nil) shmget(0x2, 0x2000, 0x40, &(0x7f0000e22000/0x2000)=nil) 06:49:28 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xf6000) 06:49:28 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) shmget$private(0x0, 0x3000, 0x8, &(0x7f0000cc4000/0x3000)=nil) 06:49:28 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xf7000) 06:49:28 executing program 4: mremap(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000ffa000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000ffa000/0x3000)=nil, 0x3000) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x200040, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2, 0x100010, r0, 0x10000000) 06:49:28 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) move_pages(r0, 0x1, &(0x7f0000000000)=[&(0x7f0000ffc000/0x4000)=nil], 0x0, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6) 06:49:28 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x400000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:28 executing program 5: socketpair(0xb, 0x3, 0x3f, &(0x7f0000000040)) syz_io_uring_setup(0x12e7, &(0x7f0000000080)={0x0, 0x8e16, 0x2, 0x3, 0xf8}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000100)=0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000600)={0x1, 0x80, 0x7, 0x3, 0x1, 0x20, 0x0, 0x7, 0xa040, 0x4, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0xeb, 0x0, @perf_bp={&(0x7f00000005c0), 0x2}, 0x4, 0x9, 0x8001, 0x0, 0x3, 0x1, 0x2, 0x0, 0xfd0, 0x0, 0x4}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) syz_io_uring_submit(0x0, r0, &(0x7f0000000480)=@IORING_OP_RECVMSG={0xa, 0x4, 0x0, r1, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=@phonet, 0x80, &(0x7f00000003c0)=[{&(0x7f00000001c0)=""/253, 0xfd}, {&(0x7f00000002c0)=""/222, 0xde}], 0x2, &(0x7f0000000400)=""/13, 0xd}, 0x0, 0x0, 0x0, {0x2}}, 0x6) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000180), r4) sendmsg$NLBL_UNLABEL_C_LIST(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x50, r6, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:ssh_keysign_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private}, @NLBL_UNLABEL_A_ACPTFLG={0x5}]}, 0x50}}, 0x0) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r3, &(0x7f0000000580)={&(0x7f00000004c0), 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x30, r6, 0x800, 0x70bd25, 0x7ff, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @rand_addr=0x64010102}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x1) 06:49:28 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) 06:49:28 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mremap(&(0x7f0000e23000/0x2000)=nil, 0x2000, 0x4000, 0x4, &(0x7f0000e30000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x1, 0x4000010, r0, 0x3bec8000) mmap$usbmon(&(0x7f0000e20000/0x4000)=nil, 0x4000, 0x5, 0x20010, r0, 0x81) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:28 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap(&(0x7f0000e34000/0x2000)=nil, 0x2000, 0x0, 0x8010, r0, 0x30f1f000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:28 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x600000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:28 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xf8000) 06:49:28 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x1000, 0x400, &(0x7f0000e1f000/0x1000)=nil) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r0, 0x80083313, &(0x7f0000000040)) 06:49:28 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) write$snapshot(r0, &(0x7f0000000000)="f753c8cfbcd6084a1763ca67ff916eeb4154b06fd17f39cdeb0929002e8b82ca0c9c9d8fd49310bc94784dfaec51c1ce5deab928d1e9edcd62bdbf9d244fe315c077b30f96227d2a0b3572c1dfed8b6bba97b70084a456ee57e02ce5e2a62a94ee1e9ff44b61d82ea7229f7064b5c5321cd3f1c204127549711fc2b9f6cd4cebf33e07d598aa1ab4e3104ab2e6c18bb17d6f8a2323ce42ffe2c6020b736cc90e89d07374889d292612375f52b5d41280918f51a267417e2418e804a43484ba512b9b42226751b997147a04c5db0c71206465d0ef7589e57627e5b98a27262efc926c48aed7a6129c1b2f2b8f6365a2", 0xef) mlock(&(0x7f0000e20000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:28 executing program 5: msync(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:28 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) accept4(r0, &(0x7f0000000000)=@ll, &(0x7f0000000080)=0x80, 0x800) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:28 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xf9000) 06:49:28 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x80ffff}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:28 executing program 5: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) sigaltstack(&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x5) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x10, 0xffffffffffffffff, 0x3) r0 = io_uring_setup(0x473b, &(0x7f0000000040)={0x0, 0x3efb, 0x0, 0x0, 0x1e3}) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:28 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x7000, 0x800, &(0x7f0000ff9000/0x7000)=nil) r0 = syz_io_uring_setup(0x6bb7, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) mmap(&(0x7f0000ffa000/0x5000)=nil, 0x5000, 0x100000a, 0x10, r0, 0x4debb000) 06:49:28 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) move_pages(r0, 0x2, &(0x7f0000000000)=[&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil], 0x0, &(0x7f0000000040)=[0x0], 0x6) 06:49:28 executing program 1: sendmsg$NLBL_UNLABEL_C_LIST(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x58, 0x0, 0x800, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @empty}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @local}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private1}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x2b}}]}, 0x58}, 0x1, 0x0, 0x0, 0x600c840}, 0x20000000) mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x4, &(0x7f0000e31000/0x4000)=nil) 06:49:28 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0xa0ff20}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:28 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xfa000) 06:49:28 executing program 1: mlock(&(0x7f0000ffd000/0x1000)=nil, 0x1000) 06:49:28 executing program 5: socketpair(0x1f, 0x2, 0x7fffffff, &(0x7f0000000040)) 06:49:28 executing program 4: write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x800, 0x12) write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)={'a', ' *:* ', 'rm\x00'}, 0x9) 06:49:28 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x2000002, 0x11, r0, 0x10000000) mlock(&(0x7f0000cc4000/0x1000)=nil, 0x1000) 06:49:28 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0xb0ff20}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:28 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e2a000/0x2000)=nil, 0x2000, 0xb) r0 = shmget$private(0x0, 0x14000, 0x4, &(0x7f0000e20000/0x14000)=nil) shmat(r0, &(0x7f0000e31000/0x4000)=nil, 0x2000) 06:49:28 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000e20000/0x2000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) move_pages(r0, 0x1, &(0x7f0000000000)=[&(0x7f0000e21000/0x1000)=nil], &(0x7f0000000040)=[0x7f8a, 0x0], &(0x7f0000000080)=[0x0, 0x0], 0x0) 06:49:28 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xfb000) 06:49:28 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000000)=@ccm_128={{0x303}, "18eb23fb7eccb64e", "b855a3ffe42bcd189f40c1744d4ac9f4", "9e2ab774", "81100841b9cf6a71"}, 0x28) 06:49:28 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) madvise(&(0x7f0000e33000/0x14000)=nil, 0x14000, 0x65) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f0000000000)) move_pages(0xffffffffffffffff, 0x6, &(0x7f0000000040)=[&(0x7f0000e3c000/0x2000)=nil, &(0x7f0000e33000/0x1000)=nil, &(0x7f0000e1d000/0x3000)=nil, &(0x7f0000e33000/0x2000)=nil, &(0x7f0000e40000/0x3000)=nil, &(0x7f0000e36000/0x1000)=nil], &(0x7f0000000080)=[0x6, 0x7, 0x0, 0x6, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], 0x6) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:28 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xfc000) 06:49:28 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffff9c, &(0x7f0000000000)={0x301e42, 0x148, 0x4}, &(0x7f0000000040)='./file0\x00', 0x18, 0x0, 0x23456}, 0x80000000) 06:49:28 executing program 1: mlock(&(0x7f0000ffd000/0x1000)=nil, 0x1000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:28 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x2000, 0x10, &(0x7f0000ffe000/0x2000)=nil) msync(&(0x7f0000e30000/0x4000)=nil, 0x4000, 0x0) 06:49:28 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0xc0ffff}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:28 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_SQ_RING(&(0x7f0000e31000/0x4000)=nil, 0x4000, 0xc, 0x2010, r0, 0x0) shmget$private(0x0, 0x1000, 0x78000000, &(0x7f0000ffd000/0x1000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:28 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000000)=0x6) 06:49:28 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0xd0ff20}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:28 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000004c0)={'ip6gre0\x00', &(0x7f0000000440)={'syztnl0\x00', 0x0, 0x4, 0x4, 0x3f, 0x40, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @dev={0xfe, 0x80, '\x00', 0x27}, 0x8, 0x7, 0x1, 0x1}}) 06:49:28 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xfd000) 06:49:28 executing program 4: shmctl$IPC_RMID(0xffffffffffffffff, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x3000, 0x80, &(0x7f0000e1e000/0x3000)=nil) 06:49:28 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) io_uring_setup(0x1445, &(0x7f0000000000)={0x0, 0x999d, 0x4, 0x3, 0x381, 0x0, r0}) 06:49:28 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mmap(&(0x7f0000e30000/0x2000)=nil, 0x2000, 0x3000008, 0x810, 0xffffffffffffffff, 0x225cf000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:28 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x1000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:28 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xfe000) 06:49:28 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) mremap(&(0x7f0000e31000/0x3000)=nil, 0x3000, 0x1000, 0x4, &(0x7f0000e31000/0x1000)=nil) 06:49:28 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) read$usbmon(r0, &(0x7f0000000080)=""/190, 0xbe) socketpair(0x9, 0x2, 0x9, &(0x7f0000000040)) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0x3) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='/dev/bsg\x00') 06:49:28 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x2000, 0x10, &(0x7f0000ffe000/0x2000)=nil) msync(&(0x7f0000e30000/0x4000)=nil, 0x4000, 0x0) 06:49:28 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x39b5, &(0x7f0000000280)={0x0, 0x132e, 0x1, 0x0, 0x2c4}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) geteuid() 06:49:28 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$usbmon(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2000004, 0x10010, r0, 0x2) 06:49:28 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xff000) 06:49:28 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x2000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:28 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x2000, 0x10, &(0x7f0000ffe000/0x2000)=nil) msync(&(0x7f0000e30000/0x4000)=nil, 0x4000, 0x0) 06:49:28 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) ioctl$SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f0000000000)={0x80000000, 0x6}) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}, 0x5}, 0x0) r1 = io_uring_setup(0x22cc, &(0x7f0000000080)={0x0, 0xa83e, 0x8, 0x0, 0x105}) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000003, 0x12, r1, 0x8000000) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) io_uring_setup(0x50ba, &(0x7f0000000100)={0x0, 0x21db, 0x1, 0x1, 0x3a4, 0x0, r2}) 06:49:28 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000040), 0xa7, 0x18000) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000000)=@ccm_128={{0x304}, "61357c96b4fb359b", "52c28d870531b54b627e7d5a70d1b554", "3d818fc9", "e723e2e0073a2425"}, 0x28) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:28 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x100000) 06:49:28 executing program 4: sendmsg$NET_DM_CMD_START(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x20, 0x70bd2d, 0x25dfdbfe, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x240008c0}, 0x4040015) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:28 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x2000, 0x10, &(0x7f0000ffe000/0x2000)=nil) msync(&(0x7f0000e30000/0x4000)=nil, 0x4000, 0x0) 06:49:28 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x2040000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:28 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x101000) 06:49:28 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = syz_io_uring_setup(0x126b, &(0x7f0000000280)={0x0, 0x0, 0x10}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0) sched_getparam(0x0, &(0x7f0000000540)) move_pages(0x0, 0x5, &(0x7f0000000000)=[&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000e20000/0x2000)=nil, &(0x7f0000cc4000/0x1000)=nil, &(0x7f0000e33000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil], &(0x7f0000000040)=[0x8, 0x4, 0x6], &(0x7f0000000080)=[0x0, 0x0], 0x4) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x2000)=nil, 0x2000, 0x0, 0x4000010, r0, 0x0) 06:49:28 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e20000/0x3000)=nil, &(0x7f0000000000)) sigaltstack(&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000040)) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) 06:49:28 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e30000/0x4000)=nil, 0x4000, 0x0) 06:49:28 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x3000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:28 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000080)=""/69) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:28 executing program 1: msync(&(0x7f0000e30000/0x4000)=nil, 0x4000, 0x0) 06:49:28 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x5104, &(0x7f0000000000)={0x0, 0xabe4, 0x8, 0x3, 0x25e}, &(0x7f0000e1e000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:28 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x102000) 06:49:28 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) mincore(&(0x7f0000e34000/0x4000)=nil, 0x4000, &(0x7f0000000000)=""/85) mmap$IORING_OFF_CQ_RING(&(0x7f0000e34000/0x3000)=nil, 0x3000, 0x1000000, 0x12, 0xffffffffffffffff, 0x8000000) 06:49:29 executing program 1: msync(&(0x7f0000e30000/0x4000)=nil, 0x4000, 0x0) 06:49:29 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x4000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:29 executing program 0: shmctl$IPC_RMID(0xffffffffffffffff, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000cc4000/0x2000)=nil, 0x2000, 0x14) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x20}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) msync(&(0x7f0000e21000/0x1000)=nil, 0x1000, 0x0) syz_io_uring_setup(0x5b0a, &(0x7f0000000000)={0x0, 0x6582, 0x1, 0x2, 0x6e}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:29 executing program 4: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x8141) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000180), r1) sendmsg$NLBL_UNLABEL_C_LIST(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x50, r3, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:ssh_keysign_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private}, @NLBL_UNLABEL_A_ACPTFLG={0x5}]}, 0x50}}, 0x0) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)={0x128, r3, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @rand_addr=0x64010100}, @NLBL_UNLABEL_A_SECCTX={0x2a, 0x7, 'system_u:object_r:logrotate_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x11}}, @NLBL_UNLABEL_A_SECCTX={0x28, 0x7, 'system_u:object_r:dpkg_var_lib_t:s0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ip6tnl0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'syzkaller0\x00'}, @NLBL_UNLABEL_A_SECCTX={0x21, 0x7, 'system_u:object_r:fonts_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @empty}, @NLBL_UNLABEL_A_SECCTX={0x1f, 0x7, 'system_u:object_r:var_t:s0\x00'}, @NLBL_UNLABEL_A_SECCTX={0x2d, 0x7, 'system_u:object_r:netcontrol_device_t:s0\x00'}]}, 0x128}, 0x1, 0x0, 0x0, 0x800}, 0x0) 06:49:29 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x103000) 06:49:29 executing program 1: msync(&(0x7f0000e30000/0x4000)=nil, 0x4000, 0x0) 06:49:29 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x6040000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:29 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x104000) 06:49:29 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x4d22, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xffffffff, 0x134}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xa) 06:49:29 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x0, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e30000/0x4000)=nil, 0x4000, 0x0) 06:49:29 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_genetlink_get_family_id$team(&(0x7f0000000080), r0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000140)={'ip6_vti0\x00', &(0x7f00000000c0)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x1, 0x101, 0x53, @local, @empty, 0x8, 0x7800, 0x40, 0xa00000}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000200)={'syztnl1\x00', &(0x7f0000000180)={'ip6gre0\x00', 0x0, 0x4, 0x81, 0x6, 0x2, 0x0, @mcast1, @loopback, 0x1, 0x7, 0xfffffff8, 0x5}}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000002080)={'ip6gre0\x00', &(0x7f0000002000)={'syztnl0\x00', 0x0, 0x2f, 0x7, 0xfc, 0x5, 0x4, @mcast2, @dev={0xfe, 0x80, '\x00', 0x40}, 0x40, 0x7800, 0x5, 0x1}}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000002840)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000002940)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000002a00)={'ip6gre0\x00', &(0x7f0000002980)={'syztnl1\x00', 0x0, 0x4, 0x9, 0x7, 0x6, 0x43, @private0={0xfc, 0x0, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x40, 0x8000, 0x4, 0x5}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000002ac0)={'ip6_vti0\x00', &(0x7f0000002a40)={'ip6gre0\x00', 0x0, 0x29, 0x80, 0x4, 0x3, 0x22, @loopback, @empty, 0x1, 0x1, 0x0, 0x101}}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000002b00)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000003180)={&(0x7f0000000000), 0xc, &(0x7f0000003140)={&(0x7f0000002b40)={0x5c4, r2, 0x2, 0x70bd26, 0x25dfdbfb, {}, [{{0x8, 0x1, r3}, {0x20c, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffffa}}, {0x8, 0x6, r4}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x401}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r6}}, {0x8}}}]}}, {{0x8}, {0xc4, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}]}}, {{0x8, 0x1, r7}, {0x1bc, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r8}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x101}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xbea}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3c8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}]}}, {{0x8, 0x1, r9}, {0xb8, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xfffffffb}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xffffff01}}, {0x8}}}]}}]}, 0x5c4}, 0x1, 0x0, 0x0, 0x800}, 0x5044a72e3f7a393) 06:49:29 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000180), r0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000180), r3) sendmsg$NLBL_UNLABEL_C_LIST(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x50, r5, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:ssh_keysign_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private}, @NLBL_UNLABEL_A_ACPTFLG={0x5}]}, 0x50}}, 0x0) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x24, r5, 0x2, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @local}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0x0, 0x0, 0x8}, 0x20040054) sendmsg$NET_DM_CMD_STOP(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x14, 0x0, 0x100, 0x70bd26, 0x25dfdbff, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x4008010}, 0x805) r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000240), r0) sendmsg$NLBL_UNLABEL_C_LIST(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x44, r6, 0x100, 0x4, 0x0, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'geneve0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_vlan\x00'}]}, 0x44}}, 0x0) sendmsg$NLBL_UNLABEL_C_ACCEPT(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0xbc, r2, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vlan0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vcan0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vlan0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @loopback}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:policy_src_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}]}, 0xbc}, 0x1, 0x0, 0x0, 0x2c048890}, 0x810) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:29 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x7000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:29 executing program 4: setgid(0xee00) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:29 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x105000) 06:49:29 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x0, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e30000/0x4000)=nil, 0x4000, 0x0) 06:49:29 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x505c, &(0x7f0000000000), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:29 executing program 4: mremap(&(0x7f0000e33000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x2000, 0x800, &(0x7f0000e32000/0x2000)=nil) 06:49:29 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget(0x3, 0x1000, 0x2, &(0x7f0000e20000/0x1000)=nil) mremap(&(0x7f0000cc2000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e1f000/0x1000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:29 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x0, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e30000/0x4000)=nil, 0x4000, 0x0) 06:49:29 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800002) 06:49:29 executing program 5: ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='%(+\x00') 06:49:29 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x8000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:29 executing program 4: ioctl$TIOCSBRK(0xffffffffffffffff, 0x5427) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:29 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x10000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:29 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000008, 0x11, 0xffffffffffffffff, 0x6) madvise(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0xe) mincore(&(0x7f0000e31000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/53) 06:49:29 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmctl$IPC_RMID(0x0, 0x0) shmat(0x0, &(0x7f0000e1f000/0x1000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x12b, 0x0, r0}, &(0x7f0000cc4000/0x3000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:29 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget(0x3, 0x1000, 0x2, &(0x7f0000e20000/0x1000)=nil) mremap(&(0x7f0000cc2000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e1f000/0x1000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:29 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x20000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:29 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) 06:49:29 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PTP_SYS_OFFSET(r0, 0x43403d05, &(0x7f0000000000)={0xb}) 06:49:29 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget(0x3, 0x1000, 0x2, &(0x7f0000e20000/0x1000)=nil) mremap(&(0x7f0000cc2000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e1f000/0x1000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:29 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800006) 06:49:29 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = io_uring_setup(0x5ffc, &(0x7f0000000000)={0x0, 0xf5e0, 0x1, 0x1, 0xa6}) syz_io_uring_setup(0x21c9, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2, 0x400, 0x0, r0}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x2, 0x4) 06:49:29 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x20ffa000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:29 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x40010, r0, 0x8000000) 06:49:29 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget(0x3, 0x1000, 0x2, &(0x7f0000e20000/0x1000)=nil) mremap(&(0x7f0000cc2000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e1f000/0x1000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:29 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000100)={0x1, 0x800, 0x1f, 0x3a, 0xb0, 0x9}) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f00000000c0)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000300)={'ip6_vti0\x00', &(0x7f0000000280)={'syztnl1\x00', 0x0, 0x2f, 0x3f, 0x4c, 0x4ec1, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @dev={0xfe, 0x80, '\x00', 0x25}, 0x54393ed087fda9e5, 0x8000, 0x7f, 0x5f}}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r1, 0x89f4, &(0x7f00000005c0)={'syztnl1\x00', &(0x7f0000000540)={'sit0\x00', 0x0, 0x2f, 0xff, 0x0, 0x0, 0x60, @empty, @private2={0xfc, 0x2, '\x00', 0x1}, 0x10, 0x10, 0x5, 0x6}}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000000740)={'syztnl1\x00', &(0x7f00000006c0)={'sit0\x00', 0x0, 0x2f, 0xf0, 0x7, 0x1, 0x1, @remote, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x5440c8702f12bbc, 0x7ff, 0x7}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000012c0)={'syztnl1\x00', &(0x7f0000001240)={'ip6_vti0\x00', 0x0, 0x2f, 0xe0, 0x3f, 0x100, 0x4, @local, @remote, 0x7800, 0x7, 0xa63, 0x200}}) sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f00000018c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001880)={&(0x7f0000001300)=ANY=[@ANYBLOB="60050000", @ANYRES16=0x0, @ANYBLOB="00042abd7000fcdbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="4802028038000100240001006d636173745f72656a6f696e5f636f756e74000000000000000000000000000005000300030000000800040006000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000900000008000600", @ANYRES32=0x0, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r4, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000600000008000600", @ANYRES32=0x0, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003d2618d4f3525cb210000003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB="3c00028038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000004000008000100", @ANYRES32=0x0, @ANYBLOB="3001028038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400030000003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="44000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b000000140004004000067f04000000000009208000000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004006520000008000600", @ANYRES32=r6, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000900000008000100", @ANYRES32=r7, @ANYBLOB="7801028040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b00000008000400f8ffffff080007000000000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="080007000000000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004006bfbffff40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000900000008000600", @ANYRES32=r8, @ANYBLOB="44000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000110004006163746976656261636b75700000000038000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000005000300030000000800040001000000"], 0x560}, 0x1, 0x0, 0x0, 0x48010}, 0x10) 06:49:29 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmget(0x3, 0x1000, 0x2, &(0x7f0000e20000/0x1000)=nil) mremap(&(0x7f0000cc2000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e1f000/0x1000)=nil) 06:49:29 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x2) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:29 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x20ffb000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:29 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) move_pages(0x0, 0x7, &(0x7f0000000000)=[&(0x7f0000e33000/0x1000)=nil, &(0x7f0000e1f000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000e33000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil], &(0x7f0000000040)=[0x4, 0x563, 0x1, 0x4, 0x1], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4) 06:49:29 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mremap(&(0x7f0000cc2000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e1f000/0x1000)=nil) 06:49:29 executing program 5: socketpair(0x9, 0x4, 0x3f, &(0x7f0000000040)) 06:49:29 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000180), r0) sendmsg$NLBL_UNLABEL_C_LIST(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x50, r2, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:ssh_keysign_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private}, @NLBL_UNLABEL_A_ACPTFLG={0x5}]}, 0x50}}, 0x0) sendmsg$NLBL_UNLABEL_C_LIST(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x6c, r2, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x34}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'lo\x00'}, @NLBL_UNLABEL_A_SECCTX={0x26, 0x7, 'system_u:object_r:cpu_device_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast1}]}, 0x6c}, 0x1, 0x0, 0x0, 0x41}, 0x44000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:29 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800008) 06:49:29 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x20ffd000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:29 executing program 1: mremap(&(0x7f0000cc2000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e1f000/0x1000)=nil) 06:49:29 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x2, 0x4) 06:49:29 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) ioctl$MON_IOCH_MFLUSH(0xffffffffffffffff, 0x9208, 0x6) r0 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), 0xffffffffffffffff) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000700), 0x9) sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES16=r0, @ANYBLOB="000827bd7000fedbdf2508000000"], 0x14}, 0x1, 0x0, 0x0, 0x22048000}, 0x10) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$PTP_SYS_OFFSET(r1, 0x43403d05, &(0x7f0000000300)={0x13}) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x8141) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000180), r3) sendmsg$NLBL_UNLABEL_C_LIST(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x50, r5, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:ssh_keysign_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private}, @NLBL_UNLABEL_A_ACPTFLG={0x5}]}, 0x50}}, 0x0) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r2, &(0x7f00000006c0)={&(0x7f0000000240), 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x38, r5, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x4010) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x8141) sendmsg$NET_DM_CMD_START(r6, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x0, 0x20, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x5}, 0x44) 06:49:29 executing program 1: mremap(&(0x7f0000cc2000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e1f000/0x1000)=nil) 06:49:29 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x32020000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:29 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) move_pages(r0, 0x7, &(0x7f0000000000)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000e2e000/0x4000)=nil, &(0x7f0000e34000/0x3000)=nil, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000e33000/0x4000)=nil, &(0x7f0000e31000/0x3000)=nil, &(0x7f0000e30000/0x2000)=nil], &(0x7f0000000040), &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6) 06:49:29 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f0000e31000/0x4000)=nil) 06:49:29 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x34020000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:29 executing program 1: mremap(&(0x7f0000cc2000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e1f000/0x1000)=nil) 06:49:29 executing program 0: ioctl$RNDZAPENTCNT(0xffffffffffffffff, 0x5204, &(0x7f0000000000)=0x3) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e33000/0x3000)=nil, 0x3000, 0x2) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:30 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x880000c) 06:49:30 executing program 4: mq_open(&(0x7f0000000000)=')\x00', 0x41, 0x19, &(0x7f0000000040)={0xfffffffffffffff9, 0x100, 0x20, 0x40}) ioctl$MON_IOCG_STATS(0xffffffffffffffff, 0x80089203, &(0x7f0000000080)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:30 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x40000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:30 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mremap(&(0x7f0000cc2000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e1f000/0x1000)=nil) 06:49:30 executing program 5: socketpair(0xa, 0x6, 0x1, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$AUDIT_GET_FEATURE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3fb, 0x4, 0x70bd2a, 0x25dfdbfd, "", ["", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4040051}, 0x4004000) r1 = socket$inet_tcp(0x2, 0x1, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4, 0x1010, r2, 0x10000000) r3 = accept4(r1, 0x0, &(0x7f0000000180), 0x400) r4 = accept4(r1, 0x0, &(0x7f00000001c0), 0x81000) r5 = syz_genetlink_get_family_id$team(&(0x7f00000002c0), r0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000300)={'team0\x00', 0x0}) io_setup(0x2, &(0x7f00000003c0)) mq_getsetattr(0xffffffffffffffff, &(0x7f0000000340)={0x9, 0x7fff, 0x101, 0xa00}, &(0x7f0000000380)) syz_io_uring_setup(0x24dd, &(0x7f0000000680)={0x0, 0xa8a5, 0x20, 0x2, 0x310}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000700), &(0x7f0000000740)=0x0) syz_io_uring_submit(0x0, r7, &(0x7f0000000780)=@IORING_OP_TEE={0x21, 0x2, 0x0, @fd_index=0x7, 0x0, 0x0, 0x100, 0x8, 0x0, {0x0, 0x0, r1}}, 0x1) sendmsg$TEAM_CMD_PORT_LIST_GET(r4, &(0x7f0000000640)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x3804000}, 0xc, &(0x7f0000000600)={&(0x7f00000007c0)=ANY=[@ANYBLOB="9c020000", @ANYRES16=r5, @ANYBLOB="000829bd7000fedbdf250300000008000100", @ANYRES32=0x0, @ANYBLOB="f80002804c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400ec0a000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000080000038000100240001006c625f73746174735f726566726573685f696e74657276616c00000000000000050003000300000008000400ff03000008000100", @ANYRES32=0x0, @ANYBLOB="bc00028044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b000000140004000100020307000000070003000000000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400070000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="bc00028040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e00000008000400f8ffffff08000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r6, @ANYRESDEC=r3], 0x29c}, 0x1, 0x0, 0x0, 0x4000}, 0x4001) syz_genetlink_get_family_id$team(&(0x7f0000000100), r3) socket$nl_audit(0x10, 0x3, 0x9) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000240)={&(0x7f0000ffc000/0x3000)=nil, 0x3000}, &(0x7f0000000280)=0x10) 06:49:30 executing program 0: io_setup(0x7, &(0x7f0000000000)=0x0) io_getevents(r0, 0x8000, 0x6, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}], &(0x7f0000000100)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) io_getevents(r0, 0x0, 0x1, &(0x7f0000000140)=[{}], &(0x7f0000000180)) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_submit(r1, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) syz_io_uring_submit(r1, 0x0, &(0x7f0000000200)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xfffffffffffffffc, &(0x7f00000001c0)=[r2], 0x1}, 0xfffffff7) 06:49:30 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, &(0x7f00000000c0)=ANY=[@ANYBLOB="06000000000e147a5035a7f0180000000000000000000000040000000000000000000000000000001d139a89d6c9c47d82e5b9aa6a36f3e49645ba450be8a486b620a1778e4063b3710679399dfc21f10fee994e86d88f680ab3a2eec70817b3d3ac150b5af2cc558adc46c33a7b057d496eeeeab13037141e30c2ae3071baae68576c8c3d5b7184ab97d8a28f5b971164781e81cb29479e"]) 06:49:30 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x42000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:30 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mremap(&(0x7f0000cc2000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e1f000/0x1000)=nil) 06:49:30 executing program 4: r0 = getpid() r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x40, 0x4, 0x40, 0xf9, 0x0, 0x8, 0x170a4, 0x4, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000100), 0x1}, 0x328, 0x7fffffff, 0x10000, 0x7, 0x9, 0x0, 0x8, 0x0, 0xfff, 0x0, 0x3}, r0, 0x2, r1, 0x3) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x591001, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r3, 0x330f, 0x9) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r2, 0x404c534a, &(0x7f0000000000)={0x1, 0x80000000, 0x155}) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) ioctl$PERF_EVENT_IOC_ID(r2, 0x80082407, &(0x7f0000000080)) 06:49:30 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mremap(&(0x7f0000cc2000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000e1f000/0x1000)=nil) 06:49:30 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0xca010000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:30 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800010) 06:49:30 executing program 0: ioprio_set$pid(0x1, 0x0, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x1}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:30 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mremap(&(0x7f0000cc2000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000e1f000/0x1000)=nil) 06:49:30 executing program 4: modify_ldt$write(0x1, &(0x7f00000000c0)={0x6, 0x100000, 0xffffffffffffffff, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1}, 0x10) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='io.max\x00', 0x2, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x200002, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r0) mmap(&(0x7f0000e30000/0x3000)=nil, 0x3000, 0x3, 0x110, r0, 0xfce13000) 06:49:30 executing program 5: socketpair(0x11, 0x80000, 0x5, &(0x7f0000000040)) 06:49:30 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0xcc010000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:30 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mremap(&(0x7f0000cc2000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000e1f000/0x1000)=nil) 06:49:30 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0xd6010000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:30 executing program 5: socketpair(0x1, 0x1, 0x4, &(0x7f0000000040)) 06:49:30 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x2, &(0x7f0000e31000/0x4000)=nil) shmget$private(0x0, 0x2000, 0x1, &(0x7f0000e20000/0x2000)=nil) 06:49:30 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mremap(&(0x7f0000cc2000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000e1f000/0x1000)=nil) 06:49:30 executing program 4: ioctl$PTP_PIN_GETFUNC2(0xffffffffffffffff, 0xc0603d0f, &(0x7f0000000000)={'\x00', 0x8, 0x1, 0x400}) mremap(&(0x7f0000e31000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_SQES(&(0x7f0000e32000/0x4000)=nil, 0x4000, 0x2000008, 0x10, r0, 0x10000000) 06:49:30 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800008) 06:49:30 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0xfeffffff}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:30 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e33000/0x3000)=nil, 0x3000) 06:49:30 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800204) 06:49:30 executing program 5: socketpair(0xa, 0x2, 0x20, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$AUDIT_TTY_GET(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x3f8, 0x302, 0x70bd26, 0x25dfdbfc, "", ["", "", "", "", "", "", ""]}, 0x10}}, 0x50) socketpair(0x2b, 0x5, 0x1ff, &(0x7f0000000000)) 06:49:30 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x3938700}, 0x1, 0x1}, 0xff) 06:49:30 executing program 4: mremap(&(0x7f0000e32000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000e31000/0x4000)=nil) 06:49:30 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = io_uring_setup(0x3664, &(0x7f0000000000)={0x0, 0x7cd1, 0x20, 0x1, 0x3a3}) perf_event_open$cgroup(&(0x7f00000000c0)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x40003125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x0, 0x0) 06:49:30 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0xffff8000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:30 executing program 5: socketpair(0x1a, 0x2, 0x3ff, &(0x7f0000000000)) 06:49:30 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mmap$IORING_OFF_SQ_RING(&(0x7f0000cc4000/0x1000)=nil, 0x1000, 0x2000002, 0x10, r0, 0x0) 06:49:30 executing program 4: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101001) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, &(0x7f0000000040)={0xffffffff, 0x2, 0xffffffff, 0x5, 0x7fffffff, 0x1000}) 06:49:30 executing program 1: socketpair(0x1, 0x1, 0x4, &(0x7f0000000040)) 06:49:30 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0xffffc000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:30 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:30 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000200), r0) sendmsg$NET_DM_CMD_STOP(r1, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000240)={0x14, r2, 0xa, 0x70bd2a, 0x25dfdbfc, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}}, 0x4) sendmsg$NET_DM_CMD_START(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0x10, 0x70bd2d, 0x25dfdbff, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x80c0) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:30 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = syz_io_uring_setup(0x2c23, &(0x7f0000000000)={0x0, 0x7531, 0x0, 0x2, 0x16e}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000e31000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mmap$IORING_OFF_CQ_RING(&(0x7f0000e34000/0x5000)=nil, 0x5000, 0x3000003, 0x2010, r0, 0x8000000) syz_io_uring_setup(0x51, &(0x7f0000000280)={0x0, 0xfffffffc, 0x4, 0x3}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:30 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800402) 06:49:30 executing program 1: socketpair(0x1, 0x1, 0x4, &(0x7f0000000040)) 06:49:30 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f00000000c0)={&(0x7f0000000000), &(0x7f0000000040)=""/126, 0x7e}) mremap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4000, 0x4, &(0x7f0000e31000/0x4000)=nil) 06:49:30 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap$IORING_OFF_SQES(&(0x7f0000e32000/0x4000)=nil, 0x4000, 0x1, 0x30, 0xffffffffffffffff, 0x10000000) r0 = syz_io_uring_setup(0x7125, &(0x7f0000000280)={0x0, 0xea68}, &(0x7f0000e33000/0x2000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x100000c, 0x50, r0, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000040)={{0x8, 0x7}, 'port1\x00', 0xe8, 0x80800, 0x7, 0xb21, 0x400, 0x5ff1, 0x80000000, 0x0, 0x5, 0x6}) 06:49:30 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0xfffffffe}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:30 executing program 1: socketpair(0x1, 0x1, 0x4, &(0x7f0000000040)) 06:49:30 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:30 executing program 0: ioctl$TIOCSBRK(0xffffffffffffffff, 0x5427) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000000), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:30 executing program 5: mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000000, 0x30, 0xffffffffffffffff, 0x8000000) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:30 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:30 executing program 1: socketpair(0x0, 0x1, 0x4, &(0x7f0000000040)) 06:49:30 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) sigaltstack(&(0x7f0000e32000/0x2000)=nil, &(0x7f0000000000)) 06:49:31 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800406) 06:49:31 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x86151, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:31 executing program 1: socketpair(0x0, 0x1, 0x4, &(0x7f0000000040)) 06:49:31 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x2}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:31 executing program 5: ioctl$KDSETKEYCODE(0xffffffffffffffff, 0x4b4d, &(0x7f0000000080)={0x6, 0x8}) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000000)="55df5e00c2e2e4d916e1d9fe0123f8d4", 0x10) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) r3 = syz_genetlink_get_family_id$team(&(0x7f0000000100), r0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000140)={'team0\x00', 0x0}) io_uring_setup(0x46c7, &(0x7f0000000280)={0x0, 0x1e88, 0x4, 0x0, 0x220, 0x0, r2}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r1, 0x89f4, &(0x7f0000000240)={'syztnl0\x00', &(0x7f00000001c0)={'ip6_vti0\x00', 0x0, 0x29, 0xf8, 0x2, 0x0, 0x1, @remote, @mcast2, 0x8, 0x10, 0x6, 0x1}}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000340)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000001800)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000018c0)={'ip6gre0\x00', &(0x7f0000001840)={'ip6_vti0\x00', 0x0, 0x4, 0xf6, 0xff, 0x80000000, 0x48, @remote, @loopback, 0x7, 0x10, 0x6, 0x64}}) sendmsg$TEAM_CMD_PORT_LIST_GET(r2, &(0x7f0000001e40)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001e00)={&(0x7f0000001900)=ANY=[@ANYBLOB="dc040000", @ANYRES16=r3, @ANYBLOB="00082cbd7000ffdbdf250300000008000100", @ANYRES32=0x0, @ANYBLOB="7c0002803800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000900000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r4, @ANYBLOB="a80102803800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400060000003c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000005000300050000000900040068617368000000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=r5, @ANYBLOB="40000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000e00040062726f616463617374000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000000010008000600", @ANYRES32=r6, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="bc00028040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r8, @ANYBLOB="080007000000000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="080007000000000038000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004000500000008000100", @ANYRES32=r7, @ANYBLOB="c00002803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040006000000080007000000000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004008000000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="0001028040000100240001006c625f686173685f737461747300000000000000000000000000469100000000050003000b0000000800040003000000080007000000000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000400000008000600", @ANYRES32=0x0, @ANYBLOB="7c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000004c000400000c0306b70000000101083700000000fdff0307030000000400630601000000090702082000000040000401030000000000b82400020000df0109075cffffff010103fc04000000"], 0x4dc}, 0x1, 0x0, 0x0, 0x8010}, 0x40000000) 06:49:31 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) sendmsg$AUDIT_ADD_RULE(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xd4805e45c77f4f71}, 0xc, &(0x7f00000004c0)={&(0x7f0000000040)={0x444, 0x3f3, 0x400, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x27, [0x5, 0x8, 0x4, 0x2, 0xe7, 0x1, 0x7fffffff, 0x7, 0x990, 0x2, 0x4, 0x9, 0x9, 0x7, 0x2, 0x8, 0xe0, 0x69, 0x7fff, 0x8, 0x80000000, 0x3f, 0x100, 0x53d9, 0x3, 0x81, 0xffffffe0, 0x0, 0x1, 0xfffffffb, 0x7, 0x2, 0x30e56e5b, 0x10000, 0x1, 0x5e, 0x0, 0xd5, 0x8, 0x0, 0x783, 0x5, 0x0, 0x7, 0x3, 0x1, 0x4, 0x9, 0x3, 0xc0000000, 0x101, 0x97c8, 0x9, 0x9, 0x5, 0x5, 0xa010, 0x4, 0x5, 0x87f, 0x800, 0x4, 0x1, 0x9], [0x6d9a, 0x8001, 0x4a465c1d, 0x0, 0x7fff, 0x0, 0x1, 0x1, 0x3, 0x4, 0x7, 0x80000000, 0x2, 0x38, 0x1171ad5f, 0x1, 0x13, 0x1, 0x101, 0x7ff, 0x4, 0x6, 0x5, 0x1, 0x20, 0x3, 0x7, 0x9, 0x8, 0x5, 0x0, 0x3d328c9c, 0xbc, 0x8, 0x100, 0x1, 0x4, 0x80000000, 0x4, 0x101, 0x7, 0x80000000, 0xfffffffa, 0x0, 0x38, 0x3, 0xcfa4, 0x8, 0x3, 0xd13, 0x5, 0x1, 0x9, 0x8, 0x7, 0x7, 0xfffffffd, 0x2000, 0x2, 0x9b, 0x6, 0x7, 0x6, 0x20000000], [0x4, 0x5, 0x6, 0x401, 0x0, 0x5, 0x2, 0x2e09, 0xf3, 0x4a, 0x8, 0xffffff12, 0xe2, 0x20, 0x20000000, 0x0, 0x8, 0x0, 0x5, 0x2, 0x0, 0xecd, 0xac, 0x6, 0x3, 0x3, 0x3, 0x1, 0x7fffffff, 0x3, 0x4, 0x20, 0x40, 0x81, 0x10000, 0x1eb, 0x7976, 0x0, 0x1, 0x1, 0x81, 0xe8, 0xa0, 0x7, 0x68ce, 0x3, 0x3, 0x9, 0x10000, 0x3, 0x2, 0x3f4, 0x108, 0x4, 0xa, 0x3, 0x0, 0x0, 0x3, 0x4, 0x7, 0xffffffff, 0x5, 0xd8], [0x200, 0x1, 0x4, 0x1f, 0x4, 0x4b35, 0x0, 0x0, 0x10001, 0x9, 0x1, 0xffff, 0x2, 0xffff, 0x1, 0x80000000, 0x5, 0x3, 0x5, 0x7ff, 0x4, 0x7, 0x8, 0x0, 0x939a, 0x3, 0x1000, 0xdf8, 0x4, 0x7, 0xffff, 0x1, 0x4, 0x2f, 0xffffff23, 0x4, 0x400, 0x200, 0xffff, 0x1, 0x4, 0x7fff, 0x5, 0xff, 0x1, 0xc9a4, 0x80000000, 0x64368c12, 0xfffffffd, 0x40, 0x401, 0x7fff, 0x9, 0x4800, 0x0, 0x2, 0x351, 0x9, 0x0, 0x6, 0x4, 0x9, 0x4, 0x8001], 0x24, ['&-\x00', '\x00', '%(+\x00', '(-*\x00', '-).*,/}!{\x00', '/@\x00', '\x00', '^$.$\x00', '\x00', ':+\xff\x00']}, [""]}, 0x444}, 0x1, 0x0, 0x0, 0x24040084}, 0x20000094) 06:49:31 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000e1f000/0x3000)=nil, 0x0, 0x0) 06:49:31 executing program 4: mremap(&(0x7f0000e34000/0x3000)=nil, 0x3000, 0x1000, 0x4, &(0x7f0000e34000/0x1000)=nil) r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x400000000800001) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000000)={0x20, 0x81}) 06:49:31 executing program 1: socketpair(0x0, 0x1, 0x4, &(0x7f0000000040)) 06:49:31 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x3}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:31 executing program 0: mmap$IORING_OFF_SQES(&(0x7f0000e33000/0x3000)=nil, 0x3000, 0x300001d, 0x1010, 0xffffffffffffffff, 0x10000000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x4ab9, 0x0, 0x3, 0xfffffffc}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) mq_notify(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x1a, 0x4, @thr={&(0x7f0000000000)="5a4a527f83c7bf9d5178a401103ddd6e062fe0006d38a483b6c82ad95b60523f39fc7fc0339a17725e38c094217ace18d3a3abf1789e3779bd73d2d4c7f276ddd5f9fdaa20cf91ff0a", &(0x7f0000000080)="c22cd9d688af4305567413b577fbabb3a59823a12190e0fb50d62f0ae644e7da2f96d26af9f642003aea6affae3230ee71ce651753b669f6c59bafda5ee6bfa4da"}}) 06:49:31 executing program 1: socketpair(0x1, 0x0, 0x4, &(0x7f0000000040)) 06:49:31 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:31 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800408) 06:49:31 executing program 5: mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x6, 0x8010, 0xffffffffffffffff, 0x0) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:31 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = getpid() move_pages(r0, 0x4, &(0x7f0000000000)=[&(0x7f0000800000/0x800000)=nil, &(0x7f0000811000/0x4000)=nil, &(0x7f0000920000/0x4000)=nil, &(0x7f0000b81000/0x4000)=nil], 0x0, &(0x7f0000000040)=[0x0, 0x0], 0x4) 06:49:31 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x4}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:31 executing program 1: socketpair(0x1, 0x0, 0x4, &(0x7f0000000040)) 06:49:31 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x7}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:31 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmat(r0, &(0x7f0000e1f000/0x2000)=nil, 0x0) mincore(&(0x7f0000e32000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/163) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x81}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:31 executing program 1: socketpair(0x1, 0x0, 0x4, &(0x7f0000000040)) 06:49:31 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) mremap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x3000, 0x6, &(0x7f0000e20000/0x3000)=nil) 06:49:31 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000100)={'syztnl0\x00', &(0x7f0000000080)={'ip6_vti0\x00', r1, 0x0, 0x47, 0xaa, 0x81, 0x12, @empty, @empty, 0x1, 0x8, 0x4, 0x81}}) 06:49:31 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mmap$IORING_OFF_SQ_RING(&(0x7f0000e20000/0x1000)=nil, 0x1000, 0x2000008, 0x10, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:31 executing program 1: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)) 06:49:31 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800600) 06:49:31 executing program 4: r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x6) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x3) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x4587c0, 0x0) ioctl$TIOCSBRK(r2, 0x5427) ioctl$TIOCSIG(r1, 0x40045436, 0xf) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:31 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x8}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:31 executing program 0: mremap(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x3000, 0x6, &(0x7f0000e31000/0x3000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x40000, 0x128}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:31 executing program 1: socketpair(0x1, 0x1, 0x0, 0x0) 06:49:31 executing program 5: syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000000), 0xffffffffffffffff) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000280), r2) sendmsg$NET_DM_CMD_START(r2, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, r3, 0x800, 0x70bd2a, 0x25dfdbff, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x8004) r4 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000200), r1) sendmsg$NET_DM_CMD_STOP(r2, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000240)={0x14, r4, 0xa, 0x70bd2a, 0x25dfdbfc, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}}, 0x4) sendmsg$NET_DM_CMD_START(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8100000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r4, 0x200, 0x70bd2b, 0x25dfdbfe, {}, ["", "", "", "", "", ""]}, 0x14}}, 0x20000010) 06:49:31 executing program 1: socketpair(0x1, 0x1, 0x0, 0x0) 06:49:31 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) shmat(0xffffffffffffffff, &(0x7f0000e32000/0x2000)=nil, 0x6000) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x2000, 0x0, 0x0, 0x2ed}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x1) 06:49:31 executing program 1: socketpair(0x1, 0x1, 0x0, 0x0) 06:49:31 executing program 4: getsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)=""/162, &(0x7f00000000c0)=0xa2) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:31 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x10}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:31 executing program 5: socketpair(0x1, 0x2, 0x3f, &(0x7f0000000040)) 06:49:31 executing program 1: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)) 06:49:31 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mincore(&(0x7f0000e33000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/167) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:31 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x42}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:31 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800604) 06:49:31 executing program 5: socketpair(0x2, 0x2, 0x4, &(0x7f0000000000)) 06:49:31 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x2) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:31 executing program 1: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)) 06:49:31 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x2) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:31 executing program 5: socketpair(0xa, 0x6, 0x23f, &(0x7f0000000040)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x204000, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$TIOCSIG(r0, 0x40045436, 0x38) 06:49:31 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x60}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:31 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x1000, 0x4, &(0x7f0000ffd000/0x1000)=nil) mremap(&(0x7f0000e31000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000ffd000/0x3000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x3, 0x0, 0x0, r0}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000001, 0x1010, r1, 0x0) 06:49:31 executing program 1: socketpair(0x1, 0x1, 0x0, &(0x7f0000000040)) 06:49:31 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x2) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:31 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) accept4(r0, 0x0, &(0x7f0000000000), 0x80000) 06:49:31 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) move_pages(r0, 0x3, &(0x7f0000000000)=[&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000e32000/0x2000)=nil, &(0x7f0000e31000/0x1000)=nil], &(0x7f0000000040)=[0x900000], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:31 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x2) 06:49:31 executing program 1: socketpair(0x0, 0x1, 0x0, &(0x7f0000000040)) 06:49:31 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x1ca}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:31 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x202400, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x2, 0x4) 06:49:31 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800804) 06:49:31 executing program 4: msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x2) 06:49:31 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x1cc}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:31 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x8141) sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x94, 0x0, 0x802, 0x70bd2d, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ip_vti0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_bridge\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_SECCTX={0x2a, 0x7, 'system_u:object_r:auditd_var_run_t:s0\x00'}]}, 0x94}}, 0x4) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:31 executing program 1: socketpair(0x0, 0x1, 0x0, &(0x7f0000000040)) 06:49:32 executing program 5: socket$inet6_udp(0xa, 0x2, 0x0) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:32 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0x6a4, 0x0, 0x0, 0x1c}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:32 executing program 4: msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x2) 06:49:32 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800c00) 06:49:32 executing program 1: socketpair(0x0, 0x1, 0x0, &(0x7f0000000040)) 06:49:32 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x1d6}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:32 executing program 4: msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x2) 06:49:32 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000040)='\x00') r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000000)) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/syz0\x00', 0x200002, 0x0) perf_event_open$cgroup(&(0x7f0000000080)={0x2, 0x80, 0x7, 0x80, 0x8, 0x1, 0x0, 0x1, 0x80000, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2, @perf_config_ext={0x2, 0x80000000}, 0xc0, 0xffffffffffffffff, 0x1000, 0x4, 0x3ff, 0x40, 0x8, 0x0, 0x6, 0x0, 0x200}, r3, 0x9, r0, 0xa) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r2, 0x330f, 0xa759) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280)={0x0, 0xfffffffc}, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) 06:49:32 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) accept4(r0, &(0x7f0000000080)=@pptp={0x18, 0x2, {0x0, @multicast1}}, &(0x7f0000000000)=0x80, 0x0) 06:49:32 executing program 1: socketpair(0x1, 0x0, 0x0, &(0x7f0000000040)) 06:49:32 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x2) 06:49:32 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x204}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:32 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r0, 0x330f, 0x1ff) 06:49:32 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x2) 06:49:32 executing program 1: socketpair(0x1, 0x0, 0x0, &(0x7f0000000040)) 06:49:32 executing program 5: pselect6(0x40, &(0x7f0000000000)={0x100, 0xf38, 0x8001, 0x0, 0x1, 0xa9, 0x0, 0x2}, &(0x7f0000000080)={0x2, 0x2, 0x7, 0xfa96, 0x6, 0x28, 0x5, 0x40}, &(0x7f00000000c0)={0x4, 0x8, 0xe3, 0x9, 0x1, 0x0, 0x4, 0x7fff}, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={&(0x7f0000000140)={[0x329]}, 0x8}) getitimer(0x1, &(0x7f0000000400)) pselect6(0x40, &(0x7f0000000200)={0x6e2, 0x100000000, 0xa1eb, 0x6, 0x6, 0x9, 0x5, 0x9}, &(0x7f0000000240)={0x3, 0x6, 0x9, 0x8, 0x1, 0x1, 0x200, 0xfff}, &(0x7f0000000280)={0x2, 0x9, 0xffffffffffffffe1, 0x7, 0x0, 0x1, 0x5, 0x6}, &(0x7f00000002c0)={0x0, 0x3938700}, &(0x7f0000000340)={&(0x7f0000000300)={[0x7]}, 0x8}) clock_nanosleep(0x3, 0xacc1bc8972011344, &(0x7f0000000380)={0x0, 0x3938700}, &(0x7f00000003c0)) msync(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2) socketpair(0x2a, 0x2, 0x6, &(0x7f0000000040)) 06:49:32 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8803f00) 06:49:32 executing program 1: socketpair(0x1, 0x0, 0x0, &(0x7f0000000040)) 06:49:32 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x232}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:32 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x2) 06:49:32 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x7, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r0 = getpid() sched_getparam(r0, &(0x7f0000000540)) move_pages(r0, 0x5, &(0x7f0000000000)=[&(0x7f0000e33000/0x3000)=nil, &(0x7f0000e32000/0x3000)=nil, &(0x7f0000e33000/0x4000)=nil, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000d9f000/0x2000)=nil], &(0x7f0000000040)=[0x28f9], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2) 06:49:32 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x0) 06:49:32 executing program 1: socketpair(0x1, 0x1, 0x0, 0x0) 06:49:32 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x234}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:32 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) io_uring_setup(0x5c5b, &(0x7f0000000000)={0x0, 0xdaac, 0x4, 0x2, 0xca}) 06:49:32 executing program 1: socketpair(0x1, 0x1, 0x0, 0x0) 06:49:32 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x0) 06:49:32 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x300}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:32 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8804000) 06:49:32 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800002) 06:49:32 executing program 1: socketpair(0x1, 0x1, 0x0, 0x0) 06:49:32 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'ip6tnl0\x00', 0x0, 0x4, 0x8, 0x0, 0xfff, 0x31, @remote, @remote, 0x80, 0x80, 0x400, 0x6}}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000240)={'sit0\x00', &(0x7f00000001c0)={'ip6_vti0\x00', 0x0, 0x0, 0x3f, 0x2, 0x800, 0x0, @private1, @remote, 0x80, 0x80, 0x80000001, 0x2}}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000280)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f00000002c0)={'sit0\x00', 0x0, 0x2f, 0x20, 0x20, 0x1, 0x17, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x700, 0x7800, 0x81, 0x4}}) sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000380)={0x524, 0x0, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [{{0x8}, {0x1b4, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x200}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x200}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8, 0x1, r3}, {0x160, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x80000001}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xffff}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}, {{0x8}, {0x80, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x26331935}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x15c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x96}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x40}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r6}}}]}}]}, 0x524}, 0x1, 0x0, 0x0, 0x40}, 0x90) 06:49:32 executing program 4: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x0) 06:49:32 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x402}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:32 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) madvise(&(0x7f0000e33000/0x14000)=nil, 0x14000, 0x65) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f0000000000)) move_pages(0xffffffffffffffff, 0x6, &(0x7f0000000040)=[&(0x7f0000e3c000/0x2000)=nil, &(0x7f0000e33000/0x1000)=nil, &(0x7f0000e1d000/0x3000)=nil, &(0x7f0000e33000/0x2000)=nil, &(0x7f0000e40000/0x3000)=nil, &(0x7f0000e36000/0x1000)=nil], &(0x7f0000000080)=[0x6, 0x7, 0x0, 0x6, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], 0x6) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:32 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xfb000) 06:49:32 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x406}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:32 executing program 5: ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(0xffffffffffffffff, 0x40505330, &(0x7f0000000080)={{0x1}, {0x7, 0x3}, 0x1, 0x6}) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000180)) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000100)={{0x3, 0xac}, {0x1, 0xab}, 0x4, 0x6, 0x8}) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f00000001c0)={0x1, 0xc2, 0xdb1, 0xc4b5, 0x78, 0xffffffff}) socketpair(0x27, 0x800, 0x0, &(0x7f0000000000)) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000005, 0x40010, 0xffffffffffffffff, 0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1000000, 0x13, r0, 0x10000000) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, 0xffffffffffffffff) syz_io_uring_submit(r2, r3, &(0x7f0000000240)=@IORING_OP_CLOSE={0x13, 0x1, 0x0, r4}, 0x6) 06:49:32 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) madvise(&(0x7f0000e33000/0x14000)=nil, 0x14000, 0x65) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f0000000000)) move_pages(0xffffffffffffffff, 0x6, &(0x7f0000000040)=[&(0x7f0000e3c000/0x2000)=nil, &(0x7f0000e33000/0x1000)=nil, &(0x7f0000e1d000/0x3000)=nil, &(0x7f0000e33000/0x2000)=nil, &(0x7f0000e40000/0x3000)=nil, &(0x7f0000e36000/0x1000)=nil], &(0x7f0000000080)=[0x6, 0x7, 0x0, 0x6, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], 0x6) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) [ 1572.025624][T17821] ================================================================== [ 1572.033816][T17821] BUG: KCSAN: data-race in __percpu_counter_compare / percpu_counter_add_batch [ 1572.042750][T17821] [ 1572.045074][T17821] write to 0xffff888100049310 of 8 bytes by task 17831 on cpu 1: [ 1572.052782][T17821] percpu_counter_add_batch+0x9c/0xd0 [ 1572.058238][T17821] shmem_getpage_gfp+0x8eb/0x1410 [ 1572.063259][T17821] shmem_write_begin+0x7e/0x100 [ 1572.068166][T17821] generic_perform_write+0x196/0x3a0 [ 1572.073543][T17821] __generic_file_write_iter+0x161/0x300 [ 1572.079178][T17821] generic_file_write_iter+0x75/0x130 [ 1572.084552][T17821] vfs_write+0x69d/0x770 [ 1572.088778][T17821] ksys_write+0xce/0x180 [ 1572.093007][T17821] __x64_sys_write+0x3e/0x50 [ 1572.097579][T17821] do_syscall_64+0x4a/0x90 [ 1572.101984][T17821] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1572.107893][T17821] [ 1572.110211][T17821] read to 0xffff888100049310 of 8 bytes by task 17821 on cpu 0: [ 1572.118101][T17821] __percpu_counter_compare+0x28/0x1a0 [ 1572.123567][T17821] shmem_getpage_gfp+0x87a/0x1410 [ 1572.128585][T17821] shmem_write_begin+0x7e/0x100 [ 1572.133436][T17821] generic_perform_write+0x196/0x3a0 [ 1572.138723][T17821] __generic_file_write_iter+0x161/0x300 [ 1572.144358][T17821] generic_file_write_iter+0x75/0x130 [ 1572.149726][T17821] vfs_write+0x69d/0x770 [ 1572.153966][T17821] ksys_write+0xce/0x180 [ 1572.158374][T17821] __x64_sys_write+0x3e/0x50 [ 1572.163052][T17821] do_syscall_64+0x4a/0x90 [ 1572.167729][T17821] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1572.173604][T17821] 06:49:32 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) madvise(&(0x7f0000e33000/0x14000)=nil, 0x14000, 0x65) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f0000000000)) move_pages(0xffffffffffffffff, 0x6, &(0x7f0000000040)=[&(0x7f0000e3c000/0x2000)=nil, &(0x7f0000e33000/0x1000)=nil, &(0x7f0000e1d000/0x3000)=nil, &(0x7f0000e33000/0x2000)=nil, &(0x7f0000e40000/0x3000)=nil, &(0x7f0000e36000/0x1000)=nil], &(0x7f0000000080)=[0x6, 0x7, 0x0, 0x6, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], 0x6) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) [ 1572.175925][T17821] value changed: 0x00000000000011e6 -> 0x0000000000001206 [ 1572.183179][T17821] [ 1572.185496][T17821] Reported by Kernel Concurrency Sanitizer on: [ 1572.191620][T17821] CPU: 0 PID: 17821 Comm: syz-executor.3 Not tainted 5.13.0-rc4-syzkaller #0 [ 1572.200359][T17821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1572.210504][T17821] ================================================================== 06:49:32 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x288000c0) 06:49:32 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x604}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:32 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) sigaltstack(&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x5) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x10, 0xffffffffffffffff, 0x3) r0 = io_uring_setup(0x473b, &(0x7f0000000040)={0x0, 0x3efb, 0x0, 0x0, 0x1e3}) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:32 executing program 5: socketpair(0x11, 0x3, 0x3d, &(0x7f0000000040)) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) recvmsg(r1, &(0x7f00000004c0)={&(0x7f0000000100)=@nl=@proc, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000180)=""/197, 0xc5}, {&(0x7f0000000280)=""/189, 0xbd}, {&(0x7f0000000340)=""/84, 0x54}], 0x3, &(0x7f0000000400)=""/189, 0xbd}, 0x12000) accept4(r0, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, &(0x7f0000000000)=0x80, 0x800) 06:49:32 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xf2000) 06:49:32 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) madvise(&(0x7f0000e33000/0x14000)=nil, 0x14000, 0x65) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f0000000000)) move_pages(0xffffffffffffffff, 0x6, &(0x7f0000000040)=[&(0x7f0000e3c000/0x2000)=nil, &(0x7f0000e33000/0x1000)=nil, &(0x7f0000e1d000/0x3000)=nil, &(0x7f0000e33000/0x2000)=nil, &(0x7f0000e40000/0x3000)=nil, &(0x7f0000e36000/0x1000)=nil], &(0x7f0000000080)=[0x6, 0x7, 0x0, 0x6, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], 0x6) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:33 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) madvise(&(0x7f0000e33000/0x14000)=nil, 0x14000, 0x65) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f0000000000)) move_pages(0xffffffffffffffff, 0x6, &(0x7f0000000040)=[&(0x7f0000e3c000/0x2000)=nil, &(0x7f0000e33000/0x1000)=nil, &(0x7f0000e1d000/0x3000)=nil, &(0x7f0000e33000/0x2000)=nil, &(0x7f0000e40000/0x3000)=nil, &(0x7f0000e36000/0x1000)=nil], &(0x7f0000000080)=[0x6, 0x7, 0x0, 0x6, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], 0x6) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:33 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) sigaltstack(&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x5) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x10, 0xffffffffffffffff, 0x3) r0 = io_uring_setup(0x473b, &(0x7f0000000040)={0x0, 0x3efb, 0x0, 0x0, 0x1e3}) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:33 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x5, 0x8, 0x40, 0x0, 0x5, 0x20000, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x6, 0x1, @perf_bp={&(0x7f0000000000), 0x2}, 0x100, 0x9, 0x7fff, 0x0, 0x40, 0x8000, 0x7, 0x0, 0x100, 0x0, 0x800}, r1, 0x7, 0xffffffffffffffff, 0x2) ioctl$SNAPSHOT_FREE(r0, 0x3305) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000004, 0x20010, 0xffffffffffffffff, 0x8000000) 06:49:33 executing program 4: socketpair(0x11, 0x3, 0x3d, &(0x7f0000000040)) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) recvmsg(r1, &(0x7f00000004c0)={&(0x7f0000000100)=@nl=@proc, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000180)=""/197, 0xc5}, {&(0x7f0000000280)=""/189, 0xbd}, {&(0x7f0000000340)=""/84, 0x54}], 0x3, &(0x7f0000000400)=""/189, 0xbd}, 0x12000) accept4(r0, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, &(0x7f0000000000)=0x80, 0x800) 06:49:33 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x700}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:33 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) madvise(&(0x7f0000e33000/0x14000)=nil, 0x14000, 0x65) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f0000000000)) move_pages(0xffffffffffffffff, 0x6, &(0x7f0000000040)=[&(0x7f0000e3c000/0x2000)=nil, &(0x7f0000e33000/0x1000)=nil, &(0x7f0000e1d000/0x3000)=nil, &(0x7f0000e33000/0x2000)=nil, &(0x7f0000e40000/0x3000)=nil, &(0x7f0000e36000/0x1000)=nil], &(0x7f0000000080)=[0x6, 0x7, 0x0, 0x6, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], 0x6) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:33 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x7ffff000) 06:49:33 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x31, &(0x7f0000000000), &(0x7f0000000080)=0x4) 06:49:33 executing program 4: socketpair(0x11, 0x3, 0x3d, &(0x7f0000000040)) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) recvmsg(r1, &(0x7f00000004c0)={&(0x7f0000000100)=@nl=@proc, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000180)=""/197, 0xc5}, {&(0x7f0000000280)=""/189, 0xbd}, {&(0x7f0000000340)=""/84, 0x54}], 0x3, &(0x7f0000000400)=""/189, 0xbd}, 0x12000) accept4(r0, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, &(0x7f0000000000)=0x80, 0x800) 06:49:33 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) sigaltstack(&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x5) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x10, 0xffffffffffffffff, 0x3) r0 = io_uring_setup(0x473b, &(0x7f0000000040)={0x0, 0x3efb, 0x0, 0x0, 0x1e3}) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:33 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x2000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:33 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) madvise(&(0x7f0000e33000/0x14000)=nil, 0x14000, 0x65) ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, &(0x7f0000000000)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:33 executing program 4: socketpair(0x11, 0x3, 0x3d, &(0x7f0000000040)) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) recvmsg(r1, &(0x7f00000004c0)={&(0x7f0000000100)=@nl=@proc, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000180)=""/197, 0xc5}, {&(0x7f0000000280)=""/189, 0xbd}, {&(0x7f0000000340)=""/84, 0x54}], 0x3, &(0x7f0000000400)=""/189, 0xbd}, 0x12000) accept4(r0, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, &(0x7f0000000000)=0x80, 0x800) 06:49:33 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) madvise(&(0x7f0000e33000/0x14000)=nil, 0x14000, 0x65) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:33 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) sigaltstack(&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x5) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x10, 0xffffffffffffffff, 0x3) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:33 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x3202}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:33 executing program 4: socketpair(0x11, 0x3, 0x3d, &(0x7f0000000040)) socket$inet6_udp(0xa, 0x2, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) recvmsg(r0, &(0x7f00000004c0)={&(0x7f0000000100)=@nl=@proc, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000180)=""/197, 0xc5}, {&(0x7f0000000280)=""/189, 0xbd}, {&(0x7f0000000340)=""/84, 0x54}], 0x3, &(0x7f0000000400)=""/189, 0xbd}, 0x12000) 06:49:33 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x3402}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:33 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x7fffffffffffffff) 06:49:33 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:33 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) sigaltstack(&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x5) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:33 executing program 5: socketpair(0x3, 0xa, 0x6, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="94a7b2300b546af061191ae76698679a", 0x10) accept4(0xffffffffffffffff, &(0x7f0000000080)=@caif=@rfm, &(0x7f0000000100)=0x80, 0x80800) 06:49:33 executing program 4: socketpair(0x11, 0x3, 0x3d, &(0x7f0000000040)) socket$inet6_udp(0xa, 0x2, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) 06:49:33 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x4000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:33 executing program 4: socketpair(0x11, 0x3, 0x3d, &(0x7f0000000040)) socket$inet6_udp(0xa, 0x2, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) 06:49:33 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) sigaltstack(&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000000)) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:33 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x5) ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) 06:49:33 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:33 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xffffffffffffffff) 06:49:33 executing program 4: socketpair(0x11, 0x3, 0x3d, &(0x7f0000000040)) socket$inet6_udp(0xa, 0x2, 0x0) 06:49:33 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x4200}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:33 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:33 executing program 4: socketpair(0x11, 0x3, 0x3d, &(0x7f0000000040)) 06:49:33 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:33 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f0000000000)={{0x9}, {0x1f, 0x81}, 0xf93, 0x2, 0x3}) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000180)={0x5, 0x80, 0x0, 0x7f, 0x1a, 0xff, 0x0, 0x780, 0x800, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5, 0x1, @perf_bp={&(0x7f0000000140), 0x1}, 0x41000, 0x3, 0x8, 0x6, 0x4, 0x5, 0x400, 0x0, 0x8000, 0x0, 0x8001}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r1, 0x404c534a, &(0x7f00000000c0)={0xfa7b, 0x9, 0xfffff71a}) 06:49:33 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000180)={'syztnl1\x00', &(0x7f0000000100)={'syztnl0\x00', 0x0, 0x4, 0x7, 0x5, 0xe, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x40, 0x20, 0x80000000, 0x1}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f00000001c0)={'syztnl1\x00', r1, 0x4, 0xe6, 0x9, 0xd385, 0x20, @dev={0xfe, 0x80, '\x00', 0x21}, @loopback, 0x40, 0x700, 0x2452b2ad, 0x170901c3}}) 06:49:33 executing program 0: syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:33 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x6000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:33 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:33 executing program 4: socketpair(0x0, 0x3, 0x3d, &(0x7f0000000040)) 06:49:33 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x42000, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:33 executing program 0: syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:33 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0xca01}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:33 executing program 5: socketpair(0xa, 0xa, 0x3, &(0x7f0000000000)) 06:49:33 executing program 4: socketpair(0x0, 0x3, 0x3d, &(0x7f0000000040)) 06:49:33 executing program 1: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:33 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) epoll_create1(0x0) 06:49:33 executing program 0: syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:33 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0xcc01}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:33 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:33 executing program 4: socketpair(0x0, 0x3, 0x3d, &(0x7f0000000040)) 06:49:33 executing program 5: socketpair(0xf, 0x4, 0x4, &(0x7f0000000040)) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x8) prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='[@]-%*]+\x00') prctl$PR_SET_NAME(0xf, &(0x7f0000000080)='[@]-%*]+\x00') ioctl$TIOCSBRK(0xffffffffffffffff, 0x5427) 06:49:33 executing program 1: mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:33 executing program 4: socketpair(0x11, 0x0, 0x3d, &(0x7f0000000040)) 06:49:33 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:33 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0xd601}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:33 executing program 1: mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:33 executing program 5: ioctl$sock_inet_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:33 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r1 = epoll_create(0x0) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1, 0x4010, r1, 0x261b9000) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:33 executing program 1: mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:33 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:33 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x40000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:33 executing program 4: socketpair(0x11, 0x0, 0x3d, &(0x7f0000000040)) 06:49:33 executing program 5: socketpair(0x23, 0x2, 0x3, &(0x7f0000000040)) 06:49:33 executing program 1: openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:34 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x80000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:34 executing program 4: socketpair(0x11, 0x0, 0x3d, &(0x7f0000000040)) 06:49:34 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:34 executing program 1: openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:34 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x40000) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000080)={0x3, 0x0, 0x9a5}) 06:49:34 executing program 3: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000000)=0x2) 06:49:34 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x0, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:34 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x400000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:34 executing program 4: socketpair(0x11, 0x3, 0x0, &(0x7f0000000040)) 06:49:34 executing program 1: openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:34 executing program 5: ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)=',\x00') socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) 06:49:34 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:34 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x0, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:34 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x600000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:34 executing program 4: socketpair(0x11, 0x3, 0x0, 0x0) 06:49:34 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x0, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:34 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:34 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:34 executing program 3: sendmsg$AUDIT_GET_FEATURE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x3fb, 0x2, 0x70bd29, 0x25dfdbff, "", ["", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4010}, 0x40) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x2) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:34 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x80ffff}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:34 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:34 executing program 5: ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000080)={'syztnl0\x00', 0x0, 0x2f, 0xb0, 0x3, 0xfff, 0x25, @private0={0xfc, 0x0, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8000, 0x10, 0x80, 0xffff}}) recvmsg(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000140)=@xdp={0x2c, 0x0, 0x0}, 0x80, &(0x7f00000003c0)=[{&(0x7f00000001c0)=""/115, 0x73}, {&(0x7f0000000240)=""/58, 0x3a}, {&(0x7f0000000280)=""/118, 0x76}, {&(0x7f0000000300)}, {&(0x7f0000000340)=""/79, 0x4f}], 0x5, &(0x7f0000000440)=""/43, 0x2b}, 0x2041) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000006c0)={'ip6tnl0\x00', &(0x7f0000000640)={'ip6gre0\x00', 0x0, 0x2f, 0x7, 0x10, 0x7fb, 0x2c, @private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x20, 0x40, 0xff, 0x6352}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000780)={'ip6tnl0\x00', &(0x7f0000000700)={'ip6_vti0\x00', 0x0, 0x4, 0x81, 0x8, 0x4, 0x0, @empty, @private2, 0x80, 0x8, 0x7, 0x40}}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f0000000840)={'syztnl1\x00', &(0x7f00000007c0)={'sit0\x00', 0x0, 0x29, 0xee, 0x3, 0xfffeffff, 0x1, @dev={0xfe, 0x80, '\x00', 0x18}, @private2, 0x80, 0x8, 0xffff5156, 0x7}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000900)={'ip6gre0\x00', &(0x7f0000000880)={'ip6_vti0\x00', 0x0, 0x2f, 0xf8, 0x8b, 0xffffffff, 0x5, @remote, @dev={0xfe, 0x80, '\x00', 0x3a}, 0x10, 0x1, 0x9, 0x5}}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(0xffffffffffffffff, 0x89f4, &(0x7f00000009c0)={'syztnl2\x00', &(0x7f0000000940)={'ip6_vti0\x00', 0x0, 0x29, 0x7, 0x4, 0x2, 0x2d, @loopback, @private0, 0x700, 0x8000, 0x5, 0x7}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000b40)={'syztnl0\x00', &(0x7f0000000ac0)={'sit0\x00', 0x0, 0x4, 0x2, 0x5, 0x7, 0x50, @mcast2, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8, 0x8, 0x6}}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000b80)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000c40)={'ip6tnl0\x00', &(0x7f0000000bc0)={'syztnl0\x00', 0x0, 0x4, 0x1, 0xf3, 0x0, 0x21, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, 0x7800, 0x700, 0x6}}) sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f0000001500)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000014c0)={&(0x7f0000000c80)={0x810, 0x0, 0x1200, 0x70bd2a, 0x25dfdbfe, {}, [{{0x8, 0x1, r0}, {0x80, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r2}}, {0x8}}}]}}, {{0x8, 0x1, r3}, {0x28c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffffff9}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7ff}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}, {0x5c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x2c, 0x4, [{0x0, 0x5, 0x5, 0x4}, {0x8, 0x5, 0x72, 0x1}, {0x2000, 0x2, 0x5, 0x556}, {0x20, 0x7, 0x80, 0x7d}, {0x9, 0x4, 0x81, 0x800}]}}}]}}, {{0x8, 0x1, r4}, {0x14c, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r5}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8}, {0x78, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x1e8, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r6}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x8c}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x100}}, {0x8}}}]}}, {{0x8, 0x1, r8}, {0x8c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8}, {0x80, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfff}}, {0x8}}}]}}]}, 0x810}, 0x1, 0x0, 0x0, 0x20000000}, 0x8840) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:34 executing program 4: socketpair(0x11, 0x3, 0x0, 0x0) 06:49:34 executing program 4: socketpair(0x11, 0x3, 0x0, 0x0) 06:49:34 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:34 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:34 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0xa0ff20}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:34 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) socketpair(0x26, 0x6, 0x9, &(0x7f0000000000)) 06:49:34 executing program 4: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000000)=0x2) 06:49:34 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x0, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:34 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = accept4(r1, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, &(0x7f0000000100)=0x80, 0x80800) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r2, 0x40a85321, &(0x7f0000000240)={{0x0, 0x4}, 'port0\x00', 0x50, 0x191040, 0x4, 0x0, 0x36f8, 0x1, 0x9, 0x0, 0x3, 0x6}) clock_gettime(0x0, &(0x7f00000000c0)) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, &(0x7f0000000300)={0x200, 0x80000001, 0x9, 0x6, 0x7, 0x81}) mq_timedsend(r3, &(0x7f0000000180)="0cf236662d7ad13f9dfd2f1b2207da0e7084a215110bd4264e09da26696d1f957713685de9f5fba012f187b2e256b9c7c81996ba3232df548d33022b8b371779350b1bd0c2c99c3c5a66184d55a30000000800000000000000000000551ab54847d0455da2cc009cc36e3c97f05e22dbea4d3ed3154961f55f8a0c4a94cf7acf5ac2508a5b7b7afbee169ef53c15fb6e6cfaad286f76e01441428758d7406c712a61839fd6c8d3d93d1070e9ee5c", 0xae, 0x8, &(0x7f0000000140)) 06:49:34 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:34 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0xb0ff20}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:34 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x0, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:34 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:34 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x0, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:34 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) ioctl$SNAPSHOT_CREATE_IMAGE(r0, 0x40043311, &(0x7f0000000000)) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) 06:49:34 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:34 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0xc0ffff}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:34 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x0, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:34 executing program 4: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000000)=0x2) 06:49:34 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:34 executing program 5: r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmget$private(0x0, 0x1000, 0x40, &(0x7f0000ffd000/0x1000)=nil) r1 = geteuid() r2 = getpid() sched_getparam(r2, &(0x7f0000000540)) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x3, r1, 0xee00, 0xee01, 0xee00, 0x42, 0x3ff}, 0x0, 0x3, 0x80000001, 0x8, r2, 0x0, 0x5}) socketpair(0x29, 0x2, 0xffff, &(0x7f0000000040)) 06:49:34 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x0, 0x0, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:34 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0xd0ff20}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:34 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:34 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:34 executing program 5: socketpair(0xb, 0x80000, 0x4, &(0x7f0000000000)) 06:49:34 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:34 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x1000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:34 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, &(0x7f0000000180)) 06:49:34 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[@ANYRESDEC, @ANYRES32=r0, @ANYBLOB="acf5cdde1a7c9acf6336b28a515d316a63e248cb89db7cbd4e33e8814739b694769d4ee094c391cf174299e3e3485acc2eebec8f4409c11986991303798cb422101cd808cba3b89b99461149405b523c", @ANYRES64], 0x8800000) 06:49:34 executing program 4: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000000)=0x2) 06:49:34 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$team(&(0x7f0000000080), r0) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000140)={'ip6_vti0\x00', &(0x7f00000000c0)={'syztnl1\x00', 0x0, 0x6, 0x50, 0x6, 0x1d9, 0x8, @private2, @dev={0xfe, 0x80, '\x00', 0x28}, 0x700, 0x80, 0xec6, 0x9}}) sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000480)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000180)={0x2c0, r2, 0x2, 0x70bd2c, 0x25dfdbfb, {}, [{{0x8}, {0xfc, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x3f}}, {0x8}}}]}}, {{0x8}, {0xd0, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xcf}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x5c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x2c, 0x4, [{0xeb, 0x1, 0x4, 0x4}, {0x7, 0x0, 0x3f, 0x3ff}, {0x2, 0x0, 0x20, 0x1ff}, {0x1, 0x1, 0x81, 0xd46d}, {0x4, 0x20, 0x9, 0x5}]}}}]}}, {{0x8, 0x1, r3}, {0x80, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}]}, 0x2c0}, 0x1, 0x0, 0x0, 0x1}, 0x14) 06:49:35 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:35 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x2000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:35 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, &(0x7f0000000180)) 06:49:35 executing program 5: socketpair(0xa, 0xa, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)) 06:49:35 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:35 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x2040000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:35 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, &(0x7f0000000180)) 06:49:35 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:35 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), 0x0) 06:49:35 executing program 3: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000040)={0x9, 0x1d4a}) ioctl$KDGETLED(0xffffffffffffffff, 0x4b31, &(0x7f00000001c0)) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x797783, 0x0) r2 = openat$cgroup_devices(r1, &(0x7f00000000c0)='devices.allow\x00', 0x2, 0x0) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f0000000100), 0x80a00, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r1) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, 0xffffffffffffffff) write$cgroup_devices(r2, &(0x7f0000000140)=ANY=[@ANYRES16=r3, @ANYRESOCT=r3, @ANYRESDEC=r3, @ANYRESDEC=r3, @ANYRES16, @ANYRESDEC=r4], 0x8800000) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, 0xffffffffffffffff) ioctl$SNAPSHOT_FREE(r5, 0x3305) 06:49:35 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x3000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:35 executing program 1: openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:35 executing program 5: socketpair(0x15, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) accept4(r1, &(0x7f0000000140)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private1}}, &(0x7f0000000080)=0xb6, 0x400) 06:49:35 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), 0x0) 06:49:35 executing program 4: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:35 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), 0x0) 06:49:35 executing program 1: mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:35 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x4000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:35 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x260000, 0x0) read$snapshot(r1, &(0x7f0000000040)=""/21, 0x15) ioctl$SNAPSHOT_PLATFORM_SUPPORT(0xffffffffffffffff, 0x330f, 0x7c5e) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f0000000100)={0x5f, 0x300000, 0x1, 'queue0\x00', 0x1000}) ioctl$SNAPSHOT_S2RAM(r1, 0x330b) 06:49:35 executing program 0: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0) syz_io_uring_setup(0x1c6b, &(0x7f00000000c0)={0x0, 0x4e05, 0x8, 0x1, 0x44}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180)) 06:49:35 executing program 1: mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:35 executing program 5: r0 = shmget$private(0x0, 0x4000, 0x400, &(0x7f0000ffc000/0x4000)=nil) r1 = geteuid() r2 = getpid() shmctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x1, r1, 0xee01, 0xee00, 0xee00, 0x80, 0x9}, 0x9, 0x2, 0x5, 0x7ff, 0xffffffffffffffff, r2, 0x5729}) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) syz_io_uring_setup(0x2524, &(0x7f0000000100)={0x0, 0x8ff8, 0x8, 0x1, 0x1f9}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000180)) r4 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000008, 0x20010, 0xffffffffffffffff, 0x10000000) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_WRITE_FIXED={0x5, 0x1, 0x3, @fd_index, 0x6, 0x7fff, 0x8000, 0x1, 0x0, {0x1}}, 0x4) 06:49:35 executing program 0: socketpair(0x11, 0x3, 0x3d, &(0x7f0000000040)) socket$inet6_udp(0xa, 0x2, 0x0) 06:49:35 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x6040000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:35 executing program 5: socketpair(0x27, 0x2, 0x3f, &(0x7f0000000000)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$TIOCEXCL(r1, 0x540c) getsockopt$inet_tcp_buf(r0, 0x6, 0xb, &(0x7f0000000040)=""/1, &(0x7f0000000080)=0x1) 06:49:35 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x7000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:35 executing program 4: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:35 executing program 1: mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:35 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x288000c0) 06:49:35 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='\x00') 06:49:35 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000400), r1) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x38, r3, 0x409, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x5}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_to_team\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @dev}]}, 0x38}}, 0x0) io_uring_setup(0x6737, &(0x7f00000000c0)={0x0, 0x616f, 0x10, 0x1, 0x7e, 0x0, r0}) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f0000000140)) 06:49:35 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x8000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:35 executing program 1: openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:35 executing program 5: socketpair(0xa, 0x5, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000004}, 0xc, &(0x7f0000000300)={&(0x7f00000000c0)={0x22c, 0x0, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [{{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x81}}, {0x8}}}]}}, {{0x8, 0x1, r2}, {0x1c4, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x800}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x44, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x14, 0x4, [{0x1, 0x2, 0x2, 0x9}, {0x1fc, 0x3f, 0x0, 0x9}]}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x3f}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x2ad}}, {0x8}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}]}}]}, 0x22c}, 0x1, 0x0, 0x0, 0xc010}, 0x4008c) r3 = perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x9, 0x20, 0x70, 0x35, 0x0, 0x6, 0x2208, 0x8, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x81, 0x0, @perf_config_ext={0x9, 0x1f}, 0x4824, 0x3, 0x6, 0x9, 0x8001, 0x7, 0x1f, 0x0, 0xffffc66f, 0x0, 0xffff}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x1) ioctl$PERF_EVENT_IOC_QUERY_BPF(r3, 0xc008240a, &(0x7f0000000500)=ANY=[@ANYBLOB="00000000000000084ff4b7d672575c915b0ceb5787681d3c18fb606985264538f2dc155d6e3bcf3e9e44e540d539ba5dc19b98c28d137ee4af9bd28287ba9e9200d4a14e3ca1bc2cfa9bab3eaa05434c43e436dffab3344a5aa2448b70f300f84b2d8495f0e2ce43aa53b51829deff44846fc01b1f440826fd9e1d2a851c96940aabdde18c740730dd401112399a6f4cd161b0960d5b53ef0044376e3d8e1e4458c09388cb0dc1de036f865c03b98c4e8c55354fdabb2d10b97bf971c4e5c922e362f50167ea213ae85b2bfe1ab001831217dd92c539960325"]) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) 06:49:35 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x10000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:35 executing program 1: openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:35 executing program 1: openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) mlock(&(0x7f0000e3f000/0x2000)=nil, 0x2000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) mlock(&(0x7f0000e3d000/0x4000)=nil, 0x4000) 06:49:35 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x20000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:35 executing program 4: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:35 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffe000/0x2000)=nil, 0x2000}, &(0x7f0000000080)=0x10) 06:49:35 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x288000c0) 06:49:35 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x0) [ 1575.258207][T18376] ================================================================== [ 1575.266321][T18376] BUG: KCSAN: data-race in __percpu_counter_compare / percpu_counter_add_batch [ 1575.275261][T18376] [ 1575.277579][T18376] write to 0xffff888100049310 of 8 bytes by task 18348 on cpu 0: [ 1575.285307][T18376] percpu_counter_add_batch+0x9c/0xd0 [ 1575.290680][T18376] shmem_getpage_gfp+0x8eb/0x1410 [ 1575.295709][T18376] shmem_write_begin+0x7e/0x100 [ 1575.300560][T18376] generic_perform_write+0x196/0x3a0 [ 1575.305840][T18376] __generic_file_write_iter+0x161/0x300 [ 1575.311480][T18376] generic_file_write_iter+0x75/0x130 [ 1575.316850][T18376] vfs_write+0x69d/0x770 [ 1575.321110][T18376] ksys_write+0xce/0x180 [ 1575.325345][T18376] __x64_sys_write+0x3e/0x50 [ 1575.329927][T18376] do_syscall_64+0x4a/0x90 [ 1575.334342][T18376] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1575.340237][T18376] [ 1575.342553][T18376] read to 0xffff888100049310 of 8 bytes by task 18376 on cpu 1: [ 1575.350177][T18376] __percpu_counter_compare+0x28/0x1a0 [ 1575.355638][T18376] shmem_getpage_gfp+0x87a/0x1410 [ 1575.360670][T18376] shmem_write_begin+0x7e/0x100 [ 1575.365518][T18376] generic_perform_write+0x196/0x3a0 [ 1575.370791][T18376] __generic_file_write_iter+0x161/0x300 [ 1575.376416][T18376] generic_file_write_iter+0x75/0x130 [ 1575.381788][T18376] vfs_write+0x69d/0x770 [ 1575.386016][T18376] ksys_write+0xce/0x180 [ 1575.390244][T18376] __x64_sys_write+0x3e/0x50 [ 1575.394817][T18376] do_syscall_64+0x4a/0x90 [ 1575.399224][T18376] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1575.405125][T18376] 06:49:36 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCGSERIAL(r1, 0x541e, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/190}) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:36 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x20ffa000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:36 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x0) 06:49:36 executing program 5: socketpair(0xa, 0xa, 0x3f, &(0x7f0000000000)) 06:49:36 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x288000c0) [ 1575.407444][T18376] value changed: 0x00000000000003c0 -> 0x00000000000003e0 [ 1575.414541][T18376] [ 1575.416857][T18376] Reported by Kernel Concurrency Sanitizer on: [ 1575.422994][T18376] CPU: 1 PID: 18376 Comm: syz-executor.4 Not tainted 5.13.0-rc4-syzkaller #0 [ 1575.431741][T18376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1575.441774][T18376] ================================================================== 06:49:36 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x0) 06:49:36 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x20ffb000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:36 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$AUDIT_TTY_SET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x3f9, 0x10, 0x70bd2c, 0x25dfdbfc, {}, [""]}, 0x18}, 0x1, 0x0, 0x0, 0x20000004}, 0x20024098) 06:49:36 executing program 4: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:36 executing program 1: msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x0) 06:49:36 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x20ffd000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:36 executing program 5: r0 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_ACCEPT(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, r0, 0x100, 0x70bd29, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'syzkaller0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x39}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x40000) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:36 executing program 1: msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x0) 06:49:36 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x32020000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:36 executing program 0: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:36 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) openat$cgroup_type(r0, &(0x7f0000000000), 0x2, 0x0) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff}) r2 = accept4(r1, &(0x7f00000000c0)=@nfc, &(0x7f0000000140)=0x80, 0x0) accept4(r2, &(0x7f0000000180)=@phonet, &(0x7f0000000200)=0x80, 0x80000) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) openat$cgroup_type(r3, &(0x7f0000000080), 0x2, 0x0) 06:49:36 executing program 1: msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x0) 06:49:36 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x34020000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:36 executing program 3: syz_open_dev$usbmon(&(0x7f0000000200), 0x0, 0x20000) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x8141) syz_genetlink_get_family_id$net_dm(&(0x7f00000001c0), r0) r1 = syz_genetlink_get_family_id$net_dm(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NET_DM_CMD_STOP(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r1, 0x20, 0x70bd26, 0x25dfdbfb, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x440c4}, 0x40004) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000280)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f00000002c0)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000680)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000001ec0)={'ip6gre0\x00', &(0x7f0000001e40)={'sit0\x00', 0x0, 0x2f, 0x8, 0x7f, 0x2, 0x1, @private0={0xfc, 0x0, '\x00', 0x1}, @loopback, 0x10, 0x700, 0x80000000, 0x1}}) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000001f00)={'team0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000002080)={'sit0\x00', &(0x7f0000002000)={'syztnl2\x00', 0x0, 0x29, 0x5, 0x4, 0x8, 0x0, @loopback, @loopback, 0x7800, 0x7, 0x5}}) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f00000024c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000002480)={&(0x7f00000020c0)=ANY=[@ANYBLOB="ac030000", @ANYRES16=0x0, @ANYBLOB="00082bbd7000fddbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="f400028040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000100004006c6f616462616c616e63650038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004000104000040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000100004006c6f616462616c616e63650038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000900000008000100", @ANYRES32=0x0, @ANYBLOB="7c000280400001002400010071756575655f6964000000000000000000000000000000000000000000000000050003000300000008000400dd99435d08000600", @ANYRES32=r4, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e660000000000000000000000000000050003000300000008000400d200000008000100", @ANYRES32=r5, @ANYBLOB="600002805c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000002c000400f8ff020006000000a59323810180000006000101f7040000090023ffff000000f2b9d204b200000008000100", @ANYRES32=r6, @ANYBLOB="d000028040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000100000008000600", @ANYRES32=r7, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000700000008000600", @ANYRES32=r8, @ANYBLOB="4c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=r9, @ANYBLOB="d00002804c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e67000000003c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001400040008000067ff000000f9ff031cffffff7f"], 0x3ac}, 0x1, 0x0, 0x0, 0x41}, 0x0) ioctl$PERF_EVENT_IOC_ID(r3, 0x80082407, &(0x7f0000000000)) write$cgroup_devices(r2, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:36 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x8940, 0x0) socketpair(0x15, 0x1, 0xf9, &(0x7f0000000040)) 06:49:36 executing program 4: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:36 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x0, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x0) 06:49:36 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x40000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:36 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:36 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x0, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x0) 06:49:36 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x42000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:36 executing program 0: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:36 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x0, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x4000)=nil, 0x4000, 0x0) 06:49:36 executing program 5: socketpair(0x6, 0x3, 0x3f, &(0x7f0000000040)) 06:49:36 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0xca010000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:36 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) r2 = perf_event_open(&(0x7f0000000500)={0x5, 0x80, 0xa0, 0x9, 0x7, 0x1, 0x0, 0x0, 0xa076, 0xe, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x80000001, 0x2, @perf_config_ext={0x7f, 0xda0}, 0x4000, 0x5, 0x80, 0x5, 0x20, 0x3f, 0x80, 0x0, 0xffff2ed1, 0x0, 0x4}, 0xffffffffffffffff, 0xd, r0, 0x8) perf_event_open(&(0x7f0000000480)={0x4, 0x80, 0x1f, 0x5, 0x1b, 0x9, 0x0, 0x7ff, 0x80400, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x5, @perf_bp={&(0x7f0000000040), 0x4}, 0x40001, 0x10001, 0x400, 0x7, 0x8, 0x8, 0x6063, 0x0, 0x2, 0x0, 0x9}, 0x0, 0x9, r2, 0x4) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) r4 = perf_event_open$cgroup(&(0x7f0000000400)={0x4, 0x80, 0xd8, 0x5, 0xff, 0x7, 0x0, 0x0, 0x18008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x10001, 0x2, @perf_config_ext={0x7f, 0x96a7}, 0x0, 0x1, 0xd1, 0x0, 0x3, 0x8, 0xf7b2, 0x0, 0x9}, r0, 0x6, r0, 0x1) perf_event_open$cgroup(&(0x7f0000000380)={0x3, 0x80, 0x1, 0x7, 0x81, 0x4, 0x0, 0x7, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x5, 0x4, @perf_bp={&(0x7f0000000000), 0xa}, 0x10, 0x32e9, 0x81, 0x6, 0x1cc000000000000, 0x0, 0x9, 0x0, 0x1, 0x0, 0x1}, r1, 0xc, r4, 0x4) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x84080, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, 0xffffffffffffffff) write$cgroup_devices(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="dd226bc37ec9ea9dc2f9bb3e53d8fd732c446e19c4774fa0729f0d423499e499c0c8a50018d5357299fa38cab4683e020953cc896875cfb88b7a03b2c81a3a7ab55be74b8a7be410285fc303522295f254fe2fcd71066f95698ea97bf9d25dfc0e62037ef4aa1060574497e920c5", @ANYBLOB="6c3a7bd2895a97edda3880c94042acbe62bde05671414cee88fae6cebf0ea66290d897335f26e04fd8e90e1b403f73b1533b5822463a073fe446af93fa67246ef3e1866e76f5ab7237d48e84ab72046fb04ef30a589eb531ee9b86a618716c69599d51c91c2efce695346dbf8f2757e381bca8af31f3faecabc1f5d2750ebcf4edab00f972c3569957a99202b4072fdd94a6755ff4423e138b0f3713771ea96523d916d5d77751c755d19a8f532ecc540ae0f151db69257f5f20ab", @ANYRES64=r3, @ANYBLOB="8cf28803003b9371d97589caf248b2c3126e5260e5f5e09586a9f506c8bea5e30d8ce6fee5853b6d71bb3f95219b622a23b831e648df64b7acc021fce41ec018788ba1e44b368f56727d6ec147042e5b19dce8166808462b1cbdc73cda9ff0288efcc12ff1d5818b4fd97da0841f545adbc28e89e469f7a22961e0bab8bb32cf8c7da6d995909ff4d05672f6779af24263409bac799dc54a8e79a7268113131f", @ANYBLOB="a848ef950090e0867e76e6daa8bd406df536162c7cad026d693ac2aea7f52529a04cd8d46b0a87975f264642eaed7feda24001f4c359fbad4537f7609df5b7b9c5ea9e4f", @ANYRESHEX=r0, @ANYBLOB="7b8a190cec5ab92d75a84beccefeceefa7948e0661f22df8e1a4eb1a62e544ac57", @ANYRES64, @ANYBLOB="32fcd53d4615b483fe3b95f64e23b961ed17d228338224adf82aa9f8a1c48e466e2f6bda8fb537a17259a386552199"], 0x8800000) 06:49:36 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = epoll_create(0x7f) mmap(&(0x7f0000e31000/0x4000)=nil, 0x4000, 0x8, 0x12, r0, 0x6c5a3000) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x14) 06:49:36 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) syz_io_uring_setup(0x5912, &(0x7f0000000100)={0x0, 0xb132, 0x0, 0x0, 0x27}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r0, &(0x7f0000000200)=@IORING_OP_NOP={0x0, 0x2}, 0x3) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r1, 0x40505331, &(0x7f0000000080)={{0x1, 0x4}, {0x8, 0x8}, 0x8001, 0x0, 0x8}) socketpair(0x27, 0x2, 0xff, &(0x7f0000000000)) 06:49:36 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0xcc010000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:36 executing program 4: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:36 executing program 0: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:36 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = epoll_create(0x7f) mmap(&(0x7f0000e31000/0x4000)=nil, 0x4000, 0x8, 0x12, r0, 0x6c5a3000) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x14) 06:49:37 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0xd6010000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:37 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0xfeffffff}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:37 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) r0 = epoll_create(0x7f) mmap(&(0x7f0000e31000/0x4000)=nil, 0x4000, 0x8, 0x12, r0, 0x6c5a3000) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x14) 06:49:37 executing program 5: socketpair(0x15, 0x2, 0x3f, &(0x7f0000000000)) 06:49:37 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) epoll_create(0x7f) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x14) 06:49:37 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0xffff8000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:37 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x14) 06:49:37 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000140), r0) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000640)={'sit0\x00', &(0x7f0000000540)={'ip6gre0\x00', 0x0, 0x4, 0x7f, 0x4, 0x9, 0x14, @loopback, @mcast2, 0x20, 0x8, 0x1ff, 0x5}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000980)={'syztnl1\x00', &(0x7f0000000900)={'syztnl2\x00', 0x0, 0x2f, 0x80, 0x40, 0x101, 0x0, @empty, @private2, 0x10, 0x1, 0x10001, 0x1}}) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000a40)={'syztnl2\x00', &(0x7f00000009c0)={'ip6tnl0\x00', 0x0, 0x4, 0xbd, 0x27, 0x6, 0x60, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8, 0x1, 0x7fffffff, 0x81}}) recvmsg(0xffffffffffffffff, &(0x7f0000000ec0)={&(0x7f0000000a80)=@xdp={0x2c, 0x0, 0x0}, 0x80, &(0x7f0000000e00)=[{&(0x7f0000000b00)=""/173, 0xad}, {&(0x7f0000000bc0)=""/205, 0xcd}, {&(0x7f0000000cc0)=""/44, 0x2c}, {&(0x7f0000000d00)=""/243, 0xf3}], 0x4, &(0x7f0000000e40)=""/118, 0x76}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000f80)={'syztnl0\x00', &(0x7f0000000f00)={'syztnl2\x00', 0x0, 0x4, 0x6, 0xc0, 0x200, 0x0, @mcast1, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8, 0x8, 0x800, 0x9b54}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000001340)={'ip6gre0\x00', &(0x7f00000012c0)={'syztnl1\x00', 0x0, 0x29, 0x1, 0x0, 0x80, 0x50, @local, @rand_addr=' \x01\x00', 0x20, 0x80, 0x9, 0x151}}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000001440)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000001b40)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001b00)={&(0x7f0000001480)={0x670, 0x0, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [{{0x8}, {0x134, 0x2, 0x0, 0x1, [{0x3c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0xc, 0x4, [{0xa5d, 0x80, 0x5, 0x5}]}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x6e37}}, {0x8, 0x6, r1}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}, {0x8}}}]}}, {{0x8, 0x1, r2}, {0x14c, 0x2, 0x0, 0x1, [{0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x8, 0x1, 0x40, 0xf711}, {0x3, 0x6, 0x9, 0xae6b}, {0x9, 0x4, 0xd1, 0x3}]}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffffe}}, {0x8}}}]}}, {{0x8}, {0x4}}, {{0x8, 0x1, r3}, {0x180, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0xd4}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r5}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8}, {0x230, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r6}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x7, 0x40, 0x6, 0x7}, {0x3, 0xff, 0x80, 0x3}, {0x7ff, 0x7f, 0x0, 0x1}, {0xff, 0x1f, 0x37, 0x6}]}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x80}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x200}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}]}}]}, 0x670}, 0x1, 0x0, 0x0, 0x40}, 0x4000054) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f00000000c0)={{0x1}, {0x7}, 0xffffffff, 0x1, 0xbb}) r8 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x204200, 0x0) read$snapshot(r8, &(0x7f00000006c0)=""/76, 0x4c) write$cgroup_devices(r8, &(0x7f00000000c0)=ANY=[], 0x8800000) recvmsg(r8, &(0x7f0000000680)={&(0x7f0000000000)=@pptp={0x18, 0x2, {0x0, @private}}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000800)=""/237, 0xed}, {&(0x7f00000001c0)=""/216, 0xd8}, {&(0x7f00000002c0)=""/131, 0x83}, {&(0x7f0000000380)=""/226, 0xe2}, {&(0x7f0000000480)=""/173, 0xad}], 0x5, &(0x7f0000000740)=""/143, 0x8f}, 0x40) 06:49:37 executing program 5: ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000180)={0x100, @tick=0x1, 0x43, {0x42, 0x7}, 0x8c, 0x2, 0x4}) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_tcp_int(r0, 0x6, 0x11, &(0x7f0000000080)=0x6, 0x4) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000002c0), 0x20000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r2, 0x404c534a, &(0x7f0000000300)={0xc7, 0x5}) sendmsg$TEAM_CMD_OPTIONS_GET(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="49054022", @ANYRES16=0x0, @ANYBLOB="000000007000ffdb006d2f5c427b603959e6505a3f40497d7aa090b9d45e787a4dca825eed01dd77643c82a3e3d7f36fdb3c738a61958af97e46e3a3c9edd82c0d4119189f969f5be409de0d34e0815df82ecdef8f7519b85587eb3aedf3e6c89c2b7a5f4593ed5ec0ee28f6a5"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x20004844) r3 = accept4(r0, 0x0, &(0x7f00000000c0), 0x0) r4 = shmget$private(0x0, 0xd000, 0x54000000, &(0x7f0000ff3000/0xd000)=nil) shmat(r4, &(0x7f0000ffd000/0x2000)=nil, 0x3000) setsockopt$inet_tcp_TLS_TX(r3, 0x6, 0x1, &(0x7f0000000100)=@ccm_128={{0x303}, "7a580c77d79ed7ec", "226bc2d1f0c17e12aaf48d9231d206ef", "c93fa07c", "d483740da71a6934"}, 0x28) modify_ldt$write(0x1, &(0x7f0000000000)={0x3, 0x20000800, 0x1000, 0x1, 0x2, 0x0, 0x1, 0x1}, 0x10) 06:49:37 executing program 1: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x14) 06:49:37 executing program 0: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:37 executing program 4: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:37 executing program 3: openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) openat$cgroup_devices(r0, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x127a729) 06:49:37 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, &(0x7f0000000080)={0x7, 0x10000, 0xff, 0x2, 0x2, 0x80000000}) 06:49:37 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0xffffc000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:37 executing program 1: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x14) 06:49:37 executing program 4: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:37 executing program 1: madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x14) 06:49:37 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0xfffffffe}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:37 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x88100, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x4) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x418501, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) ioctl$MON_IOCG_STATS(r2, 0x80089203, &(0x7f0000000040)) write$cgroup_devices(r1, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:37 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x0, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x14) 06:49:37 executing program 4: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:37 executing program 0: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:37 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000080)=@tipc=@id, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000100)=""/149, 0x95}, {&(0x7f00000001c0)=""/95, 0x5f}, {&(0x7f0000000240)=""/192, 0xc0}, {&(0x7f0000000000)=""/28, 0x1c}, {&(0x7f0000000300)=""/168, 0xa8}], 0x5, &(0x7f0000000440)=""/166, 0xa6}, 0x1) 06:49:37 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:37 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:37 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x0, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x14) 06:49:37 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x0, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x14) 06:49:37 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:37 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_genetlink_get_family_id$team(&(0x7f0000000000), r0) 06:49:37 executing program 1: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x1e1000, 0x3, &(0x7f0000e31000/0x4000)=nil) madvise(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x0) 06:49:37 executing program 3: openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) socketpair(0x6, 0x3, 0x7, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$AUDIT_TTY_GET(r1, &(0x7f00000007c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x10, 0x3f8, 0x100, 0x70bd2a, 0x25dfdbff, "", ["", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x8000}, 0x40) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)={0x60, 0x0, 0x10, 0x70bd30, 0x25dfdbfa, {}, [{{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x14845}, 0x20004801) r2 = openat$cgroup_devices(r0, &(0x7f0000000140)='devices.deny\x00', 0x2, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x20010, r2, 0x2ddc1000) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) write$cgroup_devices(r3, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:37 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:37 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000e33000/0x2000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:37 executing program 0: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:37 executing program 5: socketpair(0x2a, 0x2, 0x3c, &(0x7f0000000040)) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_submit(r0, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) syz_io_uring_submit(r0, 0x0, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x4, 0x0, 0x9}, 0x20) 06:49:37 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000e33000/0x2000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:37 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, 0x0, 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:37 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x359401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) ioctl$KDGETLED(r0, 0x4b31, &(0x7f0000000000)) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$KDSETKEYCODE(r1, 0x4b4d, &(0x7f0000000040)={0x100, 0x3}) 06:49:37 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:37 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000e33000/0x2000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:37 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) mmap$usbmon(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x100010, 0xffffffffffffffff, 0x7) 06:49:37 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:37 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x1f) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000200)={0xd60d, 0x7fffffff}) openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x8242, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r3, 0x8936, &(0x7f0000000b00)={'sit0\x00', 0x0}) read$snapshot(r1, &(0x7f00000000c0)=""/133, 0x85) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, 0xffffffffffffffff) ioctl$TIOCSBRK(r4, 0x5427) r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000240), 0x408c2, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r5, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r5, 0x4008240b, &(0x7f0000000180)={0x2, 0x80, 0x40, 0x81, 0x5, 0x20, 0x0, 0x3, 0x18801, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x4, @perf_bp={&(0x7f0000000040), 0x1}, 0x8803, 0x3ff, 0x0, 0x5, 0x0, 0x4, 0x89, 0x0, 0xfffffff7, 0x0, 0x100}) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:37 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, 0x0, 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:37 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x7}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:38 executing program 0: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:38 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, 0x0, 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 5: r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/203}) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='\x00') ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) ioctl$KDGETLED(r0, 0x4b31, &(0x7f0000000080)) 06:49:38 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:38 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:38 executing program 0: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x10}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:38 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[@ANYRES32=r1, @ANYRES32, @ANYRES64], 0x8800000) 06:49:38 executing program 0: ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f00000000c0)) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 5: openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) 06:49:38 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x42}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:38 executing program 1: mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000e33000/0x2000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:38 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 1: mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x2000, 0x0, &(0x7f0000e33000/0x2000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:38 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x60}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:38 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={&(0x7f0000000000), 0xc, &(0x7f00000003c0)={&(0x7f0000000080)=@flushsa={0x320, 0x1c, 0x4, 0x70bd26, 0x25dfdbfe, {}, [@mark={0xc, 0x15, {0x35075c, 0x81}}, @algo_auth_trunc={0xe8, 0x14, {{'cmac(aes)\x00'}, 0x4e0, 0xa0, "00db72f9ae3d1c5205839d97794eb102d2be7373d92138889148ac38c03bfbe67a2330024c2963b6f1e1903d58c7615d35add992daf5c5ceb5eff2f4446e821fdbebdee9db843de38628163956469bfc8b51b46a18142290418d9ef8ab3956631a93b26582c782223cd7d4611ae6662813976379e6c3270653f80c8c3b5430aa24831580f6301ef4daf444f8931e74062abcdb4833eeb3d9acbe3206"}}, @replay_esn_val={0x28, 0x17, {0x3, 0x70bd25, 0x70bd28, 0x70bd29, 0x70bd29, 0x1, [0x815, 0x7, 0xfb200000]}}, @lastused={0xc}, @extra_flags={0x8, 0x18, 0x3}, @algo_auth={0x139, 0x1, {{'poly1305-generic\x00'}, 0x788, "cb28aa62a93c32440fac79e19e9dd9a289489546638e18883df73a8ec517f526c32441835851077c97a16945da4368aec0de7cdc5ce679dd6bd288cfb211499bee328ae8dcf97fc9e6210ff27094d9eaa88d49747ed1b13d182f508fa22f5081037391526b9e935f27faad30b65f75950a642560cd3b8d353ac39fec43e537011c65616bed0513568647a6d63cb5c0782ac01306a0d47b4d3fb325b0587a578c077e33f13e43721cc476220b32ca9ca758cb1ccca76e0e17a499bcdd387d543ca4e5165991cef60ebdfaa956437dee3b17132e30d8ac8af5d0f6e58665a84a1556c950e2f72f42b2f0902d777053ef24c6"}}, @user_kmaddress={0x2c, 0x13, {@in=@rand_addr=0x64010100, @in6=@local, 0x0, 0x1}}, @sec_ctx={0x5d, 0x8, {0x59, 0x8, 0x1, 0x20, 0x51, "f2becc877b186dd5422d3799acc6ec55bb62630d82bca14deec352a033910a4faabb929c80831580a5ad84cc9287ee0540839a3103e1726b66925d5af5e731b7d4b3505c0ef06a3cc20221cdc2439265b0"}}, @coaddr={0x14, 0xe, @in=@broadcast}]}, 0x320}, 0x1, 0x0, 0x0, 0x40010}, 0x8000) 06:49:38 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 3: r0 = socket$nl_audit(0x10, 0x3, 0x9) r1 = getpid() sched_getparam(r1, &(0x7f0000000540)) sendmsg$AUDIT_SET(r0, &(0x7f0000000440)={&(0x7f0000000000), 0xc, &(0x7f0000000400)={&(0x7f0000000040)={0x38, 0x3e9, 0x200, 0x70bd29, 0x25dfdbfc, {0x1d, 0x0, 0x2, r1, 0x80000001, 0x6, 0x5, 0x5, 0x0, 0x7ff}, ["", "", "", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000085) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r2, &(0x7f00000000c0)=ANY=[], 0x8800000) ioctl$PTP_SYS_OFFSET(r2, 0x43403d05, &(0x7f00000000c0)={0x6}) 06:49:38 executing program 1: mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x2000, 0x0, &(0x7f0000e33000/0x2000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:38 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1ca}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:38 executing program 5: socketpair(0x1, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_genetlink_get_family_id$team(&(0x7f0000000000), r0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) accept4(r1, 0x0, &(0x7f0000000080), 0x80000) write$snapshot(r1, &(0x7f00000000c0)="06f627a23c4fd670ba8a866e0c8728c3fe5dd64ae8c95ebf4667692173123bc009c5386a2b84339c44f71eac94a31174046c55a919cbb95ca8cd2804affe6381b7ff15b5ea5b01ae2c857bfd837b3167e2145025412290ea5af9dfecd2", 0x5d) 06:49:38 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, 0x0, 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, 0x0, 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 1: mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x2000, 0x0, &(0x7f0000e33000/0x2000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:38 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1cc}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:38 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) socketpair(0x1d, 0x800, 0x400, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000080)="9186f049337d5d6445b2ca9e67da92bf", 0x10) 06:49:38 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, 0x0, 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 1: mremap(&(0x7f0000e1d000/0x4000)=nil, 0x4000, 0x2000, 0x0, &(0x7f0000e33000/0x2000)=nil) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x0, &(0x7f0000e31000/0x4000)=nil) 06:49:38 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:38 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1d6}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:38 executing program 1: socketpair(0x10, 0x80004, 0x4, &(0x7f0000000040)) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x8141) sendmsg$NET_DM_CMD_START(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x10, 0x70bd26, 0x25dfdbff, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x44}, 0x8000) 06:49:38 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 5: socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)={0xffffffffffffffff}) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x3, 0x4) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f0000000140)={0x2, 0x77, "dcf4186f174d529c7d2e128473d476a91784f20cbf95dd9a2686b03bad45b45f4abf8086f041260b85202f9183edba593079275d1d8706f23fdf12ba036e26b084bdb4791b1a3ebd7105489fc8101c764b3ff64e10b252bd3597ad29ab7642167537fb89e6be5f5da0483cbf52cdc897ba0e6fdaee6a61"}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x7fffffff) 06:49:38 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x204}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:38 executing program 1: socketpair(0x10, 0x80004, 0x4, &(0x7f0000000040)) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x8141) sendmsg$NET_DM_CMD_START(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x10, 0x70bd26, 0x25dfdbff, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x44}, 0x8000) 06:49:38 executing program 1: socketpair(0x10, 0x80004, 0x4, &(0x7f0000000040)) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x8141) sendmsg$NET_DM_CMD_START(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x10, 0x70bd26, 0x25dfdbff, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x44}, 0x8000) 06:49:38 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x232}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:38 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="4f29ab1393bd8bf170af313afe99e55c068d218c03fc094ada3f4ca0d7809914779d459ce248edf5937c0735111c1457cd079092f114b818575c41ac467977804e29102ceb5ab1eefa82dc62cfa15e31a92a6c843c260be7800fadbe47db9f7c38d7f782a8e1207d44f88ad8dd38d2c6b72137d728cf125f0cb9700142c0a6150ef007c10f1fab1cdaad446842636208413cf8cf84bc9a723644dbe162b8297524c418911d25809365216ca6a19e2cd05f67934ce5fa5edf090d839602451063dd451a9698ad3c7e6e1c6402df7b78a86abab870826c67187e832195c003ab8a5bfeca8db5f2c7466f299727573fabd5bf60e505ac68", @ANYBLOB="bd3e22f59abaad2325fa2233bd724df806d85f3f5c9f617f62d8939261ced0484ec6d75dc5aa5914ad6a3a93b9e120f40d45936b954ba5411e050cbb06384612426c44565c8c6900aeb398204c17f049a422a8d856b3c6dc07f82a55b6193c6b1efbc4c07411b6dbf1ccfa", @ANYRESDEC=r1, @ANYRESDEC], 0x880004e) 06:49:38 executing program 5: socketpair(0x28, 0x0, 0x4, &(0x7f0000000040)) 06:49:38 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x234}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:38 executing program 1: socketpair(0x10, 0x80004, 0x4, &(0x7f0000000040)) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x8141) 06:49:38 executing program 4: openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:38 executing program 1: socketpair(0x10, 0x80004, 0x4, &(0x7f0000000040)) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 06:49:38 executing program 4: openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:39 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) ioctl$PTP_PIN_GETFUNC(r0, 0xc0603d06, &(0x7f0000000080)={'\x00', 0x4, 0x0, 0x7000000}) socketpair(0xa, 0x2, 0x3f, &(0x7f0000000040)) 06:49:39 executing program 1: socketpair(0x10, 0x80004, 0x4, &(0x7f0000000040)) 06:49:39 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x300}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:39 executing program 4: openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:39 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) openat$cgroup_devices(r2, &(0x7f0000000240)='devices.deny\x00', 0x2, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x6, 0x2, 0x0, 0x0, 0x0, 0x80000000, 0x4000, 0xb, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext={0x8001, 0x2}, 0x8, 0x80000001, 0x0, 0x0, 0x7ff, 0x7fffffff, 0x80, 0x0, 0x40, 0x0, 0x80000001}, 0x0, 0x0, 0xffffffffffffffff, 0xa) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r4) ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f0000000140)) ioctl$PTP_CLOCK_GETCAPS(r0, 0x80503d01, &(0x7f00000000c0)) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000000)={&(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x9}) prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000040)) 06:49:39 executing program 1: socketpair(0x0, 0x80004, 0x4, &(0x7f0000000040)) 06:49:39 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x402}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:39 executing program 5: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x1000)=nil, 0x1000}, &(0x7f0000000040)=0x10) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) getsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f0000000100)) 06:49:39 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, 0x0, 0x8800000) 06:49:39 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:39 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, 0x0, 0x8800000) 06:49:39 executing program 5: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x1000)=nil, 0x1000}, &(0x7f0000000040)=0x10) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) getsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f0000000100)) 06:49:39 executing program 1: socketpair(0x0, 0x80004, 0x4, &(0x7f0000000040)) 06:49:39 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x406}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:39 executing program 4: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, 0x0, 0x8800000) 06:49:39 executing program 5: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x1000)=nil, 0x1000}, &(0x7f0000000040)=0x10) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) getsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f0000000100)) 06:49:39 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x20c000, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) accept4(r0, &(0x7f0000000100)=@in={0x2, 0x0, @multicast1}, &(0x7f0000000180)=0x80, 0x40800) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) sendmsg$AUDIT_GET_FEATURE(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x10, 0x3fb, 0x1, 0x70bd28, 0x25dfdbff, "", ["", "", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x40000}, 0x804) inotify_init() r2 = socket$nl_xfrm(0x10, 0x3, 0x6) accept4(r2, &(0x7f0000000040)=@can, &(0x7f00000000c0)=0x80, 0x1c0800) 06:49:39 executing program 1: socketpair(0x0, 0x80004, 0x4, &(0x7f0000000040)) 06:49:39 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x604}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:39 executing program 5: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x1000)=nil, 0x1000}, &(0x7f0000000040)=0x10) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) getsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 06:49:39 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x1000)=nil, 0x1000}, &(0x7f0000000040)=0x10) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) getsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f0000000100)) 06:49:39 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:39 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x1000)=nil, 0x1000}, &(0x7f0000000040)=0x10) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) getsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f0000000100)) 06:49:39 executing program 5: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x1000)=nil, 0x1000}, &(0x7f0000000040)=0x10) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) 06:49:39 executing program 1: socketpair(0x10, 0x0, 0x4, &(0x7f0000000040)) 06:49:39 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$KDGETLED(r0, 0x4b31, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) sendmsg$AUDIT_SET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x38, 0x3e9, 0x10, 0x70bd27, 0x25dfdbfb, {0x30, 0x0, 0x3, 0x0, 0x1, 0x3, 0x401, 0x101, 0x0, 0x1}, ["", "", "", "", "", "", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x40000c0}, 0x408c6) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) ioctl$TIOCSIG(r0, 0x40045436, 0x33) write$cgroup_devices(r1, &(0x7f00000000c0)=ANY=[], 0x8800000) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000180)={{0x8, 0x29}, 'port0\x00', 0x24, 0x40004, 0x6, 0x6, 0x0, 0x9, 0x7, 0x0, 0x0, 0x6}) 06:49:39 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x700}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:39 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x1000)=nil, 0x1000}, &(0x7f0000000040)=0x10) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) getsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f0000000100)) 06:49:39 executing program 5: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) 06:49:39 executing program 1: socketpair(0x10, 0x0, 0x0, &(0x7f0000000040)) 06:49:39 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x1000)=nil, 0x1000}, &(0x7f0000000040)=0x10) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) getsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 06:49:39 executing program 1: socketpair(0x10, 0x0, 0x0, &(0x7f0000000040)) 06:49:39 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:39 executing program 0: openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:39 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x1000)=nil, 0x1000}, &(0x7f0000000040)=0x10) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) 06:49:39 executing program 1: socketpair(0x10, 0x0, 0x0, &(0x7f0000000040)) 06:49:39 executing program 5: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) 06:49:39 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f00000000c0)=""/107) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f0000000140)={0x401, 0x6, 0xffff, 0x401, 0xfffff3d7, 0x10000}) write$cgroup_devices(r1, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:39 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3202}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:39 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000e31000/0x1000)=nil, 0x1000}, &(0x7f0000000040)=0x10) 06:49:39 executing program 1: socketpair(0x10, 0x0, 0x4, 0x0) 06:49:39 executing program 0: openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:39 executing program 5: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) 06:49:39 executing program 0: openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x8800000) 06:49:39 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0xc7, 0xff, 0xa3, 0x5, 0x0, 0x1, 0x85102, 0xa, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3ff, 0x4, @perf_bp={&(0x7f0000000040), 0xa}, 0x2aa, 0x2, 0xcf, 0x4, 0x1, 0x6, 0x4, 0x0, 0xffffffff, 0x0, 0xd7}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0xb) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)) prctl$PR_CAPBSET_READ(0x17, 0x5) ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f0000000140)) 06:49:39 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) 06:49:39 executing program 5: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) 06:49:39 executing program 1: socketpair(0x10, 0x0, 0x4, 0x0) 06:49:39 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3402}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:39 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x200040, 0x0) 06:49:39 executing program 5: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) 06:49:39 executing program 1: socketpair(0x10, 0x0, 0x4, 0x0) 06:49:39 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, 0x0, 0x8800000) 06:49:39 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x4000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:39 executing program 5: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) 06:49:39 executing program 1: socketpair(0xa, 0x2, 0x88, &(0x7f0000000040)) 06:49:40 executing program 3: openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:40 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) 06:49:40 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, 0x0, 0x8800000) 06:49:40 executing program 1: socketpair(0xa, 0x2, 0x88, &(0x7f0000000040)) 06:49:40 executing program 5: mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) 06:49:40 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x4200}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:40 executing program 1: socketpair(0xa, 0x2, 0x88, &(0x7f0000000040)) 06:49:40 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x765c9db) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r1, 0x3312, 0x3) 06:49:40 executing program 5: mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000e31000/0x1000)=nil) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1) 06:49:40 executing program 4: mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) 06:49:40 executing program 0: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) write$cgroup_devices(r0, 0x0, 0x8800000) 06:49:40 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x6000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:40 executing program 1: socketpair(0x0, 0x2, 0x88, &(0x7f0000000040)) 06:49:40 executing program 4: mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) 06:49:40 executing program 5: mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000e31000/0x1000)=nil) msync(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x0) 06:49:40 executing program 0: socketpair(0xa, 0x2, 0x3a, &(0x7f0000000040)) 06:49:40 executing program 0: socketpair(0xa, 0x2, 0x3a, &(0x7f0000000040)) 06:49:40 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xca01}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:40 executing program 1: socketpair(0x0, 0x2, 0x88, &(0x7f0000000040)) 06:49:40 executing program 3: write$cgroup_devices(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:40 executing program 4: mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) 06:49:40 executing program 5: socketpair(0xa, 0x2, 0x11, &(0x7f0000000040)) 06:49:40 executing program 1: socketpair(0x0, 0x2, 0x88, &(0x7f0000000040)) 06:49:40 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xcc01}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:40 executing program 0: socketpair(0xa, 0x2, 0x3a, &(0x7f0000000040)) 06:49:40 executing program 1: socketpair(0xa, 0x0, 0x88, &(0x7f0000000040)) 06:49:40 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x710001, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r1, 0x3309) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:40 executing program 5: socketpair(0xa, 0x2, 0x11, &(0x7f0000000040)) 06:49:40 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000e31000/0x1000)=nil) 06:49:40 executing program 0: socketpair(0x0, 0x2, 0x3a, &(0x7f0000000040)) 06:49:40 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xd601}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:40 executing program 0: socketpair(0x0, 0x2, 0x3a, &(0x7f0000000040)) 06:49:40 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) openat$cgroup_devices(r0, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r0, @ANYRESOCT=r0, @ANYRES64=r1, @ANYRES32, @ANYBLOB="a03479fe2f1f21d0652eb76c049ade1804218b0237e1dc7b10e9d1020706d070968e7bdd2e836885571f0142ee1499ab04df343f2471382558506e938afb57305d67f25e1be431d41a6c0e6cd3863dde314b7ba10483137f56f0e9a9b6f5474353fc8376efbc050f9a99bbba16332a3016998ba76eb5ba745155fa6955", @ANYRESHEX=r1], 0x1090cef) 06:49:40 executing program 1: socketpair(0xa, 0x0, 0x88, &(0x7f0000000040)) 06:49:40 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000e31000/0x1000)=nil) 06:49:40 executing program 5: socketpair(0xa, 0x2, 0x11, &(0x7f0000000040)) 06:49:40 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x40000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:40 executing program 4: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000e31000/0x1000)=nil) 06:49:40 executing program 5: socketpair(0x0, 0x2, 0x11, &(0x7f0000000040)) 06:49:40 executing program 0: socketpair(0x0, 0x2, 0x3a, &(0x7f0000000040)) 06:49:40 executing program 1: socketpair(0xa, 0x0, 0x88, &(0x7f0000000040)) 06:49:40 executing program 5: socketpair(0x0, 0x2, 0x11, &(0x7f0000000040)) 06:49:40 executing program 4: mlock(&(0x7f0000e20000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000000)={0x7f, 0x80, 0x20}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) syz_io_uring_setup(0x724, &(0x7f0000000100)={0x0, 0xfde6, 0x0, 0x0, 0x34d}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r1 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_ADD_RULE(r1, &(0x7f0000000600)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000005c0)={&(0x7f0000000180)={0x438, 0x3f3, 0x33c, 0x70bd2b, 0x25dfdbfd, {0x4, 0x2, 0x32, [0x9, 0xfffffffe, 0x7f, 0x7fffffff, 0x5, 0x401, 0xfffffffa, 0x3, 0x6, 0x6, 0x80000001, 0x6, 0x8, 0xc6a, 0x8, 0x1afa00, 0x8, 0x100, 0x9, 0x9, 0x2, 0x81, 0x4, 0x5, 0x72, 0xacc, 0x101, 0x74, 0x7ff, 0x3, 0x3, 0x5, 0x4, 0x8001, 0x3, 0x5, 0x3ff, 0xffffffff, 0x100, 0x8, 0x5, 0x1, 0x3, 0x7, 0x400, 0x3f, 0x130a, 0xff, 0x6, 0x7, 0x4, 0xb4, 0x101, 0x8, 0x5, 0x80000001, 0x8, 0x4, 0x401, 0x8001, 0x7, 0x10001, 0x0, 0x8638a6a], [0x20000000, 0x8001, 0x6, 0x68c6, 0x89, 0x5cb, 0x200, 0x3d, 0x40, 0x6, 0x9, 0x5, 0x800, 0x80000000, 0x7, 0x6, 0xf0f, 0x4, 0x8, 0x3f, 0x0, 0x2, 0x27e5, 0x100, 0x2, 0x0, 0xab, 0x5, 0x2, 0x2, 0x8b4, 0x1, 0x4f51c529, 0x0, 0x200, 0x62a6, 0x10001, 0x400000, 0x41, 0x3, 0x1, 0x8, 0xffff, 0x5, 0x3, 0x7, 0x5, 0x1000, 0x20, 0x7ff, 0x8, 0x0, 0x9, 0x80000000, 0x0, 0x10001, 0xffffffff, 0xd36, 0x10001, 0x7, 0x2, 0xffff6f94, 0x6, 0x5], [0x7, 0x1800, 0x1, 0x8, 0x3, 0x2, 0x6, 0x3c46, 0xa1b0, 0x7fffffff, 0x1000, 0x401, 0x9, 0x6, 0x2, 0x1ff, 0x6, 0x6, 0xc5b7, 0x3, 0x9a, 0x3e, 0x1f, 0xfff, 0xa2, 0x3, 0x3, 0x6, 0x280, 0x8c, 0xffff, 0x5, 0xffff, 0x3, 0x38d8, 0x0, 0x0, 0xf5f, 0xff, 0x9, 0x2, 0xffffffbe, 0x789e, 0x1, 0x4, 0x6, 0x200, 0x1e48, 0xfffffffa, 0x10001, 0x7, 0x9, 0x4, 0x1, 0x7fff, 0x80, 0xddd9, 0x1aa2568e, 0x0, 0x3f, 0xb43, 0x7fff, 0xffffffff, 0x6], [0x7, 0xd69, 0x4, 0xffff, 0x1, 0x1, 0x2, 0x6, 0x2, 0x1, 0x1ff, 0x5, 0x1, 0x2c, 0x8000, 0x400, 0xf1, 0x7, 0x4f, 0x200, 0x7, 0x0, 0x1, 0x3, 0x800, 0xffff0001, 0x0, 0x7fffffff, 0xd80, 0x5, 0x2e4b, 0x10001, 0x81, 0x8, 0xffffff24, 0x1f, 0xfffffffd, 0x0, 0x200, 0x7, 0x6, 0x3, 0x0, 0x0, 0x2, 0x5, 0x401, 0x1, 0x1ff, 0x6, 0x40000, 0xdb38, 0x9, 0x2, 0xb3, 0x7ff, 0x2, 0x1, 0x7, 0x5, 0x7fffffff, 0x1, 0x7fffffff, 0x3], 0x17, ['\x00', '\x00', '&\x00', '\x00', '/dev/bsg\x00', '/dev/bsg\x00']}, ["", "", "", "", "", "", ""]}, 0x438}, 0x1, 0x0, 0x0, 0x4}, 0x800) 06:49:40 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x80000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:40 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) socket$nl_audit(0x10, 0x3, 0x9) 06:49:40 executing program 0: socketpair(0xa, 0x0, 0x3a, &(0x7f0000000040)) 06:49:40 executing program 5: socketpair(0x0, 0x2, 0x11, &(0x7f0000000040)) 06:49:40 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x400000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:40 executing program 4: mlock(&(0x7f0000e20000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000000)={0x7f, 0x80, 0x20}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) syz_io_uring_setup(0x724, &(0x7f0000000100)={0x0, 0xfde6, 0x0, 0x0, 0x34d}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r1 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_ADD_RULE(r1, &(0x7f0000000600)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000005c0)={&(0x7f0000000180)={0x438, 0x3f3, 0x33c, 0x70bd2b, 0x25dfdbfd, {0x4, 0x2, 0x32, [0x9, 0xfffffffe, 0x7f, 0x7fffffff, 0x5, 0x401, 0xfffffffa, 0x3, 0x6, 0x6, 0x80000001, 0x6, 0x8, 0xc6a, 0x8, 0x1afa00, 0x8, 0x100, 0x9, 0x9, 0x2, 0x81, 0x4, 0x5, 0x72, 0xacc, 0x101, 0x74, 0x7ff, 0x3, 0x3, 0x5, 0x4, 0x8001, 0x3, 0x5, 0x3ff, 0xffffffff, 0x100, 0x8, 0x5, 0x1, 0x3, 0x7, 0x400, 0x3f, 0x130a, 0xff, 0x6, 0x7, 0x4, 0xb4, 0x101, 0x8, 0x5, 0x80000001, 0x8, 0x4, 0x401, 0x8001, 0x7, 0x10001, 0x0, 0x8638a6a], [0x20000000, 0x8001, 0x6, 0x68c6, 0x89, 0x5cb, 0x200, 0x3d, 0x40, 0x6, 0x9, 0x5, 0x800, 0x80000000, 0x7, 0x6, 0xf0f, 0x4, 0x8, 0x3f, 0x0, 0x2, 0x27e5, 0x100, 0x2, 0x0, 0xab, 0x5, 0x2, 0x2, 0x8b4, 0x1, 0x4f51c529, 0x0, 0x200, 0x62a6, 0x10001, 0x400000, 0x41, 0x3, 0x1, 0x8, 0xffff, 0x5, 0x3, 0x7, 0x5, 0x1000, 0x20, 0x7ff, 0x8, 0x0, 0x9, 0x80000000, 0x0, 0x10001, 0xffffffff, 0xd36, 0x10001, 0x7, 0x2, 0xffff6f94, 0x6, 0x5], [0x7, 0x1800, 0x1, 0x8, 0x3, 0x2, 0x6, 0x3c46, 0xa1b0, 0x7fffffff, 0x1000, 0x401, 0x9, 0x6, 0x2, 0x1ff, 0x6, 0x6, 0xc5b7, 0x3, 0x9a, 0x3e, 0x1f, 0xfff, 0xa2, 0x3, 0x3, 0x6, 0x280, 0x8c, 0xffff, 0x5, 0xffff, 0x3, 0x38d8, 0x0, 0x0, 0xf5f, 0xff, 0x9, 0x2, 0xffffffbe, 0x789e, 0x1, 0x4, 0x6, 0x200, 0x1e48, 0xfffffffa, 0x10001, 0x7, 0x9, 0x4, 0x1, 0x7fff, 0x80, 0xddd9, 0x1aa2568e, 0x0, 0x3f, 0xb43, 0x7fff, 0xffffffff, 0x6], [0x7, 0xd69, 0x4, 0xffff, 0x1, 0x1, 0x2, 0x6, 0x2, 0x1, 0x1ff, 0x5, 0x1, 0x2c, 0x8000, 0x400, 0xf1, 0x7, 0x4f, 0x200, 0x7, 0x0, 0x1, 0x3, 0x800, 0xffff0001, 0x0, 0x7fffffff, 0xd80, 0x5, 0x2e4b, 0x10001, 0x81, 0x8, 0xffffff24, 0x1f, 0xfffffffd, 0x0, 0x200, 0x7, 0x6, 0x3, 0x0, 0x0, 0x2, 0x5, 0x401, 0x1, 0x1ff, 0x6, 0x40000, 0xdb38, 0x9, 0x2, 0xb3, 0x7ff, 0x2, 0x1, 0x7, 0x5, 0x7fffffff, 0x1, 0x7fffffff, 0x3], 0x17, ['\x00', '\x00', '&\x00', '\x00', '/dev/bsg\x00', '/dev/bsg\x00']}, ["", "", "", "", "", "", ""]}, 0x438}, 0x1, 0x0, 0x0, 0x4}, 0x800) 06:49:40 executing program 1: socketpair(0xa, 0x2, 0x0, &(0x7f0000000040)) 06:49:40 executing program 0: socketpair(0xa, 0x0, 0x3a, &(0x7f0000000040)) 06:49:40 executing program 5: socketpair(0xa, 0x0, 0x11, &(0x7f0000000040)) 06:49:40 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x600000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:40 executing program 1: socketpair(0xa, 0x2, 0x0, &(0x7f0000000040)) 06:49:40 executing program 4: mlock(&(0x7f0000e20000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000000)={0x7f, 0x80, 0x20}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) syz_io_uring_setup(0x724, &(0x7f0000000100)={0x0, 0xfde6, 0x0, 0x0, 0x34d}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) r1 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_ADD_RULE(r1, &(0x7f0000000600)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000005c0)={&(0x7f0000000180)={0x438, 0x3f3, 0x33c, 0x70bd2b, 0x25dfdbfd, {0x4, 0x2, 0x32, [0x9, 0xfffffffe, 0x7f, 0x7fffffff, 0x5, 0x401, 0xfffffffa, 0x3, 0x6, 0x6, 0x80000001, 0x6, 0x8, 0xc6a, 0x8, 0x1afa00, 0x8, 0x100, 0x9, 0x9, 0x2, 0x81, 0x4, 0x5, 0x72, 0xacc, 0x101, 0x74, 0x7ff, 0x3, 0x3, 0x5, 0x4, 0x8001, 0x3, 0x5, 0x3ff, 0xffffffff, 0x100, 0x8, 0x5, 0x1, 0x3, 0x7, 0x400, 0x3f, 0x130a, 0xff, 0x6, 0x7, 0x4, 0xb4, 0x101, 0x8, 0x5, 0x80000001, 0x8, 0x4, 0x401, 0x8001, 0x7, 0x10001, 0x0, 0x8638a6a], [0x20000000, 0x8001, 0x6, 0x68c6, 0x89, 0x5cb, 0x200, 0x3d, 0x40, 0x6, 0x9, 0x5, 0x800, 0x80000000, 0x7, 0x6, 0xf0f, 0x4, 0x8, 0x3f, 0x0, 0x2, 0x27e5, 0x100, 0x2, 0x0, 0xab, 0x5, 0x2, 0x2, 0x8b4, 0x1, 0x4f51c529, 0x0, 0x200, 0x62a6, 0x10001, 0x400000, 0x41, 0x3, 0x1, 0x8, 0xffff, 0x5, 0x3, 0x7, 0x5, 0x1000, 0x20, 0x7ff, 0x8, 0x0, 0x9, 0x80000000, 0x0, 0x10001, 0xffffffff, 0xd36, 0x10001, 0x7, 0x2, 0xffff6f94, 0x6, 0x5], [0x7, 0x1800, 0x1, 0x8, 0x3, 0x2, 0x6, 0x3c46, 0xa1b0, 0x7fffffff, 0x1000, 0x401, 0x9, 0x6, 0x2, 0x1ff, 0x6, 0x6, 0xc5b7, 0x3, 0x9a, 0x3e, 0x1f, 0xfff, 0xa2, 0x3, 0x3, 0x6, 0x280, 0x8c, 0xffff, 0x5, 0xffff, 0x3, 0x38d8, 0x0, 0x0, 0xf5f, 0xff, 0x9, 0x2, 0xffffffbe, 0x789e, 0x1, 0x4, 0x6, 0x200, 0x1e48, 0xfffffffa, 0x10001, 0x7, 0x9, 0x4, 0x1, 0x7fff, 0x80, 0xddd9, 0x1aa2568e, 0x0, 0x3f, 0xb43, 0x7fff, 0xffffffff, 0x6], [0x7, 0xd69, 0x4, 0xffff, 0x1, 0x1, 0x2, 0x6, 0x2, 0x1, 0x1ff, 0x5, 0x1, 0x2c, 0x8000, 0x400, 0xf1, 0x7, 0x4f, 0x200, 0x7, 0x0, 0x1, 0x3, 0x800, 0xffff0001, 0x0, 0x7fffffff, 0xd80, 0x5, 0x2e4b, 0x10001, 0x81, 0x8, 0xffffff24, 0x1f, 0xfffffffd, 0x0, 0x200, 0x7, 0x6, 0x3, 0x0, 0x0, 0x2, 0x5, 0x401, 0x1, 0x1ff, 0x6, 0x40000, 0xdb38, 0x9, 0x2, 0xb3, 0x7ff, 0x2, 0x1, 0x7, 0x5, 0x7fffffff, 0x1, 0x7fffffff, 0x3], 0x17, ['\x00', '\x00', '&\x00', '\x00', '/dev/bsg\x00', '/dev/bsg\x00']}, ["", "", "", "", "", "", ""]}, 0x438}, 0x1, 0x0, 0x0, 0x4}, 0x800) 06:49:40 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x80ffff}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:41 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) 06:49:41 executing program 0: socketpair(0xa, 0x0, 0x3a, &(0x7f0000000040)) 06:49:41 executing program 5: socketpair(0xa, 0x0, 0x11, &(0x7f0000000040)) 06:49:41 executing program 1: socketpair(0xa, 0x2, 0x0, &(0x7f0000000040)) 06:49:41 executing program 4: mlock(&(0x7f0000e20000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000000)={0x7f, 0x80, 0x20}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) syz_io_uring_setup(0x724, &(0x7f0000000100)={0x0, 0xfde6, 0x0, 0x0, 0x34d}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) socket$nl_audit(0x10, 0x3, 0x9) 06:49:41 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xa0ff20}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:41 executing program 4: mlock(&(0x7f0000e20000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000000)={0x7f, 0x80, 0x20}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) syz_io_uring_setup(0x724, &(0x7f0000000100)={0x0, 0xfde6, 0x0, 0x0, 0x34d}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:41 executing program 1: socketpair(0xa, 0x2, 0x88, 0x0) 06:49:41 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xb0ff20}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:41 executing program 5: socketpair(0xa, 0x0, 0x11, &(0x7f0000000040)) 06:49:41 executing program 0: socketpair(0xa, 0x2, 0x0, &(0x7f0000000040)) 06:49:41 executing program 4: mlock(&(0x7f0000e20000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000000)={0x7f, 0x80, 0x20}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:41 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:41 executing program 1: socketpair(0xa, 0x2, 0x88, 0x0) 06:49:41 executing program 4: mlock(&(0x7f0000e20000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000000)={0x7f, 0x80, 0x20}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:41 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xc0ffff}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:41 executing program 5: socketpair(0xa, 0x2, 0x0, &(0x7f0000000040)) 06:49:41 executing program 0: socketpair(0xa, 0x2, 0x0, &(0x7f0000000040)) 06:49:41 executing program 0: socketpair(0xa, 0x2, 0x0, &(0x7f0000000040)) 06:49:41 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xd0ff20}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:41 executing program 1: socketpair(0xa, 0x2, 0x88, 0x0) 06:49:41 executing program 5: socketpair(0xa, 0x2, 0x0, &(0x7f0000000040)) 06:49:41 executing program 4: mlock(&(0x7f0000e20000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000000)={0x7f, 0x80, 0x20}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:41 executing program 0: socketpair(0xa, 0x2, 0x3a, 0x0) 06:49:41 executing program 3: openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) inotify_init() r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) modify_ldt$write(0x1, &(0x7f0000000040)={0xe2, 0x100000, 0x1000, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x10) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[], 0x8800000) openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) 06:49:41 executing program 4: mlock(&(0x7f0000e20000/0x3000)=nil, 0x3000) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000000)={0x7f, 0x80, 0x20}) syz_io_uring_setup(0x724, &(0x7f0000000100)={0x0, 0xfde6, 0x0, 0x0, 0x34d}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:41 executing program 5: socketpair(0xa, 0x2, 0x0, &(0x7f0000000040)) 06:49:41 executing program 1: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xc0ffff}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:41 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:41 executing program 0: socketpair(0xa, 0x2, 0x3a, 0x0) 06:49:41 executing program 0: socketpair(0xa, 0x2, 0x3a, 0x0) 06:49:41 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) syz_io_uring_setup(0x6762, &(0x7f0000000000), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_io_uring_submit(r1, 0x0, &(0x7f0000000400)=@IORING_OP_OPENAT={0x12, 0x5, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000100)='./file0\x00', 0x4, 0x800, 0x23456}, 0x7fffffff) syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x4, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x4000}}, 0x80000000) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:41 executing program 4: mlock(&(0x7f0000e20000/0x3000)=nil, 0x3000) openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) syz_io_uring_setup(0x724, &(0x7f0000000100)={0x0, 0xfde6, 0x0, 0x0, 0x34d}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:41 executing program 5: socketpair(0xa, 0x2, 0x11, 0x0) 06:49:41 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:41 executing program 1: mlock(&(0x7f0000e20000/0x3000)=nil, 0x3000) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000000)={0x7f, 0x80, 0x20}) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) syz_io_uring_setup(0x724, &(0x7f0000000100)={0x0, 0xfde6, 0x0, 0x0, 0x34d}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) socket$nl_audit(0x10, 0x3, 0x9) 06:49:41 executing program 5: socketpair(0xa, 0x2, 0x11, 0x0) 06:49:41 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) msync(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x6) 06:49:41 executing program 4: mlock(&(0x7f0000e20000/0x3000)=nil, 0x3000) syz_io_uring_setup(0x724, &(0x7f0000000100)={0x0, 0xfde6, 0x0, 0x0, 0x34d}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:41 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2040000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:41 executing program 5: socketpair(0xa, 0x2, 0x11, 0x0) 06:49:41 executing program 1: socketpair(0xa, 0x5, 0x3f, &(0x7f0000000040)) 06:49:41 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) msync(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x6) 06:49:41 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) r1 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$TIOCGSERIAL(r0, 0x541e, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/202}) ioctl$PIO_FONTRESET(r1, 0x4b6d, 0x0) 06:49:41 executing program 4: syz_io_uring_setup(0x724, &(0x7f0000000100)={0x0, 0xfde6, 0x0, 0x0, 0x34d}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:41 executing program 5: socketpair(0x11, 0x2, 0x3f, &(0x7f0000000040)) 06:49:41 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:41 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) msync(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x6) 06:49:41 executing program 1: socketpair(0xa, 0x5, 0x3f, &(0x7f0000000040)) 06:49:41 executing program 5: socketpair(0x11, 0x2, 0x3f, &(0x7f0000000040)) 06:49:41 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x6) 06:49:41 executing program 1: socketpair(0xa, 0x5, 0x3f, &(0x7f0000000040)) 06:49:41 executing program 4: syz_io_uring_setup(0x0, &(0x7f0000000100)={0x0, 0xfde6, 0x0, 0x0, 0x34d}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:41 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x4000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:41 executing program 5: socketpair(0x11, 0x2, 0x3f, &(0x7f0000000040)) 06:49:41 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) ioctl$MON_IOCX_GET(r0, 0x40189206, &(0x7f0000000100)={&(0x7f0000000040), &(0x7f00000000c0)=""/23, 0x17}) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000140)=@gcm_256={{0x304}, "4ed29bc24bbb5b99", "ef5f0cc9a9786dcf6c98e7c5298ce56d543280b425bca412ce2a3c90ab8ec973", "043aa9f9", "110ece8ed6ca1130"}, 0x38) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) ioctl$MON_IOCX_GET(r1, 0x40189206, &(0x7f0000000200)={&(0x7f0000000180), &(0x7f00000001c0)=""/46, 0x2e}) 06:49:41 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x6) 06:49:41 executing program 4: syz_io_uring_setup(0x0, &(0x7f0000000100)={0x0, 0xfde6, 0x0, 0x0, 0x34d}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:41 executing program 1: socketpair(0x0, 0x5, 0x3f, &(0x7f0000000040)) 06:49:41 executing program 5: socketpair(0x0, 0x2, 0x3f, &(0x7f0000000040)) 06:49:41 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x6040000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:42 executing program 4: syz_io_uring_setup(0x0, &(0x7f0000000100)={0x0, 0xfde6, 0x0, 0x0, 0x34d}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:42 executing program 5: socketpair(0x0, 0x2, 0x3f, &(0x7f0000000040)) 06:49:42 executing program 1: socketpair(0x0, 0x5, 0x3f, &(0x7f0000000040)) 06:49:42 executing program 0: mremap(&(0x7f0000e1f000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) msync(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x6) 06:49:42 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x7000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:42 executing program 4: syz_io_uring_setup(0x724, 0x0, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:42 executing program 1: socketpair(0x0, 0x5, 0x3f, &(0x7f0000000040)) 06:49:42 executing program 5: socketpair(0x0, 0x2, 0x3f, &(0x7f0000000040)) 06:49:42 executing program 0: syz_io_uring_setup(0x3125, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) msync(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x6) 06:49:42 executing program 4: syz_io_uring_setup(0x724, 0x0, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:42 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r1) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000000)=0xffff) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:42 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:42 executing program 1: socketpair(0xa, 0x0, 0x3f, &(0x7f0000000040)) 06:49:42 executing program 4: syz_io_uring_setup(0x724, 0x0, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:42 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x10000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:42 executing program 0: syz_io_uring_setup(0x0, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) msync(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x6) 06:49:42 executing program 5: socketpair(0x11, 0x0, 0x3f, &(0x7f0000000040)) 06:49:42 executing program 4: syz_io_uring_setup(0x724, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x34d}, &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:42 executing program 1: socketpair(0xa, 0x0, 0x3f, &(0x7f0000000040)) 06:49:42 executing program 0: syz_io_uring_setup(0x0, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) msync(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x6) 06:49:42 executing program 5: socketpair(0x11, 0x0, 0x3f, &(0x7f0000000040)) 06:49:42 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x20000000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:42 executing program 3: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x519401, 0x0) write$cgroup_devices(r0, &(0x7f00000000c0)=ANY=[], 0x8800000) 06:49:42 executing program 4: syz_io_uring_setup(0x724, &(0x7f0000000100), &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:42 executing program 0: syz_io_uring_setup(0x0, &(0x7f0000000280), &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) msync(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x6) 06:49:42 executing program 5: socketpair(0x11, 0x0, 0x3f, &(0x7f0000000040)) 06:49:42 executing program 1: socketpair(0xa, 0x0, 0x3f, &(0x7f0000000040)) 06:49:42 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x20ffa000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:42 executing program 0: syz_io_uring_setup(0x3125, 0x0, &(0x7f0000e1f000/0x1000)=nil, &(0x7f0000cc4000/0x1000)=nil, 0x0, 0x0) msync(&(0x7f0000e1f000/0x1000)=nil, 0x1000, 0x6) 06:49:42 executing program 5: socketpair(0x11, 0x2, 0x0, &(0x7f0000000040)) 06:49:42 executing program 1: socketpair(0xa, 0x5, 0x0, &(0x7f0000000040)) 06:49:42 executing program 4: syz_io_uring_setup(0x724, &(0x7f0000000100), &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, 0x0, &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:42 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x20ffb000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 06:49:42 executing program 5: socketpair(0x11, 0x2, 0x0, 0x0) 06:49:42 executing program 4: syz_io_uring_setup(0x724, &(0x7f0000000100), &(0x7f0000e1f000/0x2000)=nil, &(0x7f0000e31000/0x4000)=nil, 0x0, &(0x7f00000000c0)) mremap(&(0x7f0000e1f000/0x2000)=nil, 0x12000, 0x4000, 0x3, &(0x7f0000e31000/0x4000)=nil) 06:49:42 executing program 3: syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000200), 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x40, 0x81, 0x3, 0x0, 0x0, 0x9, 0xe0908, 0x12, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3ff, 0x2, @perf_config_ext={0x6, 0x2}, 0x2032, 0x2, 0x80000000, 0x1, 0x401, 0x9, 0x1, 0x0, 0x7f, 0x0, 0x7f}, 0x0, 0x6, 0xffffffffffffffff, 0x1) r0 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$NET_DM_CMD_START(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x14, r0, 0x100, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x8012) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x501400, 0x0) write$cgroup_devices(r1, &(0x7f00000000c0)=ANY=[], 0x8800000) r2 = perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0xab, 0x8, 0x5, 0x2, 0x0, 0xce, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0xfffffffffffff0fa, 0xe0a}, 0x2af8, 0x0, 0x9, 0x4, 0x2, 0x7, 0x3, 0x0, 0x7, 0x0, 0x9}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0x2) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_RESET(r3, 0x2403, 0x6) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000180)={0x2, 0x80, 0x53, 0x2d, 0x2, 0x7, 0x0, 0x9, 0x18070, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0xfffff967, 0x1, @perf_bp={&(0x7f0000000140), 0x2}, 0x1901, 0x7, 0xf864ee61, 0x4, 0x0, 0x4, 0x7ff, 0x0, 0x0, 0x0, 0x3}) ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000240)={0x8000, 0x5a02}) r4 = openat$bsg(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, 0xffffffffffffffff) perf_event_open$cgroup(&(0x7f00000004c0)={0x0, 0x80, 0xd, 0x1, 0x4, 0x1, 0x0, 0xffffffff, 0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6, 0x6, @perf_bp={&(0x7f0000000480)}, 0x41, 0x200, 0x7, 0x6, 0xe1, 0x8, 0x401, 0x0, 0x7, 0x0, 0x7ff}, r4, 0x9, 0xffffffffffffffff, 0xc) perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x0, 0xff, 0x5, 0x5, 0x0, 0xf9bc, 0x400, 0x4, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000280)}, 0x40000, 0x6, 0x2, 0x2, 0x200, 0x100, 0x1, 0x0, 0x2, 0x0, 0x80000000}, 0xffffffffffffffff, 0xf, r2, 0x2) 06:49:42 executing program 2: mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000e31000/0x1000)=nil) syz_io_uring_setup(0x6762, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x20ffd000}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))