, 0x3d, 0x6}}]}) [ 82.446401][ T3636] ext4_ext_map_blocks+0x15f4/0x20a0 [ 82.451695][ T3636] ext4_map_blocks+0x71e/0xf00 [ 82.456455][ T3636] ? __ext4_mark_inode_dirty+0x502/0x5f0 [ 82.462128][ T3636] ext4_getblk+0xc6/0x3e0 [ 82.466459][ T3636] ext4_bread+0x28/0x100 [ 82.470701][ T3636] ext4_append+0xd1/0x1c0 [ 82.475052][ T3636] ext4_init_new_dir+0x177/0x500 [ 82.480007][ T3636] ext4_mkdir+0x329/0x760 [ 82.484355][ T3636] vfs_mkdir+0x2c8/0x3d0 [ 82.488609][ T3636] do_mkdirat+0x12e/0x2c0 [ 82.492940][ T3636] __x64_sys_mkdir+0x40/0x50 [ 82.497765][ T3636] do_syscall_64+0x44/0xa0 [ 82.502185][ T3636] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 82.508141][ T3636] RIP: 0033:0x7f5d4debfae9 [ 82.512551][ T3636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 82.532296][ T3636] RSP: 002b:00007f5d4bc36188 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 82.540732][ T3636] RAX: ffffffffffffffda RBX: 00007f5d4dfd2f60 RCX: 00007f5d4debfae9 [ 82.548688][ T3636] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000280 [ 82.556895][ T3636] RBP: 00007f5d4bc361d0 R08: 0000000000000000 R09: 0000000000000000 [ 82.565090][ T3636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 82.573214][ T3636] R13: 00007ffde76f544f R14: 00007f5d4bc36300 R15: 0000000000022000 [ 82.581320][ T3636] 07:33:09 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000040)) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = getpid() sched_setattr(r1, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) 07:33:09 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000040)) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = getpid() sched_setattr(r1, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r3, 0x0, 0x100000000) 07:33:09 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) 07:33:09 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) (fail_nth: 12) 07:33:09 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', 0x0, 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) 07:33:09 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0xc, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735", 0x0, 0x0, 0x0, 0x0, 0x0}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000001) [ 83.224054][ T3663] FAULT_INJECTION: forcing a failure. [ 83.224054][ T3663] name failslab, interval 1, probability 0, space 0, times 0 [ 83.236716][ T3663] CPU: 1 PID: 3663 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 83.245042][ T3663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 83.255096][ T3663] Call Trace: [ 83.258443][ T3663] [ 83.261374][ T3663] dump_stack_lvl+0xd6/0x122 [ 83.266015][ T3663] dump_stack+0x11/0x1b 07:33:09 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) 07:33:09 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) 07:33:09 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', 0x0, 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) [ 83.270171][ T3663] should_fail+0x23c/0x250 [ 83.274598][ T3663] ? ext4_mb_new_blocks+0x73e/0x1ee0 [ 83.279899][ T3663] __should_failslab+0x81/0x90 [ 83.284848][ T3663] should_failslab+0x5/0x20 [ 83.289430][ T3663] kmem_cache_alloc+0x4f/0x320 [ 83.294289][ T3663] ext4_mb_new_blocks+0x73e/0x1ee0 [ 83.299677][ T3663] ? kcalloc+0x32/0x50 [ 83.303732][ T3663] ? ext4_find_extent+0x6cf/0x7f0 [ 83.308852][ T3663] ? ext4_ext_search_right+0x300/0x540 [ 83.314312][ T3663] ? ext4_inode_to_goal_block+0x1bd/0x1d0 [ 83.320053][ T3663] ext4_ext_map_blocks+0x15f4/0x20a0 [ 83.325416][ T3663] ext4_map_blocks+0x71e/0xf00 [ 83.330174][ T3663] ? __ext4_mark_inode_dirty+0x502/0x5f0 [ 83.335799][ T3663] ext4_getblk+0xc6/0x3e0 [ 83.340205][ T3663] ext4_bread+0x28/0x100 [ 83.344591][ T3663] ext4_append+0xd1/0x1c0 [ 83.349027][ T3663] ext4_init_new_dir+0x177/0x500 [ 83.353977][ T3663] ext4_mkdir+0x329/0x760 [ 83.358294][ T3663] vfs_mkdir+0x2c8/0x3d0 [ 83.362554][ T3663] do_mkdirat+0x12e/0x2c0 [ 83.366892][ T3663] __x64_sys_mkdir+0x40/0x50 [ 83.371486][ T3663] do_syscall_64+0x44/0xa0 [ 83.376026][ T3663] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 83.381934][ T3663] RIP: 0033:0x7f5d4debfae9 [ 83.386349][ T3663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 83.406036][ T3663] RSP: 002b:00007f5d4bc36188 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 83.414445][ T3663] RAX: ffffffffffffffda RBX: 00007f5d4dfd2f60 RCX: 00007f5d4debfae9 07:33:10 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0xc, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735", 0x0, 0x0, 0x0, 0x0, 0x0}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000001) 07:33:10 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) (fail_nth: 13) 07:33:10 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) [ 83.422419][ T3663] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000280 [ 83.430379][ T3663] RBP: 00007f5d4bc361d0 R08: 0000000000000000 R09: 0000000000000000 [ 83.438356][ T3663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 83.446509][ T3663] R13: 00007ffde76f544f R14: 00007f5d4bc36300 R15: 0000000000022000 [ 83.454483][ T3663] [ 83.507516][ T3679] FAULT_INJECTION: forcing a failure. [ 83.507516][ T3679] name failslab, interval 1, probability 0, space 0, times 0 [ 83.520287][ T3679] CPU: 1 PID: 3679 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 83.528710][ T3679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 83.538874][ T3679] Call Trace: [ 83.542213][ T3679] [ 83.545150][ T3679] dump_stack_lvl+0xd6/0x122 [ 83.549913][ T3679] dump_stack+0x11/0x1b [ 83.554139][ T3679] should_fail+0x23c/0x250 [ 83.558610][ T3679] ? __es_insert_extent+0x546/0xe80 [ 83.563896][ T3679] __should_failslab+0x81/0x90 [ 83.568693][ T3679] should_failslab+0x5/0x20 [ 83.573195][ T3679] kmem_cache_alloc+0x4f/0x320 [ 83.577946][ T3679] __es_insert_extent+0x546/0xe80 [ 83.583051][ T3679] ? ext4_ext_map_blocks+0x1128/0x20a0 [ 83.588742][ T3679] ext4_es_insert_extent+0x1cb/0x19c0 [ 83.594172][ T3679] ext4_map_blocks+0xa5d/0xf00 [ 83.598972][ T3679] ext4_getblk+0xc6/0x3e0 [ 83.603292][ T3679] ext4_bread+0x28/0x100 [ 83.607581][ T3679] ext4_append+0xd1/0x1c0 [ 83.611922][ T3679] ext4_init_new_dir+0x177/0x500 [ 83.616847][ T3679] ext4_mkdir+0x329/0x760 [ 83.621163][ T3679] vfs_mkdir+0x2c8/0x3d0 [ 83.625413][ T3679] do_mkdirat+0x12e/0x2c0 [ 83.629734][ T3679] __x64_sys_mkdir+0x40/0x50 [ 83.634376][ T3679] do_syscall_64+0x44/0xa0 [ 83.638972][ T3679] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 83.644856][ T3679] RIP: 0033:0x7f5d4debfae9 [ 83.649320][ T3679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 83.668952][ T3679] RSP: 002b:00007f5d4bc36188 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 83.677356][ T3679] RAX: ffffffffffffffda RBX: 00007f5d4dfd2f60 RCX: 00007f5d4debfae9 [ 83.685424][ T3679] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000280 [ 83.693390][ T3679] RBP: 00007f5d4bc361d0 R08: 0000000000000000 R09: 0000000000000000 07:33:10 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000040)) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = getpid() sched_setattr(r1, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) [ 83.701343][ T3679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 83.709309][ T3679] R13: 00007ffde76f544f R14: 00007f5d4bc36300 R15: 0000000000022000 [ 83.717326][ T3679] 07:33:10 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000040)) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = getpid() sched_setattr(r1, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r3, 0x0, 0x100000000) 07:33:10 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', 0x0, 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) 07:33:10 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', 0x0, 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) 07:33:10 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) (fail_nth: 14) 07:33:10 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0xc, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735", 0x0, 0x0, 0x0, 0x0, 0x0}) sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000001) 07:33:10 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', 0x0, 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) 07:33:10 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) [ 84.090289][ T3695] FAULT_INJECTION: forcing a failure. [ 84.090289][ T3695] name failslab, interval 1, probability 0, space 0, times 0 [ 84.102954][ T3695] CPU: 0 PID: 3695 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 84.111287][ T3695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 84.121344][ T3695] Call Trace: [ 84.124621][ T3695] [ 84.127577][ T3695] dump_stack_lvl+0xd6/0x122 [ 84.132210][ T3695] dump_stack+0x11/0x1b [ 84.136483][ T3695] should_fail+0x23c/0x250 [ 84.141051][ T3695] ? __es_insert_extent+0x546/0xe80 [ 84.146233][ T3695] __should_failslab+0x81/0x90 [ 84.151057][ T3695] should_failslab+0x5/0x20 [ 84.155552][ T3695] kmem_cache_alloc+0x4f/0x320 [ 84.160451][ T3695] __es_insert_extent+0x546/0xe80 [ 84.165530][ T3695] ? ext4_ext_map_blocks+0x1128/0x20a0 [ 84.170976][ T3695] ext4_es_insert_extent+0x1cb/0x19c0 [ 84.176355][ T3695] ext4_map_blocks+0xa5d/0xf00 [ 84.181123][ T3695] ext4_getblk+0xc6/0x3e0 [ 84.185436][ T3695] ext4_bread+0x28/0x100 [ 84.189668][ T3695] ext4_append+0xd1/0x1c0 [ 84.194056][ T3695] ext4_init_new_dir+0x177/0x500 [ 84.199085][ T3695] ext4_mkdir+0x329/0x760 [ 84.203550][ T3695] vfs_mkdir+0x2c8/0x3d0 [ 84.207856][ T3695] do_mkdirat+0x12e/0x2c0 [ 84.212192][ T3695] __x64_sys_mkdir+0x40/0x50 [ 84.216857][ T3695] do_syscall_64+0x44/0xa0 [ 84.221287][ T3695] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 84.227343][ T3695] RIP: 0033:0x7f5d4debfae9 [ 84.231832][ T3695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 84.251425][ T3695] RSP: 002b:00007f5d4bc36188 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 84.259834][ T3695] RAX: ffffffffffffffda RBX: 00007f5d4dfd2f60 RCX: 00007f5d4debfae9 [ 84.267790][ T3695] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000280 [ 84.275748][ T3695] RBP: 00007f5d4bc361d0 R08: 0000000000000000 R09: 0000000000000000 07:33:11 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) (fail_nth: 15) [ 84.283733][ T3695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 84.291681][ T3695] R13: 00007ffde76f544f R14: 00007f5d4bc36300 R15: 0000000000022000 [ 84.299833][ T3695] 07:33:11 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) syz_open_dev$sg(0x0, 0x0, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x80000001) 07:33:11 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', 0x0, 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) 07:33:11 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) [ 84.342666][ T3705] FAULT_INJECTION: forcing a failure. [ 84.342666][ T3705] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 84.355748][ T3705] CPU: 0 PID: 3705 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 84.364080][ T3705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 84.374132][ T3705] Call Trace: [ 84.377552][ T3705] [ 84.380482][ T3705] dump_stack_lvl+0xd6/0x122 [ 84.385139][ T3705] dump_stack+0x11/0x1b [ 84.389299][ T3705] should_fail+0x23c/0x250 [ 84.393771][ T3705] should_fail_usercopy+0x16/0x20 [ 84.398779][ T3705] _copy_to_user+0x1c/0x90 [ 84.403208][ T3705] simple_read_from_buffer+0xab/0x120 [ 84.408671][ T3705] proc_fail_nth_read+0x10d/0x150 [ 84.413747][ T3705] ? proc_fault_inject_write+0x230/0x230 [ 84.419552][ T3705] vfs_read+0x1e6/0x750 [ 84.423694][ T3705] ? debug_smp_processor_id+0x18/0x20 [ 84.429046][ T3705] ? __fget_light+0x219/0x260 [ 84.433708][ T3705] ? do_mkdirat+0x293/0x2c0 [ 84.438205][ T3705] ksys_read+0xd9/0x190 [ 84.442477][ T3705] __x64_sys_read+0x3e/0x50 [ 84.446976][ T3705] do_syscall_64+0x44/0xa0 [ 84.451382][ T3705] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 84.457259][ T3705] RIP: 0033:0x7f5d4de7269c [ 84.461652][ T3705] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 84.481325][ T3705] RSP: 002b:00007f5d4bc36170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 84.489724][ T3705] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5d4de7269c [ 84.497755][ T3705] RDX: 000000000000000f RSI: 00007f5d4bc361e0 RDI: 0000000000000003 [ 84.505838][ T3705] RBP: 00007f5d4bc361d0 R08: 0000000000000000 R09: 0000000000000000 [ 84.513865][ T3705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 84.521817][ T3705] R13: 00007ffde76f544f R14: 00007f5d4bc36300 R15: 0000000000022000 [ 84.529809][ T3705] 07:33:11 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000040)) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = getpid() sched_setattr(r1, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) 07:33:11 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000040)) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = getpid() sched_setattr(r1, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r2 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x100000000) 07:33:11 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) 07:33:11 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) 07:33:11 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) 07:33:11 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x80000001) 07:33:11 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, 0x0) 07:33:11 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) 07:33:11 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x2) 07:33:11 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, 0x0) 07:33:11 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x4) 07:33:11 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, 0x0) 07:33:12 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000040)) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = getpid() sched_setattr(r1, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) 07:33:12 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}]}) 07:33:12 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}]}) 07:33:12 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x5) 07:33:12 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000040)) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = getpid() sched_setattr(r1, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r2 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x100000000) 07:33:12 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x80000001) 07:33:12 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x6) 07:33:12 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, 0x0) 07:33:12 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000040)) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = getpid() sched_setattr(r1, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) 07:33:12 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x7) [ 85.498038][ T3744] EXT4-fs: 12 callbacks suppressed [ 85.498051][ T3744] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 85.516912][ T3744] EXT4-fs (sda1): re-mounted. Opts: usrjquota=,usrquota,minixdf,mblk_io_submit,init_itable,user_xattr,usrjquota=,,errors=continue. Quota mode: writeback. 07:33:12 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x8) 07:33:12 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, 0x0) 07:33:12 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000040)) fallocate(r0, 0x0, 0x0, 0x7fff) getpid() 07:33:12 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}]}) 07:33:12 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, 0x0) 07:33:12 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xc) [ 85.656683][ T3765] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 85.663995][ T3765] EXT4-fs (sda1): re-mounted. Opts: usrjquota=,usrquota,minixdf,mblk_io_submit,init_itable,user_xattr,,errors=continue. Quota mode: writeback. 07:33:12 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000040)) fallocate(r0, 0x0, 0x0, 0x7fff) getpid() r1 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x100000000) 07:33:12 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x80000001) 07:33:12 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000040)) fallocate(r0, 0x0, 0x0, 0x7fff) 07:33:12 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}]}) 07:33:12 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}]}) 07:33:12 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xd) 07:33:12 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000040)) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x100000000) [ 85.949029][ T3751] syz-executor.4 (3751) used greatest stack depth: 10240 bytes left [ 85.969271][ T3776] EXT4-fs (sda1): Ignoring removed mblk_io_submit option 07:33:12 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x10) 07:33:12 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}]}) 07:33:12 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x1c) 07:33:12 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) 07:33:12 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}]}) [ 85.987190][ T3776] EXT4-fs (sda1): re-mounted. Opts: usrjquota=,usrquota,minixdf,mblk_io_submit,init_itable,user_xattr,usrjquota=,,errors=continue. Quota mode: writeback. [ 86.009258][ T3781] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 86.016458][ T3781] EXT4-fs (sda1): re-mounted. Opts: usrjquota=,usrquota,minixdf,mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:12 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x2e) [ 86.068124][ T3788] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 86.093732][ T3788] EXT4-fs (sda1): re-mounted. Opts: usrjquota=,usrquota,minixdf,mblk_io_submit,init_itable,user_xattr,usrjquota=,,errors=continue. Quota mode: writeback. 07:33:12 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x80000001) 07:33:12 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x7fff) 07:33:12 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}]}) 07:33:12 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x89) 07:33:12 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}, {@usrjquota}]}) 07:33:12 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000040)) r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) 07:33:13 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xa1) 07:33:13 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}]}) 07:33:13 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x7fff) 07:33:13 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}]}) 07:33:13 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xc0) 07:33:13 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}]}) 07:33:13 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x80000001) 07:33:13 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xec) 07:33:13 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@init_itable}]}) 07:33:13 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x7fff) 07:33:13 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}]}) 07:33:13 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) 07:33:13 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x281) 07:33:13 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) 07:33:13 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}]}) 07:33:13 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@init_itable}]}) 07:33:13 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x500) 07:33:13 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) 07:33:13 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x80000001) 07:33:13 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@init_itable}]}) 07:33:13 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}]}) 07:33:13 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x600) 07:33:13 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) 07:33:13 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) 07:33:13 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) 07:33:13 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x700) 07:33:13 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xc00) 07:33:13 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x7fff) 07:33:13 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) 07:33:13 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xd00) 07:33:13 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x80000001) 07:33:13 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@init_itable}]}) 07:33:13 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x11d0) 07:33:13 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x7fff) 07:33:13 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@mblk_io_submit}, {@init_itable}, {@user_xattr}]}) 07:33:13 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) 07:33:13 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x7fff) 07:33:13 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x80000001) 07:33:13 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x11d2) 07:33:13 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@init_itable}]}) 07:33:13 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x0) 07:33:13 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x1c00) 07:33:14 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) inotify_init1(0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x80000001) 07:33:14 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@minixdf}, {@init_itable}]}) 07:33:14 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x0) 07:33:14 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x2000) 07:33:14 executing program 5: r0 = open(0x0, 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) 07:33:14 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x0) 07:33:14 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x2e00) 07:33:14 executing program 5: r0 = open(0x0, 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) 07:33:14 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@usrquota}, {@mblk_io_submit}, {@init_itable}]}) 07:33:14 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x80000001) 07:33:14 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) (fail_nth: 1) 07:33:14 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x3f00) [ 87.648459][ T3914] FAULT_INJECTION: forcing a failure. [ 87.648459][ T3914] name failslab, interval 1, probability 0, space 0, times 0 [ 87.661132][ T3914] CPU: 0 PID: 3914 Comm: syz-executor.3 Not tainted 5.15.0-syzkaller #0 [ 87.669856][ T3914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.680131][ T3914] Call Trace: [ 87.683418][ T3914] [ 87.686429][ T3914] dump_stack_lvl+0xd6/0x122 [ 87.691071][ T3914] dump_stack+0x11/0x1b [ 87.695224][ T3914] should_fail+0x23c/0x250 [ 87.699740][ T3914] ? jbd2__journal_start+0xf7/0x3f0 [ 87.704959][ T3914] __should_failslab+0x81/0x90 [ 87.709847][ T3914] should_failslab+0x5/0x20 [ 87.714454][ T3914] kmem_cache_alloc+0x4f/0x320 [ 87.719222][ T3914] jbd2__journal_start+0xf7/0x3f0 [ 87.724581][ T3914] __ext4_journal_start_sb+0x159/0x310 [ 87.730263][ T3914] ext4_alloc_file_blocks+0x258/0x730 [ 87.735743][ T3914] ext4_fallocate+0x2a7/0x540 [ 87.740419][ T3914] vfs_fallocate+0x486/0x720 07:33:14 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x80000001) 07:33:14 executing program 5: r0 = open(0x0, 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) 07:33:14 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@usrjquota}, {@mblk_io_submit}, {@init_itable}]}) 07:33:14 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x8100) 07:33:14 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) 07:33:14 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x8102) [ 87.745060][ T3914] __x64_sys_fallocate+0x75/0xc0 [ 87.750004][ T3914] do_syscall_64+0x44/0xa0 [ 87.754495][ T3914] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 87.760474][ T3914] RIP: 0033:0x7f67744ccae9 [ 87.764879][ T3914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 87.784485][ T3914] RSP: 002b:00007f6772243188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d 07:33:14 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x8900) 07:33:14 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xa1ff) [ 87.792897][ T3914] RAX: ffffffffffffffda RBX: 00007f67745dff60 RCX: 00007f67744ccae9 [ 87.800872][ T3914] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 87.808854][ T3914] RBP: 00007f67722431d0 R08: 0000000000000000 R09: 0000000000000000 [ 87.816878][ T3914] R10: 0000000000007fff R11: 0000000000000246 R12: 0000000000000001 [ 87.824936][ T3914] R13: 00007ffd6ea060bf R14: 00007f6772243300 R15: 0000000000022000 [ 87.832921][ T3914] 07:33:14 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x80000001) 07:33:14 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) 07:33:14 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xc000) 07:33:14 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) (fail_nth: 2) 07:33:14 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:14 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) creat(0x0, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:14 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) 07:33:14 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 1) [ 88.190089][ T3939] FAULT_INJECTION: forcing a failure. [ 88.190089][ T3939] name failslab, interval 1, probability 0, space 0, times 0 [ 88.202733][ T3939] CPU: 0 PID: 3939 Comm: syz-executor.3 Not tainted 5.15.0-syzkaller #0 [ 88.211099][ T3939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 88.221149][ T3939] Call Trace: [ 88.224425][ T3939] [ 88.227352][ T3939] dump_stack_lvl+0xd6/0x122 [ 88.232013][ T3939] dump_stack+0x11/0x1b 07:33:14 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) 07:33:14 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) 07:33:14 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) [ 88.236164][ T3939] should_fail+0x23c/0x250 [ 88.240579][ T3939] ? kcalloc+0x32/0x50 [ 88.244680][ T3939] __should_failslab+0x81/0x90 [ 88.249546][ T3939] should_failslab+0x5/0x20 [ 88.254055][ T3939] __kmalloc+0x6f/0x370 [ 88.258220][ T3939] kcalloc+0x32/0x50 [ 88.262111][ T3939] ext4_find_extent+0x21c/0x7f0 [ 88.267221][ T3939] ? rmqueue+0x4a/0xd20 [ 88.271383][ T3939] ext4_ext_map_blocks+0x115/0x20a0 [ 88.276610][ T3939] ? preempt_count_add+0x4e/0x90 [ 88.281553][ T3939] ? _raw_read_unlock+0x13/0x30 07:33:15 executing program 5: open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000000) [ 88.286403][ T3939] ? start_this_handle+0xfa6/0x1050 [ 88.291625][ T3939] ? ext4_es_lookup_extent+0x221/0x500 [ 88.297089][ T3939] ext4_map_blocks+0x1cf/0xf00 [ 88.301948][ T3939] ext4_alloc_file_blocks+0x281/0x730 [ 88.307358][ T3939] ext4_fallocate+0x2a7/0x540 [ 88.312117][ T3939] vfs_fallocate+0x486/0x720 [ 88.316714][ T3939] __x64_sys_fallocate+0x75/0xc0 [ 88.321656][ T3939] do_syscall_64+0x44/0xa0 [ 88.326159][ T3939] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 88.332145][ T3939] RIP: 0033:0x7f67744ccae9 [ 88.336560][ T3939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 88.356343][ T3939] RSP: 002b:00007f6772243188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 88.365193][ T3939] RAX: ffffffffffffffda RBX: 00007f67745dff60 RCX: 00007f67744ccae9 [ 88.373274][ T3939] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 88.381291][ T3939] RBP: 00007f67722431d0 R08: 0000000000000000 R09: 0000000000000000 [ 88.389253][ T3939] R10: 0000000000007fff R11: 0000000000000246 R12: 0000000000000001 [ 88.397217][ T3939] R13: 00007ffd6ea060bf R14: 00007f6772243300 R15: 0000000000022000 [ 88.405179][ T3939] [ 88.424972][ T3960] FAULT_INJECTION: forcing a failure. [ 88.424972][ T3960] name failslab, interval 1, probability 0, space 0, times 0 [ 88.437708][ T3960] CPU: 1 PID: 3960 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 88.446113][ T3960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 88.456311][ T3960] Call Trace: [ 88.459571][ T3960] [ 88.462481][ T3960] dump_stack_lvl+0xd6/0x122 [ 88.467114][ T3960] dump_stack+0x11/0x1b [ 88.471339][ T3960] should_fail+0x23c/0x250 [ 88.475750][ T3960] ? getname_flags+0x84/0x3f0 [ 88.480409][ T3960] __should_failslab+0x81/0x90 [ 88.485154][ T3960] should_failslab+0x5/0x20 [ 88.489642][ T3960] kmem_cache_alloc+0x4f/0x320 [ 88.494475][ T3960] getname_flags+0x84/0x3f0 [ 88.498956][ T3960] __x64_sys_mkdir+0x31/0x50 [ 88.503655][ T3960] do_syscall_64+0x44/0xa0 [ 88.508071][ T3960] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 88.513995][ T3960] RIP: 0033:0x7f9cfc878bf7 [ 88.518404][ T3960] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 88.537992][ T3960] RSP: 002b:00007f9cfa5effa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 88.546442][ T3960] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9cfc878bf7 [ 88.554477][ T3960] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 0000000020000000 [ 88.562427][ T3960] RBP: 00007f9cfa5f0040 R08: 0000000000000000 R09: 000000000001c4a6 [ 88.570384][ T3960] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0 [ 88.578333][ T3960] R13: 0000000020000000 R14: 00007f9cfa5f0000 R15: 0000000020000180 [ 88.586288][ T3960] 07:33:15 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000001) 07:33:15 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xd011) 07:33:15 executing program 5: open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000000) 07:33:15 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) (fail_nth: 3) 07:33:15 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 2) 07:33:15 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) creat(0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) [ 88.906965][ T3969] FAULT_INJECTION: forcing a failure. [ 88.906965][ T3969] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 88.920113][ T3969] CPU: 0 PID: 3969 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 88.928449][ T3969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 88.936014][ T3968] FAULT_INJECTION: forcing a failure. [ 88.936014][ T3968] name failslab, interval 1, probability 0, space 0, times 0 [ 88.938525][ T3969] Call Trace: [ 88.938533][ T3969] [ 88.938539][ T3969] dump_stack_lvl+0xd6/0x122 [ 88.938562][ T3969] dump_stack+0x11/0x1b [ 88.966234][ T3969] should_fail+0x23c/0x250 [ 88.970740][ T3969] should_fail_usercopy+0x16/0x20 [ 88.975783][ T3969] strncpy_from_user+0x21/0x250 [ 88.980663][ T3969] getname_flags+0xb8/0x3f0 [ 88.985182][ T3969] __x64_sys_mkdir+0x31/0x50 [ 88.989872][ T3969] do_syscall_64+0x44/0xa0 [ 88.994314][ T3969] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 89.000209][ T3969] RIP: 0033:0x7f9cfc878bf7 [ 89.004639][ T3969] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 89.024229][ T3969] RSP: 002b:00007f9cfa5effa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 89.032644][ T3969] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9cfc878bf7 [ 89.040607][ T3969] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 0000000020000000 [ 89.048561][ T3969] RBP: 00007f9cfa5f0040 R08: 0000000000000000 R09: 000000000001c4a6 [ 89.056529][ T3969] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0 [ 89.064575][ T3969] R13: 0000000020000000 R14: 00007f9cfa5f0000 R15: 0000000020000180 [ 89.072536][ T3969] [ 89.075543][ T3968] CPU: 1 PID: 3968 Comm: syz-executor.3 Not tainted 5.15.0-syzkaller #0 [ 89.083912][ T3968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 89.094012][ T3968] Call Trace: [ 89.097294][ T3968] [ 89.100223][ T3968] dump_stack_lvl+0xd6/0x122 07:33:15 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xd211) 07:33:15 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) creat(0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) 07:33:15 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 3) 07:33:15 executing program 5: open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000000) 07:33:15 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000001) 07:33:15 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) sendfile(r2, 0xffffffffffffffff, 0x0, 0x80000001) [ 89.104817][ T3968] dump_stack+0x11/0x1b [ 89.108980][ T3968] should_fail+0x23c/0x250 [ 89.113481][ T3968] ? __es_insert_extent+0x546/0xe80 [ 89.118711][ T3968] __should_failslab+0x81/0x90 [ 89.123479][ T3968] should_failslab+0x5/0x20 [ 89.128048][ T3968] kmem_cache_alloc+0x4f/0x320 [ 89.132877][ T3968] __es_insert_extent+0x546/0xe80 [ 89.137907][ T3968] ext4_es_insert_extent+0x1cb/0x19c0 [ 89.143378][ T3968] ext4_ext_map_blocks+0xff6/0x20a0 [ 89.148653][ T3968] ? _raw_read_unlock+0x13/0x30 [ 89.153537][ T3968] ext4_map_blocks+0x1cf/0xf00 07:33:15 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x80000001) [ 89.158321][ T3968] ext4_alloc_file_blocks+0x281/0x730 [ 89.163707][ T3968] ext4_fallocate+0x2a7/0x540 [ 89.168502][ T3968] vfs_fallocate+0x486/0x720 [ 89.173142][ T3968] __x64_sys_fallocate+0x75/0xc0 [ 89.178132][ T3968] do_syscall_64+0x44/0xa0 [ 89.182583][ T3968] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 89.188621][ T3968] RIP: 0033:0x7f67744ccae9 07:33:15 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x100000000) 07:33:15 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xec00) [ 89.193033][ T3968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 89.213120][ T3968] RSP: 002b:00007f6772243188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 89.221567][ T3968] RAX: ffffffffffffffda RBX: 00007f67745dff60 RCX: 00007f67744ccae9 [ 89.229549][ T3968] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 89.237551][ T3968] RBP: 00007f67722431d0 R08: 0000000000000000 R09: 0000000000000000 [ 89.245601][ T3968] R10: 0000000000007fff R11: 0000000000000246 R12: 0000000000000001 [ 89.253568][ T3968] R13: 00007ffd6ea060bf R14: 00007f6772243300 R15: 0000000000022000 [ 89.261630][ T3968] [ 89.296920][ T3992] FAULT_INJECTION: forcing a failure. 07:33:16 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) (fail_nth: 4) [ 89.296920][ T3992] name failslab, interval 1, probability 0, space 0, times 0 [ 89.309579][ T3992] CPU: 1 PID: 3992 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 89.317910][ T3992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 89.327981][ T3992] Call Trace: [ 89.331259][ T3992] [ 89.334193][ T3992] dump_stack_lvl+0xd6/0x122 [ 89.338813][ T3992] dump_stack+0x11/0x1b [ 89.340565][ T3994] FAULT_INJECTION: forcing a failure. [ 89.340565][ T3994] name failslab, interval 1, probability 0, space 0, times 0 [ 89.342971][ T3992] should_fail+0x23c/0x250 [ 89.342999][ T3992] ? strndup_user+0x64/0xa0 [ 89.364547][ T3992] __should_failslab+0x81/0x90 [ 89.369308][ T3992] should_failslab+0x5/0x20 [ 89.373812][ T3992] __kmalloc_track_caller+0x6d/0x370 [ 89.379085][ T3992] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 89.385048][ T3992] memdup_user+0x22/0xb0 [ 89.389287][ T3992] strndup_user+0x64/0xa0 [ 89.393608][ T3992] __se_sys_mount+0x4e/0x2f0 [ 89.398193][ T3992] ? debug_smp_processor_id+0x18/0x20 [ 89.403554][ T3992] __x64_sys_mount+0x63/0x70 [ 89.408135][ T3992] do_syscall_64+0x44/0xa0 [ 89.412544][ T3992] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 89.418428][ T3992] RIP: 0033:0x7f9cfc87b01a [ 89.422826][ T3992] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 89.442503][ T3992] RSP: 002b:00007f9cfa5effa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 89.450900][ T3992] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9cfc87b01a [ 89.458861][ T3992] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 89.466903][ T3992] RBP: 00007f9cfa5f0040 R08: 00007f9cfa5f0040 R09: 00000000200000c0 [ 89.474858][ T3992] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 89.482827][ T3992] R13: 0000000020000000 R14: 00007f9cfa5f0000 R15: 0000000020000180 [ 89.490785][ T3992] [ 89.493789][ T3994] CPU: 0 PID: 3994 Comm: syz-executor.3 Not tainted 5.15.0-syzkaller #0 07:33:16 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) creat(0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) 07:33:16 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xff01) 07:33:16 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x100000000) 07:33:16 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 4) [ 89.502195][ T3994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 89.512248][ T3994] Call Trace: [ 89.515531][ T3994] [ 89.518517][ T3994] dump_stack_lvl+0xd6/0x122 [ 89.523116][ T3994] dump_stack+0x11/0x1b [ 89.527281][ T3994] should_fail+0x23c/0x250 [ 89.531712][ T3994] ? kcalloc+0x32/0x50 [ 89.535782][ T3994] __should_failslab+0x81/0x90 [ 89.540553][ T3994] should_failslab+0x5/0x20 [ 89.545157][ T3994] __kmalloc+0x6f/0x370 [ 89.549301][ T3994] kcalloc+0x32/0x50 [ 89.553258][ T3994] ext4_find_extent+0x21c/0x7f0 [ 89.558101][ T3994] ? kfree+0xf8/0x1f0 [ 89.562146][ T3994] ext4_ext_map_blocks+0x115/0x20a0 [ 89.567393][ T3994] ? _raw_read_unlock+0x13/0x30 [ 89.572254][ T3994] ext4_map_blocks+0x71e/0xf00 [ 89.577014][ T3994] ext4_alloc_file_blocks+0x281/0x730 [ 89.582491][ T3994] ext4_fallocate+0x2a7/0x540 [ 89.587268][ T3994] vfs_fallocate+0x486/0x720 [ 89.591910][ T3994] __x64_sys_fallocate+0x75/0xc0 [ 89.596859][ T3994] do_syscall_64+0x44/0xa0 [ 89.601344][ T3994] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 89.607247][ T3994] RIP: 0033:0x7f67744ccae9 [ 89.611640][ T3994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 89.631379][ T3994] RSP: 002b:00007f6772243188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 89.639771][ T3994] RAX: ffffffffffffffda RBX: 00007f67745dff60 RCX: 00007f67744ccae9 [ 89.647725][ T3994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 07:33:16 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xffa1) [ 89.655686][ T3994] RBP: 00007f67722431d0 R08: 0000000000000000 R09: 0000000000000000 [ 89.663648][ T3994] R10: 0000000000007fff R11: 0000000000000246 R12: 0000000000000001 [ 89.671597][ T3994] R13: 00007ffd6ea060bf R14: 00007f6772243300 R15: 0000000000022000 [ 89.679603][ T3994] [ 89.712326][ T4002] FAULT_INJECTION: forcing a failure. [ 89.712326][ T4002] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 89.725433][ T4002] CPU: 0 PID: 4002 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 89.733762][ T4002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 89.743810][ T4002] Call Trace: [ 89.747088][ T4002] [ 89.750014][ T4002] dump_stack_lvl+0xd6/0x122 [ 89.754605][ T4002] dump_stack+0x11/0x1b [ 89.758757][ T4002] should_fail+0x23c/0x250 [ 89.763182][ T4002] should_fail_usercopy+0x16/0x20 [ 89.768207][ T4002] _copy_from_user+0x1c/0xd0 [ 89.772794][ T4002] memdup_user+0x5b/0xb0 [ 89.777030][ T4002] strndup_user+0x64/0xa0 [ 89.781355][ T4002] __se_sys_mount+0x4e/0x2f0 [ 89.785950][ T4002] ? debug_smp_processor_id+0x18/0x20 [ 89.791319][ T4002] __x64_sys_mount+0x63/0x70 [ 89.795907][ T4002] do_syscall_64+0x44/0xa0 [ 89.800328][ T4002] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 89.806225][ T4002] RIP: 0033:0x7f9cfc87b01a 07:33:16 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x100000000) 07:33:16 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:16 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x40000) [ 89.810631][ T4002] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 89.830238][ T4002] RSP: 002b:00007f9cfa5effa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 89.838654][ T4002] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9cfc87b01a [ 89.846627][ T4002] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 89.854597][ T4002] RBP: 00007f9cfa5f0040 R08: 00007f9cfa5f0040 R09: 00000000200000c0 [ 89.862567][ T4002] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 89.870538][ T4002] R13: 0000000020000000 R14: 00007f9cfa5f0000 R15: 0000000020000180 [ 89.878511][ T4002] 07:33:16 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x80000001) 07:33:16 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) (fail_nth: 5) 07:33:16 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x0) 07:33:16 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 5) 07:33:16 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x80040) [ 90.070446][ T4015] FAULT_INJECTION: forcing a failure. [ 90.070446][ T4015] name failslab, interval 1, probability 0, space 0, times 0 [ 90.083233][ T4015] CPU: 0 PID: 4015 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 90.091563][ T4015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.092786][ T4016] FAULT_INJECTION: forcing a failure. [ 90.092786][ T4016] name failslab, interval 1, probability 0, space 0, times 0 [ 90.101618][ T4015] Call Trace: [ 90.101626][ T4015] [ 90.101632][ T4015] dump_stack_lvl+0xd6/0x122 [ 90.101654][ T4015] dump_stack+0x11/0x1b [ 90.101667][ T4015] should_fail+0x23c/0x250 [ 90.133547][ T4015] ? __se_sys_mount+0xf7/0x2f0 [ 90.138300][ T4015] __should_failslab+0x81/0x90 [ 90.143050][ T4015] should_failslab+0x5/0x20 [ 90.147546][ T4015] kmem_cache_alloc_trace+0x52/0x350 [ 90.152817][ T4015] ? memdup_user+0x96/0xb0 [ 90.157224][ T4015] __se_sys_mount+0xf7/0x2f0 [ 90.161809][ T4015] ? debug_smp_processor_id+0x18/0x20 [ 90.167169][ T4015] __x64_sys_mount+0x63/0x70 [ 90.171752][ T4015] do_syscall_64+0x44/0xa0 [ 90.176160][ T4015] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 90.182045][ T4015] RIP: 0033:0x7f9cfc87b01a [ 90.186447][ T4015] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 90.206047][ T4015] RSP: 002b:00007f9cfa5effa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 90.214553][ T4015] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9cfc87b01a [ 90.222523][ T4015] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 90.230478][ T4015] RBP: 00007f9cfa5f0040 R08: 00007f9cfa5f0040 R09: 00000000200000c0 [ 90.238444][ T4015] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 90.246409][ T4015] R13: 0000000020000000 R14: 00007f9cfa5f0000 R15: 0000000020000180 [ 90.254367][ T4015] [ 90.257371][ T4016] CPU: 1 PID: 4016 Comm: syz-executor.3 Not tainted 5.15.0-syzkaller #0 07:33:16 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x100000) 07:33:17 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 6) 07:33:17 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x0) [ 90.265705][ T4016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.275760][ T4016] Call Trace: [ 90.279044][ T4016] [ 90.281976][ T4016] dump_stack_lvl+0xd6/0x122 [ 90.286578][ T4016] dump_stack+0x11/0x1b [ 90.290750][ T4016] should_fail+0x23c/0x250 [ 90.295171][ T4016] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 90.300468][ T4016] __should_failslab+0x81/0x90 [ 90.305237][ T4016] should_failslab+0x5/0x20 [ 90.309751][ T4016] kmem_cache_alloc+0x4f/0x320 [ 90.314614][ T4016] ext4_mb_new_blocks+0x328/0x1ee0 [ 90.319730][ T4016] ? kcalloc+0x32/0x50 [ 90.323959][ T4016] ? ext4_find_extent+0x6cf/0x7f0 [ 90.328981][ T4016] ? ext4_ext_search_right+0x300/0x540 [ 90.334423][ T4016] ? ext4_inode_to_goal_block+0x1bd/0x1d0 [ 90.340192][ T4016] ext4_ext_map_blocks+0x15f4/0x20a0 [ 90.345503][ T4016] ? _raw_read_unlock+0x13/0x30 [ 90.350409][ T4016] ext4_map_blocks+0x71e/0xf00 [ 90.355183][ T4016] ext4_alloc_file_blocks+0x281/0x730 [ 90.360574][ T4016] ext4_fallocate+0x2a7/0x540 [ 90.365254][ T4016] vfs_fallocate+0x486/0x720 [ 90.369914][ T4016] __x64_sys_fallocate+0x75/0xc0 [ 90.374845][ T4016] do_syscall_64+0x44/0xa0 [ 90.379336][ T4016] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 90.385290][ T4016] RIP: 0033:0x7f67744ccae9 [ 90.389944][ T4016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 90.409659][ T4016] RSP: 002b:00007f6772243188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d 07:33:17 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) (fail_nth: 6) 07:33:17 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x200000) [ 90.418130][ T4016] RAX: ffffffffffffffda RBX: 00007f67745dff60 RCX: 00007f67744ccae9 [ 90.426105][ T4016] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 90.434062][ T4016] RBP: 00007f67722431d0 R08: 0000000000000000 R09: 0000000000000000 [ 90.442098][ T4016] R10: 0000000000007fff R11: 0000000000000246 R12: 0000000000000001 [ 90.450066][ T4016] R13: 00007ffd6ea060bf R14: 00007f6772243300 R15: 0000000000022000 [ 90.458133][ T4016] [ 90.501591][ T4025] FAULT_INJECTION: forcing a failure. [ 90.501591][ T4025] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 90.514695][ T4025] CPU: 1 PID: 4025 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 90.523017][ T4025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.533068][ T4025] Call Trace: [ 90.536332][ T4025] [ 90.539279][ T4025] dump_stack_lvl+0xd6/0x122 [ 90.543871][ T4025] dump_stack+0x11/0x1b [ 90.548022][ T4025] should_fail+0x23c/0x250 [ 90.552437][ T4025] should_fail_usercopy+0x16/0x20 [ 90.557468][ T4025] _copy_from_user+0x1c/0xd0 [ 90.562047][ T4025] __se_sys_mount+0x119/0x2f0 [ 90.566713][ T4025] ? debug_smp_processor_id+0x18/0x20 [ 90.572103][ T4025] __x64_sys_mount+0x63/0x70 [ 90.576680][ T4025] do_syscall_64+0x44/0xa0 [ 90.581170][ T4025] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 90.587159][ T4025] RIP: 0033:0x7f9cfc87b01a [ 90.591558][ T4025] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 90.611149][ T4025] RSP: 002b:00007f9cfa5effa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 90.619545][ T4025] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9cfc87b01a [ 90.627612][ T4025] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 90.635748][ T4025] RBP: 00007f9cfa5f0040 R08: 00007f9cfa5f0040 R09: 00000000200000c0 [ 90.643734][ T4025] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 90.651705][ T4025] R13: 0000000020000000 R14: 00007f9cfa5f0000 R15: 0000000020000180 [ 90.659663][ T4025] [ 90.663341][ T4025] EXT4-fs: 37 callbacks suppressed [ 90.663434][ T4025] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 90.669087][ T4031] FAULT_INJECTION: forcing a failure. [ 90.669087][ T4031] name failslab, interval 1, probability 0, space 0, times 0 [ 90.688379][ T4031] CPU: 0 PID: 4031 Comm: syz-executor.3 Not tainted 5.15.0-syzkaller #0 [ 90.690221][ T4025] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 90.696725][ T4031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.696739][ T4031] Call Trace: [ 90.696745][ T4031] [ 90.696751][ T4031] dump_stack_lvl+0xd6/0x122 [ 90.728723][ T4031] dump_stack+0x11/0x1b [ 90.732874][ T4031] should_fail+0x23c/0x250 [ 90.737298][ T4031] ? __es_insert_extent+0x546/0xe80 [ 90.742595][ T4031] __should_failslab+0x81/0x90 [ 90.747384][ T4031] should_failslab+0x5/0x20 [ 90.751870][ T4031] kmem_cache_alloc+0x4f/0x320 [ 90.756644][ T4031] __es_insert_extent+0x546/0xe80 [ 90.761678][ T4031] ? ext4_ext_map_blocks+0x1128/0x20a0 [ 90.767192][ T4031] ext4_es_insert_extent+0x1cb/0x19c0 [ 90.772593][ T4031] ext4_map_blocks+0xa5d/0xf00 [ 90.777339][ T4031] ext4_alloc_file_blocks+0x281/0x730 [ 90.782765][ T4031] ext4_fallocate+0x2a7/0x540 [ 90.787563][ T4031] vfs_fallocate+0x486/0x720 [ 90.792159][ T4031] __x64_sys_fallocate+0x75/0xc0 [ 90.797144][ T4031] do_syscall_64+0x44/0xa0 [ 90.801635][ T4031] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 90.807648][ T4031] RIP: 0033:0x7f67744ccae9 [ 90.812111][ T4031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 90.832077][ T4031] RSP: 002b:00007f6772243188 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 90.840490][ T4031] RAX: ffffffffffffffda RBX: 00007f67745dff60 RCX: 00007f67744ccae9 07:33:17 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:17 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x0) [ 90.848488][ T4031] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 90.856501][ T4031] RBP: 00007f67722431d0 R08: 0000000000000000 R09: 0000000000000000 [ 90.864517][ T4031] R10: 0000000000007fff R11: 0000000000000246 R12: 0000000000000001 [ 90.872475][ T4031] R13: 00007ffd6ea060bf R14: 00007f6772243300 R15: 0000000000022000 [ 90.880468][ T4031] 07:33:17 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x80000001) 07:33:17 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xc00000) 07:33:17 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) (fail_nth: 7) 07:33:17 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 7) [ 90.967660][ T4042] FAULT_INJECTION: forcing a failure. [ 90.967660][ T4042] name failslab, interval 1, probability 0, space 0, times 0 [ 90.980337][ T4042] CPU: 1 PID: 4042 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 90.986246][ T4043] FAULT_INJECTION: forcing a failure. [ 90.986246][ T4043] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 90.988666][ T4042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.988680][ T4042] Call Trace: [ 90.988685][ T4042] [ 90.988691][ T4042] dump_stack_lvl+0xd6/0x122 [ 90.988712][ T4042] dump_stack+0x11/0x1b [ 91.026721][ T4042] should_fail+0x23c/0x250 [ 91.031134][ T4042] ? getname_flags+0x84/0x3f0 [ 91.035793][ T4042] __should_failslab+0x81/0x90 [ 91.040547][ T4042] should_failslab+0x5/0x20 [ 91.045041][ T4042] kmem_cache_alloc+0x4f/0x320 [ 91.049789][ T4042] getname_flags+0x84/0x3f0 [ 91.054289][ T4042] ? should_fail+0xd6/0x250 [ 91.058779][ T4042] user_path_at_empty+0x28/0x110 [ 91.063722][ T4042] __se_sys_mount+0x217/0x2f0 [ 91.068386][ T4042] __x64_sys_mount+0x63/0x70 [ 91.072960][ T4042] do_syscall_64+0x44/0xa0 [ 91.077366][ T4042] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 91.083262][ T4042] RIP: 0033:0x7f9cfc87b01a [ 91.087658][ T4042] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 91.107350][ T4042] RSP: 002b:00007f9cfa5effa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 91.115752][ T4042] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9cfc87b01a [ 91.123710][ T4042] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 91.131664][ T4042] RBP: 00007f9cfa5f0040 R08: 00007f9cfa5f0040 R09: 00000000200000c0 [ 91.139788][ T4042] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 91.147785][ T4042] R13: 0000000020000000 R14: 00007f9cfa5f0000 R15: 0000000020000180 [ 91.155741][ T4042] [ 91.158743][ T4043] CPU: 0 PID: 4043 Comm: syz-executor.3 Not tainted 5.15.0-syzkaller #0 07:33:17 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 1) 07:33:17 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x1000000) 07:33:17 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 8) [ 91.167079][ T4043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 91.177324][ T4043] Call Trace: [ 91.180599][ T4043] [ 91.183525][ T4043] dump_stack_lvl+0xd6/0x122 [ 91.188191][ T4043] dump_stack+0x11/0x1b [ 91.192343][ T4043] should_fail+0x23c/0x250 [ 91.196808][ T4043] should_fail_usercopy+0x16/0x20 [ 91.201838][ T4043] _copy_to_user+0x1c/0x90 [ 91.206256][ T4043] simple_read_from_buffer+0xab/0x120 [ 91.211701][ T4043] proc_fail_nth_read+0x10d/0x150 [ 91.216804][ T4043] ? proc_fault_inject_write+0x230/0x230 [ 91.222443][ T4043] vfs_read+0x1e6/0x750 [ 91.222918][ T4050] FAULT_INJECTION: forcing a failure. [ 91.222918][ T4050] name failslab, interval 1, probability 0, space 0, times 0 [ 91.226610][ T4043] ? __fsnotify_parent+0x372/0x490 [ 91.226637][ T4043] ? __fget_light+0x219/0x260 [ 91.249198][ T4043] ksys_read+0xd9/0x190 [ 91.253345][ T4043] __x64_sys_read+0x3e/0x50 [ 91.257834][ T4043] do_syscall_64+0x44/0xa0 [ 91.262259][ T4043] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 91.268298][ T4043] RIP: 0033:0x7f677447f69c [ 91.272699][ T4043] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 91.292402][ T4043] RSP: 002b:00007f6772243170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 91.300797][ T4043] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f677447f69c [ 91.308771][ T4043] RDX: 000000000000000f RSI: 00007f67722431e0 RDI: 0000000000000004 [ 91.316727][ T4043] RBP: 00007f67722431d0 R08: 0000000000000000 R09: 0000000000000000 [ 91.324795][ T4043] R10: 0000000000007fff R11: 0000000000000246 R12: 0000000000000001 [ 91.332789][ T4043] R13: 00007ffd6ea060bf R14: 00007f6772243300 R15: 0000000000022000 [ 91.340988][ T4043] [ 91.343991][ T4050] CPU: 1 PID: 4050 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 91.352325][ T4050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 91.362386][ T4050] Call Trace: [ 91.365681][ T4050] 07:33:18 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x2000000) 07:33:18 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) [ 91.368613][ T4050] dump_stack_lvl+0xd6/0x122 [ 91.373207][ T4050] dump_stack+0x11/0x1b [ 91.377367][ T4050] should_fail+0x23c/0x250 [ 91.381827][ T4050] ? alloc_pipe_info+0xac/0x350 [ 91.386760][ T4050] __should_failslab+0x81/0x90 [ 91.391673][ T4050] should_failslab+0x5/0x20 [ 91.396239][ T4050] kmem_cache_alloc_trace+0x52/0x350 [ 91.401515][ T4050] alloc_pipe_info+0xac/0x350 [ 91.406186][ T4050] splice_direct_to_actor+0x5f7/0x650 [ 91.411631][ T4050] ? security_file_permission+0x7c/0xa0 [ 91.417162][ T4050] ? do_splice_direct+0x190/0x190 [ 91.422284][ T4050] ? security_file_permission+0x87/0xa0 [ 91.427874][ T4050] do_splice_direct+0x106/0x190 [ 91.432734][ T4050] do_sendfile+0x675/0xc40 [ 91.437196][ T4050] __x64_sys_sendfile64+0x102/0x140 [ 91.442387][ T4050] do_syscall_64+0x44/0xa0 [ 91.446881][ T4050] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 91.452758][ T4050] RIP: 0033:0x7fc85c531ae9 [ 91.457149][ T4050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 91.476960][ T4050] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 91.485418][ T4050] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 91.493463][ T4050] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 91.501471][ T4050] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 91.509442][ T4050] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000001 07:33:18 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x4000000) [ 91.517510][ T4050] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 91.525485][ T4050] [ 91.559867][ T4055] FAULT_INJECTION: forcing a failure. [ 91.559867][ T4055] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 91.573077][ T4055] CPU: 0 PID: 4055 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 91.581489][ T4055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 91.591544][ T4055] Call Trace: [ 91.594823][ T4055] [ 91.597753][ T4055] dump_stack_lvl+0xd6/0x122 [ 91.602357][ T4055] dump_stack+0x11/0x1b [ 91.606512][ T4055] should_fail+0x23c/0x250 [ 91.611021][ T4055] should_fail_usercopy+0x16/0x20 [ 91.616047][ T4055] strncpy_from_user+0x21/0x250 [ 91.620903][ T4055] getname_flags+0xb8/0x3f0 [ 91.625429][ T4055] ? should_fail+0xd6/0x250 [ 91.629937][ T4055] user_path_at_empty+0x28/0x110 [ 91.634879][ T4055] __se_sys_mount+0x217/0x2f0 [ 91.639564][ T4055] __x64_sys_mount+0x63/0x70 [ 91.644157][ T4055] do_syscall_64+0x44/0xa0 [ 91.648606][ T4055] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 91.654504][ T4055] RIP: 0033:0x7f9cfc87b01a [ 91.658912][ T4055] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 91.678519][ T4055] RSP: 002b:00007f9cfa5effa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 91.687107][ T4055] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9cfc87b01a [ 91.695077][ T4055] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 91.703088][ T4055] RBP: 00007f9cfa5f0040 R08: 00007f9cfa5f0040 R09: 00000000200000c0 [ 91.711153][ T4055] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 07:33:18 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:18 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 2) [ 91.719233][ T4055] R13: 0000000020000000 R14: 00007f9cfa5f0000 R15: 0000000020000180 [ 91.727204][ T4055] [ 91.783275][ T4060] FAULT_INJECTION: forcing a failure. [ 91.783275][ T4060] name failslab, interval 1, probability 0, space 0, times 0 [ 91.795953][ T4060] CPU: 0 PID: 4060 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 91.804357][ T4060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 91.814410][ T4060] Call Trace: [ 91.817684][ T4060] [ 91.820614][ T4060] dump_stack_lvl+0xd6/0x122 [ 91.825288][ T4060] dump_stack+0x11/0x1b 07:33:18 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) ioctl$BINDER_FREEZE(r4, 0x400c620e, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x9}) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x80000001) 07:33:18 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x5000000) 07:33:18 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x2, 0x0, 0x7fff) 07:33:18 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 9) [ 91.829457][ T4060] should_fail+0x23c/0x250 [ 91.834039][ T4060] ? kcalloc+0x32/0x40 [ 91.838104][ T4060] __should_failslab+0x81/0x90 [ 91.842987][ T4060] should_failslab+0x5/0x20 [ 91.847563][ T4060] __kmalloc+0x6f/0x370 [ 91.851721][ T4060] ? kmem_cache_alloc_trace+0x24b/0x350 [ 91.857296][ T4060] kcalloc+0x32/0x40 [ 91.861197][ T4060] alloc_pipe_info+0x1be/0x350 [ 91.865969][ T4060] splice_direct_to_actor+0x5f7/0x650 [ 91.871411][ T4060] ? security_file_permission+0x7c/0xa0 [ 91.877021][ T4060] ? do_splice_direct+0x190/0x190 07:33:18 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x6000000) 07:33:18 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x4, 0x0, 0x7fff) [ 91.882254][ T4060] ? security_file_permission+0x87/0xa0 [ 91.887828][ T4060] do_splice_direct+0x106/0x190 [ 91.892762][ T4060] do_sendfile+0x675/0xc40 [ 91.897187][ T4060] __x64_sys_sendfile64+0x102/0x140 [ 91.902390][ T4060] do_syscall_64+0x44/0xa0 [ 91.906890][ T4060] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 91.912870][ T4060] RIP: 0033:0x7fc85c531ae9 [ 91.915146][ T4071] FAULT_INJECTION: forcing a failure. [ 91.915146][ T4071] name failslab, interval 1, probability 0, space 0, times 0 [ 91.917285][ T4060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 91.949563][ T4060] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 91.958061][ T4060] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 91.966016][ T4060] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 91.973987][ T4060] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 91.981968][ T4060] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.989957][ T4060] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 91.997920][ T4060] [ 92.000954][ T4071] CPU: 1 PID: 4071 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 92.009318][ T4071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 92.019390][ T4071] Call Trace: [ 92.022667][ T4071] [ 92.025695][ T4071] dump_stack_lvl+0xd6/0x122 [ 92.030294][ T4071] dump_stack+0x11/0x1b [ 92.034458][ T4071] should_fail+0x23c/0x250 [ 92.038891][ T4071] ? alloc_fs_context+0x46/0x500 [ 92.043836][ T4071] __should_failslab+0x81/0x90 [ 92.048658][ T4071] should_failslab+0x5/0x20 [ 92.053171][ T4071] kmem_cache_alloc_trace+0x52/0x350 [ 92.058487][ T4071] alloc_fs_context+0x46/0x500 [ 92.063263][ T4071] ? security_capable+0x91/0xa0 [ 92.068381][ T4071] fs_context_for_reconfigure+0x42/0x50 [ 92.073997][ T4071] path_mount+0x120d/0x1c40 [ 92.078512][ T4071] __se_sys_mount+0x24b/0x2f0 07:33:18 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x5, 0x0, 0x7fff) 07:33:18 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x7000000) 07:33:18 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 3) 07:33:18 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x8000000) [ 92.083205][ T4071] __x64_sys_mount+0x63/0x70 [ 92.087803][ T4071] do_syscall_64+0x44/0xa0 [ 92.092229][ T4071] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 92.098268][ T4071] RIP: 0033:0x7f9cfc87b01a [ 92.102695][ T4071] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 92.122301][ T4071] RSP: 002b:00007f9cfa5effa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 92.124122][ T4085] FAULT_INJECTION: forcing a failure. [ 92.124122][ T4085] name failslab, interval 1, probability 0, space 0, times 0 [ 92.132358][ T4071] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9cfc87b01a [ 92.132374][ T4071] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 92.160970][ T4071] RBP: 00007f9cfa5f0040 R08: 00007f9cfa5f0040 R09: 00000000200000c0 [ 92.168941][ T4071] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 92.176950][ T4071] R13: 0000000020000000 R14: 00007f9cfa5f0000 R15: 0000000020000180 [ 92.184908][ T4071] [ 92.187918][ T4085] CPU: 0 PID: 4085 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 92.196246][ T4085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 92.206302][ T4085] Call Trace: [ 92.209600][ T4085] [ 92.212538][ T4085] dump_stack_lvl+0xd6/0x122 [ 92.217130][ T4085] dump_stack+0x11/0x1b [ 92.221378][ T4085] should_fail+0x23c/0x250 [ 92.225797][ T4085] ? kmalloc_array+0x2d/0x40 [ 92.230398][ T4085] __should_failslab+0x81/0x90 [ 92.235197][ T4085] should_failslab+0x5/0x20 [ 92.239791][ T4085] __kmalloc+0x6f/0x370 [ 92.246339][ T4085] kmalloc_array+0x2d/0x40 [ 92.250763][ T4085] iter_file_splice_write+0xd5/0x790 [ 92.256092][ T4085] ? atime_needs_update+0x2ba/0x390 [ 92.261496][ T4085] ? touch_atime+0x11f/0x2e0 [ 92.266112][ T4085] ? generic_file_splice_read+0x2a9/0x330 [ 92.272073][ T4085] ? splice_from_pipe+0xd0/0xd0 [ 92.276981][ T4085] direct_splice_actor+0x80/0xa0 [ 92.281985][ T4085] splice_direct_to_actor+0x345/0x650 [ 92.287358][ T4085] ? do_splice_direct+0x190/0x190 [ 92.292446][ T4085] do_splice_direct+0x106/0x190 [ 92.297348][ T4085] do_sendfile+0x675/0xc40 [ 92.301783][ T4085] __x64_sys_sendfile64+0x102/0x140 [ 92.307026][ T4085] do_syscall_64+0x44/0xa0 [ 92.311484][ T4085] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 92.317522][ T4085] RIP: 0033:0x7fc85c531ae9 [ 92.321934][ T4085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 92.341640][ T4085] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 92.350062][ T4085] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 92.358126][ T4085] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 92.366148][ T4085] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 92.374143][ T4085] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000001 07:33:19 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) creat(&(0x7f0000000080)='./bus\x00', 0x0) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:19 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xc000000) [ 92.382156][ T4085] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 92.390274][ T4085] 07:33:19 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r4) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x80000001) 07:33:19 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x7, 0x0, 0x7fff) 07:33:19 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 10) 07:33:19 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 4) 07:33:19 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xd000000) [ 92.471898][ T4093] FAULT_INJECTION: forcing a failure. [ 92.471898][ T4093] name failslab, interval 1, probability 0, space 0, times 0 [ 92.484568][ T4093] CPU: 0 PID: 4093 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 92.492901][ T4093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 92.503057][ T4093] Call Trace: [ 92.506340][ T4093] [ 92.509285][ T4093] dump_stack_lvl+0xd6/0x122 [ 92.513881][ T4093] dump_stack+0x11/0x1b 07:33:19 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x8, 0x0, 0x7fff) 07:33:19 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xa, 0x0, 0x7fff) [ 92.518049][ T4093] should_fail+0x23c/0x250 [ 92.522659][ T4093] ? legacy_init_fs_context+0x2d/0x70 [ 92.528040][ T4093] __should_failslab+0x81/0x90 [ 92.533084][ T4093] should_failslab+0x5/0x20 [ 92.537686][ T4093] kmem_cache_alloc_trace+0x52/0x350 [ 92.537895][ T4097] FAULT_INJECTION: forcing a failure. [ 92.537895][ T4097] name failslab, interval 1, probability 0, space 0, times 0 [ 92.542985][ T4093] ? kmem_cache_alloc_trace+0x24b/0x350 [ 92.561163][ T4093] legacy_init_fs_context+0x2d/0x70 [ 92.566457][ T4093] alloc_fs_context+0x419/0x500 [ 92.571904][ T4093] fs_context_for_reconfigure+0x42/0x50 [ 92.577436][ T4093] path_mount+0x120d/0x1c40 [ 92.581928][ T4093] __se_sys_mount+0x24b/0x2f0 [ 92.586592][ T4093] __x64_sys_mount+0x63/0x70 [ 92.591242][ T4093] do_syscall_64+0x44/0xa0 [ 92.595669][ T4093] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 92.601628][ T4093] RIP: 0033:0x7f9cfc87b01a [ 92.606062][ T4093] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 92.625658][ T4093] RSP: 002b:00007f9cfa5effa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 92.634065][ T4093] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9cfc87b01a [ 92.642084][ T4093] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 92.650064][ T4093] RBP: 00007f9cfa5f0040 R08: 00007f9cfa5f0040 R09: 00000000200000c0 [ 92.658036][ T4093] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 92.666007][ T4093] R13: 0000000020000000 R14: 00007f9cfa5f0000 R15: 0000000020000180 [ 92.673972][ T4093] [ 92.677081][ T4097] CPU: 1 PID: 4097 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 92.685411][ T4097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 92.695470][ T4097] Call Trace: [ 92.698780][ T4097] [ 92.701712][ T4097] dump_stack_lvl+0xd6/0x122 [ 92.706306][ T4097] dump_stack+0x11/0x1b [ 92.710469][ T4097] should_fail+0x23c/0x250 [ 92.715001][ T4097] ? jbd2__journal_start+0xf7/0x3f0 [ 92.720223][ T4097] __should_failslab+0x81/0x90 [ 92.724997][ T4097] should_failslab+0x5/0x20 [ 92.726258][ T23] audit: type=1400 audit(1636443199.371:158): avc: denied { remove_name } for pid=365 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 92.729511][ T4097] kmem_cache_alloc+0x4f/0x320 07:33:19 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x10000000) 07:33:19 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 11) 07:33:19 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x1c000000) [ 92.752503][ T23] audit: type=1400 audit(1636443199.371:159): avc: denied { rename } for pid=365 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 92.757232][ T4097] jbd2__journal_start+0xf7/0x3f0 [ 92.757264][ T4097] __ext4_journal_start_sb+0x159/0x310 [ 92.789845][ T4097] ? ext4_file_write_iter+0x501/0x1200 [ 92.795367][ T4097] ext4_file_write_iter+0x992/0x1200 [ 92.800710][ T4097] ? ext4_file_write_iter+0x501/0x1200 [ 92.806318][ T4097] do_iter_readv_writev+0x2de/0x380 [ 92.811636][ T4097] do_iter_write+0x192/0x5c0 [ 92.816299][ T4097] ? splice_from_pipe_next+0x34f/0x3b0 [ 92.821903][ T4097] ? kmalloc_array+0x2d/0x40 [ 92.826498][ T4097] vfs_iter_write+0x4c/0x70 [ 92.831009][ T4097] iter_file_splice_write+0x43a/0x790 [ 92.836551][ T4097] ? splice_from_pipe+0xd0/0xd0 [ 92.841409][ T4097] direct_splice_actor+0x80/0xa0 [ 92.846444][ T4097] splice_direct_to_actor+0x345/0x650 [ 92.851954][ T4097] ? do_splice_direct+0x190/0x190 [ 92.857043][ T4097] do_splice_direct+0x106/0x190 [ 92.861957][ T4097] do_sendfile+0x675/0xc40 [ 92.866454][ T4097] __x64_sys_sendfile64+0x102/0x140 [ 92.871640][ T4097] do_syscall_64+0x44/0xa0 [ 92.876076][ T4097] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 92.882055][ T4097] RIP: 0033:0x7fc85c531ae9 [ 92.886451][ T4097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 92.906064][ T4097] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 92.914463][ T4097] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 92.922418][ T4097] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 92.930572][ T4097] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 92.938694][ T4097] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.946757][ T4097] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 92.954719][ T4097] [ 92.968616][ T4111] FAULT_INJECTION: forcing a failure. [ 92.968616][ T4111] name failslab, interval 1, probability 0, space 0, times 0 [ 92.981265][ T4111] CPU: 1 PID: 4111 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 92.989729][ T4111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 92.999851][ T4111] Call Trace: [ 93.003126][ T4111] [ 93.006040][ T4111] dump_stack_lvl+0xd6/0x122 [ 93.010656][ T4111] dump_stack+0x11/0x1b [ 93.014818][ T4111] should_fail+0x23c/0x250 [ 93.019243][ T4111] ? ext4_remount+0x67/0x1980 [ 93.024069][ T4111] __should_failslab+0x81/0x90 [ 93.028824][ T4111] should_failslab+0x5/0x20 [ 93.033419][ T4111] __kmalloc_track_caller+0x6d/0x370 [ 93.038774][ T4111] ? list_lru_add+0x260/0x280 [ 93.043531][ T4111] kstrdup+0x31/0x70 [ 93.047481][ T4111] ext4_remount+0x67/0x1980 [ 93.052055][ T4111] ? __dentry_kill+0x3e6/0x450 [ 93.056809][ T4111] ? shrink_dentry_list+0x2e6/0x300 [ 93.062074][ T4111] ? ext4_statfs+0x6a0/0x6a0 [ 93.066746][ T4111] legacy_reconfigure+0x8e/0xa0 [ 93.071647][ T4111] reconfigure_super+0x175/0x540 [ 93.076579][ T4111] path_mount+0x13f9/0x1c40 [ 93.081132][ T4111] __se_sys_mount+0x24b/0x2f0 [ 93.085798][ T4111] __x64_sys_mount+0x63/0x70 [ 93.090403][ T4111] do_syscall_64+0x44/0xa0 [ 93.094951][ T4111] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 93.101040][ T4111] RIP: 0033:0x7f9cfc87b01a [ 93.105447][ T4111] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 93.125059][ T4111] RSP: 002b:00007f9cfa5effa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 93.133458][ T4111] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9cfc87b01a [ 93.141526][ T4111] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 93.149569][ T4111] RBP: 00007f9cfa5f0040 R08: 00007f9cfa5f0040 R09: 00000000200000c0 [ 93.157584][ T4111] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 93.165601][ T4111] R13: 0000000020000000 R14: 00007f9cfa5f0000 R15: 0000000020000180 [ 93.173570][ T4111] 07:33:19 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) creat(&(0x7f0000000080)='./bus\x00', 0x0) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:19 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x12, 0x0, 0x7fff) 07:33:20 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x80000001) 07:33:20 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x20000000) 07:33:20 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 5) 07:33:20 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 12) 07:33:20 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x83, 0x0, 0x7fff) [ 93.387701][ T4119] FAULT_INJECTION: forcing a failure. [ 93.387701][ T4119] name failslab, interval 1, probability 0, space 0, times 0 [ 93.400412][ T4119] CPU: 0 PID: 4119 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 93.408753][ T4119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 93.410743][ T4123] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 93.418826][ T4119] Call Trace: [ 93.418835][ T4119] [ 93.418842][ T4119] dump_stack_lvl+0xd6/0x122 [ 93.425988][ T4123] FAULT_INJECTION: forcing a failure. [ 93.425988][ T4123] name failslab, interval 1, probability 0, space 0, times 0 [ 93.429214][ T4119] dump_stack+0x11/0x1b [ 93.429232][ T4119] should_fail+0x23c/0x250 [ 93.429253][ T4119] ? __iomap_dio_rw+0x143/0x1070 [ 93.462780][ T4119] __should_failslab+0x81/0x90 [ 93.467570][ T4119] should_failslab+0x5/0x20 [ 93.472062][ T4119] kmem_cache_alloc_trace+0x52/0x350 [ 93.477358][ T4119] ? jbd2_journal_dirty_metadata+0x1a5/0x690 [ 93.483356][ T4119] __iomap_dio_rw+0x143/0x1070 [ 93.488145][ T4119] ? preempt_count_add+0x4e/0x90 [ 93.493077][ T4119] ? debug_smp_processor_id+0x18/0x20 [ 93.498514][ T4119] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 93.504432][ T4119] iomap_dio_rw+0x38/0x80 [ 93.508767][ T4119] ? ext4_file_write_iter+0x501/0x1200 [ 93.514289][ T4119] ext4_file_write_iter+0xac3/0x1200 [ 93.519616][ T4119] ? ext4_file_write_iter+0x501/0x1200 [ 93.525110][ T4119] do_iter_readv_writev+0x2de/0x380 [ 93.530317][ T4119] do_iter_write+0x192/0x5c0 [ 93.534979][ T4119] ? splice_from_pipe_next+0x34f/0x3b0 [ 93.540604][ T4119] ? kmalloc_array+0x2d/0x40 [ 93.545262][ T4119] vfs_iter_write+0x4c/0x70 [ 93.549749][ T4119] iter_file_splice_write+0x43a/0x790 [ 93.555124][ T4119] ? splice_from_pipe+0xd0/0xd0 [ 93.560028][ T4119] direct_splice_actor+0x80/0xa0 [ 93.565101][ T4119] splice_direct_to_actor+0x345/0x650 [ 93.570526][ T4119] ? do_splice_direct+0x190/0x190 [ 93.575586][ T4119] do_splice_direct+0x106/0x190 [ 93.580464][ T4119] do_sendfile+0x675/0xc40 [ 93.584866][ T4119] __x64_sys_sendfile64+0x102/0x140 [ 93.590066][ T4119] do_syscall_64+0x44/0xa0 [ 93.594472][ T4119] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 93.600505][ T4119] RIP: 0033:0x7fc85c531ae9 [ 93.604904][ T4119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 93.624546][ T4119] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 93.632941][ T4119] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 93.640994][ T4119] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 93.649124][ T4119] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 93.657102][ T4119] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000001 [ 93.665057][ T4119] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 93.673027][ T4119] [ 93.676100][ T4123] CPU: 1 PID: 4123 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 93.684538][ T4123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 93.694762][ T4123] Call Trace: [ 93.698088][ T4123] [ 93.701044][ T4123] dump_stack_lvl+0xd6/0x122 [ 93.705775][ T4123] dump_stack+0x11/0x1b [ 93.709911][ T4123] should_fail+0x23c/0x250 [ 93.714366][ T4123] ? ext4_register_li_request+0x102/0x690 [ 93.720076][ T4123] __should_failslab+0x81/0x90 [ 93.724845][ T4123] should_failslab+0x5/0x20 [ 93.729421][ T4123] kmem_cache_alloc_trace+0x52/0x350 [ 93.734788][ T4123] ? __flush_work+0x4b2/0x540 [ 93.739477][ T4123] ext4_register_li_request+0x102/0x690 [ 93.745056][ T4123] ext4_remount+0xf6b/0x1980 [ 93.749689][ T4123] ? __dentry_kill+0x3e6/0x450 [ 93.754433][ T4123] ? ext4_statfs+0x6a0/0x6a0 [ 93.759157][ T4123] legacy_reconfigure+0x8e/0xa0 [ 93.763994][ T4123] reconfigure_super+0x175/0x540 [ 93.768936][ T4123] path_mount+0x13f9/0x1c40 [ 93.773471][ T4123] __se_sys_mount+0x24b/0x2f0 [ 93.778143][ T4123] __x64_sys_mount+0x63/0x70 [ 93.782715][ T4123] do_syscall_64+0x44/0xa0 [ 93.787134][ T4123] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 93.793025][ T4123] RIP: 0033:0x7f9cfc87b01a [ 93.797481][ T4123] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 93.817244][ T4123] RSP: 002b:00007f9cfa5effa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 93.825661][ T4123] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9cfc87b01a 07:33:20 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 13) 07:33:20 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x2e000000) 07:33:20 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x281, 0x0, 0x7fff) [ 93.833655][ T4123] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 93.841624][ T4123] RBP: 00007f9cfa5f0040 R08: 00007f9cfa5f0040 R09: 00000000200000c0 [ 93.849614][ T4123] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 93.857743][ T4123] R13: 0000000020000000 R14: 00007f9cfa5f0000 R15: 0000000020000180 [ 93.865744][ T4123] [ 93.868877][ T4123] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:20 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 6) 07:33:20 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) creat(&(0x7f0000000080)='./bus\x00', 0x0) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:20 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x3f000000) 07:33:20 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x500, 0x0, 0x7fff) [ 93.946864][ T4132] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 93.954066][ T4132] FAULT_INJECTION: forcing a failure. [ 93.954066][ T4132] name failslab, interval 1, probability 0, space 0, times 0 [ 93.966703][ T4132] CPU: 1 PID: 4132 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 93.975032][ T4132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 93.985121][ T4132] Call Trace: [ 93.988402][ T4132] [ 93.991328][ T4132] dump_stack_lvl+0xd6/0x122 [ 93.995919][ T4132] dump_stack+0x11/0x1b [ 94.000111][ T4132] should_fail+0x23c/0x250 [ 94.004547][ T4132] ? ext4_register_li_request+0x2b0/0x690 [ 94.010302][ T4132] __should_failslab+0x81/0x90 [ 94.015078][ T4132] should_failslab+0x5/0x20 [ 94.019826][ T4132] kmem_cache_alloc_trace+0x52/0x350 [ 94.020130][ T4140] FAULT_INJECTION: forcing a failure. [ 94.020130][ T4140] name failslab, interval 1, probability 0, space 0, times 0 [ 94.025136][ T4132] ? debug_smp_processor_id+0x18/0x20 [ 94.043239][ T4132] ? prandom_u32+0x183/0x230 [ 94.047950][ T4132] ext4_register_li_request+0x2b0/0x690 [ 94.053657][ T4132] ext4_remount+0xf6b/0x1980 [ 94.058243][ T4132] ? __dentry_kill+0x3e6/0x450 [ 94.062995][ T4132] ? ext4_statfs+0x6a0/0x6a0 [ 94.067593][ T4132] legacy_reconfigure+0x8e/0xa0 [ 94.072456][ T4132] reconfigure_super+0x175/0x540 [ 94.077511][ T4132] path_mount+0x13f9/0x1c40 [ 94.081995][ T4132] __se_sys_mount+0x24b/0x2f0 [ 94.086684][ T4132] __x64_sys_mount+0x63/0x70 [ 94.091305][ T4132] do_syscall_64+0x44/0xa0 [ 94.095799][ T4132] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 94.101904][ T4132] RIP: 0033:0x7f9cfc87b01a [ 94.106302][ T4132] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 94.125911][ T4132] RSP: 002b:00007f9cfa5effa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 94.134317][ T4132] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9cfc87b01a [ 94.143349][ T4132] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 94.151319][ T4132] RBP: 00007f9cfa5f0040 R08: 00007f9cfa5f0040 R09: 00000000200000c0 [ 94.159719][ T4132] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 94.167764][ T4132] R13: 0000000020000000 R14: 00007f9cfa5f0000 R15: 0000000020000180 [ 94.175723][ T4132] [ 94.178737][ T4140] CPU: 0 PID: 4140 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 94.178793][ T4132] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 94.187227][ T4140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 94.208340][ T4140] Call Trace: [ 94.211671][ T4140] [ 94.214605][ T4140] dump_stack_lvl+0xd6/0x122 [ 94.219282][ T4140] dump_stack+0x11/0x1b [ 94.223438][ T4140] should_fail+0x23c/0x250 [ 94.227870][ T4140] ? jbd2__journal_start+0xf7/0x3f0 [ 94.233079][ T4140] __should_failslab+0x81/0x90 [ 94.238012][ T4140] should_failslab+0x5/0x20 [ 94.242522][ T4140] kmem_cache_alloc+0x4f/0x320 [ 94.247317][ T4140] jbd2__journal_start+0xf7/0x3f0 [ 94.252452][ T4140] __ext4_journal_start_sb+0x159/0x310 [ 94.257930][ T4140] ext4_iomap_begin+0x408/0x630 [ 94.262931][ T4140] ? ext4_alloc_da_blocks+0x100/0x100 [ 94.268388][ T4140] iomap_iter+0x395/0x4a0 [ 94.272839][ T4140] __iomap_dio_rw+0x695/0x1070 [ 94.277615][ T4140] ? debug_smp_processor_id+0x18/0x20 [ 94.283233][ T4140] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 94.289163][ T4140] iomap_dio_rw+0x38/0x80 07:33:21 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x80000001) 07:33:21 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x40000800) 07:33:21 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x700, 0x0, 0x7fff) 07:33:21 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 14) [ 94.293494][ T4140] ? ext4_file_write_iter+0x501/0x1200 [ 94.299013][ T4140] ext4_file_write_iter+0xac3/0x1200 [ 94.304311][ T4140] ? ext4_file_write_iter+0x501/0x1200 [ 94.309992][ T4140] ? __this_cpu_preempt_check+0x18/0x20 [ 94.315583][ T4140] ? sysvec_apic_timer_interrupt+0x4a/0xb0 [ 94.321483][ T4140] do_iter_readv_writev+0x2de/0x380 [ 94.326692][ T4140] do_iter_write+0x192/0x5c0 [ 94.331343][ T4140] ? splice_from_pipe_next+0x34f/0x3b0 [ 94.336809][ T4140] ? kmalloc_array+0x2d/0x40 [ 94.341408][ T4140] vfs_iter_write+0x4c/0x70 07:33:21 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xa00, 0x0, 0x7fff) 07:33:21 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x81000000) [ 94.345927][ T4140] iter_file_splice_write+0x43a/0x790 [ 94.351317][ T4140] ? splice_from_pipe+0xd0/0xd0 [ 94.356314][ T4140] direct_splice_actor+0x80/0xa0 [ 94.361287][ T4140] splice_direct_to_actor+0x345/0x650 [ 94.366758][ T4140] ? do_splice_direct+0x190/0x190 [ 94.371792][ T4140] do_splice_direct+0x106/0x190 [ 94.376696][ T4140] do_sendfile+0x675/0xc40 [ 94.381242][ T4140] __x64_sys_sendfile64+0x102/0x140 [ 94.386843][ T4140] do_syscall_64+0x44/0xa0 [ 94.391314][ T4140] entry_SYSCALL_64_after_hwframe+0x44/0xae 07:33:21 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:21 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x1200, 0x0, 0x7fff) [ 94.397272][ T4140] RIP: 0033:0x7fc85c531ae9 [ 94.401695][ T4140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 94.421346][ T4140] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 94.429767][ T4140] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 94.437739][ T4140] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 94.445716][ T4140] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 94.453698][ T4140] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.462104][ T4140] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 94.470138][ T4140] 07:33:21 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 7) 07:33:21 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x81020000) 07:33:21 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x8102, 0x0, 0x7fff) [ 94.494028][ T4158] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 94.501170][ T4158] FAULT_INJECTION: forcing a failure. [ 94.501170][ T4158] name failslab, interval 1, probability 0, space 0, times 0 [ 94.513793][ T4158] CPU: 0 PID: 4158 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 94.522125][ T4158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 94.532181][ T4158] Call Trace: [ 94.535460][ T4158] [ 94.538386][ T4158] dump_stack_lvl+0xd6/0x122 [ 94.542983][ T4158] dump_stack+0x11/0x1b [ 94.547143][ T4158] should_fail+0x23c/0x250 [ 94.551625][ T4158] ? ext4_register_li_request+0x102/0x690 [ 94.557360][ T4158] __should_failslab+0x81/0x90 [ 94.562137][ T4158] should_failslab+0x5/0x20 [ 94.566754][ T4158] kmem_cache_alloc_trace+0x52/0x350 [ 94.572125][ T4158] ? __flush_work+0x4b2/0x540 [ 94.576987][ T4158] ext4_register_li_request+0x102/0x690 [ 94.582725][ T4158] ext4_remount+0xf6b/0x1980 [ 94.587445][ T4158] ? __dentry_kill+0x3e6/0x450 07:33:21 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x8300, 0x0, 0x7fff) [ 94.592221][ T4158] ? ext4_statfs+0x6a0/0x6a0 [ 94.596826][ T4158] legacy_reconfigure+0x8e/0xa0 [ 94.601809][ T4158] reconfigure_super+0x175/0x540 [ 94.606810][ T4158] path_mount+0x13f9/0x1c40 [ 94.611420][ T4158] __se_sys_mount+0x24b/0x2f0 [ 94.616100][ T4158] __x64_sys_mount+0x63/0x70 [ 94.620696][ T4158] do_syscall_64+0x44/0xa0 [ 94.625121][ T4158] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 94.631086][ T4158] RIP: 0033:0x7f9cfc87b01a [ 94.635498][ T4158] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 94.655155][ T4158] RSP: 002b:00007f9cfa5effa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 94.663570][ T4158] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9cfc87b01a [ 94.671546][ T4158] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 94.676853][ T4164] FAULT_INJECTION: forcing a failure. [ 94.676853][ T4164] name failslab, interval 1, probability 0, space 0, times 0 [ 94.679527][ T4158] RBP: 00007f9cfa5f0040 R08: 00007f9cfa5f0040 R09: 00000000200000c0 [ 94.679543][ T4158] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 94.679554][ T4158] R13: 0000000020000000 R14: 00007f9cfa5f0000 R15: 0000000020000180 [ 94.679570][ T4158] [ 94.679601][ T4158] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 94.692233][ T4164] CPU: 1 PID: 4164 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 94.738738][ T4164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 94.748807][ T4164] Call Trace: [ 94.752109][ T4164] [ 94.755060][ T4164] dump_stack_lvl+0xd6/0x122 [ 94.759633][ T4164] dump_stack+0x11/0x1b [ 94.763826][ T4164] should_fail+0x23c/0x250 [ 94.768329][ T4164] ? kcalloc+0x32/0x50 [ 94.772467][ T4164] __should_failslab+0x81/0x90 [ 94.777229][ T4164] should_failslab+0x5/0x20 [ 94.782020][ T4164] __kmalloc+0x6f/0x370 [ 94.786255][ T4164] kcalloc+0x32/0x50 [ 94.790129][ T4164] ext4_find_extent+0x21c/0x7f0 [ 94.794984][ T4164] ext4_ext_map_blocks+0x115/0x20a0 [ 94.800225][ T4164] ? preempt_count_add+0x4e/0x90 [ 94.805239][ T4164] ? _raw_read_unlock+0x13/0x30 [ 94.810073][ T4164] ? start_this_handle+0xfa6/0x1050 [ 94.815342][ T4164] ? ext4_es_lookup_extent+0x221/0x500 [ 94.821079][ T4164] ext4_map_blocks+0x1cf/0xf00 [ 94.825836][ T4164] ext4_iomap_begin+0x4b0/0x630 [ 94.830684][ T4164] ? ext4_alloc_da_blocks+0x100/0x100 [ 94.836067][ T4164] iomap_iter+0x395/0x4a0 [ 94.840427][ T4164] __iomap_dio_rw+0x695/0x1070 [ 94.845196][ T4164] ? debug_smp_processor_id+0x18/0x20 [ 94.850570][ T4164] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 94.856459][ T4164] iomap_dio_rw+0x38/0x80 [ 94.860776][ T4164] ? ext4_file_write_iter+0x501/0x1200 [ 94.866307][ T4164] ext4_file_write_iter+0xac3/0x1200 [ 94.871715][ T4164] ? ext4_file_write_iter+0x501/0x1200 [ 94.877162][ T4164] do_iter_readv_writev+0x2de/0x380 [ 94.882352][ T4164] do_iter_write+0x192/0x5c0 [ 94.886979][ T4164] ? splice_from_pipe_next+0x34f/0x3b0 [ 94.892417][ T4164] ? kmalloc_array+0x2d/0x40 [ 94.897002][ T4164] vfs_iter_write+0x4c/0x70 [ 94.901530][ T4164] iter_file_splice_write+0x43a/0x790 [ 94.906901][ T4164] ? splice_from_pipe+0xd0/0xd0 [ 94.911731][ T4164] direct_splice_actor+0x80/0xa0 [ 94.916648][ T4164] splice_direct_to_actor+0x345/0x650 [ 94.922082][ T4164] ? do_splice_direct+0x190/0x190 [ 94.927085][ T4164] do_splice_direct+0x106/0x190 [ 94.931929][ T4164] do_sendfile+0x675/0xc40 [ 94.936352][ T4164] __x64_sys_sendfile64+0x102/0x140 [ 94.941529][ T4164] do_syscall_64+0x44/0xa0 [ 94.946061][ T4164] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 94.951971][ T4164] RIP: 0033:0x7fc85c531ae9 [ 94.956456][ T4164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 94.976231][ T4164] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 94.984642][ T4164] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 07:33:21 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fgetxattr(r3, &(0x7f0000000140)=@known='system.sockprotoname\x00', &(0x7f0000000240)=""/171, 0xab) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x80000001) 07:33:21 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x89000000) 07:33:21 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:21 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xff01, 0x0, 0x7fff) 07:33:21 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 15) [ 94.992602][ T4164] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 95.000674][ T4164] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 95.008713][ T4164] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000001 [ 95.016668][ T4164] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 95.024653][ T4164] 07:33:21 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x8cffffff) 07:33:21 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xff7f, 0x0, 0x7fff) [ 95.079158][ T4173] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 95.091284][ T4173] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 95.102525][ T4173] FAULT_INJECTION: forcing a failure. [ 95.102525][ T4173] name failslab, interval 1, probability 0, space 0, times 0 [ 95.115175][ T4173] CPU: 0 PID: 4173 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 07:33:21 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x13fd5, 0x0, 0x7fff) [ 95.123772][ T4173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 95.133827][ T4173] Call Trace: [ 95.137104][ T4173] [ 95.140112][ T4173] dump_stack_lvl+0xd6/0x122 [ 95.144715][ T4173] dump_stack+0x11/0x1b [ 95.148875][ T4173] should_fail+0x23c/0x250 [ 95.153576][ T4173] ? getname_flags+0x84/0x3f0 [ 95.158452][ T4173] __should_failslab+0x81/0x90 [ 95.163226][ T4173] should_failslab+0x5/0x20 [ 95.167839][ T4173] kmem_cache_alloc+0x4f/0x320 [ 95.172666][ T4173] getname_flags+0x84/0x3f0 [ 95.177185][ T4173] getname+0x15/0x20 [ 95.181091][ T4173] do_sys_openat2+0x6d/0x2b0 [ 95.185736][ T4173] __x64_sys_openat+0xef/0x110 [ 95.190569][ T4173] do_syscall_64+0x44/0xa0 [ 95.195029][ T4173] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 95.201031][ T4173] RIP: 0033:0x7f9cfc82ca04 [ 95.205712][ T4173] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 07:33:21 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 8) 07:33:21 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xa1ffffff) 07:33:21 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x40000, 0x0, 0x7fff) [ 95.226549][ T4173] RSP: 002b:00007f9cfa5eff30 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 95.234980][ T4173] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9cfc82ca04 [ 95.243108][ T4173] RDX: 0000000000010000 RSI: 0000000020000000 RDI: 00000000ffffff9c [ 95.251077][ T4173] RBP: 0000000020000000 R08: 0000000000000000 R09: 00000000200000c0 [ 95.259277][ T4173] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000010000 [ 95.267388][ T4173] R13: 0000000020000000 R14: 00007f9cfa5f0000 R15: 0000000020000180 [ 95.275035][ T4189] FAULT_INJECTION: forcing a failure. [ 95.275035][ T4189] name failslab, interval 1, probability 0, space 0, times 0 [ 95.275360][ T4173] [ 95.291071][ T4189] CPU: 1 PID: 4189 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 95.299782][ T4189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 95.309919][ T4189] Call Trace: [ 95.313194][ T4189] [ 95.316115][ T4189] dump_stack_lvl+0xd6/0x122 [ 95.320702][ T4189] dump_stack+0x11/0x1b [ 95.324868][ T4189] should_fail+0x23c/0x250 07:33:22 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xd0110000) [ 95.329318][ T4189] ? __es_insert_extent+0x546/0xe80 [ 95.334617][ T4189] __should_failslab+0x81/0x90 [ 95.339502][ T4189] should_failslab+0x5/0x20 [ 95.344113][ T4189] kmem_cache_alloc+0x4f/0x320 [ 95.349055][ T4189] __es_insert_extent+0x546/0xe80 [ 95.354089][ T4189] ext4_es_insert_extent+0x1cb/0x19c0 [ 95.359470][ T4189] ext4_ext_map_blocks+0xff6/0x20a0 [ 95.364857][ T4189] ? _raw_read_unlock+0x13/0x30 [ 95.369693][ T4189] ext4_map_blocks+0x1cf/0xf00 [ 95.374440][ T4189] ext4_iomap_begin+0x4b0/0x630 [ 95.379270][ T4189] ? ext4_alloc_da_blocks+0x100/0x100 [ 95.384616][ T4189] iomap_iter+0x395/0x4a0 [ 95.388925][ T4189] __iomap_dio_rw+0x695/0x1070 [ 95.393734][ T4189] ? debug_smp_processor_id+0x18/0x20 [ 95.399087][ T4189] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 95.404898][ T4189] iomap_dio_rw+0x38/0x80 [ 95.409234][ T4189] ? ext4_file_write_iter+0x501/0x1200 [ 95.415210][ T4189] ext4_file_write_iter+0xac3/0x1200 [ 95.420474][ T4189] ? ext4_file_write_iter+0x501/0x1200 [ 95.425946][ T4189] do_iter_readv_writev+0x2de/0x380 [ 95.431186][ T4189] do_iter_write+0x192/0x5c0 [ 95.435753][ T4189] ? splice_from_pipe_next+0x34f/0x3b0 [ 95.441205][ T4189] ? kmalloc_array+0x2d/0x40 [ 95.445906][ T4189] vfs_iter_write+0x4c/0x70 [ 95.450415][ T4189] iter_file_splice_write+0x43a/0x790 [ 95.455804][ T4189] ? splice_from_pipe+0xd0/0xd0 [ 95.460685][ T4189] direct_splice_actor+0x80/0xa0 [ 95.465837][ T4189] splice_direct_to_actor+0x345/0x650 [ 95.471187][ T4189] ? do_splice_direct+0x190/0x190 [ 95.476317][ T4189] do_splice_direct+0x106/0x190 [ 95.481378][ T4189] do_sendfile+0x675/0xc40 [ 95.485948][ T4189] __x64_sys_sendfile64+0x102/0x140 [ 95.491129][ T4189] do_syscall_64+0x44/0xa0 [ 95.495652][ T4189] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 95.501544][ T4189] RIP: 0033:0x7fc85c531ae9 [ 95.505934][ T4189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 95.525532][ T4189] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 95.534060][ T4189] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 95.542021][ T4189] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 95.550101][ T4189] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 95.558063][ T4189] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000001 [ 95.566041][ T4189] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 95.574129][ T4189] 07:33:22 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x80000001) 07:33:22 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) (fail_nth: 16) 07:33:22 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x800000, 0x0, 0x7fff) 07:33:22 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:22 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xd2110000) 07:33:22 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 9) 07:33:22 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xe4ffffff) 07:33:22 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x1000000, 0x0, 0x7fff) [ 95.770113][ T4204] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 95.777189][ T4204] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 95.793279][ T4204] FAULT_INJECTION: forcing a failure. [ 95.793279][ T4204] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 95.794452][ T4200] FAULT_INJECTION: forcing a failure. [ 95.794452][ T4200] name failslab, interval 1, probability 0, space 0, times 0 [ 95.806367][ T4204] CPU: 1 PID: 4204 Comm: syz-executor.0 Not tainted 5.15.0-syzkaller #0 [ 95.827324][ T4204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 95.837373][ T4204] Call Trace: [ 95.840633][ T4204] [ 95.843603][ T4204] dump_stack_lvl+0xd6/0x122 [ 95.848226][ T4204] dump_stack+0x11/0x1b [ 95.852485][ T4204] should_fail+0x23c/0x250 [ 95.856967][ T4204] should_fail_usercopy+0x16/0x20 [ 95.861978][ T4204] _copy_to_user+0x1c/0x90 [ 95.866519][ T4204] simple_read_from_buffer+0xab/0x120 [ 95.871935][ T4204] proc_fail_nth_read+0x10d/0x150 [ 95.876947][ T4204] ? proc_fault_inject_write+0x230/0x230 [ 95.882573][ T4204] vfs_read+0x1e6/0x750 [ 95.886712][ T4204] ? __fget_light+0x219/0x260 [ 95.891469][ T4204] ksys_read+0xd9/0x190 [ 95.895671][ T4204] __x64_sys_read+0x3e/0x50 [ 95.900165][ T4204] do_syscall_64+0x44/0xa0 [ 95.904577][ T4204] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 95.910640][ T4204] RIP: 0033:0x7f9cfc82c69c [ 95.915068][ T4204] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 95.934666][ T4204] RSP: 002b:00007f9cfa5f0170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 95.943150][ T4204] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f9cfc82c69c [ 95.951202][ T4204] RDX: 000000000000000f RSI: 00007f9cfa5f01e0 RDI: 0000000000000003 [ 95.959168][ T4204] RBP: 00007f9cfa5f01d0 R08: 0000000000000000 R09: 00000000200000c0 07:33:22 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 95.967653][ T4204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 95.975697][ T4204] R13: 00007ffff62173cf R14: 00007f9cfa5f0300 R15: 0000000000022000 [ 95.983654][ T4204] [ 95.986666][ T4200] CPU: 0 PID: 4200 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 95.995002][ T4200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 96.005051][ T4200] Call Trace: [ 96.008387][ T4200] [ 96.011314][ T4200] dump_stack_lvl+0xd6/0x122 [ 96.015935][ T4200] dump_stack+0x11/0x1b [ 96.020387][ T4200] should_fail+0x23c/0x250 [ 96.024832][ T4200] ? __es_insert_extent+0x546/0xe80 [ 96.030104][ T4200] __should_failslab+0x81/0x90 [ 96.035161][ T4200] should_failslab+0x5/0x20 [ 96.039709][ T4200] kmem_cache_alloc+0x4f/0x320 [ 96.044485][ T4200] __es_insert_extent+0x546/0xe80 [ 96.049520][ T4200] ext4_es_insert_extent+0x1cb/0x19c0 [ 96.054880][ T4200] ext4_ext_map_blocks+0xff6/0x20a0 [ 96.060097][ T4200] ? _raw_read_unlock+0x13/0x30 [ 96.065344][ T4200] ext4_map_blocks+0x1cf/0xf00 [ 96.070093][ T4200] ext4_iomap_begin+0x4b0/0x630 [ 96.074935][ T4200] ? ext4_alloc_da_blocks+0x100/0x100 [ 96.080409][ T4200] iomap_iter+0x395/0x4a0 [ 96.084825][ T4200] __iomap_dio_rw+0x695/0x1070 [ 96.089597][ T4200] ? debug_smp_processor_id+0x18/0x20 [ 96.095043][ T4200] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 96.100852][ T4200] iomap_dio_rw+0x38/0x80 [ 96.105181][ T4200] ? ext4_file_write_iter+0x501/0x1200 [ 96.110688][ T4200] ext4_file_write_iter+0xac3/0x1200 [ 96.116018][ T4200] ? ext4_file_write_iter+0x501/0x1200 [ 96.121464][ T4200] do_iter_readv_writev+0x2de/0x380 [ 96.126728][ T4200] do_iter_write+0x192/0x5c0 [ 96.131303][ T4200] ? splice_from_pipe_next+0x34f/0x3b0 [ 96.136768][ T4200] ? kmalloc_array+0x2d/0x40 [ 96.141347][ T4200] vfs_iter_write+0x4c/0x70 [ 96.146546][ T4200] iter_file_splice_write+0x43a/0x790 [ 96.152011][ T4200] ? splice_from_pipe+0xd0/0xd0 [ 96.156860][ T4200] direct_splice_actor+0x80/0xa0 [ 96.161881][ T4200] splice_direct_to_actor+0x345/0x650 [ 96.167281][ T4200] ? do_splice_direct+0x190/0x190 [ 96.172340][ T4200] do_splice_direct+0x106/0x190 [ 96.177275][ T4200] do_sendfile+0x675/0xc40 [ 96.181675][ T4200] __x64_sys_sendfile64+0x102/0x140 [ 96.186864][ T4200] do_syscall_64+0x44/0xa0 [ 96.191441][ T4200] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 96.197403][ T4200] RIP: 0033:0x7fc85c531ae9 [ 96.201922][ T4200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 96.221718][ T4200] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 96.230310][ T4200] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 96.238355][ T4200] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 96.246324][ T4200] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 96.254306][ T4200] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000001 [ 96.262342][ T4200] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 07:33:22 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xec000000) 07:33:23 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x2000000, 0x0, 0x7fff) [ 96.270438][ T4200] 07:33:23 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xf4ffffff) [ 96.323337][ T4215] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 96.330748][ T4215] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:23 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) inotify_init1(0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x80000001) 07:33:23 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x4000000, 0x0, 0x7fff) 07:33:23 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x2, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:23 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xf6ffffff) 07:33:23 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:23 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 10) [ 96.521108][ T4223] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 96.528284][ T4223] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 96.546986][ T4228] FAULT_INJECTION: forcing a failure. [ 96.546986][ T4228] name failslab, interval 1, probability 0, space 0, times 0 [ 96.557799][ T4231] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 96.559929][ T4228] CPU: 1 PID: 4228 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 96.566968][ T4231] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 96.575346][ T4228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 96.575361][ T4228] Call Trace: [ 96.575367][ T4228] [ 96.575372][ T4228] dump_stack_lvl+0xd6/0x122 [ 96.575394][ T4228] dump_stack+0x11/0x1b [ 96.611997][ T4228] should_fail+0x23c/0x250 07:33:23 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x5000000, 0x0, 0x7fff) 07:33:23 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xfbffffff) 07:33:23 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x3, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:23 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x7000000, 0x0, 0x7fff) 07:33:23 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xfeffffff) [ 96.616460][ T4228] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 96.621827][ T4228] __should_failslab+0x81/0x90 [ 96.626602][ T4228] should_failslab+0x5/0x20 [ 96.631174][ T4228] kmem_cache_alloc+0x4f/0x320 [ 96.635972][ T4228] ext4_mb_new_blocks+0x328/0x1ee0 [ 96.641091][ T4228] ? kcalloc+0x32/0x50 [ 96.645199][ T4228] ? ext4_find_extent+0x6cf/0x7f0 [ 96.650332][ T4228] ? ext4_ext_search_right+0x300/0x540 [ 96.655833][ T4228] ? ext4_inode_to_goal_block+0x1bd/0x1d0 [ 96.661562][ T4228] ext4_ext_map_blocks+0x15f4/0x20a0 [ 96.666856][ T4228] ? _raw_read_unlock+0x13/0x30 07:33:23 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xff010000) [ 96.671721][ T4228] ext4_map_blocks+0x71e/0xf00 [ 96.676565][ T4228] ext4_iomap_begin+0x4b0/0x630 [ 96.681424][ T4228] ? ext4_alloc_da_blocks+0x100/0x100 [ 96.686812][ T4228] iomap_iter+0x395/0x4a0 [ 96.691145][ T4228] __iomap_dio_rw+0x695/0x1070 [ 96.695980][ T4228] ? debug_smp_processor_id+0x18/0x20 [ 96.701746][ T4228] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 96.707576][ T4228] iomap_dio_rw+0x38/0x80 [ 96.711915][ T4228] ? ext4_file_write_iter+0x501/0x1200 [ 96.717414][ T4228] ext4_file_write_iter+0xac3/0x1200 [ 96.722698][ T4228] ? ext4_file_write_iter+0x501/0x1200 [ 96.728302][ T4228] do_iter_readv_writev+0x2de/0x380 [ 96.733485][ T4228] do_iter_write+0x192/0x5c0 [ 96.738052][ T4228] ? splice_from_pipe_next+0x34f/0x3b0 [ 96.743494][ T4228] ? kmalloc_array+0x2d/0x40 [ 96.748092][ T4228] vfs_iter_write+0x4c/0x70 [ 96.752639][ T4228] iter_file_splice_write+0x43a/0x790 [ 96.758018][ T4228] ? splice_from_pipe+0xd0/0xd0 [ 96.762949][ T4228] direct_splice_actor+0x80/0xa0 [ 96.767874][ T4228] splice_direct_to_actor+0x345/0x650 [ 96.773373][ T4228] ? do_splice_direct+0x190/0x190 [ 96.778398][ T4228] do_splice_direct+0x106/0x190 [ 96.783485][ T4228] do_sendfile+0x675/0xc40 [ 96.787918][ T4228] __x64_sys_sendfile64+0x102/0x140 [ 96.793239][ T4228] do_syscall_64+0x44/0xa0 [ 96.797680][ T4228] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 96.803929][ T4228] RIP: 0033:0x7fc85c531ae9 [ 96.808377][ T4228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 96.828071][ T4228] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 96.836607][ T4228] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 96.844635][ T4228] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 96.853127][ T4228] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 96.861201][ T4228] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 96.869273][ T4228] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 96.877233][ T4228] [ 96.894397][ T4243] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 96.901528][ T4243] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:23 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = creat(0x0, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r1, 0x3) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x80000001) 07:33:23 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xffffff7f) 07:33:23 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x8000000, 0x0, 0x7fff) 07:33:23 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 11) 07:33:23 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:23 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) [ 97.119171][ T4249] FAULT_INJECTION: forcing a failure. [ 97.119171][ T4249] name failslab, interval 1, probability 0, space 0, times 0 [ 97.131840][ T4249] CPU: 1 PID: 4249 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 97.140225][ T4249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 97.150281][ T4249] Call Trace: [ 97.153602][ T4249] [ 97.156550][ T4249] dump_stack_lvl+0xd6/0x122 [ 97.162179][ T4249] dump_stack+0x11/0x1b 07:33:23 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xa000000, 0x0, 0x7fff) 07:33:23 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xffffff8c) 07:33:23 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x5, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:23 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x12000000, 0x0, 0x7fff) [ 97.166342][ T4249] should_fail+0x23c/0x250 [ 97.170825][ T4249] ? __es_insert_extent+0x546/0xe80 [ 97.176059][ T4249] __should_failslab+0x81/0x90 [ 97.180865][ T4249] should_failslab+0x5/0x20 [ 97.185426][ T4249] kmem_cache_alloc+0x4f/0x320 [ 97.190201][ T4249] __es_insert_extent+0x546/0xe80 [ 97.195317][ T4249] ? ext4_ext_map_blocks+0x1128/0x20a0 [ 97.200804][ T4249] ext4_es_insert_extent+0x1cb/0x19c0 [ 97.206246][ T4249] ext4_map_blocks+0xa5d/0xf00 [ 97.211402][ T4249] ext4_iomap_begin+0x4b0/0x630 07:33:23 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xffffffa1) 07:33:23 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x81020000, 0x0, 0x7fff) [ 97.216258][ T4249] ? ext4_alloc_da_blocks+0x100/0x100 [ 97.221710][ T4249] iomap_iter+0x395/0x4a0 [ 97.226086][ T4249] __iomap_dio_rw+0x695/0x1070 [ 97.230955][ T4249] ? debug_smp_processor_id+0x18/0x20 [ 97.236415][ T4249] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 97.242339][ T4249] iomap_dio_rw+0x38/0x80 [ 97.246674][ T4249] ? ext4_file_write_iter+0x501/0x1200 [ 97.252520][ T4249] ext4_file_write_iter+0xac3/0x1200 [ 97.257850][ T4249] ? ext4_file_write_iter+0x501/0x1200 [ 97.263411][ T4249] do_iter_readv_writev+0x2de/0x380 [ 97.268613][ T4249] do_iter_write+0x192/0x5c0 [ 97.273220][ T4249] ? splice_from_pipe_next+0x34f/0x3b0 [ 97.278743][ T4249] ? kmalloc_array+0x2d/0x40 [ 97.283427][ T4249] vfs_iter_write+0x4c/0x70 [ 97.287980][ T4249] iter_file_splice_write+0x43a/0x790 [ 97.293623][ T4249] ? splice_from_pipe+0xd0/0xd0 [ 97.298593][ T4249] direct_splice_actor+0x80/0xa0 [ 97.303705][ T4249] splice_direct_to_actor+0x345/0x650 [ 97.309072][ T4249] ? do_splice_direct+0x190/0x190 [ 97.314481][ T4249] do_splice_direct+0x106/0x190 [ 97.319317][ T4249] do_sendfile+0x675/0xc40 [ 97.323813][ T4249] __x64_sys_sendfile64+0x102/0x140 [ 97.329062][ T4249] do_syscall_64+0x44/0xa0 [ 97.333467][ T4249] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 97.339420][ T4249] RIP: 0033:0x7fc85c531ae9 [ 97.343899][ T4249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 97.363661][ T4249] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 97.372207][ T4249] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 97.380183][ T4249] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 97.388199][ T4249] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 97.396252][ T4249] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 97.404326][ T4249] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 97.412429][ T4249] 07:33:24 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) creat(0x0, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:24 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x83000000, 0x0, 0x7fff) 07:33:24 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xffffffe4) 07:33:24 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x6, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:24 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 12) 07:33:24 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) [ 97.656568][ T4277] FAULT_INJECTION: forcing a failure. [ 97.656568][ T4277] name failslab, interval 1, probability 0, space 0, times 0 [ 97.669207][ T4277] CPU: 0 PID: 4277 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 97.677557][ T4277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 97.687619][ T4277] Call Trace: [ 97.690897][ T4277] [ 97.693826][ T4277] dump_stack_lvl+0xd6/0x122 [ 97.698416][ T4277] dump_stack+0x11/0x1b [ 97.702612][ T4277] should_fail+0x23c/0x250 [ 97.707044][ T4277] ? mempool_alloc_slab+0x16/0x20 [ 97.712148][ T4277] __should_failslab+0x81/0x90 [ 97.717014][ T4277] should_failslab+0x5/0x20 [ 97.721565][ T4277] kmem_cache_alloc+0x4f/0x320 [ 97.726391][ T4277] mempool_alloc_slab+0x16/0x20 [ 97.731243][ T4277] ? mempool_free+0x130/0x130 [ 97.735942][ T4277] mempool_alloc+0x9d/0x310 [ 97.740526][ T4277] ? preempt_count_add+0x4e/0x90 [ 97.745647][ T4277] ? _raw_read_unlock+0x13/0x30 [ 97.750570][ T4277] ? jbd2_transaction_committed+0xad/0xc0 07:33:24 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xd53f0100, 0x0, 0x7fff) 07:33:24 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xf4ffffff, 0x0, 0x7fff) 07:33:24 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x7, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:24 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xfffffff4) 07:33:24 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xfffffff6) 07:33:24 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xfbffffff, 0x0, 0x7fff) [ 97.756386][ T4277] bio_alloc_bioset+0xcc/0x560 [ 97.761153][ T4277] ? iov_iter_alignment+0x34b/0x370 [ 97.766501][ T4277] iomap_dio_bio_iter+0x5ed/0xc70 [ 97.771602][ T4277] ? ext4_alloc_da_blocks+0x100/0x100 [ 97.776982][ T4277] __iomap_dio_rw+0x8b5/0x1070 [ 97.781790][ T4277] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 97.787668][ T4277] iomap_dio_rw+0x38/0x80 [ 97.792103][ T4277] ? ext4_file_write_iter+0x501/0x1200 [ 97.797597][ T4277] ext4_file_write_iter+0xac3/0x1200 [ 97.802889][ T4277] ? ext4_file_write_iter+0x501/0x1200 [ 97.808400][ T4277] do_iter_readv_writev+0x2de/0x380 [ 97.813684][ T4277] do_iter_write+0x192/0x5c0 [ 97.818281][ T4277] ? splice_from_pipe_next+0x34f/0x3b0 [ 97.823801][ T4277] ? kmalloc_array+0x2d/0x40 [ 97.828397][ T4277] vfs_iter_write+0x4c/0x70 [ 97.832903][ T4277] iter_file_splice_write+0x43a/0x790 [ 97.838280][ T4277] ? splice_from_pipe+0xd0/0xd0 [ 97.843141][ T4277] direct_splice_actor+0x80/0xa0 [ 97.848092][ T4277] splice_direct_to_actor+0x345/0x650 [ 97.853479][ T4277] ? do_splice_direct+0x190/0x190 [ 97.858627][ T4277] do_splice_direct+0x106/0x190 [ 97.863494][ T4277] do_sendfile+0x675/0xc40 [ 97.868109][ T4277] __x64_sys_sendfile64+0x102/0x140 [ 97.873502][ T4277] do_syscall_64+0x44/0xa0 [ 97.878186][ T4277] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 97.884175][ T4277] RIP: 0033:0x7fc85c531ae9 [ 97.888575][ T4277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 97.908410][ T4277] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 97.916935][ T4277] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 97.925055][ T4277] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 97.933096][ T4277] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 97.941066][ T4277] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 97.949021][ T4277] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 97.956992][ T4277] 07:33:24 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xfeffffff, 0x0, 0x7fff) 07:33:24 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xfffffffb) 07:33:24 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:24 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x8, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:24 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) creat(0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) 07:33:24 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 13) [ 98.152254][ T4309] FAULT_INJECTION: forcing a failure. [ 98.152254][ T4309] name failslab, interval 1, probability 0, space 0, times 0 [ 98.165383][ T4309] CPU: 0 PID: 4309 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 98.174067][ T4309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 98.184361][ T4309] Call Trace: [ 98.187651][ T4309] [ 98.190670][ T4309] dump_stack_lvl+0xd6/0x122 [ 98.195314][ T4309] dump_stack+0x11/0x1b 07:33:24 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) creat(0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) 07:33:24 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x9, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 98.199470][ T4309] should_fail+0x23c/0x250 [ 98.204537][ T4309] __should_failslab+0x81/0x90 [ 98.209355][ T4309] should_failslab+0x5/0x20 [ 98.213879][ T4309] kmem_cache_alloc_node+0x61/0x2d0 [ 98.219217][ T4309] ? create_task_io_context+0x36/0x1e0 [ 98.224808][ T4309] create_task_io_context+0x36/0x1e0 [ 98.230115][ T4309] submit_bio_checks+0x828/0x8e0 [ 98.235067][ T4309] ? blk_try_enter_queue+0xee/0x1f0 [ 98.240311][ T4309] __submit_bio+0x2de/0x480 [ 98.244908][ T4309] ? bio_iov_iter_get_pages+0xda8/0xe40 07:33:25 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xfffffffe) [ 98.250460][ T4309] submit_bio_noacct+0x418/0x4e0 [ 98.255453][ T4309] submit_bio+0x10c/0x180 [ 98.259787][ T4309] iomap_dio_bio_iter+0x9ed/0xc70 [ 98.265014][ T4309] __iomap_dio_rw+0x8b5/0x1070 [ 98.269887][ T4309] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 98.275703][ T4309] iomap_dio_rw+0x38/0x80 [ 98.280050][ T4309] ? ext4_file_write_iter+0x501/0x1200 [ 98.285513][ T4309] ext4_file_write_iter+0xac3/0x1200 [ 98.290804][ T4309] ? ext4_file_write_iter+0x501/0x1200 [ 98.296267][ T4309] do_iter_readv_writev+0x2de/0x380 07:33:25 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) creat(0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) 07:33:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xff010000, 0x0, 0x7fff) [ 98.301594][ T4309] do_iter_write+0x192/0x5c0 [ 98.306712][ T4309] ? splice_from_pipe_next+0x34f/0x3b0 [ 98.312176][ T4309] ? kmalloc_array+0x2d/0x40 [ 98.316769][ T4309] vfs_iter_write+0x4c/0x70 [ 98.321392][ T4309] iter_file_splice_write+0x43a/0x790 [ 98.326801][ T4309] ? splice_from_pipe+0xd0/0xd0 [ 98.331652][ T4309] direct_splice_actor+0x80/0xa0 [ 98.336666][ T4309] splice_direct_to_actor+0x345/0x650 [ 98.342073][ T4309] ? do_splice_direct+0x190/0x190 [ 98.347119][ T4309] do_splice_direct+0x106/0x190 07:33:25 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x40000000000) [ 98.352065][ T4309] do_sendfile+0x675/0xc40 [ 98.356604][ T4309] __x64_sys_sendfile64+0x102/0x140 [ 98.361812][ T4309] do_syscall_64+0x44/0xa0 [ 98.366238][ T4309] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 98.372188][ T4309] RIP: 0033:0x7fc85c531ae9 [ 98.376609][ T4309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 07:33:25 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:25 executing program 4: r0 = creat(0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xff7f0000, 0x0, 0x7fff) 07:33:25 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x4000000000000) [ 98.396445][ T4309] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 98.404851][ T4309] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 98.412830][ T4309] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 98.420834][ T4309] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 98.428803][ T4309] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 98.436778][ T4309] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 98.444748][ T4309] 07:33:25 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xa, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:25 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 14) 07:33:25 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x10000000000000) 07:33:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xffffff7f, 0x0, 0x7fff) 07:33:25 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xb, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:25 executing program 4: r0 = creat(0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:25 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x20000000000000) 07:33:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xfffffff4, 0x0, 0x7fff) [ 98.674679][ T4350] FAULT_INJECTION: forcing a failure. [ 98.674679][ T4350] name failslab, interval 1, probability 0, space 0, times 0 [ 98.687337][ T4350] CPU: 0 PID: 4350 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 98.695694][ T4350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 98.705878][ T4350] Call Trace: [ 98.709157][ T4350] [ 98.712109][ T4350] dump_stack_lvl+0xd6/0x122 [ 98.716699][ T4350] dump_stack+0x11/0x1b 07:33:25 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) creat(&(0x7f0000000080)='./bus\x00', 0x0) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:25 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xc, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 98.720965][ T4350] should_fail+0x23c/0x250 [ 98.725384][ T4350] ? mempool_alloc_slab+0x16/0x20 [ 98.730408][ T4350] __should_failslab+0x81/0x90 [ 98.735203][ T4350] should_failslab+0x5/0x20 [ 98.739715][ T4350] kmem_cache_alloc+0x4f/0x320 [ 98.744533][ T4350] ? __crc32c_le_base+0x250/0x350 [ 98.749561][ T4350] mempool_alloc_slab+0x16/0x20 [ 98.754420][ T4350] ? mempool_free+0x130/0x130 [ 98.759117][ T4350] mempool_alloc+0x9d/0x310 [ 98.763675][ T4350] sg_pool_alloc+0x74/0x90 [ 98.768169][ T4350] __sg_alloc_table+0xce/0x290 07:33:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xfffffffb, 0x0, 0x7fff) 07:33:25 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xc0000000000000) [ 98.772936][ T4350] sg_alloc_table_chained+0xaf/0x140 [ 98.778247][ T4350] ? sg_alloc_table_chained+0x140/0x140 [ 98.783797][ T4350] scsi_alloc_sgtables+0x18a/0x510 [ 98.788919][ T4350] ? ext4_mark_iloc_dirty+0x160c/0x16e0 [ 98.794535][ T4350] sd_init_command+0x90e/0x15b0 [ 98.799400][ T4350] scsi_queue_rq+0x101b/0x14d0 [ 98.804597][ T4350] blk_mq_dispatch_rq_list+0x534/0x11d0 [ 98.810146][ T4350] ? __sbitmap_queue_get+0x11/0x20 [ 98.815262][ T4350] blk_mq_do_dispatch_sched+0x446/0x6d0 [ 98.820844][ T4350] __blk_mq_sched_dispatch_requests+0x1ca/0x270 [ 98.827360][ T4350] blk_mq_sched_dispatch_requests+0x9f/0x110 [ 98.833390][ T4350] __blk_mq_run_hw_queue+0xc1/0x140 [ 98.838692][ T4350] __blk_mq_delay_run_hw_queue+0x199/0x360 [ 98.844572][ T4350] ? __rcu_read_unlock+0x5c/0x290 [ 98.849615][ T4350] blk_mq_run_hw_queue+0x231/0x260 [ 98.854763][ T4350] blk_mq_sched_insert_requests+0x130/0x200 [ 98.860746][ T4350] blk_mq_flush_plug_list+0x372/0x460 [ 98.866125][ T4350] blk_flush_plug+0x252/0x2b0 [ 98.870818][ T4350] ? ext4_iomap_end+0x33/0x50 07:33:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xfffffffe, 0x0, 0x7fff) [ 98.875534][ T4350] blk_finish_plug+0x44/0x60 [ 98.880129][ T4350] __iomap_dio_rw+0xcad/0x1070 [ 98.884986][ T4350] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 98.890849][ T4350] iomap_dio_rw+0x38/0x80 [ 98.895348][ T4350] ? ext4_file_write_iter+0x501/0x1200 [ 98.900891][ T4350] ext4_file_write_iter+0xac3/0x1200 [ 98.906264][ T4350] ? ext4_file_write_iter+0x501/0x1200 [ 98.911737][ T4350] do_iter_readv_writev+0x2de/0x380 [ 98.916943][ T4350] do_iter_write+0x192/0x5c0 [ 98.921545][ T4350] ? splice_from_pipe_next+0x34f/0x3b0 [ 98.927074][ T4350] ? kmalloc_array+0x2d/0x40 [ 98.931699][ T4350] vfs_iter_write+0x4c/0x70 [ 98.936211][ T4350] iter_file_splice_write+0x43a/0x790 [ 98.941603][ T4350] ? splice_from_pipe+0xd0/0xd0 [ 98.946471][ T4350] direct_splice_actor+0x80/0xa0 [ 98.951537][ T4350] splice_direct_to_actor+0x345/0x650 [ 98.956952][ T4350] ? do_splice_direct+0x190/0x190 [ 98.961986][ T4350] do_splice_direct+0x106/0x190 [ 98.966853][ T4350] do_sendfile+0x675/0xc40 [ 98.971356][ T4350] __x64_sys_sendfile64+0x102/0x140 [ 98.976565][ T4350] do_syscall_64+0x44/0xa0 [ 98.981091][ T4350] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 98.986983][ T4350] RIP: 0033:0x7fc85c531ae9 [ 98.991492][ T4350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 99.011341][ T4350] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 99.019750][ T4350] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 99.027781][ T4350] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 99.035730][ T4350] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 99.043705][ T4350] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 99.051673][ T4350] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 99.059704][ T4350] 07:33:25 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 15) 07:33:25 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x100000000000000) 07:33:25 executing program 4: r0 = creat(0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x4000000000000, 0x0, 0x7fff) 07:33:25 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) creat(&(0x7f0000000080)='./bus\x00', 0x0) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:25 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xd, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x80000000000000, 0x0, 0x7fff) 07:33:25 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x200000000000000) [ 99.184883][ T4350] syz-executor.5 (4350) used greatest stack depth: 9736 bytes left 07:33:25 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xe, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:25 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x100000000000000, 0x0, 0x7fff) [ 99.249200][ T4382] FAULT_INJECTION: forcing a failure. [ 99.249200][ T4382] name failslab, interval 1, probability 0, space 0, times 0 [ 99.261955][ T4382] CPU: 0 PID: 4382 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 99.270354][ T4382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 99.280413][ T4382] Call Trace: [ 99.283691][ T4382] [ 99.286637][ T4382] dump_stack_lvl+0xd6/0x122 [ 99.291357][ T4382] dump_stack+0x11/0x1b 07:33:26 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x400000000000000) 07:33:26 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x200000000000000, 0x0, 0x7fff) [ 99.295516][ T4382] should_fail+0x23c/0x250 [ 99.300001][ T4382] ? mempool_alloc_slab+0x16/0x20 [ 99.305033][ T4382] __should_failslab+0x81/0x90 [ 99.309808][ T4382] should_failslab+0x5/0x20 [ 99.314365][ T4382] kmem_cache_alloc+0x4f/0x320 [ 99.319270][ T4382] ? __crc32c_le_base+0x250/0x350 [ 99.324312][ T4382] mempool_alloc_slab+0x16/0x20 [ 99.329180][ T4382] ? mempool_free+0x130/0x130 [ 99.333938][ T4382] mempool_alloc+0x9d/0x310 [ 99.338480][ T4382] sg_pool_alloc+0x74/0x90 [ 99.342902][ T4382] __sg_alloc_table+0xce/0x290 [ 99.347673][ T4382] sg_alloc_table_chained+0xaf/0x140 [ 99.352989][ T4382] ? sg_alloc_table_chained+0x140/0x140 [ 99.358554][ T4382] scsi_alloc_sgtables+0x18a/0x510 [ 99.363700][ T4382] ? ext4_mark_iloc_dirty+0x160c/0x16e0 [ 99.369306][ T4382] sd_init_command+0x90e/0x15b0 [ 99.374197][ T4382] scsi_queue_rq+0x101b/0x14d0 [ 99.378974][ T4382] blk_mq_dispatch_rq_list+0x534/0x11d0 [ 99.384526][ T4382] ? __sbitmap_queue_get+0x11/0x20 [ 99.389724][ T4382] blk_mq_do_dispatch_sched+0x446/0x6d0 [ 99.395292][ T4382] __blk_mq_sched_dispatch_requests+0x1ca/0x270 [ 99.401577][ T4382] blk_mq_sched_dispatch_requests+0x9f/0x110 [ 99.408203][ T4382] __blk_mq_run_hw_queue+0xc1/0x140 [ 99.413428][ T4382] __blk_mq_delay_run_hw_queue+0x199/0x360 [ 99.419261][ T4382] ? __rcu_read_unlock+0x5c/0x290 [ 99.424296][ T4382] blk_mq_run_hw_queue+0x231/0x260 [ 99.429454][ T4382] blk_mq_sched_insert_requests+0x130/0x200 [ 99.435367][ T4382] blk_mq_flush_plug_list+0x372/0x460 [ 99.440752][ T4382] blk_flush_plug+0x252/0x2b0 [ 99.445433][ T4382] ? ext4_iomap_end+0x33/0x50 [ 99.450254][ T4382] blk_finish_plug+0x44/0x60 [ 99.454878][ T4382] __iomap_dio_rw+0xcad/0x1070 [ 99.459635][ T4382] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 99.465424][ T4382] iomap_dio_rw+0x38/0x80 [ 99.469791][ T4382] ? ext4_file_write_iter+0x501/0x1200 [ 99.475415][ T4382] ext4_file_write_iter+0xac3/0x1200 [ 99.480714][ T4382] ? ext4_file_write_iter+0x501/0x1200 [ 99.486269][ T4382] do_iter_readv_writev+0x2de/0x380 [ 99.491684][ T4382] do_iter_write+0x192/0x5c0 [ 99.496327][ T4382] vfs_iter_write+0x4c/0x70 [ 99.500846][ T4382] iter_file_splice_write+0x43a/0x790 [ 99.506205][ T4382] ? splice_from_pipe+0xd0/0xd0 [ 99.511035][ T4382] direct_splice_actor+0x80/0xa0 [ 99.516014][ T4382] splice_direct_to_actor+0x345/0x650 [ 99.521434][ T4382] ? do_splice_direct+0x190/0x190 [ 99.526442][ T4382] do_splice_direct+0x106/0x190 [ 99.531357][ T4382] do_sendfile+0x675/0xc40 [ 99.535784][ T4382] __x64_sys_sendfile64+0x102/0x140 [ 99.540962][ T4382] do_syscall_64+0x44/0xa0 [ 99.545409][ T4382] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 99.551289][ T4382] RIP: 0033:0x7fc85c531ae9 [ 99.555706][ T4382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 99.575313][ T4382] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 99.583720][ T4382] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 99.591669][ T4382] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 99.599674][ T4382] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 99.607647][ T4382] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 99.615597][ T4382] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 99.623576][ T4382] 07:33:26 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 16) 07:33:26 executing program 4: creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:26 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) creat(&(0x7f0000000080)='./bus\x00', 0x0) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:26 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x500000000000000) 07:33:26 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x400000000000000, 0x0, 0x7fff) 07:33:26 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x10, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:26 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x500000000000000, 0x0, 0x7fff) 07:33:26 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x600000000000000) 07:33:26 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x11, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:26 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x700000000000000, 0x0, 0x7fff) [ 99.818728][ T4408] FAULT_INJECTION: forcing a failure. [ 99.818728][ T4408] name failslab, interval 1, probability 0, space 0, times 0 [ 99.831434][ T4408] CPU: 1 PID: 4408 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 99.839767][ T4408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 99.849850][ T4408] Call Trace: [ 99.853136][ T4408] [ 99.856069][ T4408] dump_stack_lvl+0xd6/0x122 [ 99.860702][ T4408] dump_stack+0x11/0x1b 07:33:26 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x700000000000000) 07:33:26 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x800000000000000, 0x0, 0x7fff) [ 99.864862][ T4408] should_fail+0x23c/0x250 [ 99.869380][ T4408] ? jbd2__journal_start+0xf7/0x3f0 [ 99.874583][ T4408] __should_failslab+0x81/0x90 [ 99.879525][ T4408] should_failslab+0x5/0x20 [ 99.884048][ T4408] kmem_cache_alloc+0x4f/0x320 [ 99.888827][ T4408] jbd2__journal_start+0xf7/0x3f0 [ 99.893876][ T4408] __ext4_journal_start_sb+0x159/0x310 [ 99.899600][ T4408] ext4_file_write_iter+0xbe6/0x1200 [ 99.904975][ T4408] do_iter_readv_writev+0x2de/0x380 [ 99.910182][ T4408] do_iter_write+0x192/0x5c0 [ 99.914844][ T4408] ? splice_from_pipe_next+0x34f/0x3b0 [ 99.920337][ T4408] ? kmalloc_array+0x2d/0x40 [ 99.925089][ T4408] vfs_iter_write+0x4c/0x70 [ 99.929590][ T4408] iter_file_splice_write+0x43a/0x790 [ 99.934947][ T4408] ? splice_from_pipe+0xd0/0xd0 [ 99.939780][ T4408] direct_splice_actor+0x80/0xa0 [ 99.944723][ T4408] splice_direct_to_actor+0x345/0x650 [ 99.950252][ T4408] ? do_splice_direct+0x190/0x190 [ 99.955376][ T4408] do_splice_direct+0x106/0x190 [ 99.960207][ T4408] do_sendfile+0x675/0xc40 [ 99.964635][ T4408] __x64_sys_sendfile64+0x102/0x140 [ 99.969886][ T4408] do_syscall_64+0x44/0xa0 [ 99.974327][ T4408] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 99.980263][ T4408] RIP: 0033:0x7fc85c531ae9 [ 99.984694][ T4408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 100.004759][ T4408] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 07:33:26 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 17) [ 100.013280][ T4408] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 100.021253][ T4408] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 100.029377][ T4408] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 100.037350][ T4408] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 100.045308][ T4408] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 100.053279][ T4408] [ 100.088185][ T4421] FAULT_INJECTION: forcing a failure. [ 100.088185][ T4421] name failslab, interval 1, probability 0, space 0, times 0 [ 100.100808][ T4421] CPU: 1 PID: 4421 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 100.109191][ T4421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 100.119233][ T4421] Call Trace: [ 100.122567][ T4421] [ 100.125511][ T4421] dump_stack_lvl+0xd6/0x122 [ 100.130167][ T4421] dump_stack+0x11/0x1b [ 100.134303][ T4421] should_fail+0x23c/0x250 [ 100.138718][ T4421] ? jbd2__journal_start+0xf7/0x3f0 [ 100.143934][ T4421] __should_failslab+0x81/0x90 [ 100.148778][ T4421] should_failslab+0x5/0x20 [ 100.153338][ T4421] kmem_cache_alloc+0x4f/0x320 [ 100.158165][ T4421] jbd2__journal_start+0xf7/0x3f0 [ 100.163196][ T4421] __ext4_journal_start_sb+0x159/0x310 [ 100.168709][ T4421] ? ext4_expand_extra_isize+0x560/0x560 [ 100.174357][ T4421] ext4_dirty_inode+0x58/0xa0 [ 100.179102][ T4421] __mark_inode_dirty+0x72/0x6c0 [ 100.184030][ T4421] ? ktime_get_coarse_real_ts64+0x10d/0x120 [ 100.189959][ T4421] inode_update_time+0x1b4/0x1d0 [ 100.194948][ T4421] file_update_time+0x1f3/0x230 [ 100.199811][ T4421] file_modified+0x62/0x80 [ 100.204267][ T4421] ext4_file_write_iter+0x795/0x1200 [ 100.209623][ T4421] ? ext4_file_write_iter+0x501/0x1200 [ 100.215078][ T4421] do_iter_readv_writev+0x2de/0x380 [ 100.220304][ T4421] do_iter_write+0x192/0x5c0 [ 100.224899][ T4421] ? splice_from_pipe_next+0x34f/0x3b0 [ 100.230342][ T4421] ? kmalloc_array+0x2d/0x40 [ 100.234929][ T4421] vfs_iter_write+0x4c/0x70 [ 100.239457][ T4421] iter_file_splice_write+0x43a/0x790 [ 100.244835][ T4421] ? splice_from_pipe+0xd0/0xd0 [ 100.249669][ T4421] direct_splice_actor+0x80/0xa0 [ 100.254637][ T4421] splice_direct_to_actor+0x345/0x650 [ 100.260094][ T4421] ? do_splice_direct+0x190/0x190 [ 100.265184][ T4421] do_splice_direct+0x106/0x190 [ 100.270305][ T4421] do_sendfile+0x675/0xc40 [ 100.274709][ T4421] __x64_sys_sendfile64+0x102/0x140 [ 100.279899][ T4421] do_syscall_64+0x44/0xa0 [ 100.284307][ T4421] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 100.290238][ T4421] RIP: 0033:0x7fc85c531ae9 [ 100.294645][ T4421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 100.314234][ T4421] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 100.322628][ T4421] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 100.330585][ T4421] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 100.338542][ T4421] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 100.346651][ T4421] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 100.354619][ T4421] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 100.362723][ T4421] 07:33:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xa00000000000000, 0x0, 0x7fff) 07:33:27 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x800000000000000) 07:33:27 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x12, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:27 executing program 4: creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:27 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:27 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xc00000000000000) 07:33:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x1200000000000000, 0x0, 0x7fff) 07:33:27 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x18, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:27 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x22, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x2000000000000000, 0x0, 0x7fff) 07:33:27 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 18) 07:33:27 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xd00000000000000) 07:33:27 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x25, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x8102000000000000, 0x0, 0x7fff) 07:33:27 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x1000000000000000) [ 100.582927][ T4442] FAULT_INJECTION: forcing a failure. [ 100.582927][ T4442] name failslab, interval 1, probability 0, space 0, times 0 [ 100.595590][ T4442] CPU: 0 PID: 4442 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 100.603943][ T4442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 100.614012][ T4442] Call Trace: [ 100.617377][ T4442] [ 100.620301][ T4442] dump_stack_lvl+0xd6/0x122 [ 100.624892][ T4442] dump_stack+0x11/0x1b [ 100.629095][ T4442] should_fail+0x23c/0x250 [ 100.633594][ T4442] ? jbd2__journal_start+0xf7/0x3f0 [ 100.638961][ T4442] __should_failslab+0x81/0x90 [ 100.643751][ T4442] should_failslab+0x5/0x20 [ 100.648434][ T4442] kmem_cache_alloc+0x4f/0x320 [ 100.653414][ T4442] jbd2__journal_start+0xf7/0x3f0 [ 100.658550][ T4442] __ext4_journal_start_sb+0x159/0x310 [ 100.664039][ T4442] ? ext4_file_write_iter+0x501/0x1200 [ 100.669516][ T4442] ext4_file_write_iter+0x992/0x1200 [ 100.674880][ T4442] ? ext4_file_write_iter+0x501/0x1200 07:33:27 executing program 4: creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:27 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x1c00000000000000) 07:33:27 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x8300000000000000, 0x0, 0x7fff) [ 100.680402][ T4442] do_iter_readv_writev+0x2de/0x380 [ 100.685609][ T4442] do_iter_write+0x192/0x5c0 [ 100.690200][ T4442] ? splice_from_pipe_next+0x34f/0x3b0 [ 100.695669][ T4442] ? kmalloc_array+0x2d/0x40 [ 100.700265][ T4442] vfs_iter_write+0x4c/0x70 [ 100.704774][ T4442] iter_file_splice_write+0x43a/0x790 [ 100.710222][ T4442] ? splice_from_pipe+0xd0/0xd0 [ 100.715141][ T4442] direct_splice_actor+0x80/0xa0 [ 100.720080][ T4442] splice_direct_to_actor+0x345/0x650 [ 100.725538][ T4442] ? do_splice_direct+0x190/0x190 07:33:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xd53f010000000000, 0x0, 0x7fff) 07:33:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xf4ffffff00000000, 0x0, 0x7fff) [ 100.730717][ T4442] do_splice_direct+0x106/0x190 [ 100.735713][ T4442] do_sendfile+0x675/0xc40 [ 100.740134][ T4442] __x64_sys_sendfile64+0x102/0x140 [ 100.745358][ T4442] do_syscall_64+0x44/0xa0 [ 100.749818][ T4442] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 100.755728][ T4442] RIP: 0033:0x7fc85c531ae9 [ 100.760207][ T4442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 07:33:27 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x2000000000000000) [ 100.779820][ T4442] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 100.788243][ T4442] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 100.796278][ T4442] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 100.804259][ T4442] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 100.812278][ T4442] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 100.820287][ T4442] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 100.828326][ T4442] 07:33:27 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 19) 07:33:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xfbffffff00000000, 0x0, 0x7fff) 07:33:27 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x2e, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:27 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x2e00000000000000) 07:33:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xfeffffff00000000, 0x0, 0x7fff) [ 100.854378][ T4468] EXT4-fs: 62 callbacks suppressed [ 100.854390][ T4468] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 100.866682][ T4468] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 100.883169][ T4469] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 100.890383][ T4469] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 100.942236][ T4473] FAULT_INJECTION: forcing a failure. [ 100.942236][ T4473] name failslab, interval 1, probability 0, space 0, times 0 [ 100.954916][ T4473] CPU: 0 PID: 4473 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 100.957173][ T4479] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 100.963260][ T4473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 100.963272][ T4473] Call Trace: [ 100.963278][ T4473] [ 100.963285][ T4473] dump_stack_lvl+0xd6/0x122 [ 100.970469][ T4479] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 100.980378][ T4473] dump_stack+0x11/0x1b [ 100.980398][ T4473] should_fail+0x23c/0x250 [ 101.010786][ T4473] ? __iomap_dio_rw+0x143/0x1070 [ 101.015508][ T4480] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 101.016164][ T4473] __should_failslab+0x81/0x90 [ 101.016192][ T4473] should_failslab+0x5/0x20 07:33:27 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:27 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x3f00000000000000) 07:33:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xff01000000000000, 0x0, 0x7fff) 07:33:27 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:27 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x48, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 101.023314][ T4480] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 101.027990][ T4473] kmem_cache_alloc_trace+0x52/0x350 [ 101.048842][ T4473] ? jbd2_journal_dirty_metadata+0x218/0x690 [ 101.055137][ T4473] __iomap_dio_rw+0x143/0x1070 [ 101.059937][ T4473] ? ext4_inode_csum+0x410/0x490 [ 101.064874][ T4473] ? debug_smp_processor_id+0x18/0x20 [ 101.070256][ T4473] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 101.076069][ T4473] iomap_dio_rw+0x38/0x80 [ 101.080397][ T4473] ? ext4_file_write_iter+0x501/0x1200 [ 101.085858][ T4473] ext4_file_write_iter+0xac3/0x1200 [ 101.091190][ T4473] ? ext4_file_write_iter+0x501/0x1200 [ 101.096686][ T4473] do_iter_readv_writev+0x2de/0x380 [ 101.102072][ T4473] do_iter_write+0x192/0x5c0 [ 101.106656][ T4473] ? splice_from_pipe_next+0x34f/0x3b0 [ 101.112144][ T4473] ? kmalloc_array+0x2d/0x40 [ 101.116870][ T4473] vfs_iter_write+0x4c/0x70 [ 101.122337][ T4473] iter_file_splice_write+0x43a/0x790 [ 101.127719][ T4473] ? splice_from_pipe+0xd0/0xd0 [ 101.132586][ T4473] direct_splice_actor+0x80/0xa0 [ 101.137540][ T4473] splice_direct_to_actor+0x345/0x650 07:33:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xff7f000000000000, 0x0, 0x7fff) 07:33:27 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x4000080000000000) [ 101.142966][ T4473] ? do_splice_direct+0x190/0x190 [ 101.147997][ T4473] do_splice_direct+0x106/0x190 [ 101.152906][ T4473] do_sendfile+0x675/0xc40 [ 101.157416][ T4473] __x64_sys_sendfile64+0x102/0x140 [ 101.162618][ T4473] do_syscall_64+0x44/0xa0 [ 101.167037][ T4473] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 101.173022][ T4473] RIP: 0033:0x7fc85c531ae9 [ 101.177679][ T4473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 101.197337][ T4473] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 101.205751][ T4473] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 101.213790][ T4473] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 101.221816][ T4473] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 101.229909][ T4473] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 07:33:27 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 20) 07:33:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xffffff7f00000000, 0x0, 0x7fff) 07:33:27 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x8100000000000000) 07:33:28 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) [ 101.237919][ T4473] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 101.245889][ T4473] [ 101.260648][ T4494] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 101.267778][ T4494] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:28 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x49, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:28 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:28 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x8102000000000000) 07:33:28 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0xffffffff00000000, 0x0, 0x7fff) [ 101.324856][ T4497] FAULT_INJECTION: forcing a failure. [ 101.324856][ T4497] name failslab, interval 1, probability 0, space 0, times 0 [ 101.337526][ T4497] CPU: 0 PID: 4497 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 101.345851][ T4497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 101.355902][ T4497] Call Trace: [ 101.359205][ T4497] [ 101.362131][ T4497] dump_stack_lvl+0xd6/0x122 [ 101.366796][ T4497] dump_stack+0x11/0x1b 07:33:28 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x8900000000000000) 07:33:28 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x2, 0x7fff) [ 101.370951][ T4497] should_fail+0x23c/0x250 [ 101.375372][ T4497] ? jbd2__journal_start+0xf7/0x3f0 [ 101.380625][ T4497] __should_failslab+0x81/0x90 [ 101.385400][ T4497] should_failslab+0x5/0x20 [ 101.389965][ T4497] kmem_cache_alloc+0x4f/0x320 [ 101.394759][ T4497] jbd2__journal_start+0xf7/0x3f0 [ 101.399785][ T4497] __ext4_journal_start_sb+0x159/0x310 [ 101.405402][ T4497] ext4_iomap_begin+0x408/0x630 [ 101.410284][ T4497] ? ext4_alloc_da_blocks+0x100/0x100 [ 101.415838][ T4497] iomap_iter+0x395/0x4a0 [ 101.420282][ T4497] __iomap_dio_rw+0x695/0x1070 07:33:28 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x8cffffff00000000) [ 101.425053][ T4497] ? debug_smp_processor_id+0x18/0x20 [ 101.430425][ T4497] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 101.436322][ T4497] iomap_dio_rw+0x38/0x80 [ 101.440663][ T4497] ? ext4_file_write_iter+0x501/0x1200 [ 101.446199][ T4497] ext4_file_write_iter+0xac3/0x1200 [ 101.451533][ T4497] ? ext4_file_write_iter+0x501/0x1200 [ 101.457002][ T4497] do_iter_readv_writev+0x2de/0x380 [ 101.462231][ T4497] do_iter_write+0x192/0x5c0 [ 101.466892][ T4497] ? splice_from_pipe_next+0x34f/0x3b0 07:33:28 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x4, 0x7fff) [ 101.472492][ T4497] ? kmalloc_array+0x2d/0x40 [ 101.477134][ T4497] vfs_iter_write+0x4c/0x70 [ 101.481655][ T4497] iter_file_splice_write+0x43a/0x790 [ 101.487046][ T4497] ? splice_from_pipe+0xd0/0xd0 [ 101.491903][ T4497] direct_splice_actor+0x80/0xa0 [ 101.496843][ T4497] splice_direct_to_actor+0x345/0x650 [ 101.502257][ T4497] ? do_splice_direct+0x190/0x190 [ 101.507327][ T4497] do_splice_direct+0x106/0x190 [ 101.512537][ T4497] do_sendfile+0x675/0xc40 [ 101.516980][ T4497] __x64_sys_sendfile64+0x102/0x140 [ 101.522224][ T4497] do_syscall_64+0x44/0xa0 [ 101.526652][ T4497] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 101.532599][ T4497] RIP: 0033:0x7fc85c531ae9 [ 101.537017][ T4497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 101.556650][ T4497] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 101.565329][ T4497] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 07:33:28 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 21) 07:33:28 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xa1ffffff00000000) 07:33:28 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x5, 0x7fff) [ 101.573359][ T4497] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 101.581333][ T4497] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 101.589349][ T4497] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 101.597301][ T4497] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 101.605254][ T4497] [ 101.667954][ T4528] FAULT_INJECTION: forcing a failure. [ 101.667954][ T4528] name failslab, interval 1, probability 0, space 0, times 0 [ 101.680691][ T4528] CPU: 0 PID: 4528 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 101.689117][ T4528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 101.699227][ T4528] Call Trace: [ 101.703108][ T4528] [ 101.706019][ T4528] dump_stack_lvl+0xd6/0x122 [ 101.710595][ T4528] dump_stack+0x11/0x1b [ 101.714744][ T4528] should_fail+0x23c/0x250 [ 101.719140][ T4528] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 101.724408][ T4528] __should_failslab+0x81/0x90 [ 101.729154][ T4528] should_failslab+0x5/0x20 [ 101.733684][ T4528] kmem_cache_alloc+0x4f/0x320 [ 101.738579][ T4528] ext4_mb_new_blocks+0x328/0x1ee0 [ 101.743689][ T4528] ? ext4_find_extent+0x7b2/0x7f0 [ 101.748703][ T4528] ? ext4_ext_search_right+0x246/0x540 [ 101.754160][ T4528] ext4_ext_map_blocks+0x15f4/0x20a0 [ 101.759548][ T4528] ? ext4_es_lookup_extent+0x221/0x500 [ 101.765069][ T4528] ext4_map_blocks+0x71e/0xf00 [ 101.770091][ T4528] ext4_iomap_begin+0x4b0/0x630 [ 101.775106][ T4528] ? ext4_alloc_da_blocks+0x100/0x100 [ 101.780596][ T4528] iomap_iter+0x395/0x4a0 [ 101.784955][ T4528] __iomap_dio_rw+0x695/0x1070 [ 101.789790][ T4528] ? debug_smp_processor_id+0x18/0x20 [ 101.795146][ T4528] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 101.800960][ T4528] iomap_dio_rw+0x38/0x80 [ 101.805274][ T4528] ? ext4_file_write_iter+0x501/0x1200 [ 101.810799][ T4528] ext4_file_write_iter+0xac3/0x1200 [ 101.816157][ T4528] ? ext4_file_write_iter+0x501/0x1200 [ 101.821736][ T4528] do_iter_readv_writev+0x2de/0x380 [ 101.827009][ T4528] do_iter_write+0x192/0x5c0 [ 101.831602][ T4528] ? splice_from_pipe_next+0x34f/0x3b0 [ 101.837170][ T4528] ? kmalloc_array+0x2d/0x40 [ 101.841745][ T4528] vfs_iter_write+0x4c/0x70 [ 101.846304][ T4528] iter_file_splice_write+0x43a/0x790 [ 101.851708][ T4528] ? splice_from_pipe+0xd0/0xd0 [ 101.856554][ T4528] direct_splice_actor+0x80/0xa0 [ 101.861475][ T4528] splice_direct_to_actor+0x345/0x650 [ 101.866848][ T4528] ? do_splice_direct+0x190/0x190 [ 101.871927][ T4528] do_splice_direct+0x106/0x190 [ 101.876840][ T4528] do_sendfile+0x675/0xc40 [ 101.881237][ T4528] __x64_sys_sendfile64+0x102/0x140 [ 101.886414][ T4528] do_syscall_64+0x44/0xa0 [ 101.890872][ T4528] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 101.896789][ T4528] RIP: 0033:0x7fc85c531ae9 [ 101.901183][ T4528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 101.920771][ T4528] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 101.929161][ T4528] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 101.937130][ T4528] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 101.945082][ T4528] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 101.953072][ T4528] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 101.961056][ T4528] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 101.969029][ T4528] 07:33:28 executing program 1: socket$inet6_tcp(0xa, 0x1, 0x0) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:28 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:28 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4c, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:28 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x7, 0x7fff) 07:33:28 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xa1ffffffffffffff) 07:33:28 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 22) 07:33:28 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x8, 0x7fff) 07:33:28 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x60, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:28 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xd011000000000000) [ 102.130861][ T4540] FAULT_INJECTION: forcing a failure. [ 102.130861][ T4540] name failslab, interval 1, probability 0, space 0, times 0 [ 102.143516][ T4540] CPU: 0 PID: 4540 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 102.151852][ T4540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 102.161940][ T4540] Call Trace: [ 102.165200][ T4540] [ 102.168130][ T4540] dump_stack_lvl+0xd6/0x122 [ 102.172768][ T4540] dump_stack+0x11/0x1b [ 102.176988][ T4540] should_fail+0x23c/0x250 [ 102.181584][ T4540] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 102.186856][ T4540] __should_failslab+0x81/0x90 [ 102.191601][ T4540] should_failslab+0x5/0x20 [ 102.196106][ T4540] kmem_cache_alloc+0x4f/0x320 [ 102.200901][ T4540] ext4_mb_new_blocks+0x328/0x1ee0 [ 102.205998][ T4540] ? ext4_find_extent+0x7b2/0x7f0 [ 102.211092][ T4540] ? ext4_ext_search_right+0x246/0x540 [ 102.216539][ T4540] ext4_ext_map_blocks+0x15f4/0x20a0 [ 102.221869][ T4540] ? ext4_es_lookup_extent+0x221/0x500 [ 102.227760][ T4540] ext4_map_blocks+0x71e/0xf00 [ 102.232504][ T4540] ext4_iomap_begin+0x4b0/0x630 [ 102.237335][ T4540] ? ext4_alloc_da_blocks+0x100/0x100 [ 102.242873][ T4540] iomap_iter+0x395/0x4a0 [ 102.247217][ T4540] __iomap_dio_rw+0x695/0x1070 [ 102.252015][ T4540] ? debug_smp_processor_id+0x18/0x20 [ 102.257457][ T4540] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 102.263254][ T4540] iomap_dio_rw+0x38/0x80 [ 102.267642][ T4540] ? ext4_file_write_iter+0x501/0x1200 [ 102.273123][ T4540] ext4_file_write_iter+0xac3/0x1200 [ 102.278401][ T4540] ? ext4_file_write_iter+0x501/0x1200 [ 102.283892][ T4540] do_iter_readv_writev+0x2de/0x380 [ 102.289102][ T4540] do_iter_write+0x192/0x5c0 [ 102.293713][ T4540] ? splice_from_pipe_next+0x34f/0x3b0 [ 102.299173][ T4540] ? kmalloc_array+0x2d/0x40 [ 102.303792][ T4540] vfs_iter_write+0x4c/0x70 [ 102.308297][ T4540] iter_file_splice_write+0x43a/0x790 [ 102.313674][ T4540] ? splice_from_pipe+0xd0/0xd0 [ 102.318524][ T4540] direct_splice_actor+0x80/0xa0 [ 102.323566][ T4540] splice_direct_to_actor+0x345/0x650 [ 102.328983][ T4540] ? do_splice_direct+0x190/0x190 [ 102.334039][ T4540] do_splice_direct+0x106/0x190 [ 102.338876][ T4540] do_sendfile+0x675/0xc40 [ 102.343552][ T4540] __x64_sys_sendfile64+0x102/0x140 [ 102.348744][ T4540] do_syscall_64+0x44/0xa0 [ 102.353182][ T4540] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 102.359193][ T4540] RIP: 0033:0x7fc85c531ae9 [ 102.363589][ T4540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 102.383303][ T4540] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 102.391700][ T4540] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 102.399876][ T4540] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 102.407856][ T4540] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 102.415826][ T4540] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 102.423858][ T4540] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 102.431999][ T4540] 07:33:29 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xd211000000000000) 07:33:29 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 23) 07:33:29 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xa, 0x7fff) [ 102.534956][ T4553] FAULT_INJECTION: forcing a failure. [ 102.534956][ T4553] name failslab, interval 1, probability 0, space 0, times 0 [ 102.547656][ T4553] CPU: 1 PID: 4553 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 102.556311][ T4553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 102.566359][ T4553] Call Trace: [ 102.569801][ T4553] [ 102.572719][ T4553] dump_stack_lvl+0xd6/0x122 [ 102.577344][ T4553] dump_stack+0x11/0x1b [ 102.581483][ T4553] should_fail+0x23c/0x250 [ 102.585885][ T4553] ? ext4_mb_new_blocks+0x73e/0x1ee0 [ 102.591188][ T4553] __should_failslab+0x81/0x90 [ 102.596165][ T4553] should_failslab+0x5/0x20 [ 102.600652][ T4553] kmem_cache_alloc+0x4f/0x320 [ 102.605469][ T4553] ext4_mb_new_blocks+0x73e/0x1ee0 [ 102.610594][ T4553] ? ext4_find_extent+0x7b2/0x7f0 [ 102.615622][ T4553] ? ext4_ext_search_right+0x246/0x540 [ 102.621136][ T4553] ext4_ext_map_blocks+0x15f4/0x20a0 [ 102.626409][ T4553] ? ext4_es_lookup_extent+0x221/0x500 [ 102.631909][ T4553] ext4_map_blocks+0x71e/0xf00 [ 102.636660][ T4553] ext4_iomap_begin+0x4b0/0x630 [ 102.641563][ T4553] ? ext4_alloc_da_blocks+0x100/0x100 [ 102.646960][ T4553] iomap_iter+0x395/0x4a0 [ 102.651270][ T4553] __iomap_dio_rw+0x695/0x1070 [ 102.656026][ T4553] ? debug_smp_processor_id+0x18/0x20 [ 102.661377][ T4553] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 102.667186][ T4553] iomap_dio_rw+0x38/0x80 [ 102.671496][ T4553] ? ext4_file_write_iter+0x501/0x1200 [ 102.676957][ T4553] ext4_file_write_iter+0xac3/0x1200 [ 102.682322][ T4553] ? ext4_file_write_iter+0x501/0x1200 [ 102.687786][ T4553] do_iter_readv_writev+0x2de/0x380 [ 102.692966][ T4553] do_iter_write+0x192/0x5c0 [ 102.697538][ T4553] ? debug_smp_processor_id+0x18/0x20 [ 102.703061][ T4553] ? tsan.module_ctor+0x10/0x10 [ 102.707897][ T4553] vfs_iter_write+0x4c/0x70 [ 102.712392][ T4553] iter_file_splice_write+0x43a/0x790 [ 102.717746][ T4553] ? splice_from_pipe+0xd0/0xd0 [ 102.722665][ T4553] direct_splice_actor+0x80/0xa0 [ 102.727597][ T4553] splice_direct_to_actor+0x345/0x650 [ 102.732992][ T4553] ? do_splice_direct+0x190/0x190 [ 102.738096][ T4553] do_splice_direct+0x106/0x190 [ 102.742971][ T4553] do_sendfile+0x675/0xc40 [ 102.747367][ T4553] __x64_sys_sendfile64+0x102/0x140 [ 102.752546][ T4553] do_syscall_64+0x44/0xa0 [ 102.757058][ T4553] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 102.763036][ T4553] RIP: 0033:0x7fc85c531ae9 [ 102.767511][ T4553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 102.787206][ T4553] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 102.795862][ T4553] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 102.803847][ T4553] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 102.811799][ T4553] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 102.819750][ T4553] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 102.827748][ T4553] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 102.835777][ T4553] 07:33:29 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:29 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x68, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:29 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xe4ffffff00000000) 07:33:29 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x12, 0x7fff) 07:33:29 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 24) 07:33:29 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(0x0, 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) [ 102.984901][ T4563] FAULT_INJECTION: forcing a failure. [ 102.984901][ T4563] name failslab, interval 1, probability 0, space 0, times 0 [ 102.997573][ T4563] CPU: 1 PID: 4563 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 103.005930][ T4563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.015979][ T4563] Call Trace: [ 103.019253][ T4563] [ 103.022179][ T4563] dump_stack_lvl+0xd6/0x122 [ 103.026775][ T4563] dump_stack+0x11/0x1b [ 103.030929][ T4563] should_fail+0x23c/0x250 [ 103.035493][ T4563] ? __es_insert_extent+0x546/0xe80 [ 103.040730][ T4563] __should_failslab+0x81/0x90 [ 103.045559][ T4563] should_failslab+0x5/0x20 [ 103.050080][ T4563] kmem_cache_alloc+0x4f/0x320 [ 103.054875][ T4563] __es_insert_extent+0x546/0xe80 [ 103.059936][ T4563] ext4_es_insert_extent+0x1cb/0x19c0 [ 103.065342][ T4563] ext4_map_blocks+0xa5d/0xf00 [ 103.070108][ T4563] ext4_iomap_begin+0x4b0/0x630 [ 103.075038][ T4563] ? ext4_alloc_da_blocks+0x100/0x100 [ 103.080417][ T4563] iomap_iter+0x395/0x4a0 [ 103.084759][ T4563] __iomap_dio_rw+0x695/0x1070 [ 103.089527][ T4563] ? debug_smp_processor_id+0x18/0x20 [ 103.094940][ T4563] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 103.100786][ T4563] iomap_dio_rw+0x38/0x80 [ 103.105117][ T4563] ? ext4_file_write_iter+0x501/0x1200 [ 103.110590][ T4563] ext4_file_write_iter+0xac3/0x1200 [ 103.115956][ T4563] ? ext4_file_write_iter+0x501/0x1200 [ 103.121453][ T4563] do_iter_readv_writev+0x2de/0x380 [ 103.126738][ T4563] do_iter_write+0x192/0x5c0 07:33:29 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x83, 0x7fff) 07:33:29 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xec00000000000000) 07:33:29 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x281, 0x7fff) 07:33:29 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xf4ffffff00000000) 07:33:29 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x500, 0x7fff) 07:33:29 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x700, 0x7fff) [ 103.131398][ T4563] ? splice_from_pipe_next+0x34f/0x3b0 [ 103.137010][ T4563] ? kmalloc_array+0x2d/0x40 [ 103.141626][ T4563] vfs_iter_write+0x4c/0x70 [ 103.146204][ T4563] iter_file_splice_write+0x43a/0x790 [ 103.151733][ T4563] ? splice_from_pipe+0xd0/0xd0 [ 103.156673][ T4563] direct_splice_actor+0x80/0xa0 [ 103.161614][ T4563] splice_direct_to_actor+0x345/0x650 [ 103.166993][ T4563] ? do_splice_direct+0x190/0x190 [ 103.172029][ T4563] do_splice_direct+0x106/0x190 [ 103.176901][ T4563] do_sendfile+0x675/0xc40 [ 103.181314][ T4563] __x64_sys_sendfile64+0x102/0x140 [ 103.186626][ T4563] do_syscall_64+0x44/0xa0 [ 103.191086][ T4563] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 103.197021][ T4563] RIP: 0033:0x7fc85c531ae9 [ 103.201497][ T4563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 103.221078][ T4563] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 103.229497][ T4563] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 103.237478][ T4563] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 103.245473][ T4563] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 103.253429][ T4563] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 103.261427][ T4563] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 103.269480][ T4563] 07:33:30 executing program 1: r0 = creat(0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:30 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xf6ffffff00000000) 07:33:30 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xa00, 0x7fff) 07:33:30 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(0x0, 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:30 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x6c, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:30 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 25) 07:33:30 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xfbffffff00000000) 07:33:30 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x74, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:30 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x1200, 0x7fff) [ 103.464295][ T4588] FAULT_INJECTION: forcing a failure. [ 103.464295][ T4588] name failslab, interval 1, probability 0, space 0, times 0 [ 103.476951][ T4588] CPU: 0 PID: 4588 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 103.485342][ T4588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 103.495434][ T4588] Call Trace: [ 103.498712][ T4588] [ 103.501825][ T4588] dump_stack_lvl+0xd6/0x122 [ 103.506433][ T4588] dump_stack+0x11/0x1b 07:33:30 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x8102, 0x7fff) 07:33:30 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xfeffffff00000000) [ 103.510624][ T4588] should_fail+0x23c/0x250 [ 103.515076][ T4588] ? mempool_alloc_slab+0x16/0x20 [ 103.520124][ T4588] __should_failslab+0x81/0x90 [ 103.524911][ T4588] should_failslab+0x5/0x20 [ 103.529434][ T4588] kmem_cache_alloc+0x4f/0x320 [ 103.534309][ T4588] mempool_alloc_slab+0x16/0x20 [ 103.539165][ T4588] ? mempool_free+0x130/0x130 [ 103.543855][ T4588] mempool_alloc+0x9d/0x310 [ 103.548359][ T4588] ? preempt_count_add+0x4e/0x90 [ 103.553299][ T4588] ? _raw_read_unlock+0x13/0x30 [ 103.558156][ T4588] ? jbd2_transaction_committed+0xad/0xc0 07:33:30 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xff01000000000000) [ 103.563979][ T4588] bio_alloc_bioset+0xcc/0x560 [ 103.568756][ T4588] ? iov_iter_alignment+0x34b/0x370 [ 103.573963][ T4588] iomap_dio_bio_iter+0x5ed/0xc70 [ 103.579172][ T4588] ? ext4_alloc_da_blocks+0x100/0x100 [ 103.584560][ T4588] __iomap_dio_rw+0x8b5/0x1070 [ 103.589494][ T4588] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 103.595392][ T4588] iomap_dio_rw+0x38/0x80 [ 103.599728][ T4588] ? ext4_file_write_iter+0x501/0x1200 [ 103.605192][ T4588] ext4_file_write_iter+0xac3/0x1200 07:33:30 executing program 1: r0 = creat(0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:30 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x8300, 0x7fff) [ 103.610564][ T4588] ? ext4_file_write_iter+0x501/0x1200 [ 103.616132][ T4588] do_iter_readv_writev+0x2de/0x380 [ 103.622404][ T4588] do_iter_write+0x192/0x5c0 [ 103.627032][ T4588] ? debug_smp_processor_id+0x18/0x20 [ 103.632459][ T4588] vfs_iter_write+0x4c/0x70 [ 103.636981][ T4588] iter_file_splice_write+0x43a/0x790 [ 103.642458][ T4588] ? splice_from_pipe+0xd0/0xd0 [ 103.647338][ T4588] direct_splice_actor+0x80/0xa0 [ 103.652281][ T4588] splice_direct_to_actor+0x345/0x650 [ 103.657717][ T4588] ? do_splice_direct+0x190/0x190 07:33:30 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xffffff7f00000000) [ 103.662757][ T4588] do_splice_direct+0x106/0x190 [ 103.667627][ T4588] do_sendfile+0x675/0xc40 [ 103.672046][ T4588] __x64_sys_sendfile64+0x102/0x140 [ 103.677290][ T4588] do_syscall_64+0x44/0xa0 [ 103.681717][ T4588] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 103.687621][ T4588] RIP: 0033:0x7fc85c531ae9 [ 103.692117][ T4588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 07:33:30 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(0x0, 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:30 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xff01, 0x7fff) [ 103.712773][ T4588] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 103.721247][ T4588] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 103.729332][ T4588] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 103.737381][ T4588] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 103.745373][ T4588] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 103.753340][ T4588] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 103.761401][ T4588] 07:33:30 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 26) 07:33:30 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xffffffff00000000) 07:33:30 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x7a, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:30 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xff7f, 0x7fff) 07:33:30 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:30 executing program 1: r0 = creat(0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:30 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x13fd5, 0x7fff) 07:33:30 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xffffffffffffffa1) 07:33:30 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x300, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:30 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x40000, 0x7fff) 07:33:30 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:30 executing program 2: mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x0) rename(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00') [ 103.985265][ T4633] FAULT_INJECTION: forcing a failure. [ 103.985265][ T4633] name failslab, interval 1, probability 0, space 0, times 0 [ 103.998037][ T4633] CPU: 0 PID: 4633 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 104.006555][ T4633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.016610][ T4633] Call Trace: [ 104.019888][ T4633] [ 104.022816][ T4633] dump_stack_lvl+0xd6/0x122 [ 104.027455][ T4633] dump_stack+0x11/0x1b [ 104.031681][ T4633] should_fail+0x23c/0x250 [ 104.036262][ T4633] ? mempool_alloc_slab+0x16/0x20 [ 104.041284][ T4633] __should_failslab+0x81/0x90 [ 104.046050][ T4633] should_failslab+0x5/0x20 [ 104.050566][ T4633] kmem_cache_alloc+0x4f/0x320 [ 104.055347][ T4633] mempool_alloc_slab+0x16/0x20 [ 104.060251][ T4633] ? mempool_free+0x130/0x130 [ 104.064928][ T4633] mempool_alloc+0x9d/0x310 [ 104.069507][ T4633] sg_pool_alloc+0x74/0x90 [ 104.073925][ T4633] __sg_alloc_table+0xce/0x290 [ 104.078788][ T4633] sg_alloc_table_chained+0xaf/0x140 [ 104.084080][ T4633] ? sg_alloc_table_chained+0x140/0x140 [ 104.089728][ T4633] scsi_alloc_sgtables+0x18a/0x510 [ 104.094871][ T4633] ? ext4_mark_iloc_dirty+0x160c/0x16e0 [ 104.100542][ T4633] sd_init_command+0x90e/0x15b0 [ 104.105955][ T4633] scsi_queue_rq+0x101b/0x14d0 [ 104.110746][ T4633] blk_mq_dispatch_rq_list+0x534/0x11d0 [ 104.116416][ T4633] ? __sbitmap_queue_get+0x11/0x20 [ 104.121533][ T4633] blk_mq_do_dispatch_sched+0x446/0x6d0 [ 104.127170][ T4633] __blk_mq_sched_dispatch_requests+0x1ca/0x270 [ 104.133495][ T4633] blk_mq_sched_dispatch_requests+0x9f/0x110 [ 104.139559][ T4633] __blk_mq_run_hw_queue+0xc1/0x140 [ 104.144787][ T4633] __blk_mq_delay_run_hw_queue+0x199/0x360 [ 104.150687][ T4633] ? __rcu_read_unlock+0x5c/0x290 [ 104.155768][ T4633] blk_mq_run_hw_queue+0x231/0x260 [ 104.160898][ T4633] blk_mq_sched_insert_requests+0x130/0x200 [ 104.166812][ T4633] blk_mq_flush_plug_list+0x372/0x460 [ 104.172257][ T4633] blk_flush_plug+0x252/0x2b0 [ 104.176929][ T4633] ? ext4_iomap_end+0x33/0x50 [ 104.181755][ T4633] blk_finish_plug+0x44/0x60 [ 104.186389][ T4633] __iomap_dio_rw+0xcad/0x1070 [ 104.191136][ T4633] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 104.197280][ T4633] iomap_dio_rw+0x38/0x80 [ 104.201620][ T4633] ? ext4_file_write_iter+0x501/0x1200 [ 104.207176][ T4633] ext4_file_write_iter+0xac3/0x1200 [ 104.212443][ T4633] ? ext4_file_write_iter+0x501/0x1200 [ 104.217894][ T4633] do_iter_readv_writev+0x2de/0x380 [ 104.223109][ T4633] do_iter_write+0x192/0x5c0 [ 104.227690][ T4633] ? splice_from_pipe_next+0x34f/0x3b0 [ 104.233277][ T4633] ? kmalloc_array+0x2d/0x40 [ 104.237968][ T4633] vfs_iter_write+0x4c/0x70 [ 104.242513][ T4633] iter_file_splice_write+0x43a/0x790 [ 104.247871][ T4633] ? splice_from_pipe+0xd0/0xd0 [ 104.252718][ T4633] direct_splice_actor+0x80/0xa0 [ 104.257642][ T4633] splice_direct_to_actor+0x345/0x650 [ 104.263117][ T4633] ? do_splice_direct+0x190/0x190 [ 104.268131][ T4633] do_splice_direct+0x106/0x190 [ 104.273464][ T4633] do_sendfile+0x675/0xc40 [ 104.277890][ T4633] __x64_sys_sendfile64+0x102/0x140 [ 104.283117][ T4633] do_syscall_64+0x44/0xa0 [ 104.287595][ T4633] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 104.293518][ T4633] RIP: 0033:0x7fc85c531ae9 [ 104.297931][ T4633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 104.317612][ T4633] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 104.326003][ T4633] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 104.334076][ T4633] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 104.342617][ T4633] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 104.350568][ T4633] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 104.358523][ T4633] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 104.366480][ T4633] 07:33:31 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 27) 07:33:31 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x6, 0x5, &(0x7f0000000480)=[{&(0x7f0000000080)="38b8e135b7a77743d5cec24f16242b82cfffaf58e822fa27c7a8acc60def5d3b7955a7e45aa3d9617653d605000cfd1ea0303331ed40db56efbb11f79c1edd5b787050a540b422aa6bfae8dc51ae934c1dc061cb764099b70d4096e1ec0a45ca4b7266808c99f2810345fcc8229960018d3575b19573d39894d2674e1be428ff121e2dacba8c51070e0680ec148471d5cabd42b0bfc5b40b27abbff0c16d487b4b17cb648082b8d7e0c72850f7a293c16cf8b17fcaf37baa024fd73fbbfed8505eecb87e334387156c354ebe85f2fd186de1776a40605126fe9bf00d993a93752f3d2791bc973eba0a2fbbd3f8a3fa934e1115152e0d3d13cc5ff0f18215", 0xfe, 0x8}, {&(0x7f0000000180)="b79758f73f0b0a761998efdcf48be47aadb01d6a02120fa1362db90ceba05b81d69545d7d88c3aa1f1ca2595f1067d6855269718e6302a431ac948456b538be4984797fbdefd7d9466cd42560d2bc3779673d75673bddb22125725b716b69c00ad85cfd1ea278d89f20b69d2e6a77c4075f09024b712768bab2e79a4872e463647088b79b621dac001edf1de926a9c064a7fa1df356ea2e58daa7ec7d94b4e1ec082af332e90f5217e5a75c320b194d8dbc9439e3209aa9e9e3f8b1a4bdf29333aba0c0fb3ee14e9d648200aa75ac1defeda44a19830427bd218f01c0181ad31796517acbb6810f83855f951", 0xec, 0x5}, {&(0x7f00000002c0)="8a4a", 0x2, 0x8}, {&(0x7f0000000300)="6cbe88bcc5dc083c24cf33ab3889b5b74f9d94555884b730432163da8ac70505109e188e5c30c8581226f63f85b3d385e15dff9a0d5f68768154bf9e8df5e6377c43c09fcb0f83f8c1bf4484335c6e769ebeb0a18dd2f4ab0d3e6a4b5c6406fb3743e26aeeda49a619c2d4ff4d952624676f9fbefad44d787eb0357de62e84bf7aca01201ad766", 0x87, 0xfff}, {&(0x7f00000003c0)="d8b81b87119df7468aaebef99e5c66622f37aa5128f5eb9cc712bf5079dac73e29a5c18eb8778fefc90f7dff6648a6e82aa13d2eca5dcc899bfa2b43fe9fccc190fd749d06d24fdf77020af911d65b3e3854144d3006e94a218444c7eda7e2ae5fb24172e5848cc26bac2a7e40b4a0101cd6488f385e3fcab39becc766b101e239eb897b3770de5813638a328389e7a270cdd1d8dd6df0ec7e02a655d8a234e67d7ade78e0832f6448", 0xa9, 0x4}], 0x4800f, &(0x7f0000000500)={[{@nomblk_io_submit}], [{@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@uid_lt={'uid<', 0xffffffffffffffff}}, {@dont_measure}, {@fsuuid={'fsuuid', 0x3d, {[0x66, 0x62, 0x61, 0x32, 0x36, 0x36, 0x36, 0x36], 0x2d, [0x36, 0x34, 0x62, 0x64], 0x2d, [0x39, 0x38, 0x31, 0x33], 0x2d, [0x65, 0x65, 0x35, 0x38], 0x2d, [0x39, 0x4a, 0xf1, 0x35, 0x31, 0x0, 0x31, 0x64]}}}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '*@*]'}}]}) r0 = memfd_secret(0x0) r1 = memfd_create(&(0x7f0000000300)='\x00\xc2\xea\x99\xbb\x1c\xdfjw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00'/204, 0x0) write(r1, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3000009, 0x11, r1, 0x0) fcntl$dupfd(r1, 0x0, r0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0) move_pages(0x0, 0x1, &(0x7f00000000c0)=[&(0x7f0000ffc000/0x4000)=nil], &(0x7f0000000140), 0x0, 0x0) getegid() lgetxattr(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)=@random={'osx.', '\x00'}, &(0x7f0000000640)=""/125, 0x7d) 07:33:31 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x500, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x800000, 0x7fff) 07:33:31 executing program 1: creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:31 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x1000000, 0x7fff) 07:33:31 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:31 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x600, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 104.500378][ T4655] loop2: detected capacity change from 0 to 15 07:33:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x2000000, 0x7fff) [ 104.548129][ T4657] FAULT_INJECTION: forcing a failure. [ 104.548129][ T4657] name failslab, interval 1, probability 0, space 0, times 0 [ 104.560802][ T4657] CPU: 0 PID: 4657 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 104.569153][ T4657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.579208][ T4657] Call Trace: [ 104.582482][ T4657] [ 104.585406][ T4657] dump_stack_lvl+0xd6/0x122 [ 104.590030][ T4657] dump_stack+0x11/0x1b [ 104.594197][ T4657] should_fail+0x23c/0x250 07:33:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x4000000, 0x7fff) 07:33:31 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x700, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 104.598599][ T4657] ? jbd2__journal_start+0xf7/0x3f0 [ 104.604035][ T4657] __should_failslab+0x81/0x90 [ 104.608822][ T4657] should_failslab+0x5/0x20 [ 104.613326][ T4657] kmem_cache_alloc+0x4f/0x320 [ 104.618464][ T4657] jbd2__journal_start+0xf7/0x3f0 [ 104.623590][ T4657] __ext4_journal_start_sb+0x159/0x310 [ 104.629095][ T4657] ext4_file_write_iter+0xbe6/0x1200 [ 104.634423][ T4657] do_iter_readv_writev+0x2de/0x380 [ 104.639628][ T4657] do_iter_write+0x192/0x5c0 [ 104.644226][ T4657] ? debug_smp_processor_id+0x18/0x20 [ 104.649604][ T4657] vfs_iter_write+0x4c/0x70 [ 104.654158][ T4657] iter_file_splice_write+0x43a/0x790 [ 104.659678][ T4657] ? splice_from_pipe+0xd0/0xd0 [ 104.664609][ T4657] direct_splice_actor+0x80/0xa0 [ 104.669581][ T4657] splice_direct_to_actor+0x345/0x650 [ 104.674951][ T4657] ? do_splice_direct+0x190/0x190 [ 104.680031][ T4657] do_splice_direct+0x106/0x190 [ 104.684904][ T4657] do_sendfile+0x675/0xc40 [ 104.689349][ T4657] __x64_sys_sendfile64+0x102/0x140 [ 104.694543][ T4657] do_syscall_64+0x44/0xa0 [ 104.699042][ T4657] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 104.704990][ T4657] RIP: 0033:0x7fc85c531ae9 [ 104.709559][ T4657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 104.729440][ T4657] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 104.737875][ T4657] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 104.745834][ T4657] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 104.753794][ T4657] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 104.761824][ T4657] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 104.769783][ T4657] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 104.777986][ T4657] 07:33:31 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 28) [ 104.794839][ T4655] loop2: detected capacity change from 0 to 15 [ 104.818123][ T4674] FAULT_INJECTION: forcing a failure. [ 104.818123][ T4674] name failslab, interval 1, probability 0, space 0, times 0 [ 104.830779][ T4674] CPU: 1 PID: 4674 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 104.839229][ T4674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 104.849452][ T4674] Call Trace: [ 104.852714][ T4674] [ 104.855625][ T4674] dump_stack_lvl+0xd6/0x122 [ 104.860208][ T4674] dump_stack+0x11/0x1b [ 104.864526][ T4674] should_fail+0x23c/0x250 [ 104.868924][ T4674] ? kmalloc_array+0x2d/0x40 [ 104.873495][ T4674] __should_failslab+0x81/0x90 [ 104.878413][ T4674] should_failslab+0x5/0x20 [ 104.882957][ T4674] __kmalloc+0x6f/0x370 [ 104.887111][ T4674] kmalloc_array+0x2d/0x40 [ 104.891534][ T4674] iter_file_splice_write+0xd5/0x790 [ 104.896839][ T4674] ? atime_needs_update+0x2ba/0x390 [ 104.902086][ T4674] ? touch_atime+0x11f/0x2e0 [ 104.906707][ T4674] ? generic_file_splice_read+0x2a9/0x330 [ 104.912408][ T4674] ? splice_from_pipe+0xd0/0xd0 [ 104.917283][ T4674] direct_splice_actor+0x80/0xa0 [ 104.922280][ T4674] splice_direct_to_actor+0x345/0x650 [ 104.927698][ T4674] ? do_splice_direct+0x190/0x190 [ 104.932807][ T4674] do_splice_direct+0x106/0x190 [ 104.937679][ T4674] do_sendfile+0x675/0xc40 [ 104.942158][ T4674] __x64_sys_sendfile64+0x102/0x140 [ 104.947342][ T4674] do_syscall_64+0x44/0xa0 [ 104.951780][ T4674] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 104.957706][ T4674] RIP: 0033:0x7fc85c531ae9 [ 104.962098][ T4674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 104.981821][ T4674] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 104.990226][ T4674] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 07:33:31 executing program 2: sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, &(0x7f0000002d00)={&(0x7f0000002bc0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000002cc0)={&(0x7f0000002c00)={0xac, 0x0, 0x1, 0x70bd26, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x401}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x933}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x7}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x435a}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xffff}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x9}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x28}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8000}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'virt_wifi0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x40}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x20}]}, 0xac}, 0x1, 0x0, 0x0, 0x800}, 0x800) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) recvmmsg$unix(0xffffffffffffffff, &(0x7f00000029c0)=[{{&(0x7f0000000000)=@abs, 0x6e, &(0x7f0000000440)=[{&(0x7f0000000080)=""/228, 0xe4}, {&(0x7f0000000180)=""/116, 0x74}, {&(0x7f00000002c0)=""/202, 0xca}, {&(0x7f0000000200)=""/56, 0x38}, {&(0x7f0000000240)=""/40, 0x28}, {&(0x7f00000003c0)=""/67, 0x43}], 0x6, &(0x7f00000004c0)=[@rights={{0x10}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000000540)=@abs, 0x6e, &(0x7f0000001880)=[{&(0x7f00000005c0)=""/252, 0xfc}, {&(0x7f00000006c0)=""/126, 0x7e}, {&(0x7f0000000740)=""/4096, 0x1000}, {&(0x7f0000001740)=""/119, 0x77}, {&(0x7f00000017c0)=""/68, 0x44}, {&(0x7f0000001840)=""/51, 0x33}], 0x6, &(0x7f0000001900)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000001940)=@abs, 0x6e, &(0x7f0000001c80)=[{&(0x7f00000019c0)=""/41, 0x29}, {&(0x7f0000001a00)=""/146, 0x92}, {&(0x7f0000001ac0)=""/192, 0xc0}, {&(0x7f0000001b80)=""/197, 0xc5}], 0x4, &(0x7f0000001cc0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x110}}, {{&(0x7f0000001e00), 0x6e, &(0x7f0000001fc0)=[{&(0x7f0000001e80)=""/30, 0x1e}, {&(0x7f0000001ec0)=""/210, 0xd2}], 0x2, &(0x7f0000002000)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa0}}, {{&(0x7f00000020c0)=@abs, 0x6e, &(0x7f0000002200)=[{&(0x7f0000002140)=""/149, 0x95}], 0x1, &(0x7f0000002240)=[@cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xb8}}, {{&(0x7f0000002300), 0x6e, &(0x7f0000002680)=[{&(0x7f0000002380)=""/13, 0xd}, {&(0x7f00000023c0)=""/15, 0xf}, {&(0x7f0000002400)=""/90, 0x5a}, {&(0x7f0000002480)=""/205, 0xcd}, {&(0x7f0000002580)=""/125, 0x7d}, {&(0x7f0000002600)=""/83, 0x53}], 0x6, &(0x7f0000002700)=[@cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x138}}, {{&(0x7f0000002840), 0x6e, &(0x7f0000002900)=[{&(0x7f00000028c0)=""/51, 0x33}], 0x1, &(0x7f0000002940)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x58}}], 0x7, 0x40000102, &(0x7f0000002b80)={0x0, 0x989680}) 07:33:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x5000000, 0x7fff) 07:33:31 executing program 1: creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:31 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x87f, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:31 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:31 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 29) [ 104.998175][ T4674] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 105.006128][ T4674] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 105.014084][ T4674] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 105.022880][ T4674] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 105.030972][ T4674] 07:33:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x7000000, 0x7fff) [ 105.093009][ T4685] FAULT_INJECTION: forcing a failure. [ 105.093009][ T4685] name failslab, interval 1, probability 0, space 0, times 0 [ 105.105737][ T4685] CPU: 1 PID: 4685 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 105.114064][ T4685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 105.124119][ T4685] Call Trace: [ 105.127403][ T4685] [ 105.130353][ T4685] dump_stack_lvl+0xd6/0x122 [ 105.134968][ T4685] dump_stack+0x11/0x1b [ 105.139203][ T4685] should_fail+0x23c/0x250 [ 105.143646][ T4685] ? jbd2__journal_start+0xf7/0x3f0 [ 105.148868][ T4685] __should_failslab+0x81/0x90 [ 105.153640][ T4685] should_failslab+0x5/0x20 [ 105.158221][ T4685] kmem_cache_alloc+0x4f/0x320 [ 105.163016][ T4685] jbd2__journal_start+0xf7/0x3f0 [ 105.168115][ T4685] __ext4_journal_start_sb+0x159/0x310 [ 105.173581][ T4685] ? ext4_expand_extra_isize+0x560/0x560 [ 105.179214][ T4685] ext4_dirty_inode+0x58/0xa0 [ 105.183928][ T4685] __mark_inode_dirty+0x72/0x6c0 07:33:31 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:31 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x880, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:31 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) 07:33:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x8000000, 0x7fff) 07:33:31 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) [ 105.188861][ T4685] ? ktime_get_coarse_real_ts64+0x10d/0x120 [ 105.194766][ T4685] inode_update_time+0x1b4/0x1d0 [ 105.199708][ T4685] file_update_time+0x1f3/0x230 [ 105.204622][ T4685] file_modified+0x62/0x80 [ 105.209044][ T4685] ext4_file_write_iter+0x795/0x1200 [ 105.214363][ T4685] ? ext4_file_write_iter+0x501/0x1200 [ 105.219832][ T4685] do_iter_readv_writev+0x2de/0x380 [ 105.225029][ T4685] do_iter_write+0x192/0x5c0 [ 105.229681][ T4685] ? splice_from_pipe_next+0x34f/0x3b0 [ 105.235202][ T4685] ? kmalloc_array+0x2d/0x40 07:33:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xa000000, 0x7fff) 07:33:31 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) [ 105.239866][ T4685] vfs_iter_write+0x4c/0x70 [ 105.244366][ T4685] iter_file_splice_write+0x43a/0x790 [ 105.249757][ T4685] ? splice_from_pipe+0xd0/0xd0 [ 105.254622][ T4685] direct_splice_actor+0x80/0xa0 [ 105.259644][ T4685] splice_direct_to_actor+0x345/0x650 [ 105.265097][ T4685] ? do_splice_direct+0x190/0x190 [ 105.270176][ T4685] do_splice_direct+0x106/0x190 [ 105.275153][ T4685] do_sendfile+0x675/0xc40 [ 105.279875][ T4685] __x64_sys_sendfile64+0x102/0x140 [ 105.285083][ T4685] do_syscall_64+0x44/0xa0 [ 105.289534][ T4685] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 105.295515][ T4685] RIP: 0033:0x7fc85c531ae9 [ 105.299925][ T4685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 105.319537][ T4685] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 105.328047][ T4685] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 105.336188][ T4685] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 105.344143][ T4685] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 105.352094][ T4685] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 105.360311][ T4685] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 105.368267][ T4685] 07:33:32 executing program 1: creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) 07:33:32 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) r1 = socket(0x10, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_COALESCE_GET(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x0, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}]}]}, 0x2c}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), r2) sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0xf07}, 0x14}}, 0x0) sendmsg$IPVS_CMD_GET_DAEMON(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x84, r3, 0x20, 0x70bd2d, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x200}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xca8}, @IPVS_CMD_ATTR_SERVICE={0x30, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wlc\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'lblc\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x35}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_SERVICE={0x30, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x48000}, 0x4011) mkdir(&(0x7f0000000000)='./file0\x00', 0x6d) 07:33:32 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x12000000, 0x7fff) 07:33:32 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 30) 07:33:32 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x80000001) 07:33:32 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x900, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:32 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x81020000, 0x7fff) 07:33:32 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x80000001) 07:33:32 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xa00, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:32 executing program 2: ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f513, 0xfffffffffffffffe) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) 07:33:32 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) chdir(&(0x7f0000000000)='./file0\x00') [ 105.566151][ T4724] FAULT_INJECTION: forcing a failure. [ 105.566151][ T4724] name failslab, interval 1, probability 0, space 0, times 0 [ 105.578922][ T4724] CPU: 1 PID: 4724 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 105.587269][ T4724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 105.597356][ T4724] Call Trace: [ 105.600637][ T4724] [ 105.603565][ T4724] dump_stack_lvl+0xd6/0x122 [ 105.608170][ T4724] dump_stack+0x11/0x1b 07:33:32 executing program 2: ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee01, 0xee01}}, './file0\x00'}) r1 = memfd_create(&(0x7f0000000300)='\x00\xc2\xea\x99\xbb\x1c\xdfjw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00'/204, 0x0) write(r1, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f00000000c0)={0x0, 0x6, 0xfff}) ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f00000004c0)={{r1}, {@val={r2}, @max}}) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000040)={'security\x00', 0x4, [{}, {}, {}, {}]}, 0x68) [ 105.612324][ T4724] should_fail+0x23c/0x250 [ 105.616846][ T4724] ? __iomap_dio_rw+0x143/0x1070 [ 105.621941][ T4724] __should_failslab+0x81/0x90 [ 105.626712][ T4724] should_failslab+0x5/0x20 [ 105.631260][ T4724] kmem_cache_alloc_trace+0x52/0x350 [ 105.636557][ T4724] ? jbd2_journal_dirty_metadata+0x218/0x690 [ 105.642550][ T4724] __iomap_dio_rw+0x143/0x1070 [ 105.647352][ T4724] ? preempt_count_add+0x4e/0x90 [ 105.652361][ T4724] ? debug_smp_processor_id+0x18/0x20 [ 105.657794][ T4724] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 105.663618][ T4724] iomap_dio_rw+0x38/0x80 [ 105.668001][ T4724] ? ext4_file_write_iter+0x501/0x1200 [ 105.673445][ T4724] ext4_file_write_iter+0xac3/0x1200 [ 105.678740][ T4724] ? ext4_file_write_iter+0x501/0x1200 [ 105.684193][ T4724] do_iter_readv_writev+0x2de/0x380 [ 105.689370][ T4724] do_iter_write+0x192/0x5c0 [ 105.693984][ T4724] ? splice_from_pipe_next+0x34f/0x3b0 [ 105.699491][ T4724] ? kmalloc_array+0x2d/0x40 [ 105.704126][ T4724] vfs_iter_write+0x4c/0x70 [ 105.708625][ T4724] iter_file_splice_write+0x43a/0x790 [ 105.713995][ T4724] ? splice_from_pipe+0xd0/0xd0 [ 105.718861][ T4724] direct_splice_actor+0x80/0xa0 [ 105.723794][ T4724] splice_direct_to_actor+0x345/0x650 [ 105.729146][ T4724] ? do_splice_direct+0x190/0x190 [ 105.734278][ T4724] do_splice_direct+0x106/0x190 [ 105.739161][ T4724] do_sendfile+0x675/0xc40 [ 105.743581][ T4724] __x64_sys_sendfile64+0x102/0x140 [ 105.748810][ T4724] do_syscall_64+0x44/0xa0 [ 105.753341][ T4724] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 105.759336][ T4724] RIP: 0033:0x7fc85c531ae9 [ 105.763873][ T4724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 105.783652][ T4724] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 105.792047][ T4724] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 105.800097][ T4724] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 105.808127][ T4724] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 105.816162][ T4724] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 105.824127][ T4724] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 105.832092][ T4724] 07:33:32 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:32 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x83000000, 0x7fff) 07:33:32 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) 07:33:32 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x80000001) 07:33:32 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xb00, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:32 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 31) 07:33:32 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x0) 07:33:32 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x104) [ 105.942687][ T4742] EXT4-fs: 62 callbacks suppressed [ 105.942700][ T4742] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 105.955018][ T4742] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 105.969733][ T4752] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 105.976897][ T4752] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:32 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xd53f0100, 0x7fff) 07:33:32 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xc00, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:32 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) umount2(&(0x7f0000000000)='./file0\x00', 0x5) open(&(0x7f0000000040)='./file0\x00', 0x1, 0x100) [ 106.001775][ T4750] FAULT_INJECTION: forcing a failure. [ 106.001775][ T4750] name failslab, interval 1, probability 0, space 0, times 0 [ 106.014408][ T4750] CPU: 0 PID: 4750 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 106.022736][ T4750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 106.032792][ T4750] Call Trace: [ 106.036082][ T4750] [ 106.039017][ T4750] dump_stack_lvl+0xd6/0x122 [ 106.043610][ T4750] dump_stack+0x11/0x1b [ 106.047819][ T4750] should_fail+0x23c/0x250 07:33:32 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xf4ffffff, 0x7fff) [ 106.052316][ T4750] ? jbd2__journal_start+0xf7/0x3f0 [ 106.057594][ T4750] __should_failslab+0x81/0x90 [ 106.062390][ T4750] should_failslab+0x5/0x20 [ 106.066932][ T4750] kmem_cache_alloc+0x4f/0x320 [ 106.071961][ T4750] jbd2__journal_start+0xf7/0x3f0 [ 106.077035][ T4750] __ext4_journal_start_sb+0x159/0x310 [ 106.082672][ T4750] ? ext4_file_write_iter+0x501/0x1200 [ 106.088208][ T4750] ext4_file_write_iter+0x992/0x1200 [ 106.093500][ T4750] ? ext4_file_write_iter+0x501/0x1200 07:33:32 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:32 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x2, 0x101) mount(&(0x7f0000000040)=@nullb, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='jfs\x00', 0x0, 0x0) acct(0x0) [ 106.098999][ T4750] do_iter_readv_writev+0x2de/0x380 [ 106.104257][ T4750] do_iter_write+0x192/0x5c0 [ 106.108971][ T4750] ? debug_smp_processor_id+0x18/0x20 [ 106.114358][ T4750] vfs_iter_write+0x4c/0x70 [ 106.118860][ T4750] iter_file_splice_write+0x43a/0x790 [ 106.124407][ T4750] ? splice_from_pipe+0xd0/0xd0 [ 106.129259][ T4750] direct_splice_actor+0x80/0xa0 [ 106.134206][ T4750] splice_direct_to_actor+0x345/0x650 [ 106.139623][ T4750] ? do_splice_direct+0x190/0x190 [ 106.144651][ T4750] do_splice_direct+0x106/0x190 07:33:32 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xfbffffff, 0x7fff) [ 106.149582][ T4750] do_sendfile+0x675/0xc40 [ 106.154204][ T4750] __x64_sys_sendfile64+0x102/0x140 [ 106.159456][ T4750] do_syscall_64+0x44/0xa0 [ 106.163907][ T4750] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 106.169867][ T4750] RIP: 0033:0x7fc85c531ae9 [ 106.174284][ T4750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 106.194237][ T4750] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 07:33:32 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xfeffffff, 0x7fff) [ 106.202714][ T4750] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 106.210789][ T4750] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 106.218764][ T4750] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 106.226808][ T4750] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 106.234864][ T4750] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 106.242932][ T4750] 07:33:32 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 32) 07:33:33 executing program 2: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000000)) 07:33:33 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x0) 07:33:33 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xff010000, 0x7fff) [ 106.269244][ T4775] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 106.276596][ T4775] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 106.303064][ T4778] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 106.310395][ T4778] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:33 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xff7f0000, 0x7fff) 07:33:33 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xd00, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:33 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:33 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xffffff7f, 0x7fff) [ 106.355994][ T4783] FAULT_INJECTION: forcing a failure. [ 106.355994][ T4783] name failslab, interval 1, probability 0, space 0, times 0 [ 106.369879][ T4783] CPU: 0 PID: 4783 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 106.378235][ T4783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 106.388513][ T4783] Call Trace: [ 106.391790][ T4783] [ 106.394817][ T4783] dump_stack_lvl+0xd6/0x122 [ 106.399461][ T4783] dump_stack+0x11/0x1b 07:33:33 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xfffffff4, 0x7fff) 07:33:33 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xfffffffb, 0x7fff) [ 106.403622][ T4783] should_fail+0x23c/0x250 [ 106.408048][ T4783] ? jbd2__journal_start+0xf7/0x3f0 [ 106.413256][ T4783] __should_failslab+0x81/0x90 [ 106.418059][ T4783] should_failslab+0x5/0x20 [ 106.422568][ T4783] kmem_cache_alloc+0x4f/0x320 [ 106.427358][ T4783] jbd2__journal_start+0xf7/0x3f0 [ 106.432478][ T4783] __ext4_journal_start_sb+0x159/0x310 [ 106.437982][ T4783] ext4_iomap_begin+0x408/0x630 [ 106.442909][ T4783] ? ext4_alloc_da_blocks+0x100/0x100 [ 106.448367][ T4783] iomap_iter+0x395/0x4a0 07:33:33 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) 07:33:33 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xfffffffe, 0x7fff) [ 106.452706][ T4783] __iomap_dio_rw+0x695/0x1070 [ 106.457461][ T4783] ? debug_smp_processor_id+0x18/0x20 [ 106.462831][ T4783] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 106.468763][ T4783] iomap_dio_rw+0x38/0x80 [ 106.473095][ T4783] ? ext4_file_write_iter+0x501/0x1200 [ 106.478592][ T4783] ext4_file_write_iter+0xac3/0x1200 [ 106.483881][ T4783] ? ext4_file_write_iter+0x501/0x1200 [ 106.489344][ T4783] do_iter_readv_writev+0x2de/0x380 [ 106.494763][ T4783] do_iter_write+0x192/0x5c0 [ 106.499357][ T4783] ? debug_smp_processor_id+0x18/0x20 [ 106.505030][ T4783] vfs_iter_write+0x4c/0x70 [ 106.509533][ T4783] iter_file_splice_write+0x43a/0x790 [ 106.514960][ T4783] ? splice_from_pipe+0xd0/0xd0 [ 106.519865][ T4783] direct_splice_actor+0x80/0xa0 [ 106.524876][ T4783] splice_direct_to_actor+0x345/0x650 [ 106.530248][ T4783] ? do_splice_direct+0x190/0x190 [ 106.535298][ T4783] do_splice_direct+0x106/0x190 [ 106.540160][ T4783] do_sendfile+0x675/0xc40 [ 106.544727][ T4783] __x64_sys_sendfile64+0x102/0x140 [ 106.550001][ T4783] do_syscall_64+0x44/0xa0 [ 106.554477][ T4783] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 106.560464][ T4783] RIP: 0033:0x7fc85c531ae9 [ 106.565002][ T4783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 106.584676][ T4783] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 106.593125][ T4783] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 07:33:33 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 33) 07:33:33 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x4000000000000, 0x7fff) [ 106.601240][ T4783] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 106.609309][ T4783] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 106.617322][ T4783] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 106.625290][ T4783] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 106.633350][ T4783] 07:33:33 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x0) 07:33:33 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x10) 07:33:33 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(0x0, 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) [ 106.670593][ T4805] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 106.677688][ T4805] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:33 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xe00, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:33 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x80000000000000, 0x7fff) 07:33:33 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x100) mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x22, &(0x7f0000000080)={[{@gid}, {@size={'size', 0x3d, [0x67, 0x30, 0x37, 0x33, 0x39]}}, {@huge_within_size}], [{@subj_type={'subj_type', 0x3d, '@!\x81{{]#}!\x90:'}}]}) 07:33:33 executing program 4: socket$inet6_tcp(0xa, 0x1, 0x0) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:33 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(0x0, 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) [ 106.726413][ T4813] FAULT_INJECTION: forcing a failure. [ 106.726413][ T4813] name failslab, interval 1, probability 0, space 0, times 0 [ 106.739074][ T4813] CPU: 0 PID: 4813 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 106.747408][ T4813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 106.757515][ T4813] Call Trace: [ 106.760792][ T4813] [ 106.763803][ T4813] dump_stack_lvl+0xd6/0x122 [ 106.768437][ T4813] dump_stack+0x11/0x1b 07:33:33 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(0x0, 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:33 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x28) open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x100) [ 106.772657][ T4813] should_fail+0x23c/0x250 [ 106.777073][ T4813] ? kcalloc+0x32/0x50 [ 106.781168][ T4813] __should_failslab+0x81/0x90 [ 106.785966][ T4813] should_failslab+0x5/0x20 [ 106.790468][ T4813] __kmalloc+0x6f/0x370 [ 106.794663][ T4813] ? blk_mq_dispatch_rq_list+0xee5/0x11d0 [ 106.800440][ T4813] kcalloc+0x32/0x50 [ 106.804423][ T4813] ext4_find_extent+0x21c/0x7f0 [ 106.809286][ T4813] ext4_ext_map_blocks+0x115/0x20a0 [ 106.814579][ T4813] ? preempt_count_add+0x4e/0x90 [ 106.819619][ T4813] ? _raw_read_unlock+0x13/0x30 [ 106.824480][ T4813] ? start_this_handle+0xfa6/0x1050 [ 106.829683][ T4813] ? ext4_es_lookup_extent+0x221/0x500 [ 106.835146][ T4813] ext4_map_blocks+0x71e/0xf00 [ 106.839914][ T4813] ext4_iomap_begin+0x4b0/0x630 [ 106.844834][ T4813] ? ext4_alloc_da_blocks+0x100/0x100 [ 106.850226][ T4813] iomap_iter+0x395/0x4a0 [ 106.854640][ T4813] __iomap_dio_rw+0x695/0x1070 [ 106.859435][ T4813] ? debug_smp_processor_id+0x18/0x20 [ 106.864813][ T4813] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 106.870636][ T4813] iomap_dio_rw+0x38/0x80 [ 106.874972][ T4813] ? ext4_file_write_iter+0x501/0x1200 [ 106.880463][ T4813] ext4_file_write_iter+0xac3/0x1200 [ 106.885768][ T4813] ? ext4_file_write_iter+0x501/0x1200 [ 106.891324][ T4813] do_iter_readv_writev+0x2de/0x380 [ 106.896498][ T4813] do_iter_write+0x192/0x5c0 [ 106.901169][ T4813] ? splice_from_pipe_next+0x34f/0x3b0 [ 106.906823][ T4813] ? kmalloc_array+0x2d/0x40 [ 106.911424][ T4813] vfs_iter_write+0x4c/0x70 [ 106.915937][ T4813] iter_file_splice_write+0x43a/0x790 [ 106.921291][ T4813] ? splice_from_pipe+0xd0/0xd0 [ 106.926121][ T4813] direct_splice_actor+0x80/0xa0 [ 106.931279][ T4813] splice_direct_to_actor+0x345/0x650 [ 106.936854][ T4813] ? do_splice_direct+0x190/0x190 [ 106.941868][ T4813] do_splice_direct+0x106/0x190 [ 106.946700][ T4813] do_sendfile+0x675/0xc40 [ 106.951112][ T4813] __x64_sys_sendfile64+0x102/0x140 [ 106.956290][ T4813] do_syscall_64+0x44/0xa0 [ 106.960687][ T4813] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 106.966573][ T4813] RIP: 0033:0x7fc85c531ae9 [ 106.971019][ T4813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 106.991470][ T4813] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 106.999873][ T4813] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 107.007856][ T4813] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 107.015822][ T4813] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 07:33:33 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 34) 07:33:33 executing program 2: ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x40}}, './file0\x00'}) ioctl$RTC_WIE_OFF(r0, 0x7010) r1 = accept4$packet(r0, 0x0, &(0x7f0000000040), 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r2) ioctl$BTRFS_IOC_FS_INFO(r2, 0x8400941f, &(0x7f0000000140)) fgetxattr(r1, &(0x7f0000000080)=@known='trusted.overlay.metacopy\x00', &(0x7f00000000c0)=""/110, 0x6e) 07:33:33 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x100000000000000, 0x7fff) 07:33:33 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:33 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x1100, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 107.023855][ T4813] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 107.031949][ T4813] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 107.040162][ T4813] 07:33:33 executing program 2: pread64(0xffffffffffffffff, &(0x7f0000000000)=""/222, 0xde, 0x6) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)={'syz1', "d97846da02000000000000008f80e69a63000000000000000000"}, 0x1e) 07:33:33 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x200000000000000, 0x7fff) 07:33:33 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) [ 107.124829][ T4840] FAULT_INJECTION: forcing a failure. [ 107.124829][ T4840] name failslab, interval 1, probability 0, space 0, times 0 [ 107.137604][ T4840] CPU: 0 PID: 4840 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 107.146110][ T4840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 107.156189][ T4840] Call Trace: [ 107.159454][ T4840] [ 107.162375][ T4840] dump_stack_lvl+0xd6/0x122 [ 107.167034][ T4840] dump_stack+0x11/0x1b [ 107.171168][ T4840] should_fail+0x23c/0x250 [ 107.175694][ T4840] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 107.180970][ T4840] __should_failslab+0x81/0x90 [ 107.185747][ T4840] should_failslab+0x5/0x20 [ 107.190347][ T4840] kmem_cache_alloc+0x4f/0x320 [ 107.195165][ T4840] ext4_mb_new_blocks+0x328/0x1ee0 [ 107.200563][ T4840] ? ext4_find_extent+0x7b2/0x7f0 [ 107.205641][ T4840] ? ext4_ext_search_right+0x246/0x540 [ 107.211091][ T4840] ext4_ext_map_blocks+0x15f4/0x20a0 [ 107.216370][ T4840] ? ext4_es_lookup_extent+0x221/0x500 [ 107.221849][ T4840] ext4_map_blocks+0x71e/0xf00 [ 107.226600][ T4840] ext4_iomap_begin+0x4b0/0x630 [ 107.231477][ T4840] ? ext4_alloc_da_blocks+0x100/0x100 [ 107.236946][ T4840] iomap_iter+0x395/0x4a0 [ 107.241313][ T4840] __iomap_dio_rw+0x695/0x1070 [ 107.246257][ T4840] ? debug_smp_processor_id+0x18/0x20 [ 107.251721][ T4840] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 107.257541][ T4840] iomap_dio_rw+0x38/0x80 [ 107.261936][ T4840] ? ext4_file_write_iter+0x501/0x1200 [ 107.267384][ T4840] ext4_file_write_iter+0xac3/0x1200 [ 107.272664][ T4840] ? ext4_file_write_iter+0x501/0x1200 [ 107.278121][ T4840] do_iter_readv_writev+0x2de/0x380 [ 107.283348][ T4840] do_iter_write+0x192/0x5c0 [ 107.287918][ T4840] ? splice_from_pipe_next+0x34f/0x3b0 [ 107.293421][ T4840] ? kmalloc_array+0x2d/0x40 [ 107.297994][ T4840] vfs_iter_write+0x4c/0x70 [ 107.302500][ T4840] iter_file_splice_write+0x43a/0x790 [ 107.307866][ T4840] ? splice_from_pipe+0xd0/0xd0 [ 107.312708][ T4840] direct_splice_actor+0x80/0xa0 [ 107.317642][ T4840] splice_direct_to_actor+0x345/0x650 [ 107.323025][ T4840] ? do_splice_direct+0x190/0x190 [ 107.328107][ T4840] do_splice_direct+0x106/0x190 [ 107.333074][ T4840] do_sendfile+0x675/0xc40 [ 107.337515][ T4840] __x64_sys_sendfile64+0x102/0x140 [ 107.342694][ T4840] do_syscall_64+0x44/0xa0 [ 107.347172][ T4840] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 107.353071][ T4840] RIP: 0033:0x7fc85c531ae9 [ 107.357696][ T4840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 107.377647][ T4840] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 107.386042][ T4840] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 107.394001][ T4840] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 107.401961][ T4840] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 107.409913][ T4840] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 107.417873][ T4840] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 107.425905][ T4840] 07:33:34 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 1) 07:33:34 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x1200, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:34 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x400000000000000, 0x7fff) 07:33:34 executing program 2: pwritev(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000000)="07c6d4a4e671254fdf27b8ddb82ef3859d7883b8e57e85c9df4b81def119aa79401d5d1c7e902a059d47d9ea", 0x2c}, {&(0x7f0000000040)="95f8d94a63d55a1252b0ea4c16c0caef76a1f14235dae5f8e330624f09ddf9b80e0ab4ab553f71b1cf9c28b6e9fbfce55aea10b416cc9bf34dadf8b557f198b6ce6bb88f49ae4c51c5ae43badd01d2aa1ae48472641196505518249e21df5d28e19ea7230b1a8185c9bf1a6f85711dfa2182ba40481034a835af5356d753a1c488c941fa2445c5db6006f409ecefe9618697de38a67738b6b543bcd7409854d29106bd2d1762a936117ad12eebb975dbdf7efb2d04a7fb", 0xb7}, {&(0x7f0000000100)}, {&(0x7f0000000140)="146375e8bdb16ad6eb202f7c250499b3aa7330bd4535e2d34b12f2da998f946ea59a6ddf09116599aac6ea503a3fa92b2a1b605f5ebfbc36b8114e1acd4c5cbc47b7309c675bb2bcfc8199c282cb5fa6218e231499af9387f4692dbb94c8a0c1c256bd78a490920923525f9b457f136afc00ff0f285cd0565189202381a00e710ff011eac727cb89e8e7d5166646feedb1e5efbb", 0x94}, {&(0x7f00000002c0)="93ca91d07b0fce623f791062c82ba7797b655fd62d90a6c0a61209983134b791f1783c804be3d1c5aa2f585e24d8c1c8a8f650c5d91f1616d6873bb160b9c562d1bad17410dd8110642b2b181a0f8c231158554ab334f770597b3be4d086b580954e6ac9b3469f16556b36d5a3845ff673e073e21882b9135abf911d8f041db6c4a56db91ba645b9fa439ed665de8c73a85c0f4f7e5655866c2e1ba9f2ec2de483c53f7834787a49a13ec2fd5dcb99ef859d87ac14b5d4d652ff6f037fff8ab96a510725434a1912ec725d3f316e9e687be795a8e6b1dd3a961f4cf6b0d9568ee4e1db2c6efa7ed1", 0xe8}], 0x5, 0x4, 0x9) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) chdir(&(0x7f0000000200)='./file0\x00') umount2(&(0x7f0000000240)='./file0\x00', 0xb) umount2(&(0x7f0000000100)='./file0\x00', 0x7) 07:33:34 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 35) 07:33:34 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) [ 107.594438][ T4851] FAULT_INJECTION: forcing a failure. [ 107.594438][ T4851] name failslab, interval 1, probability 0, space 0, times 0 [ 107.607185][ T4851] CPU: 1 PID: 4851 Comm: syz-executor.4 Not tainted 5.15.0-syzkaller #0 [ 107.615599][ T4851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 107.625713][ T4851] Call Trace: [ 107.628992][ T4851] [ 107.631916][ T4851] dump_stack_lvl+0xd6/0x122 [ 107.636511][ T4851] dump_stack+0x11/0x1b [ 107.640684][ T4851] should_fail+0x23c/0x250 [ 107.645113][ T4851] ? alloc_pipe_info+0xac/0x350 [ 107.649963][ T4851] __should_failslab+0x81/0x90 [ 107.654868][ T4851] should_failslab+0x5/0x20 [ 107.659375][ T4851] kmem_cache_alloc_trace+0x52/0x350 [ 107.664696][ T4851] alloc_pipe_info+0xac/0x350 [ 107.669605][ T4851] splice_direct_to_actor+0x5f7/0x650 [ 107.674988][ T4851] ? security_file_permission+0x7c/0xa0 [ 107.680535][ T4851] ? do_splice_direct+0x190/0x190 [ 107.685576][ T4851] ? security_file_permission+0x87/0xa0 [ 107.691159][ T4851] do_splice_direct+0x106/0x190 [ 107.696077][ T4851] do_sendfile+0x675/0xc40 [ 107.700495][ T4851] __x64_sys_sendfile64+0x102/0x140 [ 107.705695][ T4851] do_syscall_64+0x44/0xa0 [ 107.710117][ T4851] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 107.716099][ T4851] RIP: 0033:0x7ff74685bae9 [ 107.720657][ T4851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 07:33:34 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x500000000000000, 0x7fff) 07:33:34 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:34 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x700000000000000, 0x7fff) 07:33:34 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x1800, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:34 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x800000000000000, 0x7fff) 07:33:34 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xa00000000000000, 0x7fff) [ 107.740394][ T4851] RSP: 002b:00007ff7445d2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 107.748805][ T4851] RAX: ffffffffffffffda RBX: 00007ff74696ef60 RCX: 00007ff74685bae9 [ 107.756775][ T4851] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 107.764873][ T4851] RBP: 00007ff7445d21d0 R08: 0000000000000000 R09: 0000000000000000 [ 107.772916][ T4851] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 107.781125][ T4851] R13: 00007fff4588734f R14: 00007ff7445d2300 R15: 0000000000022000 [ 107.789528][ T4851] 07:33:34 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 2) 07:33:34 executing program 2: ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000100)=ANY=[@ANYBLOB="c490ed3a8eb89d7505a304000000f9ffffff0a000000e13894470b03d194e467f0f328ec1c8b16296d14"]) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) ioctl$BLKIOMIN(0xffffffffffffffff, 0x1278, &(0x7f0000000080)) ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x1, 0x9, 0x5, 0xfffff7bc, 0x7, "910ee953be4c86da9188b45a8aeb9bfccb9856", 0x0, 0x7}) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f00000000c0)) 07:33:34 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x1200000000000000, 0x7fff) 07:33:34 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x2000000000000000, 0x7fff) [ 107.808165][ T4860] FAULT_INJECTION: forcing a failure. [ 107.808165][ T4860] name failslab, interval 1, probability 0, space 0, times 0 [ 107.820810][ T4860] CPU: 1 PID: 4860 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 107.829185][ T4860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 107.839238][ T4860] Call Trace: [ 107.842782][ T4860] [ 107.845750][ T4860] dump_stack_lvl+0xd6/0x122 [ 107.850347][ T4860] dump_stack+0x11/0x1b [ 107.854579][ T4860] should_fail+0x23c/0x250 [ 107.859023][ T4860] ? ext4_mb_new_blocks+0x73e/0x1ee0 [ 107.864312][ T4860] __should_failslab+0x81/0x90 [ 107.869165][ T4860] should_failslab+0x5/0x20 [ 107.873735][ T4860] kmem_cache_alloc+0x4f/0x320 [ 107.878508][ T4860] ext4_mb_new_blocks+0x73e/0x1ee0 [ 107.883638][ T4860] ? ext4_find_extent+0x7b2/0x7f0 [ 107.885340][ T4885] FAULT_INJECTION: forcing a failure. [ 107.885340][ T4885] name failslab, interval 1, probability 0, space 0, times 0 [ 107.888710][ T4860] ? ext4_ext_search_right+0x246/0x540 [ 107.888799][ T4860] ext4_ext_map_blocks+0x15f4/0x20a0 [ 107.912245][ T4860] ? ext4_es_lookup_extent+0x221/0x500 [ 107.917772][ T4860] ext4_map_blocks+0x71e/0xf00 [ 107.922571][ T4860] ext4_iomap_begin+0x4b0/0x630 [ 107.927411][ T4860] ? ext4_alloc_da_blocks+0x100/0x100 [ 107.932823][ T4860] iomap_iter+0x395/0x4a0 [ 107.937233][ T4860] __iomap_dio_rw+0x695/0x1070 [ 107.942052][ T4860] ? debug_smp_processor_id+0x18/0x20 [ 107.947480][ T4860] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 107.953714][ T4860] iomap_dio_rw+0x38/0x80 [ 107.958027][ T4860] ? ext4_file_write_iter+0x501/0x1200 [ 107.963473][ T4860] ext4_file_write_iter+0xac3/0x1200 [ 107.968834][ T4860] ? ext4_file_write_iter+0x501/0x1200 [ 107.974289][ T4860] do_iter_readv_writev+0x2de/0x380 [ 107.979519][ T4860] do_iter_write+0x192/0x5c0 [ 107.984167][ T4860] ? splice_from_pipe_next+0x34f/0x3b0 [ 107.989657][ T4860] ? kmalloc_array+0x2d/0x40 [ 107.994236][ T4860] vfs_iter_write+0x4c/0x70 [ 107.998720][ T4860] iter_file_splice_write+0x43a/0x790 [ 108.004095][ T4860] ? splice_from_pipe+0xd0/0xd0 [ 108.008950][ T4860] direct_splice_actor+0x80/0xa0 [ 108.014046][ T4860] splice_direct_to_actor+0x345/0x650 [ 108.019405][ T4860] ? do_splice_direct+0x190/0x190 [ 108.024448][ T4860] do_splice_direct+0x106/0x190 [ 108.029283][ T4860] do_sendfile+0x675/0xc40 [ 108.033684][ T4860] __x64_sys_sendfile64+0x102/0x140 [ 108.038867][ T4860] do_syscall_64+0x44/0xa0 [ 108.043285][ T4860] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 108.049199][ T4860] RIP: 0033:0x7fc85c531ae9 [ 108.053600][ T4860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 108.073240][ T4860] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 108.081642][ T4860] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 108.089600][ T4860] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 108.097558][ T4860] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 108.105517][ T4860] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 108.113556][ T4860] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 108.121528][ T4860] [ 108.124543][ T4885] CPU: 0 PID: 4885 Comm: syz-executor.4 Not tainted 5.15.0-syzkaller #0 [ 108.129258][ T23] audit: type=1400 audit(1636443214.821:160): avc: denied { unlink } for pid=365 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 07:33:34 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 36) 07:33:34 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x8102000000000000, 0x7fff) 07:33:34 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x2000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 108.132870][ T4885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 108.165143][ T4885] Call Trace: [ 108.168417][ T4885] [ 108.171347][ T4885] dump_stack_lvl+0xd6/0x122 [ 108.175937][ T4885] dump_stack+0x11/0x1b [ 108.180167][ T4885] should_fail+0x23c/0x250 [ 108.184639][ T4885] ? kcalloc+0x32/0x40 [ 108.188961][ T4885] __should_failslab+0x81/0x90 [ 108.193847][ T4885] should_failslab+0x5/0x20 [ 108.198355][ T4885] __kmalloc+0x6f/0x370 [ 108.202579][ T4885] ? kmem_cache_alloc_trace+0x24b/0x350 [ 108.208196][ T4885] kcalloc+0x32/0x40 [ 108.212153][ T4885] alloc_pipe_info+0x1be/0x350 [ 108.216919][ T4885] splice_direct_to_actor+0x5f7/0x650 [ 108.222296][ T4885] ? security_file_permission+0x7c/0xa0 [ 108.227846][ T4885] ? do_splice_direct+0x190/0x190 [ 108.232871][ T4885] ? security_file_permission+0x87/0xa0 [ 108.235956][ T4890] FAULT_INJECTION: forcing a failure. [ 108.235956][ T4890] name failslab, interval 1, probability 0, space 0, times 0 [ 108.238418][ T4885] do_splice_direct+0x106/0x190 [ 108.238444][ T4885] do_sendfile+0x675/0xc40 [ 108.260354][ T4885] __x64_sys_sendfile64+0x102/0x140 [ 108.265612][ T4885] do_syscall_64+0x44/0xa0 [ 108.270017][ T4885] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 108.275905][ T4885] RIP: 0033:0x7ff74685bae9 [ 108.280312][ T4885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 108.299963][ T4885] RSP: 002b:00007ff7445d2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 108.308409][ T4885] RAX: ffffffffffffffda RBX: 00007ff74696ef60 RCX: 00007ff74685bae9 [ 108.316363][ T4885] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 108.324472][ T4885] RBP: 00007ff7445d21d0 R08: 0000000000000000 R09: 0000000000000000 [ 108.332454][ T4885] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 108.340429][ T4885] R13: 00007fff4588734f R14: 00007ff7445d2300 R15: 0000000000022000 [ 108.348383][ T4885] [ 108.351384][ T4890] CPU: 1 PID: 4890 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 108.359742][ T4890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 108.369796][ T4890] Call Trace: [ 108.373292][ T4890] [ 108.376257][ T4890] dump_stack_lvl+0xd6/0x122 [ 108.380919][ T4890] dump_stack+0x11/0x1b [ 108.385171][ T4890] should_fail+0x23c/0x250 [ 108.389578][ T4890] ? __es_insert_extent+0x546/0xe80 [ 108.394768][ T4890] __should_failslab+0x81/0x90 [ 108.399618][ T4890] should_failslab+0x5/0x20 [ 108.404109][ T4890] kmem_cache_alloc+0x4f/0x320 [ 108.409075][ T4890] __es_insert_extent+0x546/0xe80 [ 108.414082][ T4890] ext4_es_insert_extent+0x1cb/0x19c0 [ 108.419479][ T4890] ext4_map_blocks+0xa5d/0xf00 [ 108.424222][ T4890] ext4_iomap_begin+0x4b0/0x630 [ 108.429052][ T4890] ? ext4_alloc_da_blocks+0x100/0x100 [ 108.434440][ T4890] iomap_iter+0x395/0x4a0 [ 108.438790][ T4890] __iomap_dio_rw+0x695/0x1070 [ 108.443537][ T4890] ? debug_smp_processor_id+0x18/0x20 [ 108.448883][ T4890] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 108.454820][ T4890] iomap_dio_rw+0x38/0x80 [ 108.459152][ T4890] ? ext4_file_write_iter+0x501/0x1200 [ 108.464643][ T4890] ext4_file_write_iter+0xac3/0x1200 [ 108.470028][ T4890] ? ext4_file_write_iter+0x501/0x1200 [ 108.475492][ T4890] do_iter_readv_writev+0x2de/0x380 [ 108.480774][ T4890] do_iter_write+0x192/0x5c0 [ 108.485385][ T4890] ? splice_from_pipe_next+0x34f/0x3b0 [ 108.490988][ T4890] ? kmalloc_array+0x2d/0x40 [ 108.495585][ T4890] vfs_iter_write+0x4c/0x70 [ 108.500495][ T4890] iter_file_splice_write+0x43a/0x790 [ 108.505910][ T4890] ? splice_from_pipe+0xd0/0xd0 [ 108.510789][ T4890] direct_splice_actor+0x80/0xa0 [ 108.515722][ T4890] splice_direct_to_actor+0x345/0x650 [ 108.521089][ T4890] ? do_splice_direct+0x190/0x190 [ 108.526097][ T4890] do_splice_direct+0x106/0x190 [ 108.530949][ T4890] do_sendfile+0x675/0xc40 [ 108.535396][ T4890] __x64_sys_sendfile64+0x102/0x140 [ 108.540969][ T4890] do_syscall_64+0x44/0xa0 [ 108.545436][ T4890] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 108.551566][ T4890] RIP: 0033:0x7fc85c531ae9 [ 108.555963][ T4890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 108.575811][ T4890] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 108.584209][ T4890] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 108.592251][ T4890] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 108.600305][ T4890] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 07:33:35 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:35 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0xffffffffffffff73, 0xffffffffffffffff, {0x1, 0xff}}, './file0\x00'}) getsockname(r0, &(0x7f0000000040)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x80) geteuid() mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x806400, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[], [{@audit}, {@dont_measure}, {@dont_measure}]}}) ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, &(0x7f00000002c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) 07:33:35 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x8300000000000000, 0x7fff) 07:33:35 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 3) [ 108.608296][ T4890] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 108.616299][ T4890] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 108.624264][ T4890] 07:33:35 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) creat(&(0x7f0000000080)='./file0\x00', 0x4) lremovexattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='trusted.overlay.nlink\x00') 07:33:35 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x2200, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:35 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xd53f010000000000, 0x7fff) [ 108.664013][ T4898] FAULT_INJECTION: forcing a failure. [ 108.664013][ T4898] name failslab, interval 1, probability 0, space 0, times 0 [ 108.676757][ T4898] CPU: 1 PID: 4898 Comm: syz-executor.4 Not tainted 5.15.0-syzkaller #0 [ 108.685152][ T4898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 108.695229][ T4898] Call Trace: [ 108.698569][ T4898] [ 108.701631][ T4898] dump_stack_lvl+0xd6/0x122 [ 108.706263][ T4898] dump_stack+0x11/0x1b 07:33:35 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) ioctl$EVIOCGPHYS(r0, 0x80404507, &(0x7f0000000000)=""/151) 07:33:35 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xf4ffffff00000000, 0x7fff) [ 108.710453][ T4898] should_fail+0x23c/0x250 [ 108.714905][ T4898] ? kmalloc_array+0x2d/0x40 [ 108.719586][ T4898] __should_failslab+0x81/0x90 [ 108.724376][ T4898] should_failslab+0x5/0x20 [ 108.729083][ T4898] __kmalloc+0x6f/0x370 [ 108.733242][ T4898] kmalloc_array+0x2d/0x40 [ 108.737754][ T4898] iter_file_splice_write+0xd5/0x790 [ 108.743064][ T4898] ? atime_needs_update+0x2ba/0x390 [ 108.748319][ T4898] ? touch_atime+0x11f/0x2e0 [ 108.752927][ T4898] ? generic_file_splice_read+0x2a9/0x330 [ 108.758648][ T4898] ? splice_from_pipe+0xd0/0xd0 [ 108.763512][ T4898] direct_splice_actor+0x80/0xa0 [ 108.768452][ T4898] splice_direct_to_actor+0x345/0x650 [ 108.773829][ T4898] ? do_splice_direct+0x190/0x190 [ 108.778850][ T4898] do_splice_direct+0x106/0x190 [ 108.783698][ T4898] do_sendfile+0x675/0xc40 [ 108.788598][ T4898] __x64_sys_sendfile64+0x102/0x140 [ 108.793805][ T4898] do_syscall_64+0x44/0xa0 [ 108.798315][ T4898] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 108.804358][ T4898] RIP: 0033:0x7ff74685bae9 [ 108.808950][ T4898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 108.828560][ T4898] RSP: 002b:00007ff7445d2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 108.837034][ T4898] RAX: ffffffffffffffda RBX: 00007ff74696ef60 RCX: 00007ff74685bae9 [ 108.845089][ T4898] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 108.853037][ T4898] RBP: 00007ff7445d21d0 R08: 0000000000000000 R09: 0000000000000000 [ 108.860985][ T4898] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 108.869111][ T4898] R13: 00007fff4588734f R14: 00007ff7445d2300 R15: 0000000000022000 [ 108.877095][ T4898] 07:33:35 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 37) 07:33:35 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x10) setxattr$trusted_overlay_redirect(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x8, 0x1) 07:33:35 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xfbffffff00000000, 0x7fff) [ 109.025890][ T4922] FAULT_INJECTION: forcing a failure. [ 109.025890][ T4922] name failslab, interval 1, probability 0, space 0, times 0 [ 109.038632][ T4922] CPU: 1 PID: 4922 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 109.047038][ T4922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 109.057074][ T4922] Call Trace: [ 109.060334][ T4922] [ 109.063248][ T4922] dump_stack_lvl+0xd6/0x122 [ 109.068030][ T4922] dump_stack+0x11/0x1b [ 109.072163][ T4922] should_fail+0x23c/0x250 [ 109.076559][ T4922] ? mempool_alloc_slab+0x16/0x20 [ 109.081690][ T4922] __should_failslab+0x81/0x90 [ 109.086615][ T4922] should_failslab+0x5/0x20 [ 109.091221][ T4922] kmem_cache_alloc+0x4f/0x320 [ 109.095974][ T4922] mempool_alloc_slab+0x16/0x20 [ 109.100873][ T4922] ? mempool_free+0x130/0x130 [ 109.105531][ T4922] mempool_alloc+0x9d/0x310 [ 109.110020][ T4922] sg_pool_alloc+0x74/0x90 [ 109.114577][ T4922] __sg_alloc_table+0xce/0x290 [ 109.119380][ T4922] sg_alloc_table_chained+0xaf/0x140 [ 109.124659][ T4922] ? sg_alloc_table_chained+0x140/0x140 [ 109.130268][ T4922] scsi_alloc_sgtables+0x18a/0x510 [ 109.135381][ T4922] ? ext4_mark_iloc_dirty+0x160c/0x16e0 [ 109.140945][ T4922] sd_init_command+0x90e/0x15b0 [ 109.145789][ T4922] scsi_queue_rq+0x101b/0x14d0 [ 109.150612][ T4922] blk_mq_dispatch_rq_list+0x534/0x11d0 [ 109.156144][ T4922] ? __sbitmap_queue_get+0x11/0x20 [ 109.161290][ T4922] blk_mq_do_dispatch_sched+0x446/0x6d0 [ 109.166977][ T4922] __blk_mq_sched_dispatch_requests+0x1ca/0x270 [ 109.173307][ T4922] blk_mq_sched_dispatch_requests+0x9f/0x110 [ 109.179271][ T4922] __blk_mq_run_hw_queue+0xc1/0x140 [ 109.184461][ T4922] __blk_mq_delay_run_hw_queue+0x199/0x360 [ 109.190246][ T4922] ? __rcu_read_unlock+0x5c/0x290 [ 109.195294][ T4922] blk_mq_run_hw_queue+0x231/0x260 [ 109.200570][ T4922] blk_mq_sched_insert_requests+0x130/0x200 [ 109.206520][ T4922] blk_mq_flush_plug_list+0x372/0x460 [ 109.211943][ T4922] blk_flush_plug+0x252/0x2b0 [ 109.216712][ T4922] ? ext4_iomap_end+0x33/0x50 [ 109.221428][ T4922] blk_finish_plug+0x44/0x60 [ 109.226002][ T4922] __iomap_dio_rw+0xcad/0x1070 [ 109.230757][ T4922] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 109.236566][ T4922] iomap_dio_rw+0x38/0x80 [ 109.240921][ T4922] ? ext4_file_write_iter+0x501/0x1200 [ 109.246373][ T4922] ext4_file_write_iter+0xac3/0x1200 [ 109.251645][ T4922] ? ext4_file_write_iter+0x501/0x1200 [ 109.257152][ T4922] do_iter_readv_writev+0x2de/0x380 [ 109.262325][ T4922] do_iter_write+0x192/0x5c0 [ 109.266955][ T4922] ? splice_from_pipe_next+0x34f/0x3b0 [ 109.272425][ T4922] ? kmalloc_array+0x2d/0x40 [ 109.276993][ T4922] vfs_iter_write+0x4c/0x70 [ 109.281473][ T4922] iter_file_splice_write+0x43a/0x790 [ 109.286890][ T4922] ? splice_from_pipe+0xd0/0xd0 [ 109.291730][ T4922] direct_splice_actor+0x80/0xa0 [ 109.296696][ T4922] splice_direct_to_actor+0x345/0x650 [ 109.302052][ T4922] ? do_splice_direct+0x190/0x190 [ 109.307067][ T4922] do_splice_direct+0x106/0x190 [ 109.311995][ T4922] do_sendfile+0x675/0xc40 [ 109.316410][ T4922] __x64_sys_sendfile64+0x102/0x140 [ 109.321584][ T4922] do_syscall_64+0x44/0xa0 [ 109.326044][ T4922] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 109.331948][ T4922] RIP: 0033:0x7fc85c531ae9 [ 109.336341][ T4922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 109.355949][ T4922] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 109.364345][ T4922] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 07:33:36 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:36 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 4) 07:33:36 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) ioctl$SCSI_IOCTL_PROBE_HOST(r0, 0x5385, &(0x7f0000000000)={0x1b, ""/27}) 07:33:36 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x2500, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:36 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xfeffffff00000000, 0x7fff) [ 109.372296][ T4922] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 109.380248][ T4922] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 109.388199][ T4922] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 109.396174][ T4922] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 109.404186][ T4922] 07:33:36 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x2e00, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 109.477917][ T4930] FAULT_INJECTION: forcing a failure. [ 109.477917][ T4930] name failslab, interval 1, probability 0, space 0, times 0 [ 109.490909][ T4930] CPU: 0 PID: 4930 Comm: syz-executor.4 Not tainted 5.15.0-syzkaller #0 [ 109.499233][ T4930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 109.509449][ T4930] Call Trace: [ 109.512730][ T4930] [ 109.515715][ T4930] dump_stack_lvl+0xd6/0x122 [ 109.520473][ T4930] dump_stack+0x11/0x1b 07:33:36 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x2) 07:33:36 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xff01000000000000, 0x7fff) 07:33:36 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xff7f000000000000, 0x7fff) [ 109.524617][ T4930] should_fail+0x23c/0x250 [ 109.529197][ T4930] ? jbd2__journal_start+0xf7/0x3f0 [ 109.534452][ T4930] __should_failslab+0x81/0x90 [ 109.539443][ T4930] should_failslab+0x5/0x20 [ 109.543961][ T4930] kmem_cache_alloc+0x4f/0x320 [ 109.548779][ T4930] jbd2__journal_start+0xf7/0x3f0 [ 109.553831][ T4930] __ext4_journal_start_sb+0x159/0x310 [ 109.559313][ T4930] ? ext4_file_write_iter+0x501/0x1200 [ 109.564779][ T4930] ext4_file_write_iter+0x992/0x1200 [ 109.570129][ T4930] ? ext4_file_write_iter+0x501/0x1200 [ 109.575601][ T4930] do_iter_readv_writev+0x2de/0x380 [ 109.580894][ T4930] do_iter_write+0x192/0x5c0 [ 109.585563][ T4930] ? splice_from_pipe_next+0x34f/0x3b0 [ 109.591079][ T4930] ? kmalloc_array+0x2d/0x40 [ 109.595752][ T4930] vfs_iter_write+0x4c/0x70 [ 109.600283][ T4930] iter_file_splice_write+0x43a/0x790 [ 109.605696][ T4930] ? splice_from_pipe+0xd0/0xd0 [ 109.610589][ T4930] direct_splice_actor+0x80/0xa0 [ 109.615539][ T4930] splice_direct_to_actor+0x345/0x650 [ 109.620917][ T4930] ? do_splice_direct+0x190/0x190 07:33:36 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 38) 07:33:36 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xffffff7f00000000, 0x7fff) 07:33:36 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) [ 109.626002][ T4930] do_splice_direct+0x106/0x190 [ 109.630863][ T4930] do_sendfile+0x675/0xc40 [ 109.635285][ T4930] __x64_sys_sendfile64+0x102/0x140 [ 109.640529][ T4930] do_syscall_64+0x44/0xa0 [ 109.644954][ T4930] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 109.650942][ T4930] RIP: 0033:0x7ff74685bae9 [ 109.655358][ T4930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 07:33:36 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xffffffff00000000, 0x7fff) [ 109.675053][ T4930] RSP: 002b:00007ff7445d2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 109.683527][ T4930] RAX: ffffffffffffffda RBX: 00007ff74696ef60 RCX: 00007ff74685bae9 [ 109.691499][ T4930] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 109.699504][ T4930] RBP: 00007ff7445d21d0 R08: 0000000000000000 R09: 0000000000000000 [ 109.707477][ T4930] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 109.715452][ T4930] R13: 00007fff4588734f R14: 00007ff7445d2300 R15: 0000000000022000 [ 109.723486][ T4930] 07:33:36 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 5) 07:33:36 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:36 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) 07:33:36 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x8800000) [ 109.771901][ T4948] FAULT_INJECTION: forcing a failure. [ 109.771901][ T4948] name failslab, interval 1, probability 0, space 0, times 0 [ 109.784560][ T4948] CPU: 0 PID: 4948 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 109.792887][ T4948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 109.802938][ T4948] Call Trace: [ 109.806218][ T4948] [ 109.809166][ T4948] dump_stack_lvl+0xd6/0x122 [ 109.813758][ T4948] dump_stack+0x11/0x1b [ 109.818040][ T4948] should_fail+0x23c/0x250 [ 109.822529][ T4948] ? kmalloc_array+0x2d/0x40 [ 109.827195][ T4948] __should_failslab+0x81/0x90 [ 109.831970][ T4948] should_failslab+0x5/0x20 [ 109.836525][ T4948] __kmalloc+0x6f/0x370 [ 109.840773][ T4948] kmalloc_array+0x2d/0x40 [ 109.845235][ T4948] iter_file_splice_write+0xd5/0x790 [ 109.850562][ T4948] ? atime_needs_update+0x2ba/0x390 [ 109.852859][ T4961] FAULT_INJECTION: forcing a failure. [ 109.852859][ T4961] name failslab, interval 1, probability 0, space 0, times 0 [ 109.855823][ T4948] ? touch_atime+0x11f/0x2e0 [ 109.873105][ T4948] ? generic_file_splice_read+0x2a9/0x330 [ 109.878961][ T4948] ? splice_from_pipe+0xd0/0xd0 [ 109.883797][ T4948] direct_splice_actor+0x80/0xa0 [ 109.888725][ T4948] splice_direct_to_actor+0x345/0x650 [ 109.894118][ T4948] ? do_splice_direct+0x190/0x190 [ 109.899178][ T4948] do_splice_direct+0x106/0x190 [ 109.904018][ T4948] do_sendfile+0x675/0xc40 [ 109.908447][ T4948] __x64_sys_sendfile64+0x102/0x140 [ 109.913631][ T4948] do_syscall_64+0x44/0xa0 [ 109.918126][ T4948] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 109.924027][ T4948] RIP: 0033:0x7fc85c531ae9 [ 109.928427][ T4948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 109.948024][ T4948] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 109.956490][ T4948] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 109.964444][ T4948] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 109.972410][ T4948] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 109.980381][ T4948] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 109.988335][ T4948] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 109.996381][ T4948] [ 109.999414][ T4961] CPU: 1 PID: 4961 Comm: syz-executor.4 Not tainted 5.15.0-syzkaller #0 [ 110.007741][ T4961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 110.018054][ T4961] Call Trace: [ 110.021331][ T4961] [ 110.024259][ T4961] dump_stack_lvl+0xd6/0x122 [ 110.028887][ T4961] dump_stack+0x11/0x1b [ 110.033075][ T4961] should_fail+0x23c/0x250 [ 110.037495][ T4961] ? __iomap_dio_rw+0x143/0x1070 [ 110.042470][ T4961] __should_failslab+0x81/0x90 [ 110.047241][ T4961] should_failslab+0x5/0x20 [ 110.051885][ T4961] kmem_cache_alloc_trace+0x52/0x350 [ 110.057213][ T4961] ? jbd2_journal_dirty_metadata+0x218/0x690 [ 110.063288][ T4961] __iomap_dio_rw+0x143/0x1070 [ 110.068067][ T4961] ? preempt_count_add+0x4e/0x90 [ 110.073062][ T4961] ? debug_smp_processor_id+0x18/0x20 [ 110.078445][ T4961] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 110.084293][ T4961] iomap_dio_rw+0x38/0x80 [ 110.088638][ T4961] ? ext4_file_write_iter+0x501/0x1200 [ 110.094170][ T4961] ext4_file_write_iter+0xac3/0x1200 [ 110.099543][ T4961] ? ext4_file_write_iter+0x501/0x1200 [ 110.105027][ T4961] do_iter_readv_writev+0x2de/0x380 [ 110.110236][ T4961] do_iter_write+0x192/0x5c0 [ 110.114833][ T4961] ? splice_from_pipe_next+0x34f/0x3b0 [ 110.120367][ T4961] ? kmalloc_array+0x2d/0x40 [ 110.124966][ T4961] vfs_iter_write+0x4c/0x70 [ 110.129477][ T4961] iter_file_splice_write+0x43a/0x790 [ 110.134866][ T4961] ? splice_from_pipe+0xd0/0xd0 [ 110.139718][ T4961] direct_splice_actor+0x80/0xa0 [ 110.144660][ T4961] splice_direct_to_actor+0x345/0x650 [ 110.150102][ T4961] ? do_splice_direct+0x190/0x190 [ 110.155308][ T4961] do_splice_direct+0x106/0x190 [ 110.160167][ T4961] do_sendfile+0x675/0xc40 [ 110.164629][ T4961] __x64_sys_sendfile64+0x102/0x140 [ 110.169835][ T4961] do_syscall_64+0x44/0xa0 [ 110.174261][ T4961] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 110.180207][ T4961] RIP: 0033:0x7ff74685bae9 [ 110.184655][ T4961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 110.204268][ T4961] RSP: 002b:00007ff7445d2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 110.212712][ T4961] RAX: ffffffffffffffda RBX: 00007ff74696ef60 RCX: 00007ff74685bae9 07:33:36 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x3f00, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:36 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) 07:33:36 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0xffffffff000) 07:33:36 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) (fail_nth: 39) [ 110.220681][ T4961] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 110.228649][ T4961] RBP: 00007ff7445d21d0 R08: 0000000000000000 R09: 0000000000000000 [ 110.236856][ T4961] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 110.244859][ T4961] R13: 00007fff4588734f R14: 00007ff7445d2300 R15: 0000000000022000 [ 110.252833][ T4961] [ 110.278699][ T4967] FAULT_INJECTION: forcing a failure. [ 110.278699][ T4967] name failslab, interval 1, probability 0, space 0, times 0 [ 110.291414][ T4967] CPU: 1 PID: 4967 Comm: syz-executor.5 Not tainted 5.15.0-syzkaller #0 [ 110.299779][ T4967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 110.309833][ T4967] Call Trace: [ 110.313111][ T4967] [ 110.316039][ T4967] dump_stack_lvl+0xd6/0x122 [ 110.320638][ T4967] dump_stack+0x11/0x1b [ 110.324844][ T4967] should_fail+0x23c/0x250 [ 110.329341][ T4967] ? jbd2__journal_start+0xf7/0x3f0 [ 110.333387][ T4973] FAULT_INJECTION: forcing a failure. [ 110.333387][ T4973] name failslab, interval 1, probability 0, space 0, times 0 [ 110.334543][ T4967] __should_failslab+0x81/0x90 [ 110.334576][ T4967] should_failslab+0x5/0x20 [ 110.334598][ T4967] kmem_cache_alloc+0x4f/0x320 [ 110.361297][ T4967] jbd2__journal_start+0xf7/0x3f0 [ 110.366328][ T4967] __ext4_journal_start_sb+0x159/0x310 [ 110.371798][ T4967] ? ext4_expand_extra_isize+0x560/0x560 [ 110.377482][ T4967] ext4_dirty_inode+0x58/0xa0 [ 110.382211][ T4967] __mark_inode_dirty+0x72/0x6c0 [ 110.387174][ T4967] ? ktime_get_coarse_real_ts64+0x10d/0x120 [ 110.393085][ T4967] inode_update_time+0x1b4/0x1d0 [ 110.398009][ T4967] file_update_time+0x1f3/0x230 [ 110.402872][ T4967] file_modified+0x62/0x80 [ 110.407329][ T4967] ext4_file_write_iter+0x795/0x1200 [ 110.412676][ T4967] ? ext4_file_write_iter+0x501/0x1200 [ 110.418133][ T4967] do_iter_readv_writev+0x2de/0x380 [ 110.423370][ T4967] do_iter_write+0x192/0x5c0 [ 110.427941][ T4967] ? splice_from_pipe_next+0x34f/0x3b0 [ 110.433460][ T4967] ? kmalloc_array+0x2d/0x40 [ 110.438126][ T4967] vfs_iter_write+0x4c/0x70 [ 110.442677][ T4967] iter_file_splice_write+0x43a/0x790 [ 110.448055][ T4967] ? splice_from_pipe+0xd0/0xd0 [ 110.452968][ T4967] direct_splice_actor+0x80/0xa0 [ 110.457903][ T4967] splice_direct_to_actor+0x345/0x650 [ 110.463333][ T4967] ? do_splice_direct+0x190/0x190 [ 110.468367][ T4967] do_splice_direct+0x106/0x190 [ 110.473254][ T4967] do_sendfile+0x675/0xc40 [ 110.477656][ T4967] __x64_sys_sendfile64+0x102/0x140 [ 110.482866][ T4967] do_syscall_64+0x44/0xa0 [ 110.487327][ T4967] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 110.493326][ T4967] RIP: 0033:0x7fc85c531ae9 [ 110.497785][ T4967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 110.517445][ T4967] RSP: 002b:00007fc85a2a8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 07:33:37 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 6) [ 110.525840][ T4967] RAX: ffffffffffffffda RBX: 00007fc85c644f60 RCX: 00007fc85c531ae9 [ 110.533792][ T4967] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 110.541761][ T4967] RBP: 00007fc85a2a81d0 R08: 0000000000000000 R09: 0000000000000000 [ 110.549729][ T4967] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000002 [ 110.557683][ T4967] R13: 00007ffcaef33c4f R14: 00007fc85a2a8300 R15: 0000000000022000 [ 110.565640][ T4967] [ 110.568644][ T4973] CPU: 0 PID: 4973 Comm: syz-executor.4 Not tainted 5.15.0-syzkaller #0 [ 110.577033][ T4973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 110.587100][ T4973] Call Trace: [ 110.590380][ T4973] [ 110.593363][ T4973] dump_stack_lvl+0xd6/0x122 [ 110.597955][ T4973] dump_stack+0x11/0x1b [ 110.602189][ T4973] should_fail+0x23c/0x250 [ 110.606665][ T4973] ? jbd2__journal_start+0xf7/0x3f0 [ 110.611868][ T4973] __should_failslab+0x81/0x90 [ 110.616650][ T4973] should_failslab+0x5/0x20 [ 110.621174][ T4973] kmem_cache_alloc+0x4f/0x320 [ 110.625944][ T4973] jbd2__journal_start+0xf7/0x3f0 [ 110.630985][ T4973] __ext4_journal_start_sb+0x159/0x310 [ 110.636496][ T4973] ext4_iomap_begin+0x408/0x630 [ 110.641358][ T4973] ? ext4_alloc_da_blocks+0x100/0x100 [ 110.646747][ T4973] iomap_iter+0x395/0x4a0 [ 110.651158][ T4973] __iomap_dio_rw+0x695/0x1070 [ 110.655956][ T4973] ? debug_smp_processor_id+0x18/0x20 [ 110.661341][ T4973] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 110.667256][ T4973] iomap_dio_rw+0x38/0x80 [ 110.671605][ T4973] ? ext4_file_write_iter+0x501/0x1200 [ 110.677158][ T4973] ext4_file_write_iter+0xac3/0x1200 [ 110.682459][ T4973] ? ext4_file_write_iter+0x501/0x1200 [ 110.687940][ T4973] do_iter_readv_writev+0x2de/0x380 [ 110.693151][ T4973] do_iter_write+0x192/0x5c0 [ 110.697746][ T4973] ? splice_from_pipe_next+0x34f/0x3b0 [ 110.703209][ T4973] ? kmalloc_array+0x2d/0x40 [ 110.707807][ T4973] vfs_iter_write+0x4c/0x70 [ 110.712344][ T4973] iter_file_splice_write+0x43a/0x790 [ 110.717726][ T4973] ? splice_from_pipe+0xd0/0xd0 [ 110.722735][ T4973] direct_splice_actor+0x80/0xa0 07:33:37 executing program 3: r0 = dup(0xffffffffffffffff) r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='cgroup.events\x00', 0x275a, 0x0) fallocate(r1, 0x0, 0x0, 0x7fff) r2 = openat$cgroup_netprio_ifpriomap(r1, &(0x7f0000000040), 0x2, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x10, r2, 0x1000) 07:33:37 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:37 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x80000001) [ 110.727677][ T4973] splice_direct_to_actor+0x345/0x650 [ 110.733064][ T4973] ? do_splice_direct+0x190/0x190 [ 110.738163][ T4973] do_splice_direct+0x106/0x190 [ 110.743018][ T4973] do_sendfile+0x675/0xc40 [ 110.747526][ T4973] __x64_sys_sendfile64+0x102/0x140 [ 110.752730][ T4973] do_syscall_64+0x44/0xa0 [ 110.757167][ T4973] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 110.763097][ T4973] RIP: 0033:0x7ff74685bae9 07:33:37 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x80000001) [ 110.767529][ T4973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 110.787188][ T4973] RSP: 002b:00007ff7445d2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 110.795675][ T4973] RAX: ffffffffffffffda RBX: 00007ff74696ef60 RCX: 00007ff74685bae9 [ 110.803649][ T4973] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 110.811621][ T4973] RBP: 00007ff7445d21d0 R08: 0000000000000000 R09: 0000000000000000 [ 110.819641][ T4973] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 07:33:37 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x80000001) 07:33:37 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x1, 0x3f, 0x68, 0x3f, 0x0, 0x5, 0xa, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x9, 0x2, @perf_config_ext={0x9, 0xb8}, 0x0, 0x7, 0x3, 0x0, 0x20, 0x401, 0xfc00, 0x0, 0x3f, 0x0, 0xe35b}, 0xffffffffffffffff, 0x6, r0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x6, 0x1, 0x0, 0x77, 0x0, 0x3, 0xd0008, 0x4, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x9, 0x1, @perf_bp={&(0x7f0000000000), 0x4}, 0x4000, 0xa0fc340, 0x40, 0x9, 0x3ff, 0xdc7e, 0x81, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x4, r1, 0x2) 07:33:37 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4800, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 110.827641][ T4973] R13: 00007fff4588734f R14: 00007ff7445d2300 R15: 0000000000022000 [ 110.835788][ T4973] 07:33:37 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 7) 07:33:37 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4900, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:37 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x4, 0x0, 0x7fff) [ 110.968545][ T4993] FAULT_INJECTION: forcing a failure. [ 110.968545][ T4993] name failslab, interval 1, probability 0, space 0, times 0 [ 110.981273][ T4993] CPU: 0 PID: 4993 Comm: syz-executor.4 Not tainted 5.15.0-syzkaller #0 [ 110.989610][ T4993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 110.999804][ T4993] Call Trace: [ 111.003078][ T4993] [ 111.006008][ T4993] dump_stack_lvl+0xd6/0x122 [ 111.010612][ T4993] dump_stack+0x11/0x1b [ 111.014804][ T4993] should_fail+0x23c/0x250 [ 111.019356][ T4993] ? jbd2__journal_start+0xf7/0x3f0 [ 111.024617][ T4993] __should_failslab+0x81/0x90 [ 111.029393][ T4993] should_failslab+0x5/0x20 [ 111.033981][ T4993] kmem_cache_alloc+0x4f/0x320 [ 111.038803][ T4993] jbd2__journal_start+0xf7/0x3f0 [ 111.043831][ T4993] __ext4_journal_start_sb+0x159/0x310 [ 111.049299][ T4993] ext4_iomap_begin+0x408/0x630 [ 111.054191][ T4993] ? ext4_alloc_da_blocks+0x100/0x100 [ 111.059574][ T4993] iomap_iter+0x395/0x4a0 [ 111.063916][ T4993] __iomap_dio_rw+0x695/0x1070 [ 111.068861][ T4993] ? debug_smp_processor_id+0x18/0x20 [ 111.074331][ T4993] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 111.080217][ T4993] iomap_dio_rw+0x38/0x80 [ 111.084553][ T4993] ? ext4_file_write_iter+0x501/0x1200 [ 111.090103][ T4993] ext4_file_write_iter+0xac3/0x1200 [ 111.095507][ T4993] ? ext4_file_write_iter+0x501/0x1200 [ 111.100993][ T4993] do_iter_readv_writev+0x2de/0x380 [ 111.106255][ T4993] do_iter_write+0x192/0x5c0 [ 111.110852][ T4993] ? debug_smp_processor_id+0x18/0x20 07:33:37 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000000) 07:33:37 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, 0xffffffffffffffff, 0x0, 0x80000001) 07:33:37 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) ioctl(r1, 0x0, &(0x7f0000000000)="a73d7e989294e4c2b26343f7bc9ba7be9488477e97e011cb3eef803b75b9ceaac2014213e624af") [ 111.116249][ T4993] vfs_iter_write+0x4c/0x70 [ 111.120761][ T4993] iter_file_splice_write+0x43a/0x790 [ 111.126202][ T4993] ? splice_from_pipe+0xd0/0xd0 [ 111.131058][ T4993] direct_splice_actor+0x80/0xa0 [ 111.136088][ T4993] splice_direct_to_actor+0x345/0x650 [ 111.141578][ T4993] ? do_splice_direct+0x190/0x190 [ 111.146611][ T4993] do_splice_direct+0x106/0x190 [ 111.151561][ T4993] do_sendfile+0x675/0xc40 [ 111.155999][ T4993] __x64_sys_sendfile64+0x102/0x140 [ 111.161205][ T4993] do_syscall_64+0x44/0xa0 [ 111.165715][ T4993] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 111.171625][ T4993] RIP: 0033:0x7ff74685bae9 [ 111.176036][ T4993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 111.195667][ T4993] RSP: 002b:00007ff7445d2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 111.204130][ T4993] RAX: ffffffffffffffda RBX: 00007ff74696ef60 RCX: 00007ff74685bae9 [ 111.212115][ T4993] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 111.220117][ T4993] RBP: 00007ff7445d21d0 R08: 0000000000000000 R09: 0000000000000000 [ 111.228206][ T4993] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 111.236181][ T4993] R13: 00007fff4588734f R14: 00007ff7445d2300 R15: 0000000000022000 [ 111.244306][ T4993] [ 111.250819][ T5001] EXT4-fs: 46 callbacks suppressed [ 111.250830][ T5001] EXT4-fs (sda1): Ignoring removed mblk_io_submit option 07:33:37 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) [ 111.263138][ T5001] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:38 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 8) 07:33:38 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x0) 07:33:38 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x5, 0x0, 0x7fff) [ 111.298735][ T5006] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 111.305825][ T5006] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:38 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4c00, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:38 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000040)='./file1\x00', 0xc60001a1) fallocate(r0, 0x4a, 0x6, 0x8001) [ 111.381548][ T5014] FAULT_INJECTION: forcing a failure. [ 111.381548][ T5014] name failslab, interval 1, probability 0, space 0, times 0 [ 111.394261][ T5014] CPU: 0 PID: 5014 Comm: syz-executor.4 Not tainted 5.15.0-syzkaller #0 [ 111.402594][ T5014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 111.412651][ T5014] Call Trace: [ 111.415942][ T5014] [ 111.418893][ T5014] dump_stack_lvl+0xd6/0x122 [ 111.423494][ T5014] dump_stack+0x11/0x1b [ 111.427658][ T5014] should_fail+0x23c/0x250 [ 111.432084][ T5014] ? __es_insert_extent+0x546/0xe80 [ 111.437339][ T5014] __should_failslab+0x81/0x90 [ 111.442120][ T5014] should_failslab+0x5/0x20 [ 111.446674][ T5014] kmem_cache_alloc+0x4f/0x320 [ 111.451446][ T5014] __es_insert_extent+0x546/0xe80 [ 111.456547][ T5014] ext4_es_insert_extent+0x1cb/0x19c0 [ 111.462009][ T5014] ext4_map_blocks+0xa5d/0xf00 [ 111.466785][ T5014] ext4_iomap_begin+0x4b0/0x630 [ 111.471658][ T5014] ? ext4_alloc_da_blocks+0x100/0x100 [ 111.477113][ T5014] iomap_iter+0x395/0x4a0 [ 111.481495][ T5014] __iomap_dio_rw+0x695/0x1070 [ 111.486275][ T5014] ? debug_smp_processor_id+0x18/0x20 [ 111.491652][ T5014] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 111.497468][ T5014] iomap_dio_rw+0x38/0x80 [ 111.501819][ T5014] ? ext4_file_write_iter+0x501/0x1200 [ 111.507766][ T5014] ext4_file_write_iter+0xac3/0x1200 [ 111.513153][ T5014] ? ext4_file_write_iter+0x501/0x1200 [ 111.518653][ T5014] do_iter_readv_writev+0x2de/0x380 [ 111.523856][ T5014] do_iter_write+0x192/0x5c0 [ 111.528458][ T5014] ? splice_from_pipe_next+0x34f/0x3b0 [ 111.533929][ T5014] ? kmalloc_array+0x2d/0x40 [ 111.538580][ T5014] vfs_iter_write+0x4c/0x70 [ 111.543120][ T5014] iter_file_splice_write+0x43a/0x790 [ 111.548609][ T5014] ? splice_from_pipe+0xd0/0xd0 [ 111.553479][ T5014] direct_splice_actor+0x80/0xa0 [ 111.558517][ T5014] splice_direct_to_actor+0x345/0x650 [ 111.563898][ T5014] ? do_splice_direct+0x190/0x190 [ 111.568995][ T5014] do_splice_direct+0x106/0x190 [ 111.573890][ T5014] do_sendfile+0x675/0xc40 [ 111.578390][ T5014] __x64_sys_sendfile64+0x102/0x140 [ 111.583596][ T5014] do_syscall_64+0x44/0xa0 [ 111.588027][ T5014] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 111.594025][ T5014] RIP: 0033:0x7ff74685bae9 [ 111.598441][ T5014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 111.618237][ T5014] RSP: 002b:00007ff7445d2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 07:33:38 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x0) [ 111.626687][ T5014] RAX: ffffffffffffffda RBX: 00007ff74696ef60 RCX: 00007ff74685bae9 [ 111.634666][ T5014] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 111.642641][ T5014] RBP: 00007ff7445d21d0 R08: 0000000000000000 R09: 0000000000000000 [ 111.650615][ T5014] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 111.658594][ T5014] R13: 00007fff4588734f R14: 00007ff7445d2300 R15: 0000000000022000 [ 111.666576][ T5014] [ 111.686577][ T5016] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 111.734798][ T5016] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 111.766969][ T5023] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 111.774198][ T5023] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:38 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000040)={'raw\x00', 0x4, [{}, {}, {}, {}]}, 0x68) fallocate(r0, 0x0, 0x0, 0x7fff) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="a401000000020102080000000000000005000004bc000a801c0002800c00028005000100210000000c000280050001008800000008000140000000010800014000000001300018802c000180140003000000000000000000000000000000000014000400000000000000000000000000000000015c0002800c00028005000100060000001400018008000100ac14141f08000200ac1414bb1400018008000100ac1e000108000200ffffffff0c00028005000100880000000c00028005000100880000000c00028005000100110000002c0002801400018008000100ac1414bb08000200000000000c00028005000100a7000000060003400002000008000940000000030e0006007369702d32303030300000007c000a800800014000000000080001400000000108000140000000013c0002802c00018014000300fe8000000000000000000000000000aa14000400fe80000000000000000000000000000e0c0002800500010088000000240002800c00028005000100970000000c00028005000100db000000060003400000000013000b0063616c6c666f7277617264696e670000"], 0x1a4}, 0x1, 0x0, 0x0, 0x80}, 0x1) 07:33:38 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x7ffff000) 07:33:38 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x0) 07:33:38 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000000, 0x80010, r1, 0xefcef000) fallocate(r0, 0x0, 0x0, 0x7fff) 07:33:38 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x6000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 111.888305][ T23] audit: type=1400 audit(1636443218.591:161): avc: denied { map } for pid=5031 comm="syz-executor.3" path="socket:[17018]" dev="sockfs" ino=17018 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 07:33:38 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 1) [ 111.938169][ T5035] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 111.945252][ T5035] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 111.971470][ T5037] FAULT_INJECTION: forcing a failure. [ 111.971470][ T5037] name failslab, interval 1, probability 0, space 0, times 0 [ 111.984108][ T5037] CPU: 0 PID: 5037 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 111.992448][ T5037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.002507][ T5037] Call Trace: [ 112.005787][ T5037] [ 112.008715][ T5037] dump_stack_lvl+0xd6/0x122 [ 112.013349][ T5037] dump_stack+0x11/0x1b [ 112.017613][ T5037] should_fail+0x23c/0x250 [ 112.022127][ T5037] ? alloc_pipe_info+0xac/0x350 [ 112.026993][ T5037] __should_failslab+0x81/0x90 [ 112.031832][ T5037] should_failslab+0x5/0x20 [ 112.036525][ T5037] kmem_cache_alloc_trace+0x52/0x350 [ 112.041818][ T5037] alloc_pipe_info+0xac/0x350 [ 112.046533][ T5037] splice_direct_to_actor+0x5f7/0x650 [ 112.051994][ T5037] ? security_file_permission+0x7c/0xa0 [ 112.057545][ T5037] ? do_splice_direct+0x190/0x190 [ 112.062737][ T5037] ? security_file_permission+0x87/0xa0 [ 112.068285][ T5037] do_splice_direct+0x106/0x190 [ 112.073236][ T5037] do_sendfile+0x675/0xc40 [ 112.077748][ T5037] __x64_sys_sendfile64+0x102/0x140 [ 112.082950][ T5037] do_syscall_64+0x44/0xa0 07:33:38 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 9) [ 112.087449][ T5037] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 112.093397][ T5037] RIP: 0033:0x7f7c25405ae9 [ 112.097813][ T5037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 112.117425][ T5037] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 112.125840][ T5037] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 07:33:38 executing program 3: r0 = pkey_alloc(0x0, 0x0) pkey_free(r0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r1, 0x0, 0x0, 0x7fff) [ 112.133837][ T5037] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 112.141812][ T5037] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 112.149784][ T5037] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 112.157858][ T5037] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 112.165924][ T5037] [ 112.175278][ T5040] FAULT_INJECTION: forcing a failure. [ 112.175278][ T5040] name failslab, interval 1, probability 0, space 0, times 0 07:33:38 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x6800, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 112.187986][ T5040] CPU: 0 PID: 5040 Comm: syz-executor.4 Not tainted 5.15.0-syzkaller #0 [ 112.196395][ T5040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.206448][ T5040] Call Trace: [ 112.209726][ T5040] [ 112.212768][ T5040] dump_stack_lvl+0xd6/0x122 [ 112.217357][ T5040] dump_stack+0x11/0x1b [ 112.221515][ T5040] should_fail+0x23c/0x250 [ 112.225959][ T5040] ? mempool_alloc_slab+0x16/0x20 [ 112.231129][ T5040] __should_failslab+0x81/0x90 07:33:38 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 2) [ 112.235904][ T5040] should_failslab+0x5/0x20 [ 112.240463][ T5040] kmem_cache_alloc+0x4f/0x320 [ 112.245240][ T5040] mempool_alloc_slab+0x16/0x20 [ 112.250211][ T5040] ? mempool_free+0x130/0x130 [ 112.254941][ T5040] mempool_alloc+0x9d/0x310 [ 112.259448][ T5040] ? preempt_count_add+0x4e/0x90 [ 112.264391][ T5040] ? _raw_read_unlock+0x13/0x30 [ 112.269325][ T5040] ? jbd2_transaction_committed+0xad/0xc0 [ 112.275224][ T5040] bio_alloc_bioset+0xcc/0x560 [ 112.280001][ T5040] ? iov_iter_alignment+0x34b/0x370 [ 112.285207][ T5040] iomap_dio_bio_iter+0x5ed/0xc70 [ 112.290326][ T5040] ? ext4_alloc_da_blocks+0x100/0x100 [ 112.295706][ T5040] __iomap_dio_rw+0x8b5/0x1070 [ 112.300504][ T5040] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 112.306392][ T5040] iomap_dio_rw+0x38/0x80 [ 112.310818][ T5040] ? ext4_file_write_iter+0x501/0x1200 [ 112.316284][ T5040] ext4_file_write_iter+0xac3/0x1200 [ 112.321623][ T5040] ? ext4_file_write_iter+0x501/0x1200 [ 112.327095][ T5040] do_iter_readv_writev+0x2de/0x380 [ 112.332347][ T5040] do_iter_write+0x192/0x5c0 [ 112.336948][ T5040] ? splice_from_pipe_next+0x34f/0x3b0 [ 112.342454][ T5040] ? kmalloc_array+0x2d/0x40 [ 112.347114][ T5040] vfs_iter_write+0x4c/0x70 [ 112.351623][ T5040] iter_file_splice_write+0x43a/0x790 [ 112.357099][ T5040] ? splice_from_pipe+0xd0/0xd0 [ 112.361969][ T5040] direct_splice_actor+0x80/0xa0 [ 112.366993][ T5040] splice_direct_to_actor+0x345/0x650 [ 112.372392][ T5040] ? do_splice_direct+0x190/0x190 [ 112.377562][ T5040] do_splice_direct+0x106/0x190 [ 112.382465][ T5040] do_sendfile+0x675/0xc40 07:33:39 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000002) [ 112.386896][ T5040] __x64_sys_sendfile64+0x102/0x140 [ 112.392104][ T5040] do_syscall_64+0x44/0xa0 [ 112.396535][ T5040] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 112.402456][ T5040] RIP: 0033:0x7ff74685bae9 [ 112.406866][ T5040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 112.426501][ T5040] RSP: 002b:00007ff7445d2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 112.434914][ T5040] RAX: ffffffffffffffda RBX: 00007ff74696ef60 RCX: 00007ff74685bae9 [ 112.442886][ T5040] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 112.450944][ T5040] RBP: 00007ff7445d21d0 R08: 0000000000000000 R09: 0000000000000000 [ 112.458915][ T5040] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 112.466885][ T5040] R13: 00007fff4588734f R14: 00007ff7445d2300 R15: 0000000000022000 [ 112.474913][ T5040] 07:33:39 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) ioctl$KIOCSOUND(r0, 0x4b2f, 0x0) r1 = memfd_create(&(0x7f0000000300)='\x00\xc2\xea\x99\xbb\x1c\xdfjw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00'/204, 0x0) write(r1, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) ioctl$BTRFS_IOC_LOGICAL_INO_V2(0xffffffffffffffff, 0xc038943b, &(0x7f0000000200)={0x6, 0x50, '\x00', 0x1, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) mmap(&(0x7f0000001000/0xf000)=nil, 0xf000, 0x1000001, 0x10, r1, 0x7f71b000) ioctl$EXT4_IOC_GET_ES_CACHE(r1, 0xc020662a, &(0x7f0000000980)=ANY=[@ANYBLOB="0700000000000000010000000100000001000000ffffff7f0400000000000000d223000000000000ee0000000000000007000000000000000000000000000000000000000000000000040000000000000000000000000000ff0100000000000008000000000000000000ec35000000000000000000000000000000000000000080010000000000000000000000000000c0510000000000000900000000000000ff0f0000000000000000000000000000000000000000000002100000000000000000000000000000060000000000000003000000000000000800000000000040002c7dfc06783f60ef0000000000000000100000000000000000000000000000f00b863034952886e3b6abf9da074c5b0ca02aaa684669f63c15c9c8999d1a67bdafe242d53181aecb2d2a6c23d2288cf38e8efcffd3266f011990d846989dbd93a2c7007a4c296f7908e10fdeeb0ee5bc81ea46865a616c9d064ccecb4d41e6444102f5b27a2c2918c28b8a103306b1b0cc5c6f6ea3dece8598873b18324de719dd4a3955"]) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) r2 = inotify_init1(0x0) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0xb119) ioctl$BTRFS_IOC_BALANCE_CTL(r3, 0x40049421, 0x3) inotify_add_watch(r2, &(0x7f0000000040)='./file1\x00', 0xc60001a1) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r2, 0x8008f511, &(0x7f00000007c0)) r4 = socket$nl_generic(0x10, 0x3, 0x10) writev(r4, &(0x7f0000000840)=[{&(0x7f0000000580)="5708f4b943da54aa149c7c03a56d0ea55263d67826a60b99a384d380ca3d99ec2acbb0b5d08b964a825879f16ee12336bf95c656e3d037688c057322d15dfe54a77ff201c2a88c5d872020564638df1cb5520a0302cd0a", 0x57}, {&(0x7f0000000400)="5edc34f179ac0e598b09ecb393ac1816d898322a7af1cd49f84580d5eab55eac44f543db75da5eeb0962604f9768d4a5720c1877da99fd7d82e27c39be5a265be8d592103344ae9a4e575fa4a9bbe080f2dcf88c1085d900"/103, 0x67}, {&(0x7f00000002c0)="2a12eb8994b1c7d0b1beacd97e42a72b8b73c5577dfbf7e0728a943abd8838373d6cf74839a86d16a4a5869465ad9fb7b7c6", 0x32}, {&(0x7f0000000480)="01f6cac1e357260c223e144236785290c3c8b9c9d4b39e4ddd099b05b8e288bc6b3ade92c2e11eb4186cd10bc7009052b80d7cfe0ead8efa399e682e26804fc5b295bd8959ab7281c3c74b0495a8aadb86bf3b4695d986e8dd9476538ac51d6a8794e199b2f7ff6697600ea426bfdb78fc7ca73e892990fe4a7aa5e89cec2594ed247d5419a06e1d42c5e4390e2f04bb12f8d161bad8f1b082cedffe73492242db78a45cb502db2523ccc069052362e1192c7c00a72169f08e9ae613f0ce3ff881c0e7d8e17dc2", 0xc7}, {&(0x7f0000000240)="6a0594d60912ca21d4c43f36e9cbc24114e6aea44cc3e30b456306c9f4afc958369f0344d334acadb52d06e6ea13ebfb1b2368f85a98a10b74d7790c44a1a22b1824ba27cb45e4704593a84be5c4ad899c2bbcea26f91c2b50658197642b1bda82e34beff19d1f00000000000000000000080000000000", 0x77}, {&(0x7f0000000600)="be4f2a52e7667aaf638e1f594badad97a9c9ef35dbf0ba52c04b765eaf7d1a3e619ceba7cd722e41839933dec72fffd9b4db93f230f3562f322c10d9f8b711d89d0b003ae5e224f1fc7428b24c32d5d4abe8573ce8870cd2acba5b44074e8b822d73906597423862d783ae13ba7aed186012d1d81417de8ffe744cdf7b7267c9a12a7794391e463915db8d2785080994d4fd9ca7b0bfab23f8b9ea4e0ae01d6253ad9bc71656bf64b03a1a95d4d5252551e5970a447651ecab8747b26c", 0xbd}, {&(0x7f00000006c0)="1907956be4d2578c745ef82898a64a759381f36ff27db01b03521b578ba8d44f2272c763a3464be7f8a5ad03c4d2f4dec205487e10d798b5519ceec9cee9fd3fffd90b577c10a9b84c2d9959bcb50dae7b4687628f535dc3e90cfc35fdf13342fd5768a6eda2270d1ac242402093d4414b83da00ea04ea81d24762eca79ce29d2692e52ff7e9d5dfeb9e67ee6bba992f8db677d145ace2b443b581a4b15be064cfe587c06a0f075c985e5019cd60fafe04f03adc6a2ceae23d5e42ea5a505474013da7472b9fddfbfa85092e782d69662f398a863860de", 0xd7}, {&(0x7f0000000900)="000800001ea70ebd0097e89f5b9aef97084f996e6e7b713d0a195929094f942fd73a82ce10280b5e01e589061c0000006f685d51db96dbc4a5683be3dd82ea5b5fc99c1f588b132ae5b52fa6aefe10fb09c338865e46cfd7ed66e4a70d29a7acc88ee647bde87b667a5d76ebe38a74d10e741b230c95fcb5107d33", 0x7b}, {&(0x7f0000000800)="808b7f957280002486c320c332ecf68fad17d6d4b37608b7bf732e87ffeb0f224160fc3d", 0x24}], 0x9) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000000, 0x40010, r3, 0x1593b000) [ 112.497352][ T5049] FAULT_INJECTION: forcing a failure. [ 112.497352][ T5049] name failslab, interval 1, probability 0, space 0, times 0 [ 112.510033][ T5049] CPU: 0 PID: 5049 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 112.518395][ T5049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.528534][ T5049] Call Trace: [ 112.531855][ T5049] [ 112.534822][ T5049] dump_stack_lvl+0xd6/0x122 [ 112.539451][ T5049] dump_stack+0x11/0x1b [ 112.543677][ T5049] should_fail+0x23c/0x250 [ 112.548163][ T5049] ? kcalloc+0x32/0x40 [ 112.552253][ T5049] __should_failslab+0x81/0x90 [ 112.557108][ T5049] should_failslab+0x5/0x20 [ 112.561771][ T5049] __kmalloc+0x6f/0x370 [ 112.565946][ T5049] ? kmem_cache_alloc_trace+0x24b/0x350 [ 112.571502][ T5049] kcalloc+0x32/0x40 [ 112.575402][ T5049] alloc_pipe_info+0x1be/0x350 [ 112.580179][ T5049] splice_direct_to_actor+0x5f7/0x650 [ 112.585647][ T5049] ? security_file_permission+0x7c/0xa0 [ 112.591198][ T5049] ? do_splice_direct+0x190/0x190 [ 112.596306][ T5049] ? security_file_permission+0x87/0xa0 [ 112.601862][ T5049] do_splice_direct+0x106/0x190 [ 112.606726][ T5049] do_sendfile+0x675/0xc40 [ 112.611159][ T5049] __x64_sys_sendfile64+0x102/0x140 [ 112.616485][ T5049] do_syscall_64+0x44/0xa0 [ 112.620935][ T5049] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 112.626910][ T5049] RIP: 0033:0x7f7c25405ae9 [ 112.631336][ T5049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 112.651048][ T5049] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 112.659473][ T5049] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 112.667479][ T5049] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 112.675455][ T5049] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 112.683516][ T5049] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 07:33:39 executing program 2: r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x64, r0, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x64}}, 0x8000000) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wpan4\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000380)={&(0x7f0000000780)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf251300000005001a000000000008000300", @ANYRES32=r1, @ANYBLOB="05001a000100000008000300", @ANYRES32=r3, @ANYBLOB="0c000600020000000000000008000300", @ANYRES32=r1, @ANYBLOB="0c000600000000000000000005008a95c1d12f863d919e85973163369c2b4db0ce16a1b19c3283d35aee7b8b99f0f31755a0258464f6b4066fe86d9df9b9e78abe80992cfddbf2f05e514c87ef020c52a9f0fc4a", @ANYRES32=r1, @ANYBLOB="08000300", @ANYRES32=r4, @ANYBLOB], 0x6c}, 0x1, 0x0, 0x0, 0xc0}, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff) r7 = socket(0x11, 0x800000003, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) sendmsg$ETHTOOL_MSG_DEBUG_SET(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x20, r6, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}]}, 0x20}}, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff) r11 = socket(0x11, 0x800000003, 0x0) ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) sendmsg$ETHTOOL_MSG_DEBUG_SET(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x20, r10, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}]}, 0x20}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000500)={'syztnl1\x00', &(0x7f0000000480)={'syztnl2\x00', 0x0, 0x2f, 0xd5, 0x8f, 0x1, 0x1, @local, @local, 0x1, 0x80, 0x0, 0x2}}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000700)={&(0x7f0000000540)={0x178, 0x0, 0x400, 0x70bd25, 0x25dfdbff, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}]}]}, 0x178}, 0x1, 0x0, 0x0, 0x80}, 0x4004800) 07:33:39 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x6c00, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 112.691489][ T5049] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 112.699584][ T5049] 07:33:39 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 3) [ 112.757809][ T23] audit: type=1400 audit(1636443219.451:162): avc: denied { ioctl } for pid=5055 comm="syz-executor.2" path="socket:[17061]" dev="sockfs" ino=17061 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 07:33:39 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x7400, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 112.814217][ T5065] FAULT_INJECTION: forcing a failure. [ 112.814217][ T5065] name failslab, interval 1, probability 0, space 0, times 0 [ 112.826979][ T5065] CPU: 0 PID: 5065 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 112.835306][ T5065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.845389][ T5065] Call Trace: [ 112.848670][ T5065] [ 112.851602][ T5065] dump_stack_lvl+0xd6/0x122 [ 112.856196][ T5065] dump_stack+0x11/0x1b [ 112.860439][ T5065] should_fail+0x23c/0x250 [ 112.864896][ T5065] ? kmalloc_array+0x2d/0x40 [ 112.869555][ T5065] __should_failslab+0x81/0x90 [ 112.874335][ T5065] should_failslab+0x5/0x20 [ 112.878870][ T5065] __kmalloc+0x6f/0x370 [ 112.883036][ T5065] kmalloc_array+0x2d/0x40 [ 112.887470][ T5065] iter_file_splice_write+0xd5/0x790 [ 112.892766][ T5065] ? atime_needs_update+0x2ba/0x390 [ 112.897971][ T5065] ? touch_atime+0x11f/0x2e0 [ 112.902616][ T5065] ? generic_file_splice_read+0x2a9/0x330 [ 112.908476][ T5065] ? splice_from_pipe+0xd0/0xd0 07:33:39 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 10) [ 112.913332][ T5065] direct_splice_actor+0x80/0xa0 [ 112.918281][ T5065] splice_direct_to_actor+0x345/0x650 [ 112.923708][ T5065] ? do_splice_direct+0x190/0x190 [ 112.928738][ T5065] do_splice_direct+0x106/0x190 [ 112.933613][ T5065] do_sendfile+0x675/0xc40 [ 112.938037][ T5065] __x64_sys_sendfile64+0x102/0x140 [ 112.943307][ T5065] do_syscall_64+0x44/0xa0 [ 112.947778][ T5065] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 112.953723][ T5065] RIP: 0033:0x7f7c25405ae9 [ 112.958259][ T5065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 112.978165][ T5065] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 112.986584][ T5065] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 112.994568][ T5065] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 113.002545][ T5065] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 113.010521][ T5065] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 113.018599][ T5065] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 113.026576][ T5065] [ 113.033446][ T5070] FAULT_INJECTION: forcing a failure. [ 113.033446][ T5070] name failslab, interval 1, probability 0, space 0, times 0 [ 113.046136][ T5070] CPU: 0 PID: 5070 Comm: syz-executor.4 Not tainted 5.15.0-syzkaller #0 [ 113.054464][ T5070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 07:33:39 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000003) [ 113.064666][ T5070] Call Trace: [ 113.068012][ T5070] [ 113.070946][ T5070] dump_stack_lvl+0xd6/0x122 [ 113.075546][ T5070] dump_stack+0x11/0x1b [ 113.079801][ T5070] should_fail+0x23c/0x250 [ 113.084232][ T5070] __should_failslab+0x81/0x90 [ 113.089036][ T5070] should_failslab+0x5/0x20 [ 113.093649][ T5070] kmem_cache_alloc_node+0x61/0x2d0 [ 113.098964][ T5070] ? create_task_io_context+0x36/0x1e0 [ 113.104531][ T5070] create_task_io_context+0x36/0x1e0 [ 113.109831][ T5070] submit_bio_checks+0x828/0x8e0 [ 113.114898][ T5070] ? blk_try_enter_queue+0xee/0x1f0 [ 113.120192][ T5070] __submit_bio+0x2de/0x480 [ 113.124788][ T5070] ? bio_iov_iter_get_pages+0xda8/0xe40 [ 113.130424][ T5070] submit_bio_noacct+0x418/0x4e0 [ 113.135400][ T5070] submit_bio+0x10c/0x180 [ 113.139815][ T5070] iomap_dio_bio_iter+0x9ed/0xc70 [ 113.144877][ T5070] __iomap_dio_rw+0x8b5/0x1070 [ 113.149670][ T5070] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 113.155491][ T5070] iomap_dio_rw+0x38/0x80 [ 113.159834][ T5070] ? ext4_file_write_iter+0x501/0x1200 [ 113.165306][ T5070] ext4_file_write_iter+0xac3/0x1200 [ 113.170608][ T5070] ? ext4_file_write_iter+0x501/0x1200 [ 113.176085][ T5070] do_iter_readv_writev+0x2de/0x380 [ 113.181298][ T5070] do_iter_write+0x192/0x5c0 [ 113.185958][ T5070] ? splice_from_pipe_next+0x34f/0x3b0 [ 113.191463][ T5070] ? kmalloc_array+0x2d/0x40 [ 113.196070][ T5070] vfs_iter_write+0x4c/0x70 [ 113.200673][ T5070] iter_file_splice_write+0x43a/0x790 [ 113.206057][ T5070] ? splice_from_pipe+0xd0/0xd0 [ 113.210966][ T5070] direct_splice_actor+0x80/0xa0 [ 113.216013][ T5070] splice_direct_to_actor+0x345/0x650 [ 113.221464][ T5070] ? do_splice_direct+0x190/0x190 [ 113.226581][ T5070] do_splice_direct+0x106/0x190 [ 113.231446][ T5070] do_sendfile+0x675/0xc40 [ 113.235929][ T5070] __x64_sys_sendfile64+0x102/0x140 [ 113.241133][ T5070] do_syscall_64+0x44/0xa0 [ 113.245622][ T5070] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 113.251554][ T5070] RIP: 0033:0x7ff74685bae9 [ 113.255969][ T5070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 113.275592][ T5070] RSP: 002b:00007ff7445d2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 113.284307][ T5070] RAX: ffffffffffffffda RBX: 00007ff74696ef60 RCX: 00007ff74685bae9 [ 113.292364][ T5070] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 113.300376][ T5070] RBP: 00007ff7445d21d0 R08: 0000000000000000 R09: 0000000000000000 [ 113.308543][ T5070] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 07:33:40 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000004) [ 113.316751][ T5070] R13: 00007fff4588734f R14: 00007ff7445d2300 R15: 0000000000022000 [ 113.324738][ T5070] 07:33:40 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 4) [ 113.417855][ T5080] FAULT_INJECTION: forcing a failure. [ 113.417855][ T5080] name failslab, interval 1, probability 0, space 0, times 0 [ 113.430544][ T5080] CPU: 0 PID: 5080 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 113.438875][ T5080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 113.449072][ T5080] Call Trace: [ 113.452360][ T5080] [ 113.455276][ T5080] dump_stack_lvl+0xd6/0x122 [ 113.459864][ T5080] dump_stack+0x11/0x1b [ 113.464018][ T5080] should_fail+0x23c/0x250 [ 113.468421][ T5080] ? jbd2__journal_start+0xf7/0x3f0 [ 113.473623][ T5080] __should_failslab+0x81/0x90 [ 113.478434][ T5080] should_failslab+0x5/0x20 [ 113.482925][ T5080] kmem_cache_alloc+0x4f/0x320 [ 113.487690][ T5080] jbd2__journal_start+0xf7/0x3f0 [ 113.492741][ T5080] __ext4_journal_start_sb+0x159/0x310 [ 113.498198][ T5080] ? ext4_file_write_iter+0x501/0x1200 [ 113.503967][ T5080] ext4_file_write_iter+0x992/0x1200 [ 113.509295][ T5080] ? ext4_file_write_iter+0x501/0x1200 [ 113.514832][ T5080] do_iter_readv_writev+0x2de/0x380 [ 113.520019][ T5080] do_iter_write+0x192/0x5c0 [ 113.524594][ T5080] ? splice_from_pipe_next+0x34f/0x3b0 [ 113.530038][ T5080] ? kmalloc_array+0x2d/0x40 [ 113.534611][ T5080] vfs_iter_write+0x4c/0x70 [ 113.539110][ T5080] iter_file_splice_write+0x43a/0x790 [ 113.544476][ T5080] ? splice_from_pipe+0xd0/0xd0 [ 113.549316][ T5080] direct_splice_actor+0x80/0xa0 [ 113.554388][ T5080] splice_direct_to_actor+0x345/0x650 [ 113.559777][ T5080] ? do_splice_direct+0x190/0x190 [ 113.564824][ T5080] do_splice_direct+0x106/0x190 [ 113.569708][ T5080] do_sendfile+0x675/0xc40 [ 113.574187][ T5080] __x64_sys_sendfile64+0x102/0x140 [ 113.579372][ T5080] do_syscall_64+0x44/0xa0 [ 113.583855][ T5080] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 113.589742][ T5080] RIP: 0033:0x7f7c25405ae9 [ 113.594142][ T5080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 07:33:40 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x7a00, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 113.613745][ T5080] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 113.622203][ T5080] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 113.630159][ T5080] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 113.638119][ T5080] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 113.646077][ T5080] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 113.654045][ T5080] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 113.662002][ T5080] 07:33:40 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x7f08, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:40 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 5) 07:33:40 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x8008, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 113.919885][ T5088] FAULT_INJECTION: forcing a failure. [ 113.919885][ T5088] name failslab, interval 1, probability 0, space 0, times 0 [ 113.932750][ T5088] CPU: 1 PID: 5088 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 113.941080][ T5088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 113.951136][ T5088] Call Trace: [ 113.954441][ T5088] [ 113.957371][ T5088] dump_stack_lvl+0xd6/0x122 [ 113.961985][ T5088] dump_stack+0x11/0x1b [ 113.966146][ T5088] should_fail+0x23c/0x250 [ 113.970657][ T5088] ? jbd2__journal_start+0xf7/0x3f0 [ 113.975863][ T5088] __should_failslab+0x81/0x90 [ 113.980656][ T5088] should_failslab+0x5/0x20 [ 113.985336][ T5088] kmem_cache_alloc+0x4f/0x320 [ 113.990110][ T5088] jbd2__journal_start+0xf7/0x3f0 [ 113.995161][ T5088] __ext4_journal_start_sb+0x159/0x310 [ 114.000630][ T5088] ? ext4_file_write_iter+0x501/0x1200 [ 114.006268][ T5088] ext4_file_write_iter+0x992/0x1200 [ 114.011559][ T5088] ? ext4_file_write_iter+0x501/0x1200 [ 114.017031][ T5088] do_iter_readv_writev+0x2de/0x380 [ 114.022240][ T5088] do_iter_write+0x192/0x5c0 [ 114.026833][ T5088] ? splice_from_pipe_next+0x34f/0x3b0 [ 114.032351][ T5088] ? kmalloc_array+0x2d/0x40 [ 114.036953][ T5088] vfs_iter_write+0x4c/0x70 [ 114.041523][ T5088] iter_file_splice_write+0x43a/0x790 [ 114.046904][ T5088] ? splice_from_pipe+0xd0/0xd0 [ 114.051762][ T5088] direct_splice_actor+0x80/0xa0 [ 114.056709][ T5088] splice_direct_to_actor+0x345/0x650 [ 114.062099][ T5088] ? do_splice_direct+0x190/0x190 [ 114.067209][ T5088] do_splice_direct+0x106/0x190 [ 114.072080][ T5088] do_sendfile+0x675/0xc40 [ 114.076505][ T5088] __x64_sys_sendfile64+0x102/0x140 [ 114.081716][ T5088] do_syscall_64+0x44/0xa0 [ 114.086150][ T5088] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 114.092058][ T5088] RIP: 0033:0x7f7c25405ae9 [ 114.096496][ T5088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 114.116182][ T5088] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 114.124611][ T5088] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 114.132592][ T5088] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 114.140570][ T5088] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 114.148549][ T5088] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 114.156598][ T5088] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 114.164632][ T5088] 07:33:44 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x90282, 0x10) 07:33:44 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000005) 07:33:44 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 11) 07:33:44 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x80000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:44 executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_SEC_DEV(r1, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000d00)={0x14, 0x0, 0x4}, 0x14}}, 0x0) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r1) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r1) sendmsg$NL802154_CMD_SET_LBT_MODE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x14, r2, 0x1}, 0x14}}, 0x0) sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, r2, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000000}, 0x840) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r3, 0x0, 0x0, 0x7fff) 07:33:44 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 6) [ 117.950956][ T5559] EXT4-fs: 24 callbacks suppressed [ 117.950968][ T5559] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 117.966488][ T5563] FAULT_INJECTION: forcing a failure. [ 117.966488][ T5563] name failslab, interval 1, probability 0, space 0, times 0 [ 117.972242][ T5559] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 117.979124][ T5563] CPU: 0 PID: 5563 Comm: syz-executor.4 Not tainted 5.15.0-syzkaller #0 [ 117.993338][ T5567] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 117.999678][ T5563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 117.999691][ T5563] Call Trace: [ 117.999696][ T5563] [ 118.006816][ T5567] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 118.016818][ T5563] dump_stack_lvl+0xd6/0x122 [ 118.016892][ T5563] dump_stack+0x11/0x1b [ 118.016908][ T5563] should_fail+0x23c/0x250 [ 118.016928][ T5563] ? jbd2__journal_start+0xf7/0x3f0 [ 118.021565][ T5569] FAULT_INJECTION: forcing a failure. [ 118.021565][ T5569] name failslab, interval 1, probability 0, space 0, times 0 [ 118.023100][ T5563] __should_failslab+0x81/0x90 [ 118.069947][ T5563] should_failslab+0x5/0x20 [ 118.074639][ T5563] kmem_cache_alloc+0x4f/0x320 [ 118.079394][ T5563] jbd2__journal_start+0xf7/0x3f0 [ 118.084408][ T5563] __ext4_journal_start_sb+0x159/0x310 [ 118.089904][ T5563] ext4_iomap_begin+0x408/0x630 [ 118.094740][ T5563] ? ext4_alloc_da_blocks+0x100/0x100 [ 118.100108][ T5563] iomap_iter+0x395/0x4a0 [ 118.104428][ T5563] __iomap_dio_rw+0xb78/0x1070 [ 118.109227][ T5563] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 118.115021][ T5563] iomap_dio_rw+0x38/0x80 [ 118.119627][ T5563] ? ext4_file_write_iter+0x501/0x1200 [ 118.125152][ T5563] ext4_file_write_iter+0xac3/0x1200 [ 118.130509][ T5563] ? ext4_file_write_iter+0x501/0x1200 [ 118.136019][ T5563] do_iter_readv_writev+0x2de/0x380 [ 118.141228][ T5563] do_iter_write+0x192/0x5c0 [ 118.145799][ T5563] ? splice_from_pipe_next+0x34f/0x3b0 [ 118.151271][ T5563] ? kmalloc_array+0x2d/0x40 [ 118.155846][ T5563] vfs_iter_write+0x4c/0x70 [ 118.160334][ T5563] iter_file_splice_write+0x43a/0x790 [ 118.165692][ T5563] ? splice_from_pipe+0xd0/0xd0 [ 118.170687][ T5563] direct_splice_actor+0x80/0xa0 [ 118.175653][ T5563] splice_direct_to_actor+0x345/0x650 [ 118.181022][ T5563] ? do_splice_direct+0x190/0x190 [ 118.186052][ T5563] do_splice_direct+0x106/0x190 [ 118.190893][ T5563] do_sendfile+0x675/0xc40 [ 118.195305][ T5563] __x64_sys_sendfile64+0x102/0x140 [ 118.200553][ T5563] do_syscall_64+0x44/0xa0 [ 118.204976][ T5563] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 118.211205][ T5563] RIP: 0033:0x7ff74685bae9 [ 118.215619][ T5563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 118.235260][ T5563] RSP: 002b:00007ff7445d2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 118.243805][ T5563] RAX: ffffffffffffffda RBX: 00007ff74696ef60 RCX: 00007ff74685bae9 [ 118.251812][ T5563] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 118.260028][ T5563] RBP: 00007ff7445d21d0 R08: 0000000000000000 R09: 0000000000000000 [ 118.268077][ T5563] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 118.276030][ T5563] R13: 00007fff4588734f R14: 00007ff7445d2300 R15: 0000000000022000 [ 118.284086][ T5563] [ 118.287086][ T5569] CPU: 1 PID: 5569 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 118.295500][ T5569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 118.305761][ T5569] Call Trace: [ 118.309038][ T5569] [ 118.312012][ T5569] dump_stack_lvl+0xd6/0x122 [ 118.316606][ T5569] dump_stack+0x11/0x1b [ 118.320835][ T5569] should_fail+0x23c/0x250 [ 118.325315][ T5569] ? __iomap_dio_rw+0x143/0x1070 [ 118.330298][ T5569] __should_failslab+0x81/0x90 [ 118.335067][ T5569] should_failslab+0x5/0x20 [ 118.339636][ T5569] kmem_cache_alloc_trace+0x52/0x350 [ 118.344939][ T5569] ? jbd2_journal_dirty_metadata+0x218/0x690 [ 118.350923][ T5569] __iomap_dio_rw+0x143/0x1070 [ 118.355734][ T5569] ? preempt_count_add+0x4e/0x90 [ 118.360684][ T5569] ? debug_smp_processor_id+0x18/0x20 [ 118.366486][ T5569] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 118.372297][ T5569] iomap_dio_rw+0x38/0x80 [ 118.376663][ T5569] ? ext4_file_write_iter+0x501/0x1200 [ 118.382127][ T5569] ext4_file_write_iter+0xac3/0x1200 [ 118.387463][ T5569] ? ext4_file_write_iter+0x501/0x1200 [ 118.392936][ T5569] do_iter_readv_writev+0x2de/0x380 [ 118.398140][ T5569] do_iter_write+0x192/0x5c0 [ 118.402731][ T5569] ? splice_from_pipe_next+0x34f/0x3b0 [ 118.405062][ T23] audit: type=1400 audit(1636443225.091:163): avc: denied { create } for pid=5579 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 118.408199][ T5569] ? kmalloc_array+0x2d/0x40 [ 118.408242][ T5569] vfs_iter_write+0x4c/0x70 [ 118.408261][ T5569] iter_file_splice_write+0x43a/0x790 [ 118.442280][ T5569] ? splice_from_pipe+0xd0/0xd0 [ 118.447139][ T5569] direct_splice_actor+0x80/0xa0 [ 118.452515][ T5569] splice_direct_to_actor+0x345/0x650 [ 118.457901][ T5569] ? do_splice_direct+0x190/0x190 [ 118.462966][ T5569] do_splice_direct+0x106/0x190 [ 118.467822][ T5569] do_sendfile+0x675/0xc40 [ 118.472296][ T5569] __x64_sys_sendfile64+0x102/0x140 [ 118.477527][ T5569] do_syscall_64+0x44/0xa0 [ 118.481978][ T5569] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 118.487894][ T5569] RIP: 0033:0x7f7c25405ae9 [ 118.492311][ T5569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 118.511957][ T5569] RSP: 002b:00007f7c2315b188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 118.520462][ T5569] RAX: ffffffffffffffda RBX: 00007f7c25519020 RCX: 00007f7c25405ae9 [ 118.528434][ T5569] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 118.536426][ T5569] RBP: 00007f7c2315b1d0 R08: 0000000000000000 R09: 0000000000000000 [ 118.538939][ T5592] nfs4: Unknown parameter 'pipefs' 07:33:45 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x20) mkdir(&(0x7f0000000000)='./file0\x00', 0x80) 07:33:45 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_DELSET={0x14, 0xb, 0xa, 0x801, 0x0, 0x0, {0x1}}, @NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0xa03, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x1c, 0x0, 0xa, 0x3, 0x0, 0x0, {0x5, 0x0, 0x9}, [@NFTA_TABLE_FLAGS={0x8}]}, @NFT_MSG_NEWFLOWTABLE={0x60, 0x16, 0xa, 0x401, 0x0, 0x0, {0xc, 0x0, 0x3}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x38, 0x3, 0xa, 0x401, 0x0, 0x0, {0x3, 0x0, 0xa}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TYPE={0xa, 0x7, 'route\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x4}]}, @NFT_MSG_DELSETELEM={0xd558, 0xe, 0xa, 0x801, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x7d44, 0x3, 0x0, 0x1, [{0x1274, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz0\x00'}, @NFTA_SET_ELEM_EXPR={0x4}, @NFTA_SET_ELEM_KEY_END={0x106c, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0x1004, 0x1, "f2d2e1156a3fce4a288ffc89b1847b02ed966c9920c76a1f2043638d4a52fa78f0b6f15004fe3d9a9fd7978ea08197ecde75cb0a984dd2ef4d099d563e26beb678ac1e8db60b1846add6b39bc1aafdc825542a4f383c9d20917486a5d5a33e8bdf7d39d32638bf232424c01cc2b33a6d7000d6ff852ac54727100f07f1c17ec5946565f6d5c457a633a76997b46e4128f171da0acdb71c67d22c7e8efb0c7511aecdba4885ea4d9a6497cb4b995d463a3f40a54d30f07db30d859e9d2d19b1a5397d0a2fcb67eafc54fe4c8d1eda2efd85aebbd0c8c03110cdac9dffa660e79a04cd4a474879d4c4927978e912a23da8998fbed2d2ae05d56063110bcf123eef80453f7c5de5121a1a88d57ae77502b9ae664a814020882e40cfd7adc1fa04c3617e542f09810a79a1f91f1d7956812ceaa8d084d2c3730ba8c6ac240aa9edb770c11fa1d0e961666a317915bfd93aa1deb61fb7af76bf7be0d684361aa8a515164afdeb7e309b84a6da0f232113c3312249d83c123194e5de44680b998ec5fe7488479c05971e398b39ba6e6e461bb1eea339448f3889daf27f7c90dec873ddfea4a2bdb8cc80ff82fbc1419c0dfb9feb8e5968b66b897d196569f1ee3b1d462f6d9cf5f4585dbcfc324134066ba7b18cfd3e12d8a52434269c1aca68a9b6b58a0c42cb232fb6855592e31fc0da21370494c3eb95d2f78a136fbb71f521cb790e2bc24710cae8258c20f42b98e7bf92b292dc0f50c3758846c0d7903531e62b574186525dbc94f75a1ee55ec7bb8c94a0e736142824ed6ba0eb1a4f59a346d987ba3a92b72e5f8151a0621c2e45e74c698fd702e8e044ef774d407273931e2d74c0cb8af67ec1e80bdc5f35ba95ab92ab83e41db2e84fbcc70a675a751c8bb3e71399dc3b4fcc34bd76d3088d307aa4733f92dfe9d7876c422990f8942dfd945d0d30ef4fa77f37b1a61b3e3bdc91983228f3daf956ec117408a196e5da99da1c256180a1758eaea1da812ba429a88d47066d2220baa084cd0b3a33f585303c16f2f414d6304b57db8f33cf38a9d2a726641610833f9689b1d321de2c36ecd004bedd49d6e26c5c22dfbb54ce3c5c0bbab379f2388e7df6aa2abe2144498df80fbcc2a7773abfc987924df66b642e6cda12114f138ecd62a4f71d8bbfae569062ea2f7f8efde880e518d42cf1964be068468d0d41bd04c0e562ab322e6c346792a80c34e8fbfa5f774dc828e7764ccd93be420cab7fad01b7e2892130be590c1100b2ed9ebd62f1b5e728e1b1f748765cb7986ca0ae5a75fb6a9addb27ae7eb6593e163c84a3ef19dbc3e4fd2cfcfdb4b7dc4e0660f235f0d35dc35e7e1f2a8e32f13720a95da93eb842bc2aaa80cbb24f56273b2365b6cf309e61bb96a271d168ea273ba3ff32bbe8779a87a10361edf4f37834d600a3ed757201297ac87d04cc922cedc033f18857315bdec28d5d85e5e2793b4605f86c28bd0a990eb838c7957a96d4b954a7928ec5ec48debfa1af64ecf9b4c9b6ee665a25db69f211ab9781cde357eca1322f58717de66e0e65a2526d6c4518587fcf0a089ca4ebc10590b2a8e9dd729e290e1da8d4319eefee7fa6eb85cf75d84401f4fddfd5acea2a30e1a119fc94077071f9d4151ddbc53f9f44814db118c2802dccf368184f7d0d030974a509b0030ac155e86c8229ac7517a3c95c9440d3ab53fde2eb2e2f0fc439b1707bb5e27f72e3b6d6b97cb93739e2bc74dc65a5a52a19d53dea1df365cf3cfbed29dc37f6a18e2c612734b340e9b5da96d8c4a41ac36544e800ed677a5942c0f3f862bcc97bce4f2965cee2845b9f840a31c24c915b421260afa988502f2fdc0dec809430e016043b674d23879ca92e679ca27eb1a178463205349bd28110cea62a5cb98f349769971955f71c9411e8f2c61741554c4f61666441552b0eb19036faca6bee1a9dbabf55807aac8ca0d841dc62c541f8dbb9ffbd28da7e60ea4bd162f96b7270cd36d454962893a7cb62069242d96a21bff3d290000334db6e423c7a3d8fa0d0d1bb1fc2818d0d73916bda48b0d9fc0150fc090b53557025af986717dc43f6cb203070716292fbd8f01dd23b33b0c28af11c58e9b56249f859edeb5ec84bd4b0889c5358f9828acb9ab672a724c1ef466827da3c5ed331f742e3e0d36d789334af2939d52dea553f011f1efa5954e2ca5f1c1277e3de1d029e90cb2aeb1ff5c01384ce9b4a3a44027e85f3490fe64b0010a465f70defa568f58355934091a16d99ffe0c9b6480dc0761436eb006d6d6caa196ab0942e742160a405e0865b42dd9380bd3526dea2b0f494097240c0644a335ab5585438a364121b6f2685c77ce487a196488be88c1dd5c735863cb059e8cae3023e46a7c42b3989555e8ee41b998a3171b90e1e68e73dcbae7192860f6fdaea57c4ae5282ae363a45b7cb4ef30a2ef9d03aaa3343efcc9b2e269db49808b01e00461e5cbd3ccaa137dedf3b213484c53166b58aa1e94cdb3b9c679adc028d8bf47ba8769f8dd50f5b7c6737cca09c40946c65fb58499b0c4085143123f722821468043dae8ee0819ad4ecd8d7d68125d58f311b17ffcf037d30d0804a0fa5417eec8ea009710e5bafcf70f697c93c81db9aaa5ec95b338c6c2a475b5516b27200de2120a140817a0ca997d9e92bbbc38f39a3288a13b56ae5d83d17a684fff42066cd86fdd28cf2809a0671b07a4e7eb2028bebc54c9279b811953768e52ac9b6dae46e699cec8bf1824fbbe4f142620c6825634bd6043c4f7cafe4206afae095c30e392d1a7764c678ed70a0ad1a9a3fd83f4adf33768806a88d1d47deb41eb6f91518a42e2badfe17921025553f9472a67ea204789ec1437aa8396ce13857654179fa56002b7945692c086bbdbdad4e7608a5fa20e9bf480c5653492dac954be7b1d610f7e202241cd90afc5427a2f386faf016aeacc2ccce85af53c8f2da0f8af17b1361ddaa52357ca540c29c08aa786f096b94378102d491504d0ff106ce2a7dec460c3f245fc992ea9ff44fec573eb8765fb26f9074660e8a943847ce4b6307b03b18a47085d0e822e7ca19ce8f6aa101897c58703b90804171d12eb465cfe22144cadff81cf8a346a4f2e51b836d22e22eefa12366f1ffad288f1abd12a086a984ac7a1a1cd5d7f2c1c3ebb825cc91b0ea11ae80d7074951cae3f7cfe28410e2bee14ee5ae9c7ff9f1df805a5742d1913679e551243ac7fbf8f04841c2b95e32cd3e01f42fc26eb3c2e712aa10635fd2d183dbc9fae7ff3b7846981561ecc88b44205b2f77135b596d68277cdff62af5c5ed830038b1d16113bc7237f911d3b83cd14fd4919c09b6e3d89e2440c5059354503d1946c9d048a7de4e908442ff0e87309382fd6a0c5e00d94095632425c625e1187fa973fac6d1b28654446b6c67054033fa65614ee661155e1d5d7c8e1faffa1c21b1566132329d0b88ab1e1aaa8297c8084fbc97181abe530a5f101ebb7c88473c126454085d6774e5e9b48dd432b059bddd0ecbd8c8d45299e6c5c910bd4a176fe259fd7e77b1b80c1ee3439f8367143f1aed78f9dc1962b9d26e6fe63f515b06f743d3d8ef2c9937353ba14b3e2305d6e363e6bced3b5244a9f82c9a08d16a4160dfa69f1ecdd7b87d2e9c7ced58f89232e8689fe882d0c7eda13797becab861d7f420a3282176ee75e50ecf13e18b8127cac1f6b65340e4de67b3d820dba2835f49d566982c3ff365bacf6b937fd9827262d23bf6657b8d168ce8e92f60efeb9f43cd458bad6e9c8d250a36be07f33c9c728ef71af96589db4f6b7305a212f0c8fb1092af53ff6d984ee791818d947e573e0ba1f4cea5b6011a17763eba18cadcd11cd4181bb51124ccfc64c7bbaca6f5b54ee40c9d53dc14a22aed869250de23db89500100a29e0cee75f42951ca9d30da7cd53881704776cff4dd0bebd75fcf9b3efacb0acdd889b49fb4a10f4977ffaa8a88dbc4382c94582dd02adf566cc8e3111f4bf7e864e53091b14682fb871738c268530a75fd750edf769e9be9df997c3a2383d052b35c0e83f6790db056fe47ee1282a87bde21578645490942bfbbffb6cae6fe95139e2c9a811632cfc255be0d984daad64056c59d90ff6f49d46a619e4a729e7aed79df083d198a9056fefaad2aada32a4e82a81ac02441182bfe6de392b38d215e9bbef798445586a48cc2a1f47b4d884022add24bf1be96db482786a370336f29f8f018aeb6d24d1634e93f1dad68a128455a932255e02b561af07c10a692f198377109302dba8cb63f62b1fa756f1df01a8b0e25fe45837bf3920caf72441a1b55816a7764d3e4271c56b359a92e051ce8a8700c3cf83b6bdc43b2e7e040aa21d1222c5090849d236b94bbd9f39e81df2abe514efb5de2edd114b74a2a1b0694e0c8ae62ddb2cb04bd1276063ce69a2521bbe4b357d404b7aad220cd3f2befa119d292b4784ed03623a2aca3f639434f0bcab6a362708430a20c5d2c561553436ee3328af9e8017cbcc30176dd5356689eb176c707c1fc785b2f9dc55c2481903391673eb1bfc23ff6c05499e60471ffb64f972863f6e8d5fe52293a20ab30edfae21975cbdb31194e2a638d18fbc075a6e1d9481fa6bdec69f23ecacb1c052e4d4f91413a491cc7d8a9f7971a0c1cdce792f41ed230bb55b14ff5614e64ccb63f022c9fa382b3daa9ff44017e180a2b257d0799318daec108292adb756e4f39e9e50d37b7e9af31212b37cf85342cbec40c0fb2e2e152b10ef4e4ccea963c8ecda0a27aa0b5fb23c84df9ffdb9a628d54e595aa5eb5029aafec0d41110abf23e9b17095c2a15c0452355afc917748740937b2bd93cebba91934c1e89beeae388f9d7c0d265df79b797474b026dc12d8524e69d116e3b79af8f6f685572016b26722a7ffd4b828fab04932107dd7f2b2f7b9e6b047f46f8e2fbd8b4b988b28101c40d0ad5b23c94e940bfa76e4f6eb97b3988308e505afab8aec64e61b83e93a54bf1ee2d2b00dbcd7072cdc7df55a97d6680fb59242751b35bc3cbb243b5ab89bdf2b487458e53818534470aec6a4ff64114e1e4e4a6e0c0220a2c434dd31f31b4e2bce7b8e93d3aa4746c844169684847d176317e34fba319d4bde5286dc543fcd3c3d6d7fa78213c0ef6a2bf8964719dbc690b02421eeb5d4fd6c43f5b5c80ebf6d0a7e32dc1ee15345b66f1627a7cc59cdad8e0e0d3858051d3b4d3b9919a63588434220f2273dd51eb5772dcdc8e6d0ec676b194bd8b030be9ecb3d610390f0b13783e1e874ad6f0d336bf155387e4be5ffd3e96fc3cce106714c5d890c958a7e5eff283a9330dc517174ebda23dad2f4332ddf646b5ae138508c484a5a8ae6138ce0e6825c7e9c63423971ec77ebcb8616b4cf2858dc74dc8900ff959e393da6c16564826bdb9a5622cf963b10f822f79f3f5d3ee39a419d651befb4afe17d8709f98f53bc2675bdbbbff552e8d4f4863b65296b0dd5d90201e44944d3d415ce41bc34bb1864393455ea6f53b3e723dc1e7e18c558d209323ddef8bec549366b6a23740edbee09d67b744e10eb351658ae882d03e4480c3ebb24be40019cc99185872d4f2e538fd4a27f69fa5d15b5e87b2494d1f11c2291f95bb3ac8b69995b8d1d663d0416aa209a393dcab5f926ab0ffc967c9850baa01e4e2b153ef9eed1a8912fedc1f917dda7e884d182444848021daad143c7f2b4ed60132459c146e01a91157adddfcfa15f2caf109c98e4c72a70a8817b536511ba62402443aa93cb5adeddb"}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_KEY={0x1e8, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0x7a, 0x1, "83864766c0f992aee989b5bc94fa93fa7a7f3d768eb72d63204f2b570074ee11b4be3cb5094214fe0c4a0f458914527ef93127c40676350edbc1679e10473e812d69744b9b49180110c90ce1b58b6412c2950d4c42d2bf0ae2b8ed472d1bb42c48ea42ca978d6e770cbaf6e27295bce2a1a51e355fac"}, @NFTA_DATA_VALUE={0xd0, 0x1, "de1e1fab657303a1bb14f54f2e91406748ffef5c97556312942d8b56dfba6711f2465c2d188b78c6fa6ae5845d716532ad371ae77c7dc9b8a331fc20f18d6a83c0b2dec1b3aadae5b33ecee2b0e9e6e6c9c9db2a19d5a2c5b1c591d2eea50988dbbb788929f80839f343e9186c9a88fd1a7da005817c67eed16e068238e6ad85ada880b713a560bee322763f6b427e544caa652025e4bf1674281f5997afbdd953b2c212b632e1a9c2803dbb2b6d17bb67f9cdd1a58e2a530c5269d1b7b2ad3b3fedc5620029ab1abada656f"}, @NFTA_DATA_VERDICT={0x44, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VALUE={0x42, 0x1, "f4bba0ff558967d0fb55df660617ec024f8fef4395bb6a0b743fcc29a6d8fb01b32fcbf8f8ac290da3aefcdf4b94646bd0d7a2a5195cd64775fab1a3d138"}]}]}, {0x2280, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_DATA={0x2258, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x1004, 0x1, "02f0500ee31aac003efb7b955a4862acbb170f104c53f28a7aa5743abc8385a18f198f17de98a6ed6a8d0f67271713924bf22008aaea7406856796c54a05fd89c97e83430164358487dfee1ccb81a70ad03acf533c6657711f3db42faf72576621fc40d490e9cb64fe55f7fcbbf3e78e969e1ec7dc14c2bdcba221a253a56d15b15b7d8a6724119819b9523c7f8d2ed74a44979469ff7cbe79d58216c3e06c9a0d763f6e631e2739c2740433709f81877ccc3da2ec93cad9807ad41dafaa5ad8a0a2e04b3ecae68969dbe6ca2c7ca46d7d4dfadd10f68d53ddf9eb39ddb417c5eff0fd117d3cadad83103bd039bc48221e536e4d88c4e9d23511028f5f3d7c3a5ea7466985b33c2d22e62f7e9061106329c45eac2e9ce68b1e5ea7e0085eea1ec0b0663da28dba3a8969020b901f9519ce1b6f6ed145aa9834c7bb28f3a0dd0efc31767d79101c223d9f4e124213bea0bac69f74d16ce7f63665a1a1c7a6665a489f1d803d234c213afa67cd045137092cb2cf2e799a71a72077df21f5c32cdbd27fb78a616411dc3a6ca8a21eba943e84b7ddb67114aabe409a7165e1df4b11f9c08303d6e754c968dff6a8fb82f7e1c32dd0d71d20f87bec8486bb6652484408b9886810044f31d24d4c79abd9fd662a097498fdeb0625762f3de7f3d8975f47e2bcaed2a8b0ea5f7035843fb7c8fb5674cb657c22048eb83d019ddb3281e8fba0f0d6c061d076949e0270342e9b0a1d9d9b02098508c595f3e1855ef76727502b13ed9b7232a2f52ad3e6ad3204c219c26496099a856663960cb1086f6b297e39eb4610765f076f7c3db6da977216dd59fd33d7359d466f1a8b91ed478fc0900ad5828f7d6c26f1b2fbfbea2952217157af6ad32fadc7c7af3524508af2c722bbc9aec71f88dc342fde0639085678cdf2886174d66a9643d031f2a81b445dbc08fbdf1aa798319e2fb73de688ea1b4cc914c0692e5973061c0fa51a53e918de040161c0e984f6d0e48041ae4ee0dfe22780647cd2c11ad4f3f09f1f19efaec2a794dcbd0e841fdfc86bbc7422afe1a3df7725ad4f662abfe287f965ac51d57295e22e84a45cc603bc71723c5dbafdb43843dc6a8a3a51f068bbb11a8f063cadfde8daccef0e72a17bbd0e010264e5744a0823e429c60f9be163b09ac4f7f3b317d3e1d2b64809779f67456d5191897ded87730bfa499418720c9df356d1d0bd23c382e61362c02c9e991cf2fdabb884efb7041e76098b8598920459d44813d2d89451f78e6a3730cabac544e5a4c1e2922a9bf372b8bca4f057d2a7171652aa436f027191f9a83592e3740567bbfe245b7ccc4b029dcf963fd17ee34de332ba694a51e3b650936e6de914f7525c16caad327bfb3290a46db0057605da29b35e99b1e2c88daefc877c960e5ab35774669f5e06f067cdc5ba502e4d9cbf33a8a127e24d0d0118cf0ab58a827c5c8d1502436c004f7d1f484a8a77d8c585a2c3b63da054e1b9bc0d9f3ce2678b18f631452196e6c6d21585a1de62b1e69861abc731f9dbcc95132680d165a36762bf4d687f7c5004d6450047783c4378ee398d2a6dc447d5dc70dd331be240cb8f61ee6e5925cd08efd9f8b30e24f7135a24fbe498dd53765118ffb5587f40375e9761d5366f9dec7df5cecd3d7bc235b00f22facdd93a1153792738e1a63169192df3aca77647370fd868c3c124d0bb95284c09f9de0c4ab8298e81923bbca8366f54896ad41e81907d1742a4923a9fea1a7fd1945bfa9b830fc5d44cb73e7e5c53f6a6e7fb26b93323f2ccb96e3f2a9e10147c617e78ad89986cf4728d15d686db8072b6e74b7c66751eeb1a5ba5d565746b1904a42de9d474f02ccbcc2626a56484ea37a11c26a3d490018fdc01807ac7b8d9d9fe53f54af2f44e0d9bd6d3957a058a3f56a72a32bfd20807caca4fb93832e34aad01f4609d48bcb9eb79a033ebeec56e4a2ed2102d6146eeccfdd0d2cb0eec5634f2bd17617a73701c25f9773f9846edbbc27c3d61b4e0190919042e514b78a918415434876c6d3583e814c63a8c0f8240e4355be89299447e9a883beaeb17702a5d5a9acf05075cdd16cd664ead3bc0fdfd835344ae2714969590f04a412d1ebccbacecc7aee1fd69d72043abfc11fb2f4f6c5340b3b52b1f5e5595aefd3a16ea6db8b2dc5985b02d74a6e69d356ff92eca7b4b592facc5f07162b9b896eabc08cb01ccfae48cd52e52f8327b3f194c7f9f607a78e2a03241d2004f59c31e9c1a6aa9d59f5b0d979e37b4d7ee2d5737e0efbbc30fad447c5a3796073e1c2d6d8c64a84301c988938a4627dcce3b75504bfd7f14a9e8d23491b0fe42f6a22b65c22ce78e1dcd9e28565715c6031130833dfac4d29c0359d62102be5b2307c93fc887578f63e18646bc707cc47cbacaf5f91c189935cfe5a978fbd64d5365fad3ca16c1a6381bad7c854a29e92a58443d3d324d349282132b53f071f26232451814744e9b53fa07a654cdf328521f789cbca949a2ba95eb5cc09e872f66a6c9ea3641a3e67b79955c5d887783895ba4b15d227c901b9f1aa980e90ace32a62e4e057882a4d9dbc1e78199a8d20e4201beda8a5b7fe33d881f0fce3c12b14dd475461a236f404d2f5771c02e5446ffab1ac2d39dcdc86c147bd6c8d6c5eb6a8fd6b08e78532f041fd29130be7187b0d215b808cb1e61ede4e3385fac9b48e73f197e34d1f304d5b39f5ab75663c7e0dacc82e9cfbb1f1e5c7b2ad6d2dc7edcea2ed63245b7c7ea10f4adf5973861ad4620e6f3ba16626be950110c29b4f6600478f7ee7db6e2f289d122192ec23b19d345029c26ee077e0a7a79551cf5f716af782ffa49aeaf06f32f514d68b08ba81f00da90b1af50331310bf59fc4574cbc890de10ded10f27ca6e45d465c1bc76280acf6c9c8b7914be14f6e6c4626ea0cbce0eb8bd4c9522fbf8bf4e50587b6e672c4b88ccc65201f0587d1289f2133b60bd8a8776232dc53bf1f63011e80ec34903c4b36e6423f5784eb6c655dd51811595877b857a264d1c42f07daf73fb5b64bda02bd9d282dbc91043f3ea7708716ddae0bad4c502eec31236319128db6233bfb9deaf4ad5a508f5715b07b026e67cf4372bbf6e172cb6fab2dfaec10ad613cb1d91f555640b666b2c43fcd6558e1ad3848f36bce0eaff739738e9f8f06bb04f757603269eb5271a82215c2565677f9671ea2b43bba6a760d28f1c2006289aec73f4cde5b208dc153110a98bb854e8e88832201491d679d0803c1d79ff3fc1c2adf7a913a0f4d1436a1c22b926b749f2219012d5a72790435e20cfeebab3de08005bec4fcfa94e4fe83140b28ac0877ba09a241fc059a74425703bdc128cd71c67d32930b81822fb907e5f788ed8ae80456799e9ddb952d6d72e4ade38f53273b8040ca11941f69c2cfa4be21929aa693523cfb3ad44c34aa9ebc5f8b9093047643c3ab8038a0ed3e173434376afd77ad9dd4def9704fd79b69faf4eafd1013fc7d4f987da2ca88dc388a4992c99adc35996e5255984ddf79beab5838627a4d3db50ad98aac4ce38d244d431e02f842f84476a07fc515481d2d98424053f33017f40a64a621821d237a56b9afcf156701fb8ab94d0c2fd890ac9480a39fe75cedb424882807a278bdcaaf013d904b7b9b12aad8c0529c6f45c99df5dd2fafc4c8f477f1a54b1a10a997b15c705692b0d034a0a9c56c2d8a09c51e1cb5baac1620c514a7552d46a679e21b6afa7db1cb62d45a53857838768d0f5401ceeb6e37eece1f312fd9ccd48bc9b90b87f04c4412b7551a1c31539b6eb7c52c7508056f5f201ea22b49e9c415d33ded9341ac7bacfdb5f677e3e7c0403f25b5206bfb39c2d484171e51052b3400b7c01cfc56789ba4d4e1fd5f76f990a73fc9ff590564eef32686801239421eb8661bdf5f402848eb015b0866dd70569646caf9314ee3e0d34913fad0447c5ddda89ab0a81336a2d3fafbd771813d4b1e566757110bc7402140e10a0362d29cd069f9e9954d1fa5e11fe296d7feebfc3c5a3e07f8a542d30b4504b412c444815b8be44c451906d36ba8b3bc0fb127499b59b1cef9f569f02d130bca433d80ab045dc9920439249942c65db4bcca5eaa3bb9bb5ee699dcaadd758452d29c7f284f2af66d337a8040effb79a3a8ee02c698c894a6c5d0dc59d18c5204a126422e72c2fdd88d8fbf6901720ab7c5ce2c1b19810f0650b372e8ef80b1880a0390c82636aea2ab53ff804c7311f2a37e72ae18aeab5f602391f8ec6ee6861cc949b93565515c99ff98c71bee516acc56d3e0db17e1bc6253b67c1c869183a9540b878aca8e35f6b8ec81b5b242944aa7dfe658c28397c0cc1fb3f26c68aea20a6d75d557f920f1ed4150be83a67947e2ec913828a26c53d27ad4a0ca9a8ee3cb8c00397f7831004b9d9749abc4c9d95ae16229addc383f85310aedc05ed53e2cd49190450980d46107557ad65007fa1bde2d3f950159896126d8cddafe6567357819594cf74b9a6224ff45a635e6ff41d238b63508261cf84384c8e190b4cdb9879a77e538eb4976b100fa8b41be323b20173c9f78a88493b0847da8c737fe6c381e36748b8cb82c264733331639c07080a02c27f58a00e332cdaf7da2fbbf880a3c571436ab9bb436594df68b27d9a837f18e61ea6962095ec8e5be09ab44906cb72eb8ab2358de00b42202fe757b79944abd4feafa21207bb105ccc093a975ebd0ae28ef8ffe3957b488e459b8159b9b04a59f57422666cc34873513b8a289f1a4f75407f1ac8c2b65e60bc3016c541212570478b97ff42c60d06d96950e45b8cf1ab45e845b763804f5d997d0667b67f2e7f7ac2a8cabb128966be0637adca8ae97397e9696a90707f8a071d6644321a4738754ffe0dd3520344a5a48bb33d33dc4aa715d4f13dbaf2d7c9d9075e50322f439b432d0a376de23f64594ebb2d62464f6318cd1a93cf34adb5d84024d1673d7e1d3621694c6f3bcc785f8c63fa8dfdb12952904913412b919214bd9b24e92f4ebcafc8c680e17d59ffb3c5e2bd6aab47c4a67e91162503ae075df6970bb86382dcf0be6dbc6e044e39b08891c31ca716bf2964e20b0b82427cf74121c13f47f49784fa3803234237f7a76715f54c079f6ebf141cf2de812e8afe00f867adcbce9006a55630837ec779f7c6567dbacecd53a6f626c85e21312f1d14cee3c01819e4c2f406b2a3a616e8849dac3e13d5ad128ae07de0c6fbc4cd52846577de0d749a5d279117db7c2933f5591e0536b23ebc8653b8e648ecbf9142393aca5fcdb90e2b0e2702eb96f8c51dbbd5a8693680dba98a3d7f8e1b4840e4fb0b9e015b9765fbafdf881fade4940c4b97a666fc0cf3d6dd44b841c99f2be754a98785f04e338a2214815fd0449cdeef5615cb6883dc704733d790893275e3d677e33034a3d14cf0ba995e0090228643ba18ef1fab3aa77380d22fa136b1d5b7919bc6df266e5f38970fe5035c7137efc1c486b18b5f50403d9d9702abe97541ea950d33254604dfaa08803a62c83f4707c3d9985681c694856173a4aeafd0ae5f9b298fcd7cf6b9fee1d9bbee3b69b5728ceda2a611e3a68982fb32ecb269dd565d886ccb2234f04d40283a4cff587b247fc6544df3b425e947763c385a49ba9b3f2ba7f9ca5385967ff44ec629e22795c6bb0b13a153e372a752493075cb847254d6e9b1428473465009f5d94e7792c6968874f280cf65404f08aab401fa507eb2ed9f725cf2e4b096bb856f43b79b91dc63cf9863077c5f"}, @NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffa}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VERDICT={0x4}, @NFTA_DATA_VERDICT={0x3c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0xd4, 0x1, "0b2f41bfbfd752bf275b75463f3450f366c1dd5e3861717c423f4ef6e1d9c409641b37e57c8a76b2d4e1392b0b1ca9acc53229931a7fd2a36428da8a3750e22bc257c54a0051e2d14b95e553990b566dc53eb52f20a038560ef9fba0c1794ef4a0267ee43db00a55dfd5efd5965a96154d6831b41278c3852984fb3c2301530c4bcdc22bd2dc09a5a3fc0e50a7607d1bcc31dda95b1856b4652c5bf8afaacbf9837b17b27df265f1aa1ddec4722f7f4a656dfcb7da79e5a9bfc5eaac5147fa0dbb0110d287cf3d0536c1e6936b7ef0a3"}, @NFTA_DATA_VALUE={0x1004, 0x1, "527b1e626114bfa0c900b9ad2802eae7c03710e7ab949b142baaa97f12746185e8df1278b1de815aed52a74e66e535263b308ae32645bc7f3054d09c51c80379f042ded3951cb9c00680959c73b316cafd375b68aeae2e79e8a90cc18d6ed53d4ffc635f418a6c49b941af701c9ed50514e0d78a6edf6ae1596365252004910714bb6aa116abe81e6dc91173ed86dd803b61e6db75f259bf5b27af8f61e899b03cf7f886e6d37b1fdd91473a1a9b9269d64cf1f4a6302c70427c4798cd1ba6f65cd0f9f0f0c37591a8f357048b2764f658815c5ef7ae7e4529c04749a4f9da12b820fcbdbf31a7e4d6d19395e2c83b4ccdbc9371076f2097970402944f88644e66c6792942b5f9abcef84decb49b1332ac401a90bf53f87036858629f0df9d7cc42407a84ab310fae3a0e1439eb6b1a10e2dee153fba5afffba72296da2b84390166b022a0c5ac3f09ff618604b473179b46b01cb5f12e79b0147db032b1ecc8e996af65e1ae587a52231fa232bc41e9e744d1d19968a12d68d532b2cfcbf6d45b5534cf56337660b16593a7e5dfdce4c63c17dfe756df3912d38befd226e84ffc7da134d257cb1dc8c043e675dd730f6211d932b2f2f024cca2c471cd341a640c3b74cc7fde810f9c05d40ce2cd6c89c7a765de4489ceccfe6e310d34acc89c4d667a57ffb828cc3acae6c62ee2aae56898f5ec92568c3efa2439c54af540ffd1f6408ead2a7174a4e3d1c4c021656df309c28879e91677c79a292b960fb369e6116c75886efec46aba009edb6ed1036d6f42e56dbde29045490dddfa782f974acdf2d9c29002540cb6a8336862fac23f372897b60b439de341b10148b8aec693baa912307592f77a6ac1a5b21c99acfff97d5bf97dc28424fca2321693422ac9f9bc82b01ac38f801023999704f23104e5385a1412b3a6b58101e56fe859cc27a50fadfca117e5b9a76ffea2e8f1e58758e64fe301d0b3c6d582d0554a1ac20cc6701abd1f3caa657b12e10fa2392f45e4c5e3ace9bfda73022af41174d5814531487c8a2ca73c9510e21f93112c03fe3342f049587784f4e95a47aec892e7dc601edcc00e7569cf425e5460dc5e174bc3ebe7beda9bb3f0eb7b9ee06718c13eecf9b24bef7bbe6b1f9fb552fa060ceb4270642407b42884b204a598b5808a246a2c021715a2b861d9dfefa536c4fd53dd3ffa48e22899580e4bf8bbcdb06188b8606a4cb0b71195302d669c5bea5b06ad4a686529e6c87c0193b28450995dd007a2c80e0a78a624053f40e9c8355057b80ffb3c0a1abe36a3a6fec41c3ef398b508d91fc152bca516070599e200f512d7c1c59f2a1bc7fa3657a2b08eb0da7b36bdc8fd3c7b23d7e677b58d97340207dd9809835e4da57f982de1ac0576958479b31b17224a713f06a90fd4ed599bbd5c1130d36965b91021ffb4467b6128819f6814471476404438cfcf2521d7f5f8b693d1cfb033410c94b32b897b416b52c08f6ac53fe938b8c5f75e6c4cf0df69a3ca3d3c1abb792c9d2dd3611a975373659a701c4dd3eef26b783288429ae8221956bf58a4539cdd9a9e29e5e63596f3946cec24ba56cc7c2ad30c1a213ba36a4a41da5462277eacbf5bc47650c5d06d7323d3d664ed50837d9f6e20565407cc12ed0f85f09abdef31e23ab919607f1e4991d18c3f5f2675dfd60f60bfde7d2bc04cbee4635e35fe571850be47a993afbbe9f13a31229632bbdc0abf493ab0d4f991b645c0c09f1f79198e48cfc1fdfcc45f492446edcdb5a331c5e69f377b7abdd4c82ecac800f341eb18f72eb98040cc090dd2ea4f1f617f20a19c3761e88168ef4c1618c83d16c608251a40e4e4bc68d150f00c5a99bd1e75c3cec2ab864f18a43b54851a5d3be3b908d241cd3511b2205469e357518a0ebcc0e58e1e9687b656e3c894d1c8d84db326fa1b2a774941f617cdcd0d23df3befff0643fd815adf7b2bc6c06d47b8f7c9b37332e2798f63fd8dc9d020939e4b75aebf7c5db013ded748da8b8c720287223824a0e07871f914052527a9fb97cf2187707e16b45d5d43dab3b5d8b835c1d792dc112067368c2b986f9b75f4652cbeb4aca8a3af40fa244f1a21fa9e97c56d615b58a70ab877c1a0c1be66e5a55fba03577d1f18b50bc09c543e0424705ca1f6e22492cf308396f38980876e17fb4684fbf823cc580292a937eeb24956b822d02f4d12dd1f3f30ec88913b9f238d7b95bc4f42ecc1547255ae3db1da31eb0022c8455830ff0334bb5e9ff65a63e4f28ef52cdd8b9222e3f3becf9d677289c2033c46b7a036efca9df83ed41600a81cd848d210222edd12c6c7000f19b79267787a47af5041e94a416bb0f9260caf55350064124c1d5aa139a884494d30cb1fd6c956d0d016ad4ef495ae7a7fde7bbaab7abe890392c8b86ca978c4869635f8066da6150a48ca496894098255e208cdf2b418b48ab2786680fb971a21b3c1f034057279102264cdfbb408727d1c37348db7af5f741da58747905b7b5616879a731cb7fd3d6147dd4cdbb3647903476b02b5c1a2bd907d427b56e8b586c62f4b05cca48bd38841f4cdda5984e40532c3e1196afde6d6b0f576ac48315a193d1cc4657d4c3fb0209d969b9c0a677d63b1e6c200c0d2edd4cb628626a0e99b4ffdeabcafac1e579b30b5de0eeefee7922b5f3a9e2f3808253be1b6c17beadc09cd37192db6cc8bff2d03d22199cd382d56353b25cdfe68e5259ec6850d340ac6b82877cd9924fe3dae0b1dffd6d45bed8c0465e7ed57866c911688667652cc91a1b5c6a536d34488df863ab79ba3c28534fe4a6b276fe9c4f5102902503a4cabbc4025979144eeaf052f501c2ab96d286fafb062228ceefaaca886407b75053f6f582e9827d16d31aaac6e3a571225380f0af2326b5b9aa5219002b36b9a3adbda4813d628d949bc16b117ccdc1bb284e4f8ad6f53ccceac910eeed4f81caa72931e39c175b55d9750b634132dd7bad44073428495024a70bdf2d4a0c07bc31e59930b54cff05684c754e20e95b7e5e2d3f9e2e07b0420e94468a4915844b709625bac4c7b4e773912c473f1609f78589f89865c197821fd55dc4084fbcbb938501e7a9355cd019ca1833ebddf7119fc54ae5454582b47e1316ddabb66485d1df0c94b1c882347510a89555d7c77fae96aea88d6c864b0574fa78649d0533629feaf46f9bb6958330560c122295deaa2e1bca437e3ae9e90e9adb49a695a858cff38068133393a3cee415600c059f0c0eaea16b89bb999269e532432c1ed481e3f7db1073cb325e40eb69a84084ea208ce8e60c760da51b03d114832ed8fdca3b8e96a268076309ca7451761521554de004bce9835925be4dfe112b06a445f54485c2a40c2f74927bd98a5391ac3c22f210f54ad12606e98001e3c98945be630e7a09d6eb4034614b61fc229765d767bea7cc5a93351ff6db0bf0da54b7adc951d0406d39bc998bf94f0784beb792e6a1f121e3a6643a1ccff28aadea77bc016e7115e0172b0c77797107bc9b94ddb887c2b677a5491498333c04ad1485980c72183173ea35464dd5a22c8201709818c5f39d514f8234f7ed2cce6cf563323a2cb588a3e5ce2ec4d9b06ad8a6ec44811916420f3d9baa5cc5376a8cd538deb9275b0904d8be04279acd80ac0d683737d1d8ae8d97626781bf537b8ebbf55fa5f48f325f20c4f8a56e08d2d72eb5bb84c53684c8db36e70dc442e8693d65854c4362fe3f56aa3c406904d1b69c38f7d6e5f3a8f959b5d9c6bb8bf4c11d3559f9d7734e57d875c1c844917eb19b447dfcb299410f13a82b0d823a5f4bb4620d00a9a233d3a5f91e95024e4d23a7c064f1d085f889cd5e63956b1699138c6af9888fe2a67ee2bbcc86921e23740968c5d940fcaf1d906929a0ce03ca1d40d71573de32977e2c8ccca5b47a6b1ab70c0b21f51a7df30b6c451b9ba9ba6c4ebd041d2abd9cc2ae1fac0f102118ac6406f30785120ace26aa3c41ebb76c213d3cce238dbdc81a817200baf55a8d425444d77557cfd8658b13c3891203322db130cad722c6483a342cf5a7e7bb759e248a9f8db1bed2b08a0aae07404942896cd70e7b88459ea80c6eeab5f1e9b2f47ecc6183eaf4de77faf04c96259b580dd570baebdec1042cb49c142ab2253445560765d6d2bd8fc4658d80c59959149d9a990ea97b593bb91686b1e571d3a0646d09affd05568bc72ccba76c83136953d7fdb5a977933a04a931f0ef6ee57a2abfc89deb99753d87a4e9954c9885e7acc9b7dbd4535ad38a5dd4da6512ba265173184ec41baa9d2ab34c83a7a1b544bfd264d56cf23587a7bfa4f83e6aa32e7923e1a3a61e5ca14326e83c6bf19adef324101861789af211e93311b5c2e37407b61ae555f644256d63a60a43e70a0791c7ec51598d9943c2aac151993b4e95339e495980cab01787cc7924e2c4b6286b0156c4cc433a62c87eb8df87b7bb11f975b1682781ca54dc33a6bbafed6c66882d4d8588dee3f9a7360f17d753b64755660cb88cc47d4e9b8f2c1dc37e2db3e03ab5ad5a66050ca0896e22fece7c304353461dd3d0002216effd9476286a4cddc9e245f3500395e261591c006164da058ccfd4ab9d208c93ca8308bc6b53b6876009c2656ed7dd05fd66b1d9de073772e137a48e6da469f73288e25caf71f5dab38028f8664f7e3323c1d185e5fee8fc803756a5e2facf4506133a6344f3b6bae41d6a2398c4cb840ee37ede8a151ed86bf9f9596e17b8928b02d3efb98cf0b4dedb8ec3988db251fa204bcebe5214ceadd31e5663fb9c5f3eefeced32f5aae3e0a266744e5782c5a768783503dd528c72045e59ee4df88962bafabb3f23dc5f3643d4f5d559d4e65e3451b10a6aaecadd04b2dd58b75984caf99839ea85e4088630d3db530cb782c874c4058ef3cbd87aca435f1948b596bb376573381105ad2a61c196197ea82e75cab3866feb5ebbaa3b6630e83e8b90d2adff31abc972af7647bba37ca14d412fdeadcad19f990c9ec5e09522feac42838e2c5b32f2a4c20bffe12fd7a95d707de46e64305fd662d4637d3e4ef216ab0ecb2e64a95f42b0fa45e0de491cff788706f29948bf2e76737208f3a8c64c607d9430076471c1d89037ce5cb431a216775577f699efde73dd2daf9a6e25a8759e7dc7fd740311f7237330008beba34bf4371e5790616edec5845884c0ef9aa9bdd3d479cfe2d086ac9a65d6e4d06fe1cc7470bd9eb32b826a2b99cb3a0ab7388c588848bb020c66b72e5e30669c89f4561c92c3787fc98251dfc19e8b6a8473fbed6798bba75ecd2f4f9686997c01344f8acf2d2e4a1a8b5e828943607e5adbc5317a90e2d6638bf92fb44514e1e5b1affa8542f7f31ed8bc2ed48020bb3ccc7d4da21be8958fd3c23c2056aa2f9f25a0b67cfad76345f81829c3c13ff9c04d6e026a96ce7d3da0451a56cd31e4d478041adb9fc97354df80cef17dfed5a0b9fb9fb36dfcff468e8045e777cb85dc49d73f7e0e1eabf4b31044b63bf11e28d49f59b227689fba91f3f61615e9ec68dc377003bdfc6d0f922e8a2922fb5b30b96f2e9a634b471c42ec2fb7e1499c73999d2cb26e9eeebb3c70a5f3c3fead72eaf4a0643a3a9f680a6df8ef3258fc5cb168d82736aadfd0aa39c574b23c02ebb8e43309d5b92363aa24c8540ff60e202bec74127b761e33d0d18d9974d4920563ef4a460e40fa9950cf33786ead4564a91026e2750b81914080bc0d1d0c7e76a0ab38346fd8dc0ba5198ffa278cd84df541314"}, @NFTA_DATA_VALUE={0xae, 0x1, "e059b399f6fc64a6d0629a51bed107059d9bfed4fd82836082198ca722d38d7dbbb5b4f0bbd75b725f35c87593c22cb173c726e1f4c26d098995a950d960bd54460db0a6677c86fc8039ab100b36e00a2f1649de54e8ea6b8fdbde2773ef29ef561246507f09767a755d4ad0d3f1df9e80f58723ffac3c7b061c7e31269bd9fc4f52350a795fce13dcd3416d050b75b744ef2a80590b3ea406c96fe1a190335380d935d680161fb3f30d"}, @NFTA_DATA_VALUE={0x46, 0x1, "d79c600adef4edffff28a9a3727f2393e7d4d14ef90b7ee0fb0ede25e5694e07b37548e454473c1e86ff7e4b17c8d037c690eb269548de101987fad7707f8486edee"}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPR={0x4}, @NFTA_SET_ELEM_FLAGS={0x8}]}, {0x4}, {0x1180, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x108c, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x1004, 0x1, "2e32d206b9ab3ed7772b27b90e5a9320790007030e17f15a1ab46447a7814eee9ebbc93295c18942e3ab5432a8d69ce1174b7853a059d691634fe622456bb862a76b29497a58bfcb913948c6fa4ef47b95c3e6649ec789b7272f59e20520e9ec8d98d5757e0a4cf5773cfb4e268f83dd5bc7cfed673dfd420bbdb42b2c513c7902a7ae3b63e754343f293ff9dc4baf73b4e138d49c0dd996b42eec208495ef58e469cc15bee98be0e8a55d5e1536aee68f66e96a1533a551ab21f7cc1199315866f0b432bc82f68624c9a32841986eb0c6bab57aec615e6c938df1a7d57b2320de3912876953f570fc713b4d0434c8325d8eb1483b23d38ade524401d0c4f531ae3a960c6cb0483602b3a7442987727a27b41ca65c033d40459f7ce0d222629ee04bd0ceea7821a5dd60b1f20861d3e6ee403497b674169d5615bc4f7989807d3bcbe56e500500a6f4fea1a4f34c7055fea53f27cbfeb941e41ee06a9988ccaf3049b3a13cf939e9ecf0a4eda532d25db4b47ac937eb13d68a208cd5aee3e3caeb0b6d366aed3a7d7bb7cec0620d5b6b8f4c8602244d52e4101d50b3e8063b0685fa32b7dd13874ff3feffbf116433704e6c8dcbc2fa6491fc67d784f9ee33fe38c57162cae4468224ed8ffdd78650754790700d3efb27fd5094aa45b875ebee89fb9035900c155279ed428c7444bdfabd3f43f07c5753f599a615adcd28c8b0072fddaa54ba04cf99bd77296a1fcba8a6f71fea53a8cece3580febf0cfabf390b12dbb2ee3b1457c74076ec6057a94f8da78668361644f684982eab18ed3a2099d69955ad7a12412af7024337925d24c6fe163e7891635369297d930a7a3c9f87d0abf9d30ad5316d0cd8eec42ca845b0374cc2b82d54539d51374c6ff32070197ee70f8ac12ef682df5335ac4bc5fb15635f0e90407f9ecd61d9132b1a6f03d7b996005be319e41d58e44a01dd81d0c96c5fd07f66caaf7e4de004e0fb51c10823e10bd60ef0dccef8b5fd137dcc8ec507b3d9a0c727523fd919bb4e14ff521df6ccd4f4922f66268f8d879168e8a0d0c1cf2c436aa2c981650dc621639da264895502d907373b9bf6042ae47c0e5716f099f3ddf90bb0f0908988c29b7731995a2adb6d492ff398d9a940577aaa85f3c08dc8134da7a7e5b9e84c68837887889f2fefbc2c874067bfe633dfe12098af4a1fd5798004f1936ef8d3082dc30c5e5d0a82efc0c76506106ea71b7df56353a37708fd104b1bd0e9edaa1126cb89908005363adad232b44f433fae42da0fb14d159d84a05e850c3e2eccbe2dc800c6fad2af1390e7749c6e06cd609c706ea817e161ff1424fe03fdc37dd3cd8db1197d0d9bcab84fb79f233b8636b358057583ec19f7eae57bfd5bce64e1f747b79a333e1dc7da44a20a0e9a7bc9aa808f9fa3f8f02247763f847642768dcc6f6e9b0279ad40cab996c780251f2b54d3eb0ef15517fc3e9934a2727afe19177a461c885264d7247b2f9d7f8e610f1211bfc20a6768d695477f87421f62b54369348183f61dd429a0219427455c91257e35c7cc90ab470f2120e67d6db45ba79127c78cf5738f7d4f9dae0a9763f2d4d669037e475e2bbd8ffde604d07aa1dbb700762f5566431167125b47d54d02ba76583116e83c4d7fd157cbe3fa5c2de86273e54aa2c31796e1897c0f82665e1c518fffdd394a4177e3509e1a0211489c3cf73f5411b46cd445910adbec87aa7b133de8663fc6c91e0bed08d76faa79572471835c9277da25e1675a50907ab0a6f25d1bf942ce5d46781104e322c69638ad584835a454d33b2c939868c144530e9c38dafad3f8130a7938e4a885061b7c15dc0ef0fd2b26ec1a672c586f8e7be5a5404ecf61f22bfe77bb09b63bdc750e652eb58fde5cfa06fb6d0f14cab0ca9ee439f551b03a8876f22186a2ee67c02ec7e3bf1cce69b27f4bbc17eba751306afea818617fd36c9a2d402e38935aff6a066fc32d5ab5a85bb027d78f4427f44b60aac103f769b3eab84dcb44933dd17a42fef86006a468d5c03817b216da3d4e8012be04201c431c8774f774e38b932229b0ec0a5f280b08dce9610cc21e8f3d008f9bb65c0ec4b7ef157bf886fdae7505a4bdee9d7aa19c51c03c4c171dec5366d5bf99fa161839aaeda5881d4fa879a7b858eda8555e44bb157f0ab1826206a7566f2997a368f8392f915be69511e0bfb6b6e8969db163c2195b1f2ebcb973818b5ffb09f4150b6718c2fbbc5085c29c40738dec28cd70a181caa3320486f59e04d2ad7f00a4714680e4528a587d3a0c7f3c6ffef004420dbaa1acc219bc9419d6d41434cba84bb3ee2e92e9c068abb01b306bc557f7e8cacbc0bd99a26c1029c8792b95314aefdb386af7f1fa6b5e7fe12eb721cb92530b4d7411a1246350b009cb880c4eb489f5a6b684667281ce75479eb478af9993ba367f8fd7d55f698b2c2e34688be69b06c3ee318763f9463e76bff11da01f2cca4b5d514688b824cd36baa52aebf972f41ca337a844054fc74c20625c11adf9c327fc28ef7c6cf908a6959238e9cc42955a30811cfa1e9ffee6ab81dd0378ae8a440a7ee39010251da81df5af60bcbd51caf0cbcaa814dde505e7f273e41af672c26952756cf77720b739b55b4a6f4582a565ec69c93d344de63a7602533bd005dee9a696de661a72e77a0f6812fb7e7af16327b2dd95d27028c6d1405ab8c3b3e0469e2064a50eecffea915df1566fa3d382fc990eb1d23ede5757889037465cea4d34a8bc984f977532dff1a942857592f0627861522b346f269af2bfcdff460c915dd697dc80778da81d87e449c7d4e96e12ead63f65d84f5a89ea11e797c2de5333597cae59f1ff7ab65ad08ad879958ff08f1703fa23c697c14a92c0b9ab0bceba11e59286618650407ea02e356eba9be0b4829e95aaf4b1f5bb43f2a92cf667f29fab371e2e999d088fa2ba67c4053c907c910616c9da96ba7051fc0d7d8d1707e8b6fc7ab3a49fe1098b1dc5e4184a87a21de59e3078a5e10bba8f2a5b02b0176ecccfe58abd10d11a6a4b75ff973ad03ba8be26d029d011ac1975bd98d61192e36c51165dd024cfc6566620db75db02eea527424e608cd7ba2b61f7f16e77b50020044fd6118cd7572c027dc7413cd88c25f6a5cfd3e531d0f6eb4f3f173eb27c34f56c0108845a659a0b81ed749f7b1e3e438d9ba7f86e757fcd149394a607b556e7692e527bf0ba3400c2d02dd5442dc4da2e3b20b79c82ed249626eea73014f268b304ee4ea30fff1cb5606190352c92b408cd003ac8ef1834e96bed4a73b513eb2ac1d9291a81a1def96d1a27ee5599f27595ee8abaa8afcf84b32156821934b6d44c8480c0a56ac4f02a20c4c04cee06c3c7d307fbf3b685e1ece14139030e17ed45c50bddcbd8fd24858b84cc118d6bcdcb353eeed49219d6b90a151d614bcddccfed1f807168d6c78888a1db3af84a361c45c298b3e14dd9e245c8516fe51d48f98716e8212971e49d565ae17e3e54513611888e2a93fc075cb1e7d3b6f33f698d4ae24d43cc756641a23ef18f11076695c8dac5b51e5ebe613313bfdfc34d2f8d8639565fcbef71e8169040166629264786a90381f17b5dad1d617d01c61471a46effa845c4739a2916512091671d9c222a884062ddfe63c2f2bf66cd09132b96761dc2ad39e008d2da00344af579c4791c62132b6839a1d7c04e806a04f3e37510a4e58b3287491a4211e59a1c2fd99ae445cb5366246ffcf8dad5a5df74674a1814859c22ecf49b88c1f5bca2a3c1e2f6bbc621bd82291aec7d247749ac9a67693dce908ffadddcf69a91af676296b665a88fd16d765454a08f8a913672fddbbb27cb23d1a631f12dcc6a6e54844dc09f6921a2b054cce64d6ec9ae4e23df0f46e2a2f97608fc9e9681227b751a10935d5b8f66b9890d3c5234225ee0286436b997a11b1c3e39333d36016507059c8f195df381c1c3e0df5fcb91601ab50037d35e012f836f429eeaf5eea2f86be345899fd09f3114b2b167c8cd5587d31fa5a785eedb6e5eecd8626ddda51097afd38fe493417b4d739c79e2b58b315ea816f40c1c482b2b09cfad057b4544332e042cac27d3b0c9ad37c27326d803cf33c8e98855ca701c85d18d2e07685ae7426784e0049ed00b58e1e6fb7709a7cc659a0c103c6700b6ef4442dad3bd69be4288f124e57d6014adff3278b4c6663bae1a37264efa955ea0741960db7898fa3ad1e2b71a82a9b292133367cf788642c913cb7c34fa9fd4d9576a197f56191bef154e34b735124dc206b4b3e26e4851e9feb2ddccf83d801295de2d6f1aa81744a9f8514b8268f5207efb8ea5e7824fff24a6027f1cf2a5603639414ad0b56ceb11bf6289942c8bcbf385bdabe2e262f82d28d6e29c15975555f05958de5ced68e7806c3b0c392cc020eb214da1f24024350ce5445e30ec358a2db9f81bb457a62fbff78e0ec389d926302a064159b6d79d03d5f2eb464bf2c489e2058df6a0f25e5129eb33c9d3de7791f4fb117c857eb985468e3d7ed8de32e21b466d836c4681fc1f3ca5a1a18eaf92c345d8b04d33522dd7b01805a92ef0101813d0f53fd69360027ab41e055b994fee06baedff4452e568533d6f9d4e1ad42823721c4725c0ce929df27dc9efc5d58e90c803b48259531cc5462ff029b8a146634ad0df074fa641af3a6e91d4b22568bfa58da6f2ffd0c4751d289ae64e4a66fcfa6bd0109f8dc8a42f70bf8bada502ef98f3957c32f3625b009d292a6175a73920fdf2f55689b83d9b2623d4a88a12b83907c023217f2187574b7360fd56ec8755a78fd03e93ff67052110cb9555bf1a13d1b48f7a8dc127117d0627c31c1fcdffad3dfc603cd4742300f9fc5a8c56388c60154599e440055991b5ab41e56e990ca82b580d9e1888098bf275581497a777cb2b823a8e196867d0ab703bb40d088a0bdf5160ff54aa61e2b3e1f16336f016a02908bf1bb6cdebd0a3d7e9c7575760a23067c933ea072349c77f35164b32cb3e81e232d10afa9da86c0d31a0a94bfa87453d747e3999265bddef5c30550dc9867ffa3f75f53c44990f06ed1201e158a0c778d5b6eb471ed0bbad19b51adf833c35e3dc1bc2c244044a17f6c6245909b3e3aaca67aa976e4d5f2fde1558158272e7f1a73455b07b1b38b9b3d6f92d61504b6a1c73caa4f04c6cf25b8bfcd40aa4a7b37640121c5aab814705d69f8fcf80bdc54edc1655549d48faad81c802b061a56b24361f708abb554fecb4e435947ac9fdc5051f4c3f8552d69762330f8c4dcd6165f3e277b8f5c17ca3110db25ccf725a42321c272bf1aad1a165bb4f6240e27c5535f140f1acd4776ad368c4e6b6928859e906e997bfaf1b68ddc369d3e620e9ed10c12786fc28fa61515cb8b5378403df510daf9b3f361ca0f4e581fb47bb986b4b2e519fcf89cdff75442603095d125a42f0a95a4af4a856dc18bccf57e5195d3e0a28b6bc1ed68242d88cfbca62f5b16eb9b4400ef40fec8457ec5cbd363cfee62df1c75e7717d12578a2e561793697e9e38f1e0cf0ebde1b969fbb07434b3ae1e9e8cc8a33ba3dc288f63fdab446413ee5428d1a362fec07c5378365fcefb9b03816f37dc7aa6f54bae8ffa257fcf4dc74bb96ad90fed9ff6c1d3c559eeb7ce78d7698b2e54f2d83ea88b61b1d0bf4655be898c9c156d2622b2084105fece8035a2ea532186eeec133bafc9f3c43b929a91540eba92e04c10bf524fcfc2b6c99ee5f7b4d6bf000d676d012ff3f2d8805"}, @NFTA_DATA_VALUE={0x84, 0x1, "0ff8f8d484e0babf92f8ba758046b072d1aefd6f8cda981b97bff6903353b17a3036665ac62c111c2e100fdb7afd21dd70ae34795effbfaf4d47452e727d3b54ecce74a3cb7cad94c6bc68575dac1c26af95cf5174a2fbaabb3780534ca44dd34826324129645bb9ac8d2528282d13defee0fdee40827f1802262807b888384d"}]}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x1f4b}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_FLAGS={0x8}, @NFTA_SET_ELEM_USERDATA={0xc3, 0x6, 0x1, 0x0, "c76a3c5be694fe304a8defd7cf6643d4d32dcd6e88bfba5e478b7dc304a541da2958f42d5ecf944c0781b5931a11c62d71f2fba041d6adc9fe59aecbed2cc5f0b6c3e31ca20b6179d99a34d1963a96e2e9f6a06fedf9c2318be62de5cd23025334e6021ddf60a4216b7d51c174f515911cab54a3f73bfcf1af1fe5662b1852d88cfd5fb06f57ee508900e83d08ca1b4e99fa4d1158b56b0634faa69b2a1989bb3417085f7fe9acbf0e6fcb2a9a789da549872adb50808ce6d36c039694c9bc"}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x2}]}, {0x36c8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_TIMEOUT={0xc}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x7}, @NFTA_SET_ELEM_TIMEOUT={0xc}, @NFTA_SET_ELEM_KEY_END={0x1430, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x1004, 0x1, "c4d75eba9047e59cd6966a6fff1bb841383be61db14cfebd8c21a30ead84560f04db6a7ecb386a509ed41d2be814d9abfbc8bb455f6a73e8d5b1d4fa9b472f5808f6bfe203632097cee2a410d331490ed0ca49fdcef3a975619c31905e01154d2b93989c1aab9fc386739eff3eed9431e2619413964e0733f50dd876a9be027fe0ca1d50863dbc9d1e3beb54097c53161a82cbc778bd3d2f6503e323004bddc5187f9906130b47faffedb21017fa9e41d3e636cedc5a8e1f490d842105f59475f3061b1a60310429079ead71b257d923449c1a87959d1d0b0b950f1284a048ec4a47069a6a1804a3a6314bd226ec7abd73d451a283aee713625ca2a5c60a78b17e94fb4618f090fbcb05d4e9259d3ac15cff2b4b8804ebb019832a302b677216ee546296b3819d726087cc5e452dd8a3b451aeb3a5fd7993b5f98ec9b90e3c02d90fa6b9255c59b36b54cad620c34fe7e040432e3ba46e530c8c730614d55b91e601f73f0f30c194dd716388f4a7a779a0d839586485e8faaa1a72ce49cbdd6c0048a569e7c31c75bbb4c837bd353cc584850bf779de31eafbedd0375b8b31e7302b49f9396ab9dd713bb0ac2259faa9b2444489bcd7ef649c0a4e2ce9b12e70d70d7d19b7d3fafe0d43d0b6adec23794317086e4e463422096743cedd2fa89b9839b2aca341f1c103469101c1a486ae186299de276878b413fe1f9b5b26d4b8c53df0a03c7efbf86c17c7a9dac1b113dc971eb67a2ff8ef7ab4b194f89569655bd49dd0940f2fc600990f1104986b08aab8117d2bca4d36a29aedc248ce4efb79269ef740f233c41a2caf8966f08eaf20b07962d0c2289fd9073222e370a213be3ffad376204144e976fc7221cd1694cdcd1ea98b0dee4eb6807f100d4ab6ab540a570490ced586cfc7465be22377d834bc8e04d45aabf1268faf647fec8d44bb43680f5a997600cc9ffea369a59a02b27a2918ece2e01b7aa2cc0fad37a6263c4be15f345b9b75d83a0a8c1a7ee210d16c211368be06ef0ce6b97975b06b034360678eac0be4535ef4bb4c4a3145c31d64012a6ae07056c4e66a914c9f699e2eb169adea6e6277a1c50f3796fa68a89efc0ccdfacb9e4506f139cd9e6e36a519f7b17ee87f59ff8e272664ebd2b9ae02765b326eb21b3a5b10ac94b14c85b550b1527b96306ef468ed6c14afc38bc1d0cbc922a527069520bdd27694dfa20c441cf7915260bdf4a4aef158bf1e31fe13e98a83d861d05ac814a728da93e305e92f63d22a29804ed582dfc43ee6ee6bfd02befc0209628a805d90ff691f2651e8db75b4612d0d1646f166cf28ced36e84ff71a3b4c9ed828d3fa61378c4368003aab93948ae77bd8cde2bc0b654b046ff76a345e41c5545904a095458f7eae35977d608d68434c1a4d41d76afb175ef894f58e16cdef5df412f2b17d87c1876ef675d3a9424bee29275938deb47481ce3723b2585d9d2fe81f0f2f8e8c56a3fb51c15c4a1f5c9ab88d6a8e7b9c1e77abc2266ffc51ca26267d1f60393946d51e7b423ff7460731e81ed116d3938fb9d18e98f79e40ee581f28889c83b837b50ffc16b05a0a12072ade866ac3746f27fa463d371c14a4f38a95642eaed29848dd3b0ba1f930727d1f4d725abc0459c8dbdfaad8f9c786022e8c34428928ce268919bf9feee36ce7db730e6f6f0f8cf4701613d457689cce61e79134940cae292ae7fd3e8c4f50ed7f989b2c7e08f59034d2253454636fc2e3e0bef390b6d000551567a3314b9a3240cd6a6ec77cfd01e9fe87baa6282765a5153399c623df53132f25fb37be3dec17f3fd394bc727ecbf0197f4a1d753f39845e8541c4926d8567c4d27081204faa398c7d0c77cbd63cacd62f7d83a7e4d59141501d9724c42bdb24b0130aa9700157231e4035d9588bb5e9de8de0e5b73805eb7e5e0ca2d7294e81977ae84686864701bf20c2a32b1a4c0b8f66d03fe62664e6b5041a6eeb0c7655e1bbf11a4ade5fcfba2ebca6d786042ee329d1ae4183e1a06cd7f845fbec3e107643bf0a6cc91055d7f3ec1e4eb2335abe9f26f4cbef3a89a77bd592051463f8f38fa5347d709410d1d26871c9f57c3903ab49944fd6eba1b18c5ac3954232b0f47e6fc684d2b01ed02d1ff9d8fd0810527d3d774423829dd6100b9e20b8fa149dddd77099bc4cb723616b36ab7a30a496137c68666b0125534b59f2f28175aa52c7f89532cb17b01f3b9675d96cfb0b0ab68cd766dff542e0d50362af30b382df0602b76989aaaeb8ffce0c144e7b33061df10089b130833af6bc4d5047f2132373b19ec74aad98796aa555bfba9c8aa71c54bb45077739faa8e52ce3e13662d0305b9aea6ffd0ccd6fc501e9a82edd55a7d8947db1af56d34ec22af8be3a272e588945cdc270f20da50ff3e214d6ce895a52a48c5e519a1d1277686f4d749f5f5f41466779d7a035dec1c811a977366ab4daf56c26c7d7fabffcecff9ca6375896b3716644ae114c71d2f751523cdf3f91f6cfe86d96f54763ba01626a99010e41b30bf4fb546894c708dbe5221a375a1366a457b8365f01632b4dc959fa038c5a088b3f5ff4b3ec33dbb3f53fa3c9ef98fdf5c371d706e92ba9967b2bc2763e1e7030fc73b69c2f58a5d3814f182f2d42887812bbdde34b1b3dc43d4640dae68100cfc108f10318f6683b194060715d41e8f1d84ba932da3dfc12db277f6ffa293da3657e93f4457173bc688fb866df53d8406f7bb04e2964938a2dc4cddff060504895d4d4ce9608271bb5aea819b40e3d407dd2aeee511a47e71d31966d4971a0d82bd35f10badfb5a382bc590306309e276dcc608da44f4dadd588ff59f25ccf25d3ccf68105b766d37203cb8a602a45f5f447e41ae944b6cde39062b223ff9c6298f9c26de9338109b495c457a135367ffa2e84fbe36a5a0ef0481a0dc70048e415ecc807326ad5f5434592feafd6ef58612b01a64047f770f528f098485e5f81c8748fa83409258194833b15f47c95b5537e108dac3bf6c58b7b64b50c04b221355e730044b652e83f6eead7ed63ea663bc32e444f71e95abc8febb33956d61abdeffcc86e70b3d67fd63289268701a3835bc173ca48d323ec1c12976ce20a41ca1a2a684df871a7d8a8f7d3fde160daf9c5570fc453567762a8c1cb8c66ad048b2a6b2759f67007a1babb3e899d2ce5e0a20d5ab8a00c9885b91e293362ca88976bd82dfc6951375504665500caf04cd78322cacfc8e25e92ad2af9e2ea7012b8643af2bff83898e2b95fec0d76a328c1e993df80619bf156283524b6e27b9df8d2cebadaa5326bb7677f85c2a2f5b40bdcc3c3c62e56d491e97deb956347559c103d4d17133f49c3320830293e2e48ee5e6ad60bef0a87ec2d854a57a78889b0a7e7a454b416dbe8a6b2bec973a909da6bbd746470031b423a727731f6ef2ac630771b782a25df9a6059da4b364c998b95f6e6f417072f01424d71a796b7fd163af7f0cc6f1c5572054b3fd9f55b1cfca7fe76848abcaeee1982de54feb122e3ebc86f062d8f70b8c31a1f0c7457854f345d456556094b2e2129b567c7419264749752cb2c5c75283d1ffe7c0ba23a0447b9029290f37efb23e456b551138521ac51b9d2f7e3970c3ac6df081f2aede566538c0d07e056c97827a85ead4ecefc21fa4ebf36051eadaf2c3c55540ae96958607309275208f4b7c071e191c7c980015dc97b2d01c9d85d74dd16da583b9d812a2692cde123da26e52b2fc5a1c641b1cc530a8df8bf1db084267f8d2783b835a2ca0eaec2062403b47abe1157bef6a273f0de3a654661d538214d204f5055c8d6b763709b1a078af8a139aab8150e1b3d2aef1a999bb23c5741ed3d4c0b7b27c7a42bc235a8d0d6ba58448c17907a6fa8432cd673fb1dd9f070423f65ece6112f17e1ef884bffa3775376e28f15754cfdcbb5192c882260aa4f3d686bc4ee26e8619b9f4f49913bd58ce0874d6c542eb007fa0437cc27f3f6e138162b0c4a79bb160c296e4640ce055246b523b518508ead827d0e821085b6b1468b932f71097bb2efcbcf8ad7cbd9609e1fdca15442865cdd5b5ea80c5a0cc03cd2de9f4ca2cc2d915d8b9477025656c786ed10a0d873ea1fca66c3dd3912f2a2d2ed63b0d5904db5a67e4ee853d53a09fb2b205587ef7c6f411a7a6ea488761cb4c5639ab9663a1f350ef730dec1cd859476ec609215edcaa2b95f4d0fba22e067f2a77378f24819faa185c83787afe975c7fcb262cb1b58429e1d4e839484cbed96f1fc38e40db330f1b6358f50226731692c1d5d2da74206ce22ac587ec28ac37c1aaa6b32f1e3bd482eca70d252e6f46682fee616b4d0b8f4c14edc7baf813ba34a1453a43492b6b326e6aad24be0e9390ef713e8c1439b99270a5aed12c79e3b73ea7596f4038bc93da3393b1d78871df7a3085c47de4c40f8c8f7c9566c4059e0e90e4419ecd1da5acbf0b1c2124f57004b9d5b9f2475f597ce3de25f76f274d277f36480f2ff21303b04e271a0f0a1ea84aa245083bac52bfe148f2a8e14e49578b6faf9a4c1490f322e156a08e47d4664f882e16721ffe754a4bcd8a8ddd0146d8bb9a8bbabc59385333be9e7822e345840cbfcd512b9bf364d5e063c11f97f32552dd9ca1b49c32002fd539623ac8c947029c3471977538c6eb19e43b682bff4f3159018dd21d6ada5fab86d42d88a36e796210b7c58fb6a22b2c08f32ffe2a9c68a42760560c5980934bf3b99cc1ebabc96d10b06b2d0ffd61b148a45d61f20272acab1cbe799cb81ae64f556b3b0bfe7414c0d3014ec9e4d897886e44b0c1d8b6af8e62e95d2339d83aaddb9adae0f9a153f1d249d014dc2d2e9d93d5ca27907b368c893bc3566d490281599a88c2306a0e7fe018131b6f1b528fc332013f4ff5d131c53459cf6d8742d496bb639d7ff12d755036955693fef523ce784c9e83125143ef2b576e9abfb845e95ee70ece175d873226fa2cd9826ddbcd5e5df09e98d81a35460a2120b87680167314e0622d29d1be496b767a9791a075b864645faaa48f95611a7324e3b3632b9a3e35209e1e033d13d6fe567c7da2060e94b022830af1bad022032f2d19b36562fb24474e2e3841523ae482c8d00add18ac9579ec94a01fcbce85f50f98246f471f37c4dcf6cd080ed94f24a44382771715d1bf2d82409565edf5c70a06f6cec664af2343f3ab0dbf0e3afae4c05e68104c101b4cfa7f6d04a83ac1f0db2d2124c53b561c9f60462bbc69054e657c6500d9202b9faa473c73e246bf10f2eaf1a2bc31b50463b5f5d4b0e94c02ee06ea34ca0471c18ffa82f5e35461b0201a194e7cf6644d04a89338a83b4cc0b7177d2686664516168d79453aaa6af09c6ce5ebf69892d39103b687f5fb6a135167de6fca905011c775f64f3c9e67d1382ff84a2eb3fc8db1269f83d654cee26e41403cd106e0bb29d8cf865c3a22151ae5c4e95428bce2506c1d56c386d91f80eac2fd66108724eacffced843b1458023235a5d1e39816210637950495611ee3c39c8b366e691dde74af2569a3aec02b27b00fca745b113e4a16151c9010e312fa26ccf0f117c76b64011a088ede36e889eb39fbe7e9885daada8a14a5ac73498f8a8326c7bdf2c7ac2ecfb86483eb8dbad7900cd7a440608d487b3dd72f4699612fb26494e85492d6af52f7eab176b0b9a1c525b3b5d5b36244631abf71804db3ffd3660d71aad98dd4669f15745f4200b205f8b6c05385f6958c5099c5cd706faee71b469e6415663810576372b"}, @NFTA_DATA_VALUE={0xd8, 0x1, "a917d9717ac9ba5d09d5cf5069834d8a1c64dd1a041e6f2711487384790374baf1e4e325bffb9b325bc8fe0d84412e9f2b194fc95a22777f44f5fafa75dd7edc84da0f699195853fec2b60877fa9a0a318e4c95b6675208297924821f6dcac0570c77211b887613c0201c62313654cffcf75612f91a48284bbd3aa6786d11e1384f360fbcb63c0e9b57be41c59287cf75d48e287d76a91019a54497b8c6a9caeba4a4cfdfbaf81edd08d77e04d1ed71cbf53690f5e3266104d1264d6837846197d8ec0fa095ad9de2df81c518c9fde54100a0451"}, @NFTA_DATA_VERDICT={0x50, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0x9e, 0x1, "37650c3d23ced468f0c11781a0d9fe01780bd770e45153b4cfecaf664d8fa223f31cbaea57e269d90b534cbbb912a542e1658fcd6c44abb8cd65298b31d9822e20790c77e1718783dea0526ece855f6bbc00ad5f0c2194e06cf4f63354a3db6d70bd765c25c4ed1a102264fe091e4b045e53b02372a8a7d8cdf57c2305fedcf016b4e156965c332686d29f5fcaa3a7712f359f0776b747b578c0"}, @NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VERDICT={0x58, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0xe7, 0x1, "2d3bb1a271a659762a0fc54cf73cc8d284f51a7de7166e1bb12ace7d858cadb680f968e73dc50ab76dd6df43b3b6137f1c419eb96b89bbddf8159e0ebb8d0d3750ba59f0f98eab0245309bb711cd3789e368418c5016e359acb144490efb51c3caecb6e342f060997edffff44724f9a550a6cd5c613465a048d2f11dbed6467d7d20e510ae56341439b701953c31f44fe3939d8fbd1eb1175b609a421bc0bb21a94b7a5aaa8760ef45404ab2a8ea1e518e4dbca1f653582c4995933003c9aff335b73bc8e6c9d761660b4af6f01064cb939841a6b9dae38124bba5cf1ebd1d8ba85479"}, @NFTA_DATA_VALUE={0xd3, 0x1, "b21618eb168320e5f0e3afde68690c8ea6800f5bceb199ead202893bc515ca60ed8fd348e7e76fc15b34cef4fd4537cb3b1aca9dfeab93af50fbe554d5a2bf0774cbdf2f8025bab0c53705a2aedfbd19b33e89efda5e91af16ed29418baf6d6afdc5c1af6f3c9cd18720652d1d5d7f6a36f2b239b2a6368a5c7318fd3567370e7c9df4b05c8bf3e7be0970ce9ad2ca728a324baf00379ee7320c5c2acd79115815381aa8f0afc8ab9e9af28790c8bc98175853040bb654bb9f934aefc94046f7c75490757064968f1a09f1b7cf4b4d"}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}]}]}, @NFTA_SET_ELEM_KEY_END={0x1190, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x8f, 0x1, "e44b6b1d1f7c250a88ecdeea55bab40b3dc2cde0ae30922b379c7bfe151ee4d173bbde0a71bf6afe9e104a48afdb67cedbbfc423a2beb230295d79b71acc7fad010951458f7e179d21f6e2d4d45492ca3584f8b589f92aa394b7d1007d98a665b8545199a9d4f59b8cd362e6b3ce77450fe7c35150d720c6eabfffad0822b5e381d57b2fc6c4d21f6d7d4b"}, @NFTA_DATA_VALUE={0xdc, 0x1, "832a910c8793878f3082e9ee01842b2ca4d95a2f6b501961dcf922815d130bed50a64635d85140a152cee502c27f53e086eb78e6e5ab7126f723f3a8b5270083048e948033920eec33cf6a203c9499bcfc2ce461d323edf73c10638bc7332f8345fe4be21869ca2d0949a9d3aa575910234902a2290944d2f53449e59a8545acca5b1a7453915fc289821b1c4a0a979fda528bff5f48ed8bd1df97bed0408e1cee168991d1afb03ee9c2f333ce2cf61b9860ba76faebfcc6bc8d7c81c9bfb4653dd1380e67df7ea96cecd3e539202562772bb28f6d7b4e5e"}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VALUE={0x1004, 0x1, "7cb9bba0b6835fb6f5dc8e320cfd50948b36b414c60c521f8f52bf5ec2aafa20e89a95347b278a2d30d22b578e2dbc29a3a717c3d1255649f415966af4dfdbbdc060542f69ceaf2d049652156eecb8d362e452f987a36abcb1ddb3fc44dee6081cc6721ef530152919c90a316a9431c1c017ba1bed8cb5cde5b4e2dc555f55f8aa0b483f8b1d8073d01b3a61590b10dd39956330e347bce3aa3d0f2a771add8726d29ec5373325425440a540b5e06254072267d0a926dfce59dd1fba05a09873a63c3782e2bc05242372faf01351cce0854955a400d05af1b43472676a8857428e99455ee83058d9e22199b2ebda379c0ea26b970a983bb48c2ed68ed497eb9a2a6404ca1cf91639606cea0d0ce622e926fb67bca908c9ef340d7ab029efd125e91e00ea98bec1db19b9f5531693aa78b88eff4d88cdc03302256db72bf1136ff81bec27ab9577a62014db802af38ce4df7544d505e5fd76f1d6b6c092ba900718b44e2a7db13476434565422cc7c8d50aa1f19ec3cf8b459469e26c0e63b7b21ed323a86b93d2eba637f5832e234557bb295e29c5779567587b8c61587dfeb8926195e63571dc3c163c4bfc5d4684fdc3bb6c5bc263178615772d9c7dc644ee1b3b51ea15a771c1e6c2a74cc44f4a6c1dfd9548a62bbfa74e2cb7cde5489ab17b0a8e026e5beace45469434f1eda3738c9830e5393bbb57392b0f2484ca71f66c4e3088862022cd863cde1478978b1f68565a1f627cb48c344c69b0ca9963a3b3e6b0ccfa7b40d756148b231d15c2b65f09446261c37151499407548d9d836712dcddba7fca9a840bf2eabb5b163f0fa5e677221a4237316105c347ebf94d099d9a15fb59649bf3538009c2bde34f1c3dcdc91437cfd1c3c802a427ec27e7b16f9fd56dc64dfdbb17c0c17099ca8d5a593697f5cdc1dcc7003ca1e9620ae006b80f59c8f775a499feab90fb4d1150619de55b1c899f2e8e1ac93990db434ea1c436d9628bd88c304f1fa99731ae870405d6563f76cb755776c89efcac1948f477663c2165269e90c2898e10d8f625d447de3b714a2a3f950b55700b4fce74c9462b5e67185e7d1098de6bc405e61f7919d41fdaae65ee7baaa5f6e4b5110b315ba0d93cdc67a1d8ff2f3c7d01967ae8ec098ab09d546cf50cc87cf6ab74585050a5682c92b99d5373e247f22ec43991097e74e753bb7f27b2e181bf5347b16973aab0931c307c989d4b12d02e0de374050557bf032253d000cd3133b28f08383a3db761d3f9abea7cbe56babb97a0a03f6fec5e3b8680ffe18578ec61ac3a8575455e428a4468fddbdcbcccdcefeec07bfde55eadf5ec9670b46c23b5dd196916eb10d8cebe1671d37f0c6657a4195843b6d59c31161d2199318bb7fbe860a6d8287ec2d249b71b8f6b4ccd20f271041ed6900298fb8df70b4feae78dd7aeb836dcc471e3266756d25751ce52d4cc3784b38621ca30e49288c67be88a49d43bb56abe34822027d43d51f2ba34007d292ff1e980679b0fef05b6fc21c59c48f5f37a0cf80c8823b13ca0fd6de34ee8e4e9818aa1684e10d67e8207cbbca0bba6e03a07fb087588056391f6f957de661ac0cdca1310d1bdb0e407fcdd6991b0975ab6d1523a44faa9e48bf14e49744668427ea01825444af47e8412e3583ffeb37d1c2a6c29d50a8cf1cb40d303a1bce06ced677985c275c9029f23a7c52af98c5b91f83ec249e83f177a77290604f95636df0047a79f81de7478a7f98e3f5588f719249be92ed235e15ba225828943b9dc6f1d4c83af10b8573055afd701f82a14789e87773d948ba39c4a38f8de384c9e91f94e1011b5811f0be72d12a076916e5e1512f9576033b2315eac96114ed9110baa3500f7789d9ddc4e9fd47cf5f5906c124ea6062bd27893c7d518eb708fd42fec56234c1d2f06acac4d3c57182e1048e8a3ffe55ea9b5ea460cb1dc1ad47aff14b660f6f033ab5a76ac0a630fc2ba9a09a67ab1a9bcdf2084fe74e47a9ca0e5676fa7a639077260819cc3a1c5960daaab33d1c298bdd7c67641a891d00732f1047d27a8fdbd6e728b931ab40b2f8a1c8184a9025a1315156f52b5a99efe91b350fb611619e90d48ad29b90f3c3494ed40d441538afe9cca3263902edf94f8e4775f226a2db3bb5a4704d1bd0eb9ff3bb2a890ebacec9414fc319ec6c17427f9d64b7d63d305400fbf001611474f38ae6ac80c278389012c713fd12bf9b94844fb47291778fa653ee95995f7b8260190cd7d7fb8120709e9aa6f91468114cb206eab4934fe3721637a55adc7a4a66c98a0d07d8aa2ef87587bfe22098f9de19669b3d3e478e66f31d2d0558517cf3f383496d788cb2e859e15aaad888c3eb3a41a71418aa0af73dc424a9abdda6e17acde73f7ca5775a86fce64ebab85af17984c1381e299173fde9133e26337b14239ec0cf2b0ad614f656ce27280cfccfd5430915567b23f1a12f3d9e36540f9b463058a3f5cbffe74fe96f69eff777fb2350566198b470982afae8ba28ee15cb12251a0352cf71f7efb2d4ba68d9e7aa767b4386a05b5af8cb8bcc25b97521d061f38999566a3ea7fb739c60410687d2e38f612688d05f801a925ff7e26b3f1d26cdfe575fb4c5a5508636be3d9b194961fdc512c8f7069385e9882708a70958c69a8e6e8dec0a1d36c9b7333e513433865e7b1e2320cc2fb6f858d9f989bfdfcf7a9630a34182b18cdde69e2a45f28dbe96e358d5025680ad33dea27a27d1dabc6f2c1786d5c19433ab25a360b4cae9d030301c015fa5e2254bd0bbc04d996f7003c4cf9df8b4f0186eb420ffc37b1b056f04d02e3e359bbc511764581428a6607fbaa42fe2492609f1067bd5e01e1de1bd2ac317963325ff69b5997639685295d68d729b1491fcff8f0561c7396134eb59f794832ea65910a8f47ffb1bd289728eb5e3ac519cbc4fb0a716bfa96e4d0561b9aafae4fb0322de0f2d54144fd6a6f0d3765f28ca2c2340db52e5ebbacd64acc0150a3ae08b49d0d3529f193b0cf48c76d3dd97c057d3590374831ff988f62b52649bce300b0936cb1857b344bf1a22df3d866bc0dee6cae56b89952e341f83ed27a832e7e69012774619aca60b9a966eded9f582f52b442cf30a8b6493e19713cf676a47e7dbe905f22dab2b8473dd4818b620581b69d53df144ba2bb2c61b4103072c6fb80d45740c826cc77eae5edc8d5ce1168f7d170bfffd2c0f62e81783d35e3ae976fa2e9ab2597cc198ebc8fca7789ee0ba12d5b86051d12ad1e7571e9b9c2c889fd602cd2ba5424d84d3ac29229f69339cafeec01c8cf7eba7dc7ba40c5ed0433ddb7d5eed6acf34a47d6e15bf66fadc3aec9237ef24dc0f63270d526c3adfb0e5171bfb0440fba6cce27ea012e47c22c04e2e8b3c2c76c3b1784813172f38808bd3af8eccf9b4e05b7c7fc4a8ceca662b7e95a70c2eef86384e8b49581de5ebdb7136c2d7c6c8b244f21ddb4cdc7de8486cc6d0a4d122f608096fa937d5e09918eeb36b359a13e42b3e7ff5a1ab61778ea1931c345351deb1e2eeeb6b4972400f03b2bf377af499fb2d5c4bf44499ddec85e3e39e5274fa860581a7a18fb361c3c34bc97617cf06bbc2043f1aa92fdf1d221fd1fb67146691c92be4fdf72e710605f38178bdeb30aae5bc26bc94511ca0fe8a33ccff205d52f3e88c4750d4f4fffdc7432830b59e5c17972fd3fe98064d2ee1f934cd88dd1661a8212d45aa10cba4923bbe288d3ea549b47fed70cccca0742c7db23da2308226da0333418ad5437932ae86580f0036402e2bbf78bbe4d04c8ab64e6657f1f5bd361acf9db9dd99098dc30b206ec63d2911f1a880d8021f1c4c89b8b3818616f1c232d587bcf9222940196fbe1c3ffa94703386cfa6387c71e237fe4593acda5680d4916feb7c80c57cbb73e79800f8d4c22c71c70a5126d9f92e48cc9928b97f0a83f4272c706e0efd29fd4af880951c746071a712b89d17f04ec4018c62e852e5d39674f107aaf62801ffa692a8da7f11349b2e4f39daeb33e4d622e9ae06b626bf2dd9040919e67296c639b69f0ba1c065e92877647216f9b7405440187663ab6a7e1ed81ef07bc99442b18f11c8ef5e4fa9bc266433a15d028d9f536f260c68401c0a096c92b3314812f48b37143e400ca29c85277532395f2b7e43a6ecb1e43a7a9fcbf9c05d9b68110d9afc7f53d2e581ba69f4ba2b317ce7d72fd1ed3a7b7e3c7831bd292b0740cab45a4e788591d51751ba8d3750a47c45d681cda832b79762bf40221c1bf0af21a335ef195a2b39936bc616fb267c88da537dd05f742e2a3a57b2d5d26dacc0f5117eee2ac74a5750721f74dd34df920b20410099f4c5ac4662302b97507325e8e7e5b7915858878f07ec8fb94e026c555185449bb96a7c7e1d7e4e4d9d9a7b5fdabcd4cb63021af3b7a6f08efdda10e94b343ca49d5961f5ac9a3b37cdd07fdf0f5afbea8aa2b6139dede541105db50b671820eae4c45c36c83d3c6a2732c5c078dffe44d22314e46d26aa6b2cf70e374351ee2afcba976d779175254c75619fe10c9fce73e1c82912961928a246d025a9eab16e2784f02b2bdb35995c66ff957515c51b91ba58ff0934e23145a8c98e7ce4ec655288c526a226fdf679ff3ad444d6c80dd65e67002ea4106e96c23f0579a53bac5f64ead74d396f1078e977a93919aaf96175c6ab1259c1f21ee7558476a785dfed0a2fdf1d6b319e1d5e3f5017503ba50a384c7bec9aac9d7988717b7c84b00e222ce9f76a847d5525f98653fd527e295de5dc43887e951836bbd337f9036643d5e6f642202814ff8c27c75be1dbc959290ddb1908553743380ca4815b72435ec05e492b04a598db79225d5b9e1fe2affc196f8a86021827ae1c08e8aa16e6a47b8150ede8764090ddc3bd37fdd26d9ffb62a3bfd4ec039c2f03b5c5d009830369de6fd6f1219684e2369981b4cba390cc673ebc51901ee6e65ee49ef8d43bd183e1c662f865d7a5629dcbce09b4091ab55f3b61abd9ac203fd91ab917fbc379f200d906cc18646e09fee34c9076149f7f34f6a53141e38a51f5c15ed90b06e564efa24eecdf82ecf96fb209eeb5101b71c21171899aa2923299a415e1d4f87e5c919b0bbc0ea6b89e28aa24b15bae0a296bc045cd717f93d1aec3d9c1cda1f257881023f65e5102c507a0f4b6d72e3d9e2d476851950559cf2e22e7ace265ce1ec5443d5933ec87c66de59c670313aba757ed4117945ed6edd587aed0e2bbac0a78978cf8c45fa5c2196be3a57ee259b696850894d8f54e6aeebcf86c3a76fae96d58405a0023c16c9ed2c510dbe40da61fe1fdc4d672b6e2973200a9e5a6986528ae06e98dfa4619ac1f6d7ee7290df498d63389a2c1049c70d50f1ff7eef5d54cbca2f320fef8a591690bc5a7ba375bba29eb9cd53106b4ea248d2751d43c146f50227076db3fe1519b3664ae26a8afcddebb73df00d895c2ee3efecb2a62a446f8c3a887912c817d7df8fca9e2deccc3a1b9afdc7d4d8acd2e23c9ed07fd7f04331d8f2c91f87d49480cf37cc713782e33328dc8407fea1a8c279c4cb71b37be0c54d3932322b80e8e3a47d8876ff66b3120c7f5d1660037d96211271135c8914f47c584f974c0643985015f1c1981d6cc100b9dec8661a55164e71bb2b830ace8a530b9d88166323a9ec42583aff8b47660a581535bce01203e47642ab46bef4af6a35db1ebd93ff2d0208c85a2a1d4a32408f1b5a8522294b974559ba49f4586cea9ca439ec859a8c2d18d87d"}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_KEY_END={0x10d4, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VERDICT={0x20, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x48, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VALUE={0x1004, 0x1, "73275a9745f72a6e3ee4ea81107fa622bf32a6d100210b549dfac146adcac5828ed593f85ff862565cc6c24601f3056d4019166fd3f7ebe6f8eba6c9acdcf314aa198d71cc94518cb23944dfb52b3516391a20ac27e5c90b19e129a083c155950e588153a4a4603a7af8929d77139f392754cf1cfa4921919b9b39d87415b0fc21c4920529af234afc150eed3b2dc38902b4961abf858a777c1ce064a2866bf423b145e1b97af08be8d7552050d58786137c0c95691b2c819bcdf307804f9465133f7c956018fea5cca7f5f15deff6357c9515a054fbce5776dae436f6b33ae644360a9ba79e25010e44b50a0efd1edab1c7e82abb58c3d5d625ea7ec4d9ef78f8f19816753131b0f6160fb31107e2a90e6929829eb3ab2983579850ccf3e9301f9c1d5e0ff02e94b0ccdeb1336070f0c6fe61ce80d80a2a6e33a55210a021f2397b35b06d9acbc493cbcde2687c5ccb04ed4a666395b3d96147b91316819c6d981c4d4988abecc8acc2a3a2644f330911ee1dce8dd7d68cba62dc361b00899f9fda66db9c575f819519315bebe5290d8636b80f5e794770513fae5e022dee5ca76e7597d49e4ef091d1322fd55eb1effef13c99ed570207ee0b814263a80f87125be216ee7f51e962add0d87ec3fada2307efe6ca3c36bc38cbd5f8fa25492152c6c8552f6f555379a0267c7b4f6d83da9da2f5384bd81287a8d1e322e67ac5624190011a272aa39c8c997bd34f8b30d4b10349e9abd36585ded5a341c031edde402444ac948fc417e260d9fad3ee92d781a98f73c73765f9c8dc5de0b0bd6c0dc187aaa3cb551985309c049d12dd6fec952212d1b2433f8a7468b7814f43cff25f84905d8e04f2bd4bc9ca93bda45c9f3fee4d6a93008ac36e09516c2ad1c1dea4e77cc6f02d32527da8dd2a216ecab8b64a39d3883d586c3ce2dd37def9d32613a785a3b005faa9951f638938432876c71a9c7c9da968d1ba72b6f02bf3c0477f45e03d4d917dff81a9f85503e136dbe178dd5f0f11ec849c8644ed2ec01b9eb60d1996ee8633d246b81125bdaf4bd5e9e188dbbae6d2705a04c902e64491351f7f5c7028d6c0e9dcc921b8aa6d8e416ed7fa1d46a8c570909419ca67b49e7050466361e8519f0d7bcf329337f5ae82f3e1783f7aeb069ffc18568d35b933c9e21c512e99c846a9afd3ea5aff8b6f34f5ec430367a12b3f6faf60dd8c8bd66084ac974303623a569a2879bf64f951391be2234308b88849569c95bd7cedc3f9bd9dfd3e9828b157a21f3cb1dd1a98bf40736755d11a9c66f7cfb97d4b13a745ed67b8d49f4cd0243a1e4a5994aafec0717a0a1b5789664163a935e426a5dc44c410a3486966562a755cd705233404af644ed2b814d94ce0dbb7c5f9dea2811142bd1534bf91a706b6f7712a173c465157c66c92de5ed87280a5bb3e141a56ba4a80b5272aaa77a4a389da28b4d5438371b86cb3732fc5cc6a1e2dc9c83280ea2484c5796e2f0b72416812dcc542d7a6603611a098a4896be274c958dd5848754a4911e895ce65a6c67894a6fbb994d06bd8549d06ab50ef7a92f5d1d5c4edb1c4f7066a2d0a3eb8d8ea82b069bd5f8764cd95431768e8182c3e693af151d8925d5f8eb7d2cdd06aa92f9668ac0fc444a34d11c476fd217a33ffffed6f4a285a47eb1633aaeb9fcd03fc6dcc5bbbff3d6800386a18dfd7458cf1a09a9d639c5e4501d799204947b10a2e3cf28982451c33127a3748f42ac433c6c902d7e512a996e115c2e6472cc989b9e2e667a95b375c7c909d7117fee3e8942f5023ea625af9dd691c98d8086e91e32ef3823c911dd5e7fd53d0927c32165979061b741dc3c852f6ba44f02f4676637330abff0d616201e3d58a5bb4a7f88656419ce1e18eb379cdff27cc77d023f4998707282e3256d325cbce673ec0ab8f7a7bea8ceeb350c7487d74c6952cb89b4ba03f64055b88be154d13f27bcf4cf2b5ea64072dafcec82f7e94b77664e75fd1a1309fd4cc73d69f08a3d86ccc8200bdcc21dfd8a761f47baa8dbca6d14d1d5aff78df7e1e468bee7dd5d62a0f7c63d9fa57311c84eaff433bcd5336726d06b10493ef9db7406844e051a8929d4e9fecb9e04c7b02ba3050135ff94bcce47078a71c70a5521dfd36e6dd82ad249842372efa0fef489f145030ea423b380233edc3fa22abd4d403f9c0a6fe196c17c7c854995e81552e783066ba27bcf28fee5f9c3a202482119b0a0a9490d00afe3b5d52d22c10501f7835a26631616a9e6ab06d7ee33339541f0cab5eff3ef775df32aea15de378b20cfa4f76460be14986b72f512d10606cbc7bbbad3993ff4ae56413d2bf4e29e04e37847d1e65bd375fcf7a2d3cad8de6df68c8231e2259d8b1b7aef978141f1585be34d7087e324417a7b885b6b0447fb6918156ddab216342ef2fc3669043154df61c88148e03faff1343b7b7b9805180435ba4b56b62b0d640a2566c82fb17cf1f16ad21123ccde40898c9a5911e50cbf5c61081747ecce45de7f245caec3e3331e1d17d4fb020050f92e9f94d5749d77f690fc287c82aa2cd8b279680f0d5ac9c1909edb0249a54ba51d7de7bb567a8b0785be4ecf0b858f036824dcaba63265ef051c05a5ac4e122c5fb2d646dccb015a7ba64144afecebad457e13d2c17be3ca483666dd0dba4d2b4eb327bb860af5fcbe1f278213bc38cd3a46ef0d8b26277bfacdd800963be161012df21b12ac423c2df31c55e438da16c5b0eca6107b3df8f949aef454d7238bed728aa6bf23b508d9b15c82ac2bf9291457369010bc7340648eb0a64bcaee32e94c8c118012b9a090f04e3dbf6afea784ae467884881fed7121a1a53c1817870412a38f5d1b6d8c3ee1aed953d8ab12a78a24cf213cb768383b752c19c26e3d5c6706311782cb107b7fc8dcc14faff66c4057d37578d134cbc4534f5cedba6617ac44ec158198ceec19c8bfec4860d9a9e52e135e5b8bc0f72a6b1d06030000ca727a0e7b89a0d3c73ffe4f29cfb0f1dd4eb7604821de000eaf69d167eec92b5f603b51130107fe2a29dd38598a4f96b136d88a93190161af29ee4070f9a60c6f4c8f00274bd6d0b507de87f45c110e83d23304029606689f4419c64c8f4fb204f8e481f80135e3d8ed39265247f20da1cbaa05d77ec8bc6d3a6f712b079eee3bf55d3d6be8783e13fdbea554a21c1b5ede3f2a26639af182874c11a3bc52917b4f8724d68b04a22f53473f204793072e956494e7b90ebafcc6d4d32ace44336e029e6cba9a54dcc602ed8b5048b56a73b56b3795f6e493a1b46ff87cb283db71e7d85cfb89ae8b80228a8e5cc0f7dfccdfdbf669078303a0fd3d958e3cd1ed7402f713101db7ecc91e6247db5bd18f2517213de1be97cdebac2af05f8ab8df8162242bfdb0186f0c372bec8b94c77b94c77f38abdcc2989d053c26dd952f5d04a8e22ef52e10971fede8e9d6000d0e213be825429d2aebecbaad7ac6068860c16a291fcf03f0721ee098c9b3383c952018cba5fddbdb7e2a4fca36d09f7340c0c9773010dd7b76db94cc832d53c4d9252b02e863935472fbec0e54e136031d4950e941c668afb8e4aeed305a8dd3185267f597901473fdebce57ac1653d38079a94c23b89cb1d86c5959810f13e7689a94a2af293ddab96b76b929564e7b9ea70fd6fb5a4fa78583efe21f537b6a0889c8506ce51b671fad31c7b6967447fbf2706f3911d683c1f55fd6816e394f797798c2184fd785e0184e3a8c1a49893df62b5838c0bcdf034da478ec4fff81251fe945a994cef4d4335f7678da360adf27e9b384ca44abbea265b5286f3e7ed93232bc408a80ef17c18b0afefce600d7709b3a63aef360f21beb09d74a76f855bf78ca61319d140f1178c200a87c538c056b69eea6f5d9f5a7f77813b11036348799440a59123f1a90b9d53d8cc3603415a43b2a243a64097aca63f2a0f24486ef8c54ebe7ccd14f0d0e6539cfaa3fd81146e9fda8d6085ceb14e4a9f40861754c23bf139271491f12dbca74889df2235df7d20e87916bfeb71a2c0dcb6269ca7cd62a0d6ee5312a1cd00195dba60cd55800ed36e7e9bd8672f470f80e397b6681670546e210817088da32f15fb27cad8c05f58ca2a4a44bf305d99ac4cfa40cf36162ee2fa54080c7adacf5aec3caf30cf8364123334a84f6bdedd339c215d7bef3e01c8c5d485cabeffb4365312be2dc3955dc5e327db82633d2d64ade6525eea1d91c2246b14c9e46db6961f35689c7d3a4b8214a0c10363d654d956ff7f853749415bb798e66fae42e55b8e07d4add79b8492879b95f0889a3bb4d89d1816ffdc97db75f1650c428453a09295315e1089c13ffe84ee02f95c82861fc3f6fe0dcfcd7d9744422aca55bc5397759224eb363cfe11de814b3df5ef7d85d77174e60e03591dc0467dab57f1d33de8fa31b5627f0660eae25c8fa006c13aece6f3d4da88d4b6be79954caa0874be1b9f50fdd8abdd393f8fdd9d25b3205371b17422eb52eba8d5e0fc2ac3f3fd9406e5b0cca5cbd2dc73ac460a9ccf06108cc54cb6d552b5c9a52f7b6ce64844781be08482e2cf1f3101f4dac7271697cb4baa37bae41a5a3d41285f660bfed1fd40c5b5146da99c8f159fef107231b58f32876631d8d3987161e3f7fbca63f73904f2fd206f96e5a672830cca00c8d9437c9bf8d99ba32da07817aea0378a0914e51521caa6178712841323bde0f8fa0f18f029ebb69cdb113e75068f1966094c58834cb5abba3cda369fc2a24c91ce57fabd0bb92cdbce2203888de891cebcb38818ccb799b046005e58f324eb8100f88557f3f60421fcd474dab243e33c0065376dfa6273b415353c8c2be4974949fad56f628bef11d3f2cb30bc9a456d3dff76a790f143d3cb0267c0529eea9faa2430adb3126c7cba25ef147a4723f98a67dde2455a8944d051a10d5ec37b672bdb2f84f6f4d650f128490a817ef63c11bf96236b9712af44a4820159bd00b84acc3d0ffccb4250a4f197211ac9dfcd1ef23f6356ea95ea07cd1ab14fd5d8feff199780e23b22385cba2b3d420c7f371cec01aa5e8d376187547cfb7aebce9c37f06644ff3f5c683bf2274df7917377183078b46e633738b07cd241d9dce3f3bc09cbddba96f60772d5c0a64d0488a720d52ba894a73ebf6269b8f310282445a65acc9f18a84f742638656a9b77788c149629e4677cb8441f80c277d30ec56a5cc35b367bca2ff04c5a77665681a0eae0be8dfa5b98c8ed23b274166db289c3f31471eb8e9ef49cf18c48e56ca990bddd921f6263159173dca4074ca41b4de534774dd1b71fe35efa8eca375a08ccf025467b7f81cea0b48a30b726a7a631179083700a4556e9fe5819857f2b1cb0fd4c51b1eddca297142d189ede2bb699e5ddabb78b1a2c3c4bb3acfc961d361d1c771bfa1b02c50b41695dae0605692216026796396543a7919fc97ddb6186ea9f9978b61c586de8f9f75092165e6ac329064bb7dee54637cfaa1260ca3ca440db2dc1fcc8fe2a2ddcaee559cd714ecd61eb9c712382304b6b60db81679448b22d5a8b70ee6abebfd687aa4b89287b70739b2d8753d01e1994555df6c906ed74cfb6b547a8eb27846ccb83f93a09a3126e42db7c99b388749610263a02ffff8046777c2d3da2274f3b9d50e43b0a582b91b662e9125867368e47507eba9088584e4a6be548332ad4f893361bf61bf15215ebfbb5dd0b71e073a7566174c0ed146f17072b01fc882ab400bfdad71e15bc5a227cfe6400491e52"}, @NFTA_DATA_VALUE={0x53, 0x1, "b0244dbb8dfde6a3710c9c55ba5b59999d48f8a69ff010d816fd6ab2673084fca634d6988b01d078f3eb3622cad699613e356bd787b2e79abe8dea8f71ade03e37e11c45ae0ec97b313e9cc4c4af9f"}, @NFTA_DATA_VALUE={0x4}]}]}]}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x54b0, 0x3, 0x0, 0x1, [{0x11c8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0x111c, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x96, 0x1, "d2bfdcd7fb5262e4e91dc1d06f2dc626fbc9aef8431a9cf288a313e2f6b60757ca10289fcfa6e9e031d98193023fe12ff6428b29463f914b33446d841140f247d600c91a4b2a234426a0431c45e6f29c757402ba7fb382e44028df47518f11ac550e0ac852c856f2b412a6a26012631b20520b9d7278bbdc33d478f51176d35e04261b6ccf2649b0078488f2b99ff1251c41"}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0x1004, 0x1, "4269d1337434e49c9a8d441dc9026b9b678c14642589c28f732621bfb08da12e22d80fd6b61336b846a3d058ba764b04bca1f5f24a5f8a861dc564547fafeca5886d9d637a24148cd4d0c93b05c6e5eb995ae1e5bd311a5aeedf43a41062cbe646e02705fb078752e426ab12584c319c3cb838823d017d61d3dd28dd16c01e4c5bc457adddc5f9d35bf2c73deed602dc71f2db73e6c40df2d54a912c6cbedddb9b589b940df336cfb59107428c5da8b28130ae94dc519fb210318604a5c82320bf8ce3fb23f5806daf321770a8a501b305d3ce3f3d25a86a594f8d8897d0e7a44b45a7158b2a1e0f5111a999ea6a6f2b611e6ccea68f2784b1c695e0ef2cc26c2584ae9fac3f89fcd75337c9b120034b75fcf95a8cc27e5081e3c06ff1c295a2b65ea805b73b74be44503292a02434f78f9698fdeb252a3de3479f59826f770adf93bf0bafa581078482c5ad72d1e909d2a193ec149e71d01ad1b76cac12623ba5f5b47a820629c1fadff01cba0ecd7d4e766423ab30dd20dde6f723064382546612529ac0726d55e986c5c39ca3aaadbe08a596e4bfe23e8269bb436e2c73c6a12091f01626b8d133b44fb28ef555b7fe37328b19f74023168442c1d45e1d84897d831078c66f6083805e4c2ba192d11903a67fedab99944fa6e91fc772b62952d47ab81f6ffe29fd5b8e6eb78e1272cd92853860be6e8c9362529be1c16b3945ad488f13cd306ba0f6ac877c65a0c527a4383183ed67694429e24976062f0d13c7c44f4c41d425f3e2f6248b1215a04028d663e1ea0fedb356c605f1a54b50635fbde2aef3a9b2309de7907f9eb0c1af25146dde4892c3e6e6fc58696dc82b73a4d50821f93b0c5d5fee806e18aec9c8ba59d90445959ce71c9ea1aa5b3cef565e4d1b37e2e824c3ae3eb19a51483ef55c059cfa4bf88b1a4dda44728849331b5b6c1fbaf94cb60f4ba5c00954180d2182054f223180a7b17758601559dc9b97253c2d93a14a2549c2979a0d06fb593dc2ffc012f628423dac5e750d49eded9671b08445e67ff48617e3d7f6ca4f271c2e48607c2d61d4748f88fa2d9469aecb6926922c968e231d9aa4def98973ec6af44125e0b280409c26fa5250a08560510a9f5b27045b179c5c998aef77ba34e1e2060275f4ab2e74806a8df472b661e6e73e618d00f961fe5defb17061d0ac6ecf2e6472d5775a78c57dd6bd420bd5455dc5c1ad67456a161db0ad786db83d286cfe61caa04abcef1ecee04204bb642770c010157804d9ed19af3fc6de52cc85ee5b38406120cc6c6308c120125b27d2b567b5417c527d0ddffb4d165c911cd5af4881be2cc96687c6b851d36c8fbe02d6fd88554bf27b86a194136ee2d72b11fc49e85e71c1270b40e69dde905a616c8f5dc033804b11c9026ffa19b7f7abf63b0794442725025e425a51046990f048ae1e5f8635fe9588c34116f0824c68e5fdf4408a6cb9a4a85f5c793d160dfd6aed05b9eb501303c1fb7326f3e2719f63f88a8d07c098abbd867b61fda5a10c095c9a2671741ea88a02ef211b06e584f36c209e20fc8c8dc351f9d072db9a1559b75f4131a2411751254cfa3b5e07327a7e8f49ae14d18993f96726b4a87bcc05ecbc4ba29fc53d9ee5435af358a4fc8dfed3a1fb2465b72fb41fa1e4112fb62b42d1092bea14506953f48760d0d30a4de72345fed43f3864093764bade8705c0aab7697af93827c57647276a813657785cb001ceeae8d99825433e6eaad12d895e1780ca469585d649f281ef26cf50be722b580b2b0b655fa347e28262eb1307635bc28e90dd354e030364a61d77b2734efd419007ddb00de1235670cd1de38d222b88e1d492036740f9697f38704bbf6aae17b0139250af1f70806fe0d00810137ccf7486b41fc2a05e712b4ccdbd3a51bc1753d349923712fd1cb685b5b1ed1aff4c35ae20a928682ff259e5c805099adc40f4b2e3dd3d4c779c9ac1bf593d1ad9b64d092c6de62c83569e6edc5dae0cef323f4dcd3abd087337ccaab98be3cb5f61a2f58564151f659003b4be9e8659a644dfa2458d15e72ab1c96ba6196812a8d0ad433e565614b7b0d1721cb071bf0c820ac5b6284694578a2b25e65dc7386cc57ad2c4d6f34764091dc176561ce59658e2eb1301e8de0a12934a4ea10525276dd45ea918455af15d3e147ec0c34fe41aee58f765fc0655d6d035db798870d6528c83836352a1f4913848f82fe0d70a8af9a3fc9d444dded7f9da9adcda1d2ae298fb255c521f198a38678cc64417a8c1f69a8813611df262dbbc3d156c59b0434d5269d1567929ee9e02ed9bafe25a89b9ef53c80884e16d0967e332f20e54c89007b6a4d9b1726a7f0c602252c7a8e076e5b4e9f4618d81fc3f7be6b9493361a65ef6573dad2a8f3eb22facf7046a805d2e8249b50ef0d76b9eca1756e59bd8e621ba96b262e1660fd19d2197f85c57e57fcdd14fbd3b6b584d3e229d2e0aaf21cf02540e89ee4ae2d021745c9bda68eadf8af48a13e9491b4c78a299edefc242f63b7c55dc656ae366559b89286b254114970d227cbfab3cc6193f6b7ab95f13277fbddb432ebf58068c53d53972a53d745d1b8895df633c0a75828df858d5d08e28d2e736cfcdfec82b584f0675360ea36184009a019cec237a932a9fd93751d3cfd6166582987f536eb063699a414b2a0276b279d09abbbce67bbddb6a3c5e4bf2ba0902ee61a579b3a39ca12604dc235865c34a31e24b4f147136cf961d662b05778a52d3b9cdc9fdb53776608634eff02e6a3bc9e014f3631cc6f651a02e7dd8abb2e50149bd34a3d4b23325908acafef8e329ff7c27ce2bdb3b70aea96111ecb3fdd314d9da35aaed2f8c604afcee0ac05d81c0bbf59b5c0540bcfc7c5d7044a013f0a3ecfed9ebfefb4031cf65878351637f8e2fd68a80beae32f918697f6bee22d92d911d59768bff78fdc324ca4fc65233cd5ae53e64548b42feec78014b5063ed9ffc24b261926824503ac1e39011b0f14962184c6a307e77734a95b7bca6dff1f740b16be43ee20fbac88f4938ccdd6c3b53ce5accf7203abc27c4ce8e5518a70b09e2b3ebc752c86563df5ae93608e7dae83c40568dc0c783be00017fab85ddd46a49d7165888df908cb7ef3e66957cb4af750ade690fe8b9aed99ec146a8932968e3028e13ff21800b8f8146e13094520ab1a06696e207fbb697406fd8a955947e8888f17da2e450258f16fae0158b541019551b633662ed07a8f346476d8710fe6d2448540aaa3c5aabe0b9faae03c70e8ac8f141e3961818f01f1e35b444e69e0074ab17b70b89de973751baac5d4585de5c7b13ba09271e93271e5d4f407db02a07b3c0ef65aae8cc03f6d5634c37ba499d55fa8057e69330fc60e5ed165c2cc96ee8f359e99cb55f2cc5de239f9c3406cbab50b99c6ecdef0f06140f0b2c94595aaea23093dff99c21ea17eaf80a4713583678bfaa9e36f2082dd06dd7b4d8b16798a59436fe926261867f45867ac18ec46a40f86216e16087c655cb18153402e4ba41d3aa2905d9dc1574c0782de424c97d4cee6a5dde56823b4fe31ef5f88364430337090cd7d9f0a63322db37dfcd9cf9284c3901b750948e8433e94422d9170b53d997e922f79922b082376825f2d1400e4a5c4b6ad8838b6bdfaf4d85432d9ca3740927a3e3ef17015fb3c10d6d2b4fe78865b4ebef84ea4f8dc0361fbb884aaaa01b54240c9de77cdf10fc724b870df37dece2085810a30ac506393593359b503ab2274b1bb34ec3657b4532b74a2d972553020635ca1be7b85030ba8d7d56aac9b65f93983ed55847dd6511d3beaf39e42f7f58fbe7714e058af52ffa74ea9e9d10e55f198219ddc2b63acd251c98161c088094491f0766703dc72b2c72024d50b22ba62b9953a3c1076be38fcfdcdb7c8fd1eed367312d1bcc810f980f90d01453ce3c3940b94437be073138d9f203cbbbc80cd8599b2b10f64581b7e3f58208dcc5b9a78ffb2301e799b92db8811b3b9346c2c0b9dfca43ab9f4b2880e4402fcb67daec1f64bbff32baff25a9c37fab70c0bee452c7c057f33249965ea9f1cbd98a4301ea6500dae2d15075d6ec810d8d23fc1852e55504ef0f6a9693db189eb9478de8120a510e8d15c4fe84767fe753ca186b39e902084b1945a66261e4a2af319a3d8684c744fdd60f17099011b4f0d4f3bbb69c2499c58d9019867f9e9f8f174b5bf1bcd59a3c443ecc4f6f6af684a3155c7a6807f31ee3033b0e0ff100b9bde0c10efe2b050d71cdf6d8c3bce9be801ab531ad63afed9cc53e3d710d6e5b896d0fbe7e1c2625139467ce88507bb389c0456710261bec97b898d17f863aca4d2b6e5fd9e1b28ab7d3462224ede51ebe26406de4c73c161c9b9ee8fa54c565981f9ed52da0427090c314a6ccd3aa8ca9be5d286f48daf52a3e6469adfb89b7479aaf8b85e99b8ed3ffe69087f52acc91dbd78f6f98e91f04aa67802ac519f6af1a953a02688c6c15013bd7a22574e9241f11747eea015b1258f19b28eb890ef7ad07823b48b6c9598671f64aea49579a211e28d512877b1d919861b4312c0914e191a3327b349538d9172779fc8a82976f5cfefb82dcd472d77467a0a91c1dd0bfc9ab3dcd8239519a4e68a5354502c0f2aadcf6b67b35c7fe4b4d838c72495218598a8af54015ff6f84ed77563ceeb48454810c84a61b540e08516d25606012a3435e44d2dc56b9bcd431e89c8fba5e974a76c5491e79b6e446496f74a010c5eabf9411a6cea7faab6b7ac376e496536c86cf03496cc48029d3a577e12678c9e3fe166ca607e1276318576c79b751c420f34bb695e0e1108ae3db128fd2f086386ad3b3708082d93163e89b65585fb870d4750446132cb73d822018d2f1dbc4103e76307d1cbc5b3702b51bd35b49cddb00cf43923ce813efe51ae815c3d49a9c0b8429b0f558cb926884e2c1be4f052c3476f8366b43ffcf6df33f17b5d21080826650090ff198715ceae688fde7353bf8b3ad46189c7ef8fdaf4d48e5769cfe782fa33ab45245de08dc5e387d473c0dcff5af24bacea519f5038c17e5533a0f761156a7c0ea5a205e77bc63aa04766f1dab6538f1bf59f5cae423e8564c9a1fa648a1ca578f47acbd09055933202a7a1c6df7c1936a6d39e9dc8732d26e04622a05eb296e8058e8f85cf5f294b0390e4a0e3d88929e9ac03497dea743057d337fcc2c692097b456ac08c9f7ae9117c6a64e9aef879d1e77195d3d60cbf17e5746011647b7a4f0cce34ff3c35f9a992138aebf0b7347fabfa0b0b1a48ba3e37d6685b9df210fe8f97f6c1013e254af722b7a1d13cff9033313934afcb86e6a9b6736de85a380453ba71019b400d9f121f500505165214a8a0d84d67097f4943dbd34fb640f7223efee479a969f8097bb274e422ab6d1e4dd40bc0d8a419228ceb10271e4baf3a8bd406e0017997dc3960d7293337b33c2ce88fe21d8807ac33f1a5b78e871425aa75e701a68eb163e45fb9cff1d001e8e92f9409678a386398405a66237d693d9f1266032c32186f359e337899245c38f613a65825553a7547c6d8fe119de4c5a6ff11c336d61a19cc8a944164ae3d67cfaa01c7d6908737bd65ab7f5689782498af1ddd421f71e5d05264a4a820b37cec3725a30193b287e9838a554c6ed9aaa12160d2969f650c3d7c81d1b99c03199cbd592fce304688d1945dfea9d96a82b661baef9a35b70df3e116c7df2b15bbec75bbfe20a8fc5ea3098257d6d0dc1594c40285831"}, @NFTA_DATA_VERDICT={0x6c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}]}, @NFTA_SET_ELEM_USERDATA={0x73, 0x6, 0x1, 0x0, "871fbfb6b5bcf2c8a19185f03a5757abb900de8714b7759ed6b36f45fd966f587814bfe094087ab5ca1d067caccff5b37818175b95696a3ade4a7c9fe4edd9f6c82c59ca167227d3c8d2d938412553140589b9fcc042104a0f6dda2b833904a575b08a33ed9743517988d304bb3266"}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_FLAGS={0x8}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x4a}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0xb1}]}, {0x31c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_DATA={0x2b0, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x48, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x5}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0xe5, 0x1, "751aea40b21aac481d5d63cd3087b576e0ac1f363a43e32693232fdc5d6df56925c9348790dacbf2454dafe2c56f9eb2a38fdf1e1354f373f0ee2cb103a8e0299ff142588076433b06b7c98d8453223d537ce2baa6e7ae450aeb9a8510ae39ed3df5ca1195dbf1a3dcfe6d5a7e3f6e6cecfbcf49a61d0a30cda0bb3a1434e0a0966e7cf0a0f842bcdf10680f8c68be7d799b1d1837c3b7f33ea6894f1cadf6e293993c312d825465bf94a4b97d92c65a2ba2bda16d1ef1a458888f0b33bff64cfbdd62160d0b3c2d88b93f6a12ae6f29625109921df0f18aeb5d4866f4843f1222"}, @NFTA_DATA_VALUE={0xe2, 0x1, "ef6f8baabf6c65659afd4768be6923c11fc7331d1d8c5e1a9708265bc4349874aa54355fa019e100f27371fdeea93f33f22708fbfa765cedd025d94f7aa71982f4921015e0371b35512908d3c44c7a0b6318c3babda31fbcdedafcc19982e3e90074b62778d465b1ea00fc4fad929d19838c04ee4d0fe8a08460d248bc016543f2ef43c7c23fd3c4ea6ec4abb3ba9320ee0158a2926e235e27db731a8eff5cd9fcf86f31402a4f8b384b4f6e5b77b4b0b75ab6c3d75589ff2dd5f2afdcf8cbcb31a809c490cbc87ceb950bb1548dc3ecbf9f9dde215961809f51f4ce176c"}, @NFTA_DATA_VERDICT={0x38, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x60, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_SET_ELEM_DATA={0x14, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}]}, @NFTA_SET_ELEM_EXPR={0x4}, @NFTA_SET_ELEM_FLAGS={0x8}, @NFTA_SET_ELEM_DATA={0x34, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0xc, 0x1, "8200e48bd7161e1f"}]}]}, {0x7c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0x6a, 0x6, 0x1, 0x0, "3bb03a67010cd502b7bb912ee3f3cfc9eb242035e90b792b298da8efd1bbf0b66e2443482a77c652a9b8ac55c4a611d51c438ed53f05b6bae05f1d462f7e67c8bd0df75d60c7cd6c9b203d743476b45eb8335b6f9d24157bb8ddf00814558a2d5de0a7b38154"}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x1}]}, {0x15c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xf8, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0xcc, 0x1, "646d8e57c8387da69dc240e9e75727c0ec7a52254645f023004e429b3339a1eed49fd674e563d2de46833f84cb89269a8f3963fa625df91a5d6ebbeea9c34ba53c80d5325eaf4dc605b212e7fabb94086ab39caf52641dd86641cddfbc22df2c6b152eac0f6e3926f6b850ade3ba9903d9e640fb320d3eddea487bc295855a7ff9b09c82d81de82cfe5740668566f2886798b599e99e2af66dde86beebb0fe78541412ccf34480129df49b9bf67928793b3b8cea3f7cba5d715231cbfc2624f274aeba08990019e4"}, @NFTA_DATA_VALUE={0x28, 0x1, "7f8c12d8d9506d682160a06680bfeea9e0b5af3cd10e73acceea7486be295c61ca273868"}]}, @NFTA_SET_ELEM_DATA={0x58, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x54, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}]}, @NFTA_SET_ELEM_FLAGS={0x8}]}, {0x14, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPR={0x4}, @NFTA_SET_ELEM_EXPR={0x4}, @NFTA_SET_ELEM_EXPR={0x4}, @NFTA_SET_ELEM_EXPR={0x4}]}, {0x1f8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_DATA={0x1d0, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0xeb, 0x1, "59385b0b280ba349df71f6a3cd0ac4ae49a9b70b5a778174b7b576e2bfb3970403b81499e01c74bfbaf8634d20dc45f4632dd980b6feb225133b0155cb5284a3e7df653302a077bc57df0f8c792cd0ba991e814ae5e2c3fb64657a037a7120206c8d7d4517904c2da62d74749246dfb01e38093602e5eea4c8cbc8a05e5fb6a8185cc7a27355c1a66472e4922fa0d75ed1ee205e91375486ee72160924ad7b7c09276ae27403d42ba100138d8f16f8caea5f75358581022e8673374c709843d476ceb929bdf12d2459886a0dceb242f6f1c1b92a68d9a39f702b111e3df8531e3da2ad79302d88"}, @NFTA_DATA_VERDICT={0x5c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x3c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x4}, @NFTA_DATA_VERDICT={0x34, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffff9}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_USERDATA={0x1a, 0x6, 0x1, 0x0, "aecd95291611aff02d1d3975a681ba984b119cdd0065"}]}, {0x1458, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x1454, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x3f, 0x1, "1b415f10e165487853c53a6ec7a993cee34bde3740f49eeafab217dcc4503a67a880eb85ac9bf5ac4878d713c41a4d2ab9ae155df4d02678759c60"}, @NFTA_DATA_VALUE={0x1004, 0x1, "01583354979e49c58eee7e4e429b80f1d90f6890836c471d88c062d03d9c33c60d60d371572a46411cbed74c15375c879ae01e252e921e29d4adbfe8691c44261e0510dad759493db607a1c8de67c348fd37e4b3979b3249793d531274200b6f96b1821711f0b6157c6cd09f10ecfeed3c5fc7f4b59d46484fae5f1d2d862fd0beeae4c004b93dedd81b5da02e4600232fdd7e76f3b9c89dbd8316e27a2d2815148396c256c0912cfb9ed026928b411375d9344ab8273003281a6e4c8239a971528619c2fcb8a88fa952ff7fbe9bf5dcf2a030fe02c3d9b0a74b28e1deb2b77c5ec7e75eaad713edcedeb8ddd7deca7da14bd5e421d17b2e4ba65d87fc66bdc2fc838b2baef9e369a2c1ba69f4a319cdb3f849f50ec10722682d5faa6061d97844f84c0a3efd9d74a68f47b432c36e777a190548535855f6fef0bc324553ce090e32e74e7ae3a545be676bb105f8e0def427106a607401a482fb3f55daab8075b694c374e08d2b584a214c9a024efd2d8028d1e43fe1783ff53dd1c817496b7d78cf1a30d4a005f70196dcdd0ccb8b4d88606732e136ccfcb02f0321956d7e89be39bd0e4dc5b0903a1a81542e352cd6947481ed984fc83e41a24b7004a482ac773cb551da02c4b95009469eaf0074f16f33259ffc4a1807956a71b906b5fa18c14a129fe1bdbd6162244a538f81a71aa694a062d846858418c7fccf8ca574f394b3fac6123e0bf0d4cc61f6d30e029ac362b8a260e7e28f04b09bc22e30be5b2cc4d9af3d8614cc5cd6f4083d2f4524567b3841a928f84f8b835398ef996cee62ffc6a03e00a1cece11b5d67f6f0d7d1f6c27b874f25942a69ff101fc2069e237287ba709aa3a8f93014a82f15a9c59851f2547e028abb319adf28a3735150b8e5399280e852295fecd89e7ff74d0055d97f549c3f3cad9a5c17f46fa50f1aa52983b3e8c2a74820351f8e28958b57cc0a2ec54aa7f0e2acd8d2df6743aa5c388178b93de4e6445aa12415c5c0291bf0c3f316bef204a1367b0267424dfd133dc54f42a593a38f122f30aa0ff06d929f540c00659aa5b7be57807c481b796bc9e3d57f7236a728022e8ee8e5aceb9e9cdc9fdb2ed4342330a4219e4307d7f5521dc24b45a09778be203305a5e230cb1fc5dc3db731737bc1785b7d3bbf5aba3eb3edae318bc16c72e44602b76b9170d3a38e4e771b92eec742c99b13d3c320a00ab97d5b1585cfb036008e6a416ed1dda811d896911cda2bdf3abaae4cad3e151d22a63447d9c51436161244da5ad8f25939ced81647c2086baffce3bce7dde3845e56f2d683989411073853edb2fe5d162039bb38dcff67e43a7d28d09ce6c108317cde2d5d8594b1a282f45716725eb59fbcb74578e5a837cda59a5c8800a8e2670050cf4184caa448e323fb02c59944386d5602636e82026149f0d7e909762b34e0dcb093b969566cc36faad8e2b30202af046eca8b4226e59f332dd7a3125831ad7b4b2fc923c51e1c9e5a46eef89477c21fe73100cf654bd3610583bcdfb0ffda599317999e162d94654621051388ba1b3299e402e8f2a14edd1eaadabc034fef6267caa02b9d5226cbf40d7f56cb84df8bd94e860ac9f233616627219e1b4305b107ede2a78b2fce9d929ef2a5d8a14d38c3ccd28d496f950beb9940f8eeb34daed22324a323b917e3e484b9c4a5ffd5a6186aadf2933116fa5a8bd660e4d0a0d45ed1d62f8c8c6982d2a63538b36caf8f58d89f1073ea45f655a7cf57885820a5097ec8c270c63d9ce76cedda1847033f9d6cebd0d2a8b8883315a7ff2cf821300d5a83a3a18089ef8c3fa50394f07f88dda340923c25d40709f711642bcb4083fab3153c664cab5f5c49c867057ee0af8ffc5644263c605a8b6d84a437d71d55b376433ff00f5bc3de982310ebb15564ff5ac5e12e8275afeeb1eaf8e8f83c41d9c1e63177db86ebb8ad47b74bee7ec3a68b0b545d2ba53e93f96f9d2906da801341fca64dcf9815a22146e77a58fa473473bf6b02f85b7de85ccda68386d2d8fa203fb6d35c2700ad5c7ce4872d3a6941b0fa776cbedcfbb71524c47e235afb2bd82ae3f3119b68692c597e72bd6731f1390da56a373aa63000cb526b5990f7592dfcc536862f20512eaa1891472036ecdb7724727db9ea84c55072387f39d9c32600fce80afc964b2172ce1f66a35a0cfcc277de2eb96a8c6300bd4511ceace653480234cf1a3b2d8c55d703d872960cd06b4cfa0be707e76cf2bade15cfaff114b70a9d09605b6d4106c8dca53d2fb911f855914a0033bcd80e5e45cc9e1608a8b41c5de1f21088c164ed0b97fc9b0c65041d17070eb4c35bcf9fe8f969c9e36fbed06279b9ff8582e1f404eb26c1c1241161f21130ad995f00f7d744a29d5ece11c588976d91aefd6046609eb97cbd0d193258122935bb78088034769f9223f1ec87c9938ad0f9367be0595dbf2439b1e2e4d62682f19f8aca74b1887e7f2fd3d088d528d4dd3522b6a3f3a89254c43bab3634cb921ac9922788dbdef6026a017eaaed9a619e6f4e89f6721e2552446118942e0f0547121182579ec03b023be32c4f0437a18c00b1abc419f49127857573bbec7ab56fd2fce3de2f247d8c04c5a2ec1337a8ce64d5471af1e1456d1cdcf599b345919371053023b10dd54a7a4cb599d62b398c7361eba34ec5557bc9493af04231f90c179a2580b84c2bf75e21917a69c2666b0e8bc2d51ec998f9b649b3e50cc2c4355d0a2719db1240da38145411614de51f35cc7fecb93ca991f814bf3057fe474c5399e6494e9ce0933ea33e910def0de1e2f32f546eb34a362d3f4649a37ec22eca58c394f733ddd276366820b47e4c2522d67234cdbbcfa2f2df3ed38120a6bd2a02d93a2ad6719c8503f28e826bdc4f673686aeb6063837b35478eb69ba8628b384030829cd09513a6f550bb5b9677e737b90051506022c4b398886864eede19cdc04071dbaebfa45724aaa421b9b069e7d0575255f5b6a578bfa2559cd123d83b5477f8a3bcb08831dd9dda4afebdcb4e3c35f9a6457e2473cc493b88f85b5ef742f30b51d723bcf014b7fbf5c6d26887d6129692ad228c7b97e9b8650ca5dd7f146a0eaee799a0e7d5440ee6d2e318663c303cf183209fc2069f56b618191f7441ac5b94752a24abc310d225a1ec00db886f1d14b37fcf832b045a81ca3c14da293184dd87d2da5dc0fb8b36d6e47a1bc5cd8801df59ef697985a31f51bd58423ce597960592e7104a4c77aeec245ba9a5939d8e4432e999e365a90bb9197c77fb6cb2555986c39afec428ee48b8f5f2f746c65e8f143031d442b3238baf6f93de0419d837522001bc25dbf5b2c1314437ff7afb01fb025f0b88f75e42654a8b605d1441b51c56bd626d7bfcb6b817c1dbbb98dbf8e0f799ba207eca9f6fdfe473b621fd57693c5738bc8db6a1b96679b3849255634f7b132bd27ea74cc40136c4b905dd6a6d6ee7a9591c32f1f3f231f1c4882204b8666f407079680009f36c69774019452ac56b1ca301094edf503d2f7598b0ec31beb85ac734f2b56365a33493f3dfd32861e89bd2a081e87a25d0087a1e1e6c2337769b11c8b8792cb51d8d627ead0f82da34aa909a827045192041077861302413330450cc5b22b15efa0d397d6c97771c1d83f4449ae9d849ae6d4257e6f9bc59b7ff99fb1511345d822c46b9033bb67896b3e08a97e6dddcd6b72be0d5d3678014eff438e56184615ed8d9ace214c94b4287f3aeb42239d9b2f64cbe78c531529e4c1908235e42f158f25e5769700b86ecea767c154287a798e4c50681201b1dd4e0a0217b95ba8627b9255f411407a6a0bed0f33858b6acd28d170efa9410e62e89fff5ee55ca2f46a8e96744d38ce9440d1abb7725cb5830a1621e8697699e91b5582cfa64add692303ac670d4a821d26f56bdfac41dea3cb6ca25a00160a3f9d25337ad26c5fa3a3b162805b70d0a0cbbaaf89a9b9292f14ec95402ceae45e1d40046b29b8fba5bcc9c9ced8c55cfd644d6756e48238de6692b4e30eb66fb4822dd750ed6fdb373e0f11fdfb8d4191ab28bcfd2f98c502350b448985d2a1ff21c57ffdb553f1f19bb4ec2e567bb78ca6067a2240abc2d06f27667f115fe622ea831ff68ce9eb1d41ea8a117fe88cc5063740850dc5434e89eb8bce67ea03d5b2f9d9907c4b11b869cfd9e3ed4401dd9fabb96d33cc6ffbd263420603c1766b228b52e369ea2410c30a259c417ebce499b05fbaca66d8c0b0141c46024cb25a4648be55be704b0cbe7c35f75f0d3c1d74e420fceb3cb278a16c39029bf4fbc4da5eefd09bfc553aff5bba8900e70474d52ee8529a118f6ebfec4392dbd1e7d4b7d3412f8a48ffefb698fe2992d931a6184d5099591eccce9d0654d881e4a0d2a9e78c92ad2adc6c1795c0b21584d4f961ac35e5d89fbcebbedfe108c02f04ab52b7a4349feafaadd86ce61571b385fca82b6d96f216f5f612134b0f30a7bef7c1a2cc2c5d568b73b406fe2fe69311be623eccbe940174d1e17768e9ad35840cbe95f89198539d7602f58bcf89df637f13bb93580e4a188d2b17dd372a554540cce32a0f8579e24d896d31635298859eda6d66a516f77553859ee1a1ef569891a62a4295aee98c57f6959ab346cabb7101ae1a127e28e9d9491ed457f900ea8a1786fbea48839f2e0b07604a43166f07a1d992655bf6b97e1c604b63ca1f59ed14d48dcdbf4d05e9fd566080cb9a7638a6539ab38c4fcc0a05d87167a03cc25cfbab1cf6e43687efd2497d52231401d7d805b738d47bcea7c8b9ffd0c81fc4621e952708422843609d11603c8990dfd06602315dfdb90a0f8a6dad13006601933cbc96975ffdbca2bfebd213c48d9523353909b0ae8624e20678e9fce65647a3ec398faa2e6f48a2d103755476fed72f256b93183a5d65d271578f11923bde853483b958abf04bb432074623b2d1e1eb4737057aab585a5164efec52c338cb7011fa53f38ef214c74e1fa0519a7c1b9ed8e6af505ae23816438263f29d5a906e7aeb4e865d9fe1439922f2c19bfaee7a35c0e42fa6b88f71915d1d741bb9718182f4ccfc4f80178c7831fc8cd276f3e3ad649f5834980db60e19ac62dd7df4cc8164b94923d74c8a763bdfd064dc4a37412c97f83396af395c1b4c19572ee8dc36b7e6532529b6cdf3834300c7dc94999106f7b129d197034ce0b43c1e716597b3a721cba6fd98b0a888973fec321c29e09d55efb61ccc49b914b4640875604f0ac1cba6db8af24c87d72b0f81bb5fb950121f6849eb5af782b21c35838b9a39e6d9a0230324fb3e3f676cf0d5282886a0a22aab6fa1f66dc77d1676cb61d9a39e136362c126cc1e68631fd2e5d4f72daeeea8e7f4f3d4063ea7095d971e88da34d18847b3f8683b1bdf41edd200c9a42a0e335cd0761d0c6b666a1d26d14bab5d5fd069a9990608eec2c0601ca1585beef9a9d3f3c4e3ad1b59e3ebd36b189a0deffa3e41b0e0045b98ccf32d88fef67a9b7737720da095995a83c8e14f6651be3d06e08bd2b4ba30bc658f2fb6268ab5c91d4259dea7d32e3ee70d1011c9a97e1ed4b6fe2fbb8459bd717fd684aa1bfb4e5abe0b7307ae9919e0377cae9f17c4fd943a264dfc9e832666e7881a5d3854b1fa9022aa22caf677b7f31f461d6e5e772a61808d4bf818f2fe95d6635bf03c2837adec0d2485abdc7a7d66d6bb653347497a992c44b649a990eaf460850edca7c411e8f618d287426ff6293d88e3672e88d7574da6a509a40"}, @NFTA_DATA_VALUE={0xe8, 0x1, "5c7e9b2a519cad9829ae0e419b0960e37d356ef5d2c3a4f13a19a1cff08cc92e262ca8bb203fa6ae8cb1583a8d8117a5642ed28c6188c21bcbbbb7e67fef9e180bd30452079d73386cf9b6a5dcdf769e1c921d4c7635149c88c1c2fc3cfc99c22926cbd990b4456074e208148a147a98f72c56cc2615b20152acbb9840405670e0d77095f0be5b99e06104efdcb412b70a4978e9557fd7dda68fa5513b6d5d0346cf5c7d0d58758b9cf4fbe0660f683e03b051fc9e968264e49787fcfa3efae7556384433278088d8cd3f0d074bfb0fa76de3de9b74cddd1e330c66af73009c028926ff9"}, @NFTA_DATA_VALUE={0xe4, 0x1, "da95054bf9fc0a84eaf9ceb3290a9a251e1a188e6d8f58696d2b2a235396725e98efbe6a82487e5fafce7a047fa30ff8bb60c423746a0528ec6814389f1cc2a18658ec8ac6aa655d59bb28e2252de08ae0b68a005c0590f2ae22c9a1ecad8c619528ce0d92ec31904e43d88a4e302c8ad6d7b176211782515f25ad46fccb0229933010f7b26fbf30c16569f143328d7be3d22910d36a32946c931b61e6679f9169f149cae1356f84bb8ca3f0041526af94dd7fcc1bbc6f7dc199c35fd96c86e31dba48a18941d4b4d81aa958fb8051f5e6f742cfbac4d0d8d5efe71bc9665255"}, @NFTA_DATA_VALUE={0xe0, 0x1, "d4a1d3673feabea364a4d0581b157e64e021bff51931366e6fe7a79153e8ac59996c35d4d93f3f92431e595b3ad8d0441cb486149cfa6390851956137cef745501fe8275ffe9a5e2c55bbbfe257e6d45ccf83d6fa1c35e3c6bb6ce29cc7a76a8df9dd27e2d609c3ab6d051cc613c789027a67ce91cb50a9a53dfed738e1837cfee1d6822fc34f287ed43665d0da9f1ef6bccba9fdf852377de3bcc71e0125a9f4df04731e8513837e5a4f883bcd926d99c68ece1a4109fd0e4e5b6715440b537980521ce1bdd7db2235677e9e0e8e3ec0874d6c22a1728700edd5470"}, @NFTA_DATA_VERDICT={0x50, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x4c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VALUE={0x1a, 0x1, "515177d6cab88642b4ee087731b6b62c2fbed578e424"}, @NFTA_DATA_VALUE={0x98, 0x1, "426d3121c659d53b9f3b4f9648d58d3d4c1a906656175a39831512a04a9c45bfa5bf71fa0502fca88f385b48924650cb64e6863324c78ff26f4e1a9b34a45f2932709a9c9095547d5fc739595b6a886efad86bfde50e83848b36f52314c4c93d805ac49c4072b046452a4727eb6f088b0914b97f46f673d4147d57b7af4d784755fbe5b406e7de0cec89aeb2777ecba4fe8cc179"}]}]}, {0x164, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x9}, @NFTA_SET_ELEM_EXPR={0x4}, @NFTA_SET_ELEM_KEY_END={0x11c, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0xb1, 0x1, "7cfe3774aaa4753a6fd1dab42ab0ab4f9a47127929ea3c066ff1ce744e5e96c11bcf818588f2c0a70110929a28cf1cd16d37408f2567e7acc95d98407485b09c92962fe62754aa6b8bed819fadacdbd5860f48453c3a5805e4fffc26f2ed032a15c375ae062fd40b70236f881520806b74eca02fe89f55379c263d44ffd645bf168476f47651aa8ebad1487ceb3291c0a18558a335d5be688b893cf7039c95e93fc3680b0bfd5cfd99b887bc06"}, @NFTA_DATA_VALUE={0x63, 0x1, "218713ac32b2de3fc9ce64905f47372a59a97f3462926a24206290794d7a168cefe7633fe037f7973570ef2691c7579518417e59ddd0e09ac9b60289a2854536cb7743ed8bcf0ba907f9e3042ca1b87f733717c0a0672cd69ddb9e24122566"}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_DATA={0x28, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0xe, 0x1, "0408e36039c9d0a7c0a7"}, @NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}]}]}, {0x2618, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz0\x00'}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_SET_ELEM_KEY_END={0x11bc, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x5}]}, @NFTA_DATA_VALUE={0x1d, 0x1, "f9c94a8046ba8c4509c70a051d3e46ab38ab94e28e14f953dd"}, @NFTA_DATA_VALUE={0x1004, 0x1, "0a29bed3fc7b85897423025a4d39270139b78fab25b074ebc676ff819fdd1ce257b1597b6c9bf75ea360c12d57ecea95a14593362c4a2337b1dbf4a06a54b94f0379e3afe3cf73457a3dc8c8e22a30ba7c4207c8529bde29e4b3dd926b5c53f46b1404a1bf7f74393295a43daaf2e315d0eae77b48258b4b6e3d4e5992c7efb40c1e83662cc4f2a19a8478a10e602325921db7c811234e32183e14bcc1b00a43601776c17c033ecdcf9b4c8c7cad45604fcc58a3df6ec24ccd9107e7e57e4a185aa15adb874d788d6fc414f7aac37daa2d695d21800146e253e491e8064efd4275ac961e510e6efdcff26f5635177f69741fddc847a739a78f6f1f8a7fb3236e1bb6a8cf046aa3357abe51a2d2b03859b141c5e510417b5cce343987d141b079abc77261f3a19ca77d871884d94213f1a1bf3de3b8649f93f38d9f849563f8e7f29fdf4bbee851e55c7c052cff8cdbcdfc352cc2eead9ed7d6da8500f33bd4afeedfd471ec72fe6ea2312df31e5a44b6334c4cfb39f4f06360c45dfbd2c334616fadbac81611db8ed411c2948f5d3f32a298ed8e1034bdd5a5c726312081973ae53384e39eaffeed562b637a9ce007a2f14a27a8bd6ee0d98c584057918491a69a199d006387de73d9ac337d6e48678672bbd6c4bb09a111bfe49ff33aa8ba54043bba2383b15ed77a116ecd49a539da49644ee5326e32baaf145ca373ab2945522630d73d35dd0993a8d3184ca54d1dc7e6ab5b1fc2bd95db3a2885fa15f6f5ed752986b76de4c25b200aa15dbf0bf084dc97e0214495b990c474e9c8085e2deb6a0abd2972f0e49dba97a4a2d4a9a3209d33c1dad2e2a4c211ae867cbae7e5f6bb08293d733712fbd934d2391a3d0d677e8afa22615ec4e5a1b2cdd13b3c9c688dc8b997305393c421f1b4e8bd59d6a702e3e71239488d69c8b12ce848ad42ac8547d15d837a37136e8f095c503c137cedfbd77f7cd8e3a034bdced7efd472b6f5ebe72731a7136e3096ea49749961918295e525efd24cb02805c5455dfd74a4f5210388aeaa3c953885ad535dcd4d71bb03cc47d2e477158ece2f7d53e99af1c026cae9703b0156fba0d851b90c7911aac910450081ab9b9a90b89697bea7be21c233a8984f2c59f031d34877c0235e4a96aa87fd4f38a7ed0910ef5a01819d1afae9ee8f4264acff1baa004771d34dc8335164631a8054bc451757c542c55ac96d372c7d075c6313b48036b5139827bba0196ab9d0054635600513ea94e8d5d9e07e9cbf08db4cfd268c0fe42cdd5ba570801d36c4472163a68717e0a54b75864ea2cf631fa5096ef5b1b8c415aa78d848367ffb5b5012986e834430002af3515ee8497deb7b15cd27dc291ba508be03f124db179507d7cc2c69ae7ed6080e4b4aacf6017ea75d73bc952384909f0c9283313846845003bc69a62feb98b380f59fa17b46bf3aa278086a1085f6dae41869e339c949c75a9653325de35fa792afab2d9724735b57ce17fe01fe1e306295e67e3c4aa90f10f9e36b7b03cbc45f186e1a5ce6d4c94915ba52b529344be5ebff2c57214af17908a38f562a8dc3fa7da07087426cad2928d592bda5e309ab05248cf9e913e3968c99ae962caa000d514157864e7c2b2651d6bdc41fdb18c46cba01c2317899a0c1e7ee956e12174866629af30e1b6102b907485bc184c5e9a9482874b208e1b7b8f4726ba0a90c65810185aab60d562a466ba89e823e68a97d4c8149a742d01dc89bf91766b70d9587bc89552fab5929c980152608547d0bf2325ce53f8fe7700f9fa5ddd1c73c255464e1b5b37e97be93c5c5f76bff15a07ccc1f1e542a5f6f6046e05ae5f7accfd0009014e1ddb8f8f0819ca6f744f0292894d11d6a7024835d935c5cfe72c22684996f2ce7863f4796a637c949503c8063e4b6ec405de958184538a69fc3260c0bb6e89c9223a1ed1ae1f54863a49f6ec38ee57108ed0848b9e06b2a7b4da12b6d39cd2449156dd4c75fe1255750084ba4fbc955d68623183061c518c5a07832bf55a99105962498bc6be73607425fe07bb8c7fe0e8e701e47d05f0e9e86de8e56e074a67c0e6bf56b382a277f39d0c7069a6c3e7abc548b8a4b7e92326a134189fbe84052838fce4354aade444413b30607d9c01976ccbccf5098f5cb54ca04599402c004e4985665c05869f37b3f156d8ae4dc100490302d160af6f796f267ff64169d0acf3f2d963c6ffb00eeb6b0c1f5dca8a9e9b5842559301b7d00533c73d48bd39b11ce9740f2b7e1ec9e7f55aab5d1b5b1378afcb13cd62262fcd132200560fcab7b0062618356bd9c79a83f75efefb2e65a7d38414c3ed8a80a374e19f1260ae56445d65fb8e16a48acb03711ec7617ce592666b833dbe5f01baf21babe57af2a9fd039d38317ef4d11866332ecadcadcf7102d3c4bc212c4ca3cdd80ec3f0a6bbcb798f3d98e04f1a732e4b3e3da5eb960a4f78e19cf57d1804722095e21bbbba5e2a56248109e6d4a2f80fb8bbe1ab9eb2350b532ea19f05c8c7a15a1fbe8db7b7885c417ac5a79903d734d8209b4c9e69b504bd72cf813ffe0c117f3359aea672ed79bd6b48c35603f6fb380aebee0dbec07c88f53d6b30e843e6c4a4b0b5403127e053a7f3870fa0b466fd0baca628281de37e6d088a828c4d3b98b6a843448f61dc177344122779c4dff4023b5260bea61a941dd3bb54949783f0604d0909e536ebaddf3361c99335fe3eb0e907b09e7a36abc14e0dc0ad334d081185d9e0da1bd0deffd24352d9c120670ab980d14f8e97f0b29b6b2731d921a1b883fed7de42a0f319325b76339006b665d48f8730471795f03095193d3a01d8008247327356c57703f26a7dacceb1dd2b3f742debe12072860d63ee57defd5a51cc3b1de84dfbc9d69f15c503c0832dd9f09764c9ac05623254ae1571f9454c12886c335db078975ffac32e4c7e75c8332af573ef3b8221a68e6f748a1c96b9cc100416fa9305c736e981ac7c18a45460a658220c0e1ce9e304b8d3aff65da7291bfaffad9e79e9050c304e83d325e9e677b88c4792434cc6e2cd814df9cb115dd2e846639809d193cde2a6bf90a6e1baeaeba452278c7eaf9703670d5a6346ebea9a249a12896219d007f5b607de9a236c995290952fae3125f210660bc18666d56130e76596cd5c8c62f5bb2928109ce6f9a6bb625764e0a3b30eeb253f1927142ac3d4963295bc94cb601cae58c9398d67d9a8eeda03255304257fc86aa7582de97131792961e17ade7c549b0db826ff9bac10bc12a7fb02dbc982dbdf571e70bc52ee58d99e42717f2133bd2772e1fe2e7682d6a2058cdd12c7906d0457d3fed5539e4560033b8d63127c89d542ab67aec65c05e63468d5ef4a641d72c402ee6e0faa684f87af8a9dccbae4ce7e4265aa54b4b24bfcb8963c3e4a95425933951e2b79b14fae859a38c1784921c5fd4be09716d0210f1eff0ecaea96655b92702b1ccc328b34723696b42b64576ee39202c2428d90e66aa4629442f1a0853276b128c46cbca2e2534d7be535ffc3b1b9462fd6f1f9a4a117e1078d4f29985da5e0dedd970036a8426d5634e953eff23ec4c94e1b3203e3ca65789359b66a5f137e41e579bdc9d568b5dde6a02f7550d90f28ffc969dbfd5ca20055763cc64c25d769feb1bf3bea46791f599992452b9df7ec9a05eec9dee79aac5b459537f5393091cd484da607e74abf96524a3f97481cc144ceb7e600af7bbaf169e4271ee675871447dfbcd38e9ae30af74b4cc4aa5327abafca71ec5da01fb5f020e0f6bea8f8152d59abe77bb478bcc05d858429090d66fbe2e63cf50eb2de1f02fde60162eb3a2ca767e8909b8ad39efad5f1ea92371ad92c6e392b0a46aa791b707ade81b050cc6695e2aae2e67768eb870cfb0308bb07b98385afd48b75a0575da6aa0fa9c7e0d38d7283bea0a83420d473394a43066a05bfddabb97aa0a8204fca9c536eebc77d5be3ebb02b7071f3d9d6e8760ee71527feffd7891bd9b826964ac209f68e8696c66860525d398d96d9ad35cc82cc56269fdfad45543488a2b9595661dc72dc9bab6e9a47a75aa40edeb56d02e970a75b63090c1cca77f0f9926d70c94e3a6e20a960ef1bc055ff121b26aa92964336ffcabfaf482dceea4e59bd70fd4180854e0cf35b7ed3dced7312ef15252bceb732d678fa4344e5b1183174597c9752c70f2e6390177b4cb351ae5594d7bee11061003dd7db0f9846530dc46ffa4c9f5a60dbf8c6f7b52b78f75de625334662acb92f2c2ee93d8bc9c21f1c2b167cc9fab63f1dbe615cd4a776449987312689e8fff27c815e99470d8fb354ae560675819e87e6645fd4def81703d1cd5ea5ec7cbde7f0468ff31d1107364088113a7b93b80a523d536e51d98be84f80e1e0f8883b47de4967dfac5315e47f9e04aa19dc9ccee24cf38a3d9878a4e81e2fafe7b4d08f65c402eb01011e5df233aee8633e7120dbbee9f36aa7664a7b7c99b917a43a2e0602ff714682c55e30fe1491480262da1138ce91b7512f79f7a55d97476f5f2cf48e07da197215784c1fb6f2741c6d3acdc3b9e9972ff0af89811ac1661abd1fcdef4b08e530da7084db1bebf6c0dd348ed8cae5f6d38327a8178795fc69dc5d2998e6adb55c59ee1c8f1d4863bc48a0aad0a795fde94f464815288d68ace0e3341c714f6bd7955c55fc626b532140e883180c222831e371ade6e560efa1ffc7b2f0bb0a4dea7891d2638dbf625302a092d33cf76bf89804215380dc4225274daa26c8d91eb92722825f3aa9c1cc15addb8cea0013cd37892dc9d11b042f8c6a7a9bb7a4225de833314b7d0b776500c47b25ff836cf4eae5466832860d8b3d610854dac3bb813db10c7563284fbe7aa29e586028fedd5c62940d80d0e77e924277668cf32a5a1a88c06971d063e31abdb74c25627e2840cad55ef927a9cf7f7646da8e31da90b26e1042df552f96b41dfee9afa107f74bf11b17616f22e68b9ce3c6f689d0353d4098a569182b4a66cfa8987cb38b387f390331aaec0fa692c1aafe258d57061ab3afc4bc7b4477db54734b97cdf2cd75eae12dbb538bb4218eb06e17a4788b4fa7d1983374cb407de88eaab5e67345485eb705b9f06c2b723ecf7c00c8b12e17b42f47c04ad70864350c1b839d7084fdc0b9c385b492b1be822f2a26211d93808c3773d056ac92a772deca6096ac3961ca009ff16978355d010afb190c94642b3b6d57a2be29b5858fae6bc33c9d37798d31fe666ba07af648fbf6281c7c04c1dbf0a8b7aaad844d848f7ae0ca9b930f0296e019699544627081ca2726639c76330e84476c661ae05b2520ddf8d940db2ddaaa0be70969c4ca20ee5ae623cd558cff2fa8b96185c0acc5a268bdeaffaf34f5f63ca0777a675b4db062963590a0cb58ca341ef87ce1608554d7ccad47a5a444ba86229601879933ce547cfedd3e0ab60d19a21468e8b0678b440e780ba2e7bf693e2fde979d977175487b32dd2354edd45e2dbcb4cc2d1f6711fea200645fc957c538f7b7eb98418d5aff6505e153cd2c3ed8d5e3aa41aa2b5c4e62f1152e731ce4cff89c6a6a7389d4be7114cb442d8e5f63bc8ad5efd447f275053c684c8efe23f4e341033fb66734d1e5c469fbdc6ca82837c628c1d5e6064bd9a39defa5d1b3cbca39feb810471f132873d6305e13eb80ce9608dd96814d941b5e71bcab311a44e7938bf8a00ff4997a06f1e7a34dd24b95740c5312910749b3803fe99a7000902803d8380352a59317f"}, @NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0x3c, 0x1, "6b25d6fa5c5e7141fa5b95a1f7682d36f6c744ace5922277c3c98a005cc876e051443b54c4b9d2871596a4557463fee38d3a3b216369698b"}, @NFTA_DATA_VERDICT={0x60, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x2}]}, @NFTA_DATA_VALUE={0x3b, 0x1, "628606e71acdd7280ddbb5c8a3de6d04f7d63c61ba713d8bf8de1f84689ef145dff440a7d132a64733c81c0f38433d609a982c69bcd085"}, @NFTA_DATA_VALUE={0x59, 0x1, "c3082421abe24658857a2f42d313616f81f6fa7d16be50602c9e8ce99867d24b97a0a51be57f8dec31859290c6ff3289d806fe30b290f8e143054ddc99339c9c7cd88dad0ddc2595cdb7ee01be013f2fa3231c9d8f"}]}, @NFTA_SET_ELEM_KEY_END={0x1394, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0xb6, 0x1, "86c302d38564a2b0af5a6ef8b2a942385b7d9d5f3c047c07c9a586ff4d67037ae0df66e5da4a325271e5156a8052b606b5bd8fc7dd3b2a4077ca9ef497820b2e8efc79ca63979ab5837524fee3af72e8437e273484a8a14e498a2e2583620fcc8dc1057574f4ec017de6b752fb339fe9c0b7b5bcb34931e608308dd4842d2950dacc991995512563aef60a07e31d148ef6d92ee6f867736ec750202460de4e8232da8aec21755b51c4746335b38a001edd39"}, @NFTA_DATA_VERDICT={0x2c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VALUE={0xd5, 0x1, "369b3523d897af8e19a91603e148323d59c6288aa086a6c8b0bf04808198322e4efdaa7c0e2b89620adde0b2f52a56ef16670582cee3051b33a9eef139ca4ca84f95427ce5bc7b34429523f37eb18040d1cc83770e14e40b59ef43dd4972148654b6da4ea0705c97ae6d2771de0e6e88f681b812fb26318f3cf47c3a0d80406549c2ab8cacfa8d7fe90eee7a4431d142caddb5f5973f8468771b1e149c7af3308439a2842e3eb4268b82167506c7ed7b00ef817580643401a1b1cf803964ebbf5eb5eaec2c1b92bc79137598f057355e16"}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0x1004, 0x1, "2f32795a0befecba8f1bc58d9185afb5eddf5b2aa68a1130eaf3be644df8379fb38e64a77c5053c5a143a616eff76027faa45a458379f6e69f244645b55b93addbbc2308b744f628dd5e916a19000579e59e4f98f4aa164e3c627242bb2a8979ee6d04b28074fefc76af3ccdd2fde944cb6dcf29f398a0c90f4c12f53cb3bf6f75ef9f149da12126623fad05905a59ce2ba6e7fa1bfc07f3af29e6a2f729792f070da2bd81b7e41600f750c07222f015a430a43e563cc5da67ac4eb648aed90c7064b442fe43ff48568103eee7ad46a2694e0c0481f5badb4912de5341f12ef3ca8d760d037062909e2a9ae4d0ffa043d3dae9d0dc8d7a00f73aaa1d98f984a7a198430be5ba33532a557f768cb4d7bbe5e684748dabd8ac7145d778d7c36bb8e67bb4df57d0daebfd840c53b6725be695bd9548c490df499fd0299e7e626527771ac9bb23d2fb28c0291067ba10ac58223ef1d692b762d4627111f795674ff48f30509902536363c56de64d6b2299da7dfb52289c8945bc0ee3c6fe45a433857aef4667d981b149e0122d5a277a0d8697ff9025bb6652e02be3c14538bea85778a8b513837d07e4d3611f11f8e73fe03489db86c39deb8e04f1311a0c1a718657201660b98a7f5afe5a2a0036897fa58fe772c9260a9cef8c34cb75036d01fc7db8ef7d6019a42703baf1ecc1c9e8afabdd899c3f93ac570cd9381a24364863ee5f87e45d5b7789ef727fdbeedbc4625d963082904e324e713ff1f96abd38115d6915c329b4365bc3e74b9e6552c35b395cfc181459718cbb7ebd713f76d011d182eab1da8109f2bf38c081d4dd79cf45ff9e7422e93b4b32c3c0d73df80fdc8a9b98fdc67f71f2ef27ffa37d451d3dd4eb5af72414834d5684d23346a3c14d68e2a2ce78f04fe7ffb4fab6f5a6cb2d29d534cae1d068516d2658e2b6bb28e842bb08486ab18f2f3fbd4edb453d378df5c840a9bd99cc434645a4db3b81612e4e383c5bfac199623e40bf0317f65f3df4274a09f95a548fa6115067b4f6f8f4952ffc0f6b4730ff2f39395bcf5d3c2da364b20b79680c5351ea5de8153af8efbd4e9a0b5423a9ad4f5d99aa3c144bed93929edd202236de353d28c789c8e834c612d92ec58f9689d0752ed9a7b15fa1606a6e96b8e3907f6ea13b8c9094468ee8af69008976e910b755628e70e0baa3ecba52c63e5581012d6955597a58851b68880b842e553d65a0b13a4d8b15b4f4c20f1026a89e2ce338c6a0d667e9fe04b988cbb2c7ff0081d163d889a6a289570afe2a675e5739eeb7295379195acd4348f291589cddf8297a7e8d13f263144a2634919bffcd86f1a151b4e4429531c7be456243fd20fc92b12d9310fdd55bde29a060d9e5407da845053f05a84b7bd92c3a8e248baba434a1d46c78e2c17c90f42655b776bd285ce2f07e711978b4b4d658773589814cdfb470fb55d0551b2d7999d45ea83fb1ae9e8078a5c5ae9ba20eaaf35868a07c3439603e5f50096e781c38dbff38617f23be9bea3146a9aedc5a4fe7cfaf5c0b933a5f8efd567943f26c724ba89335cdf6e9f06f87c4b943a803739eaf21b5df7173ac4444343ebae2b2980b9bd261a4afa492aba40ac426115ed7d239dadefaefcb836506292b443860b5a1df0b398bbbff8fd417ff76b45ad9f5af05e9674af92778aa2756932a1342e766b342d7282bec3b55ca0c023f9ee6bf31571a71c07519a1f432295fd305b3183c8657816e52168361d9b3bf22c3c0cc6ed9c935277d5d40bb34ab7379a5af60046ff4f3fc125bfab622330aa9bf4bfd6ebf6905ed671930cbc4af5105a97d160235cf55c59324594b36d631836965b5f5cf1f41a1f0ef5e848f9c24eb8fc958b4ecb2bd2f234589c8f25549fe03a7184847476961ae5cf8f7ba8f82d651410c5a6137bbaf5c7d9748a3374f690140077da0cb3de21c54829bab9b0fa7d73ba151bfd2589415ae9c74ce0d1c7380f58bc7d02b69eb7424d26b52556a65867ccc6e8a1d6b5e68910610f59a6fb92de7c9b52a55f5494310621d45f7b91aa0152cbcee5b6b6978627cd12580dcae939b4e6b95097f3dc9dd2688e1dfc0f601aef6e5daf64754f83cb9775c1b28648c8e7ecb0485570240b5ee0c077c3d172dc2eb34cd300324dea6b0bad48f79b6c19740b8a04ced1c7690e80da9854854cff3dd986e8ceff78fb8ce140e5ae119c4efdf5aff56cbe776c1b869490c3210ad09c68edb0f9ce9e7f52e642cdb17fe17c9587d3f9757f1d1f7b101aab3d2d9f229fccfbe0470c5449eda6911324437acaab942e3e2849b64cc79ed19f8537ce29a156525df7deb819dcc28605936b2b5812ef9b95f4f8ccd75ecfbc5d87b948fb9d18a0032aa8ca9100f04b2fb0346c0d6649b1de728fe99c81f03666fde61269f3371496023ec33337fe9e2ff3a621d14b3dcdea43adcdc25a7c106643abf602ca6e93df7ae2fe15b88cb92a506d254d98030c0b9f137207ba1bfa1876060c4412f5dd63e111202d08a050c7e3098f12272f11d357bfc4b5751d81167b98cf9a9fef4fa78751809b1e5b319acc4e63b8e2535b3df4c641030ad003e6e2de7ccdd2c66b181c51efefa22921c082ef6d079779f581036194727b0630f9f54bcad78cdc7713393694ccbaed435b55c9125f098bc38c3f2d8de746a9f196338eeb4c3acef1139a717bfbe17afc34a7cbce2988fe48466806edae0215bc48544c67c0e351bac768f72d2563edf500fd67e3ca70118d2699359e8a108c99434d25588cc31c5d3d997847c3010c33bb6d8dfa22d1cd33d86434040b5ce2b85f2a6119dbe6673ae3638508b799975ce23d7bbb4ebf37715a7e22354b4c6db21fc0b8d4e21470b4e2b175ac9268b975a11408d488df759b3cc88542364eecffdc598d1ad1ddf604d889ef35ec8297758ed154c28471494fe7ab53ef53039c793d9a2c6943274ff2cfa3444a1caa80a1c67d2ba754ba831ec098306d4ec062a0e5a205cb8bcae44d05c3415c0f7e185f289561654ee306e145f4f0afa35d858597d0a2c850288064928bb8191ad8979fafb7cfcdd941eac46dd201ed8782760bcf65a29c5a8276af32150676309444d37dc835c8fd48b74b20468606a8358e89222e9c9a83977bf1d432ed7f8c30b19fbd86c7fff410f14a85774fc50f51d29bc8e32ba7ab79341b3bb71c4dd0cde2f85bca45b93ccb820d3fec205c578745f4d49b866748576f3aac0338b3363b978d62543cb63b2bd65f2762ab022e829f2063872662c7bff40b9d7b8bb88a34dd0ce3828b5e661f9bd0588657b1805892fdb92ac7679ce31528badaa97997efbcc6c99abf79f156234b91d3154c0438a49917cc796fca5a97f6ffd1c85d65ef213a93ef2117e2aadcb7a4b58806c12cff2ecac1550bf53e22be6897759bbe0e8f2041e6445baaa383be5968cccb23fadc8e827e249d90afacf2d0bfc1f18fb0a4469eaec2ba33d477f7b293b988f146c54ed8b9931d45d9bfda8466db52c18588d9defb40eb941f5b0830f1b0d4c6363247d34c72143ac31204e4f6e34ba68a5e174384a1452099b17a833294ca5fe68a2b4ca822169c8e865976270955c0357c56e23c8f40e759e495c3d191c2c3c2d4dada97acb979478903f8afba6e133ac65a8de171594484f3cc7fc17f97056cfd2c27549c6744cd4a8f33dd8f0f4b27b5853b34e61626c4647f96dd0fe4c60591dc97726fa18e720b060d077fa7a4cdae55ad2090f24f3fe5d4bf7523fe9c42ef0d94110a02e5d8bfb54183eb748968928e002f93e97d4e7e1a69cc76d89f5a77bcba6e5f9772faa64361adb2e965a49c92fbae15895813be6d9b111d00b1f26189f8946a4e7518218dcb03ffb8f70995fdd44a1ed1f05cbb05cf85067eb0570b20ba71b391141473ed83e91acbad6dc5d20fa30a4b5615977fe6e6d47ade2c961d7cf610fbc7a748e39f99b8c55e94c9f7f372611f5f43d9b6900c2da19b4ece9e857ed702d8535bb8c8b1512e0375629261a287a0da6a920e7b3864c9bff5d68f3db9991cc278a02f839c1f4054e85548f67d0dd922d6da7a6b6439e686812c9a20b1ac2e7d960f0072df8046205d930430d438aadd54c13278b819ae3a43ee11dcd39358b2334b83404b2dae33794fd2801f7f601281b9083b99357bdd2c665bb8d79720dc926728e513461eb85c21415779e850ed9646381686e9b7121a4da46f751defd3e00abe4f537e82ffe32cf57919ac5cf951dfc633430ab0e5f63860bf39461400231b239d3510c48d3f775d16fedd6e4497d2dd4650a44eb689fc48503430aafb0318782fa8e8642b727324cc3fa054d04f9f0b874912aa1c23e392b1868fa6e91f2e5e1d7b5eef371418ad99c66a6b12336b8caa7996275435cd35ded3b6b273ec7f76f56e841b540e0d1a03defec9b673f3236218567f36ef13a1e11883aa67b920409174b9fa1bf2e81ed6a0028388522bd2e214a2540905386dabed9da1f25658b9d233163cd8f09e7c035e2cd7eda60fbb54bfd2331b20a577272c76c43d6d00ece5baa8809392b191809eedbde531020e05e5080c145a38b8b3c72b66c2f8ac434f963e9e74c06ffac4f0675d1fc9b4ca2373520ac5dee0b116731c9235a917215a2ec79419787448804312c3528e4d74f0140db01ef4fc31bb66964058eadb447af93a19f3532cf7f675bd88beb970a3894cb99a569d0c6bc9368e256cf1cd6a0f770219b3a211b7dcc0688ff3a414edd323fa0f363234c32f5d677e7f9620ef75c54543951a07ccd8e92f1cd80b5c566dd9d95237ea2b8a0024dac6610f6782cd1aedb513f0e717145227e2ee316fc04ccf164538ea916d8dadb2eae6e40af4843332a5c96b979a10238e681c9454d3f246fcd622af8fdc259c7aff509dd583476400372b70699bf434f5a99b07d77c411f912f11b02cd2532ccd5b53e43184ed862b2869a75e699cec61f8cb843b24fb693478e262d24cde585919906b5cf5055121858415b160c085d32f13eea142ca9f9aa4c07fc42d102763ef55b9a722983622c60c403643bba3b773e69f22e1cb64b04c2430f78c6d04559178c967cff6f7cfa98d73827575659377874cc800ad1a37e80ffc02c0f112d478b30ed7b222f3e8774ebd8f4bc1fcbbac06526367301a040bcd816267f119841a2fe0838c0f463e04d4bb0ee7c9b079bb16001afedbdfc4f9d8f783989da3f911020c9f7d4babbe4d5951882b33f808d51e5270b57e2a6a96eb9691766dc6e602549c1b5a32865240e43fb983ab2466316343c137abadd337164f125aa487df5d52cb5878e10b19bd11f9cef37255b055bd7fb723a98fda343d9214fa472a9e645f143e1d5811960d7980dee59b0b3046cf9016a1b4d7944ca6299cd88d474a009c24db870d63102e37821154cc0dd5592067c7ad17903247104508fa0ad70a7a7c92e272780a03250c943bcc7cd461656b3d839b33590295786e3498f891f7c910ae6e122f74be51608434931413d636f6f083c7d620a4076c3aef4aa2584d1496e196ee607a23f75efa8958ddbea242c3a0840cd8b8e08491d116d82e47e5e6ace36a1a75edf978abfabf6068f633fcc516fa729135baf48f8e24b7789b66886b3f31e67ab37dffb0e3636a5f8ce3be0db0f279340be89a2b0fb9c9b885ead730dad68e528952f737fd5636acdc6acd9eb29b954807404297b3675c913530a739b8644b66ec35a39fc52c252dd592baf8a3e8305454e7b8acf95d048215fa80d4a5136e05c50ecfbd1fc5810d82f0e51"}, @NFTA_DATA_VALUE={0xec, 0x1, "221ee645464718969294d61ecb53342c8abfe7eae95e67cdfc60ea7c7eddbbc72e597eee11a14d5fdf1c0b82298ec64de86bb29df052ecbc10bb7b1e128a1ba297ed124b144ba88033bf09e231bfe08f6b047a28e9afe69dc23b3b9c3625320b658385676e65d23501b1c3b608b04a8526e0824569c3db1bf7d2374e41734bdc60964aebba0834d6ef70b9cd91d6679bd09a21ed9e6a434377cdadea671f08ecf4b81134b6473e3a7039e814cf1cf7210bd5539f7838a223100d74bd9b26e17833beecb95f3eaa5fd6cda2e3fd7410654a9a42fdeab44aa0a5ef9aa7dd275c173114a314b99fc13d"}, @NFTA_DATA_VALUE={0xaf, 0x1, "6b6a5dbf8668d0828e8476dd495ecbf0be90c250edf6a6a08ecd043a060ec8227b05ba42bad67d6ba31df16a9048596451d86f63e1378f5b074d12eea4cc5200f61b9ec7676c48c15451ccd81e759e76080a184b058026c4c78dc5d308348ee9bb1e860f0f2798d529fd123a3b84b4abc304006f5409c9971f8e448c6a63c4b6c5645c2fc7412f3cace98cb48afc6a3d4174ddadc3ccd4f3e357ad01b9187039be30f268d9941dfb469746"}]}, @NFTA_SET_ELEM_USERDATA={0x97, 0x6, 0x1, 0x0, "491697c4ef148de5e71bd16ec24861e360a6c292326367aa4229e15babff6b29e6c0215cb7008ede441664f9057902f269e2bfefa1e92b283c4a0d10d0bfae427c8e75736bb22759e2b80f895e3c12404adabab26dfc1e5a8498d32369f50c0dbb230359e13bf8838bb143f486ed034226516174673aa7f064c06348967f2f357930a090bfad918df1d5fec727ab116cb6a489"}]}, {0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}]}]}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x318, 0x3, 0x0, 0x1, [{0x314, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_KEY={0x190, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x2c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0x33, 0x1, "08e8407f7df4beda1dd8e27c9b8b059837b38b308b2adf904ab31ec1aff4132920cca28cdb561e05b4eee0c57c7956"}, @NFTA_DATA_VERDICT={0x3c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VALUE={0xb3, 0x1, "d6650f4dde24ebf3c6915ae5f6cd2175aba05acf301bf9b8b7e380d4434ad8177552f423750022f9edde36076e54b5ca4474ca60ad335ca57df1496d4026d8256cb9acf0fb868f0bd33d0749d3613473ade01a723263e5ea31649c2b34cffc5bde59c0b58070434baa33a86edd10d33d01ac312dd52dba43ee96dba874f645158a8945f3e0eefe1fccf810e55bd43c79fe8c21f742d2c113ce5c272231b26b29c146b1a51fe9996f7e770b93fc5ae9"}, @NFTA_DATA_VERDICT={0x3c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}]}, @NFTA_SET_ELEM_KEY={0x16c, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VALUE={0xda, 0x1, "5792287a0bb87d54e89e26cb881b9fbe7fa3b94343675426b18dde9dbf48e0c9cee9e1fb20318a0cefd3db40c1021dbd33a3e6c8e0e8cd44c867f015b99b5fd73555ca3792545c548879314fb061caaf9eb121cf9014a60bd08e84a520dd9e6eac16d3ba7531f5ff664394e17104335b239700a8d6519c58be7fe443585b98f0990a8f3b22b147c88d2d07b1333c330eb9ec50d8869c7fe61a6659b8eacb038ecb6b454163655a73e874a5bf1dd3f92dc19a27e26381c05fea18f8307992d5d2b26849a8554da37b1439bacef137a94189185dfbcfb9"}, @NFTA_DATA_VALUE={0x68, 0x1, "d0f188408dbd42a26e6bbb2ec1d3365ca8873de6cebb839dfd2fc655770c99acde2dc7f46b153efdb52e02fbd645a36cc752fa26b1756b0bf6a64483ec1f52b2fc14457f4fc957d704f35b674fd15a802a9b9effce83d8c1c19cabe15c317e906b444fc9"}]}, @NFTA_SET_ELEM_TIMEOUT={0xc}]}]}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x3}]}, @NFT_MSG_DELTABLE={0x1c, 0x2, 0xa, 0x801, 0x0, 0x0, {0x5}, [@NFTA_TABLE_FLAGS={0x8}]}, @NFT_MSG_NEWSET={0x1c, 0x9, 0xa, 0x201, 0x0, 0x0, {0x3, 0x0, 0x5}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWCHAIN={0x4c, 0x3, 0xa, 0x5, 0x0, 0x0, {0x5, 0x0, 0x9}, [@NFTA_CHAIN_COUNTERS={0x1c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x80}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x3ff}]}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_COUNTERS={0x10, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x9}]}]}], {0x14}}, 0xd6f8}, 0x1, 0x0, 0x0, 0x20040000}, 0x20040800) prctl$PR_SET_FPEMU(0xa, 0x1) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) prctl$PR_SET_FPEMU(0xa, 0x2) 07:33:45 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xe0ffff, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:45 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = dup2(r0, r0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x3}}, './file0\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r4 = socket(0x1d, 0x2, 0x800) sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(r4, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x40, 0x0, 0x300, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x1, 0x1a}}}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x6}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x3}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x20008010}, 0x0) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0xf8, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x5b}, @val={0x8, 0x3, r3}, @void}}, [@mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "f6a9ca23a7bf9071a58878125f1ef6252743f954a6131382"}, @NL80211_ATTR_MNTR_FLAGS={0x14, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "0922db5be0392553ce3c4bb8ea372d09ccb6c9c3b94b9c25"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}, @NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}], @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'veth1_to_bond\x00'}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}, @NL80211_ATTR_MESH_ID={0xa}]}, 0xf8}, 0x1, 0x0, 0x0, 0x4005}, 0x20000000) signalfd4(r1, &(0x7f0000000000)={[0x3]}, 0x8, 0x800) 07:33:45 executing program 2: ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000000)) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) 07:33:45 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x40) symlink(&(0x7f0000000100)='./file2/file0\x00', &(0x7f0000000140)='./file2/file0\x00') r0 = syz_mount_image$nfs4(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x2, 0x0, &(0x7f0000000200), 0x400, &(0x7f0000000440)=ANY=[@ANYBLOB="706970656673002c2c706970656673002c706970656673002c5c272c6f626a5f090065723d2c61707072616973655f747970653d696d617369672c61707072616973655f747970653d696d617369672c005179219ff6dbfa6f3234876862e8cf6141ecfa93d80719d6bf7b85a77fac4d45e8a535b5d59096a1f17a84badbe7d325919b51dbd77e67c9d311727310ac0a2b9e06f2e6d21c25f282d6b9c02bdb8deaf26c076d02497267ca4eb4326b92422d9635d5f010a817ff21b189c97f32f696a2685b7c49ccd9dc4118c26b6338caf2225d91f824509cc316ccfb440aae1538aa72bbe95a1b9ee264e1f813ced0c778f45cfcf2bbc046ade2"]) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) utimensat(r0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000380)={{}, {r1, r2/1000+60000}}, 0x100) mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1a21005, 0x0) mkdir(&(0x7f00000000c0)='./file1\x00', 0x90) r3 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r3) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) utimensat(r3, &(0x7f0000000200)='./file0\x00', &(0x7f0000000400)={{r4, r5/1000+60000}}, 0x0) 07:33:45 executing program 3: times(&(0x7f0000000000)) times(&(0x7f0000000040)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) [ 118.544392][ T5569] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 118.544408][ T5569] R13: 00007ffc5a52f19f R14: 00007f7c2315b300 R15: 0000000000022000 [ 118.544424][ T5569] [ 118.584643][ T5594] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 118.591833][ T5594] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:45 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000006) 07:33:45 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = syz_io_uring_setup(0x183, &(0x7f00000002c0), &(0x7f0000148000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000280)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @private}}, 0x0) r5 = syz_io_uring_setup(0x15a3, &(0x7f0000000080), &(0x7f0000ee7000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r8, 0x80, &(0x7f00000002c0)=@nl=@proc, 0x0, 0x0, 0x0, {0x0, r9}}, 0x0) r10 = mmap$IORING_OFF_SQ_RING(&(0x7f0000149000/0x1000)=nil, 0x1000, 0x1000008, 0x10, r0, 0x0) syz_io_uring_setup(0x59b4, &(0x7f0000000180)={0x0, 0x856e, 0x8, 0x3, 0x256, 0x0, r1}, &(0x7f0000ee6000/0x2000)=nil, &(0x7f0000147000/0x14000)=nil, &(0x7f0000000100), &(0x7f0000000380)=0x0) r12 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r12) syz_io_uring_submit(r10, r11, &(0x7f00000003c0)=@IORING_OP_TEE={0x21, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x6, 0x5, 0x0, {0x0, 0x0, r12}}, 0x48) syz_io_uring_submit(r2, 0x0, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0x2, &(0x7f0000000000)={0x77359400}, 0x1, 0x0, 0x1, {0x0, r9}}, 0x7) 07:33:45 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 7) 07:33:45 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 12) [ 118.618566][ T5596] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 118.625658][ T5596] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:45 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount(&(0x7f0000000040)=ANY=[@ANYBLOB="2f6465762f6e62d33e3c"], &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='configfs\x00', 0x1003, &(0x7f0000000100)='\x00') mknod$loop(&(0x7f0000000000)='./file1\x00', 0x8, 0x0) r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000003c0), 0x4c8600, 0x0) statx(r0, &(0x7f0000000400)='./file0\x00', 0x6000, 0x714, &(0x7f0000000440)) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[&(0x7f0000000180)='\x00'], &(0x7f0000000380)=[&(0x7f0000000200)='\x00', &(0x7f0000000240)='(\\+)\x00', &(0x7f00000002c0)='\x00', &(0x7f0000000300)='configfs\x00', &(0x7f0000000340)='*\x00']) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) recvmmsg(r1, &(0x7f0000008000)=[{{&(0x7f0000000540)=@caif=@dbg, 0x80, &(0x7f0000000780)=[{&(0x7f00000005c0)=""/149, 0x95}, {&(0x7f0000000680)=""/11, 0xb}, {&(0x7f00000006c0)=""/187, 0xbb}], 0x3, &(0x7f00000007c0)=""/4096, 0x1000}, 0x1}, {{0x0, 0x0, &(0x7f00000027c0)=[{&(0x7f00000017c0)=""/4096, 0x1000}], 0x1, &(0x7f0000002800)=""/193, 0xc1}}, {{0x0, 0x0, &(0x7f0000003c00)=[{&(0x7f0000002900)=""/78, 0x4e}, {&(0x7f0000002980)=""/4096, 0x1000}, {&(0x7f0000003980)=""/47, 0x2f}, {&(0x7f00000039c0)=""/226, 0xe2}, {&(0x7f0000003ac0)=""/174, 0xae}, {&(0x7f0000003b80)=""/115, 0x73}], 0x6}, 0x8000}, {{&(0x7f0000003c80)=@vsock={0x28, 0x0, 0x0, @local}, 0x80, &(0x7f0000005140)=[{&(0x7f0000003d00)=""/11, 0xb}, {&(0x7f0000003d40)=""/127, 0x7f}, {&(0x7f0000003dc0)=""/89, 0x59}, {&(0x7f0000003e40)=""/196, 0xc4}, {&(0x7f0000003f40)=""/196, 0xc4}, {&(0x7f0000004040)=""/255, 0xff}, {&(0x7f0000004140)=""/4096, 0x1000}], 0x7, &(0x7f00000051c0)=""/105, 0x69}, 0x7fffffff}, {{&(0x7f0000005240)=@xdp, 0x80, &(0x7f0000005400)=[{&(0x7f00000052c0)=""/161, 0xa1}, {&(0x7f0000005380)=""/74, 0x4a}], 0x2, &(0x7f0000005440)=""/14, 0xe}, 0x2}, {{&(0x7f0000005480)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x80, &(0x7f0000006700)=[{&(0x7f0000005500)}, {&(0x7f0000005540)=""/144, 0x90}, {&(0x7f0000005600)=""/235, 0xeb}, {&(0x7f0000005700)=""/4096, 0x1000}], 0x4}, 0x4}, {{0x0, 0x0, &(0x7f0000006800)=[{&(0x7f0000006740)=""/172, 0xac}], 0x1, &(0x7f0000006840)=""/79, 0x4f}, 0x2}, {{&(0x7f00000068c0)=@x25={0x9, @remote}, 0x80, &(0x7f0000006d80)=[{&(0x7f0000006940)=""/191, 0xbf}, {&(0x7f0000006a00)=""/131, 0x83}, {&(0x7f0000006ac0)=""/18, 0x12}, {&(0x7f0000006b00)=""/190, 0xbe}, {&(0x7f0000006bc0)=""/130, 0x82}, {&(0x7f0000006c80)=""/235, 0xeb}], 0x6}, 0xffff}, {{&(0x7f0000006e00)=@alg, 0x80, &(0x7f0000007fc0)=[{&(0x7f0000006e80)=""/85, 0x55}, {&(0x7f0000006f00)=""/4096, 0x1000}, {&(0x7f0000007f00)=""/131, 0x83}], 0x3}, 0xf5}], 0x9, 0x20, &(0x7f0000008240)={0x0, 0x989680}) 07:33:45 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x1000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 118.648681][ T23] audit: type=1400 audit(1636443225.351:164): avc: denied { create } for pid=5597 comm="syz-executor.3" dev="anon_inodefs" ino=18367 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 118.671005][ T23] audit: type=1400 audit(1636443225.351:165): avc: denied { map } for pid=5597 comm="syz-executor.3" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=18367 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 07:33:45 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) [ 118.695520][ T23] audit: type=1400 audit(1636443225.351:166): avc: denied { read write } for pid=5597 comm="syz-executor.3" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=18367 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 118.720654][ T23] audit: type=1400 audit(1636443225.371:167): avc: denied { create } for pid=5597 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 118.743048][ T5605] FAULT_INJECTION: forcing a failure. [ 118.743048][ T5605] name failslab, interval 1, probability 0, space 0, times 0 [ 118.755868][ T5605] CPU: 1 PID: 5605 Comm: syz-executor.4 Not tainted 5.15.0-syzkaller #0 [ 118.756438][ T5603] FAULT_INJECTION: forcing a failure. [ 118.756438][ T5603] name failslab, interval 1, probability 0, space 0, times 0 [ 118.764199][ T5605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 118.764224][ T5605] Call Trace: [ 118.764230][ T5605] [ 118.764235][ T5605] dump_stack_lvl+0xd6/0x122 [ 118.797582][ T5605] dump_stack+0x11/0x1b [ 118.801737][ T5605] should_fail+0x23c/0x250 [ 118.806181][ T5605] ? jbd2__journal_start+0xf7/0x3f0 [ 118.811362][ T5605] __should_failslab+0x81/0x90 [ 118.816120][ T5605] should_failslab+0x5/0x20 [ 118.820610][ T5605] kmem_cache_alloc+0x4f/0x320 [ 118.825405][ T5605] jbd2__journal_start+0xf7/0x3f0 [ 118.830433][ T5605] __ext4_journal_start_sb+0x159/0x310 [ 118.836000][ T5605] ext4_iomap_begin+0x408/0x630 [ 118.840844][ T5605] ? ext4_alloc_da_blocks+0x100/0x100 [ 118.846210][ T5605] iomap_iter+0x395/0x4a0 [ 118.850627][ T5605] __iomap_dio_rw+0xb78/0x1070 [ 118.855422][ T5605] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 118.861219][ T5605] iomap_dio_rw+0x38/0x80 [ 118.865645][ T5605] ? ext4_file_write_iter+0x501/0x1200 [ 118.871113][ T5605] ext4_file_write_iter+0xac3/0x1200 [ 118.876454][ T5605] ? ext4_file_write_iter+0x501/0x1200 [ 118.881949][ T5605] do_iter_readv_writev+0x2de/0x380 [ 118.887192][ T5605] do_iter_write+0x192/0x5c0 [ 118.891900][ T5605] ? debug_smp_processor_id+0x18/0x20 [ 118.897267][ T5605] vfs_iter_write+0x4c/0x70 [ 118.901809][ T5605] iter_file_splice_write+0x43a/0x790 [ 118.907229][ T5605] ? splice_from_pipe+0xd0/0xd0 [ 118.912136][ T5605] direct_splice_actor+0x80/0xa0 [ 118.917113][ T5605] splice_direct_to_actor+0x345/0x650 [ 118.922486][ T5605] ? do_splice_direct+0x190/0x190 [ 118.927540][ T5605] do_splice_direct+0x106/0x190 [ 118.932376][ T5605] do_sendfile+0x675/0xc40 [ 118.936777][ T5605] __x64_sys_sendfile64+0x102/0x140 [ 118.942005][ T5605] do_syscall_64+0x44/0xa0 [ 118.946487][ T5605] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 118.952470][ T5605] RIP: 0033:0x7ff74685bae9 [ 118.956938][ T5605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 118.976543][ T5605] RSP: 002b:00007ff7445d2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 118.985186][ T5605] RAX: ffffffffffffffda RBX: 00007ff74696ef60 RCX: 00007ff74685bae9 [ 118.993274][ T5605] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 119.001240][ T5605] RBP: 00007ff7445d21d0 R08: 0000000000000000 R09: 0000000000000000 [ 119.009201][ T5605] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 119.017154][ T5605] R13: 00007fff4588734f R14: 00007ff7445d2300 R15: 0000000000022000 [ 119.025110][ T5605] [ 119.028109][ T5603] CPU: 0 PID: 5603 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 119.030949][ T5611] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 119.036605][ T5603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 119.043711][ T5611] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 119.053650][ T5603] Call Trace: 07:33:45 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x396) fallocate(r0, 0x0, 0x0, 0x7fff) [ 119.053658][ T5603] [ 119.053663][ T5603] dump_stack_lvl+0xd6/0x122 [ 119.075750][ T5603] dump_stack+0x11/0x1b [ 119.079953][ T5603] should_fail+0x23c/0x250 [ 119.084420][ T5603] ? jbd2__journal_start+0xf7/0x3f0 [ 119.089621][ T5603] __should_failslab+0x81/0x90 [ 119.094396][ T5603] should_failslab+0x5/0x20 [ 119.098918][ T5603] kmem_cache_alloc+0x4f/0x320 [ 119.103853][ T5603] jbd2__journal_start+0xf7/0x3f0 [ 119.108884][ T5603] __ext4_journal_start_sb+0x159/0x310 [ 119.114476][ T5603] ext4_iomap_begin+0x408/0x630 07:33:45 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 13) 07:33:45 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x2000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 119.119332][ T5603] ? ext4_alloc_da_blocks+0x100/0x100 [ 119.124710][ T5603] iomap_iter+0x395/0x4a0 [ 119.129038][ T5603] __iomap_dio_rw+0x695/0x1070 [ 119.133810][ T5603] ? debug_smp_processor_id+0x18/0x20 [ 119.139473][ T5603] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 119.145347][ T5603] iomap_dio_rw+0x38/0x80 [ 119.149688][ T5603] ? ext4_file_write_iter+0x501/0x1200 [ 119.155198][ T5603] ext4_file_write_iter+0xac3/0x1200 [ 119.160495][ T5603] ? ext4_file_write_iter+0x501/0x1200 [ 119.165988][ T5603] do_iter_readv_writev+0x2de/0x380 [ 119.168971][ T5617] FAULT_INJECTION: forcing a failure. [ 119.168971][ T5617] name failslab, interval 1, probability 0, space 0, times 0 [ 119.171252][ T5603] do_iter_write+0x192/0x5c0 [ 119.188423][ T5603] ? splice_from_pipe_next+0x34f/0x3b0 [ 119.193875][ T5603] ? kmalloc_array+0x2d/0x40 [ 119.198492][ T5603] vfs_iter_write+0x4c/0x70 [ 119.203036][ T5603] iter_file_splice_write+0x43a/0x790 [ 119.208417][ T5603] ? splice_from_pipe+0xd0/0xd0 [ 119.213316][ T5603] direct_splice_actor+0x80/0xa0 [ 119.218411][ T5603] splice_direct_to_actor+0x345/0x650 [ 119.223846][ T5603] ? do_splice_direct+0x190/0x190 [ 119.228859][ T5603] do_splice_direct+0x106/0x190 [ 119.234062][ T5603] do_sendfile+0x675/0xc40 [ 119.238465][ T5603] __x64_sys_sendfile64+0x102/0x140 [ 119.243671][ T5603] do_syscall_64+0x44/0xa0 [ 119.248074][ T5603] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 119.254014][ T5603] RIP: 0033:0x7f7c25405ae9 [ 119.258410][ T5603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.278082][ T5603] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 119.286745][ T5603] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 119.294697][ T5603] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 119.302741][ T5603] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 119.310802][ T5603] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 119.318815][ T5603] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 119.327022][ T5603] [ 119.330250][ T5617] CPU: 1 PID: 5617 Comm: syz-executor.4 Not tainted 5.15.0-syzkaller #0 [ 119.338582][ T5617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 119.348644][ T5617] Call Trace: [ 119.351925][ T5617] [ 119.354855][ T5617] dump_stack_lvl+0xd6/0x122 [ 119.359455][ T5617] dump_stack+0x11/0x1b [ 119.363614][ T5617] should_fail+0x23c/0x250 [ 119.363839][ T5622] FAULT_INJECTION: forcing a failure. [ 119.363839][ T5622] name failslab, interval 1, probability 0, space 0, times 0 [ 119.368107][ T5617] ? mempool_alloc_slab+0x16/0x20 [ 119.368131][ T5617] __should_failslab+0x81/0x90 [ 119.390464][ T5617] should_failslab+0x5/0x20 [ 119.395036][ T5617] kmem_cache_alloc+0x4f/0x320 [ 119.399960][ T5617] mempool_alloc_slab+0x16/0x20 [ 119.404798][ T5617] ? mempool_free+0x130/0x130 [ 119.409536][ T5617] mempool_alloc+0x9d/0x310 [ 119.414038][ T5617] ? preempt_count_add+0x4e/0x90 [ 119.419000][ T5617] ? _raw_read_unlock+0x13/0x30 [ 119.423869][ T5617] ? jbd2_transaction_committed+0xad/0xc0 [ 119.429579][ T5617] bio_alloc_bioset+0xcc/0x560 [ 119.434327][ T5617] ? iov_iter_alignment+0x34b/0x370 [ 119.439519][ T5617] iomap_dio_bio_iter+0x5ed/0xc70 [ 119.444528][ T5617] ? ext4_alloc_da_blocks+0x100/0x100 [ 119.449900][ T5617] __iomap_dio_rw+0x8b5/0x1070 [ 119.454650][ T5617] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 119.460480][ T5617] iomap_dio_rw+0x38/0x80 [ 119.464810][ T5617] ? ext4_file_write_iter+0x501/0x1200 [ 119.470278][ T5617] ext4_file_write_iter+0xac3/0x1200 [ 119.475604][ T5617] ? ext4_file_write_iter+0x501/0x1200 [ 119.481067][ T5617] do_iter_readv_writev+0x2de/0x380 [ 119.486273][ T5617] do_iter_write+0x192/0x5c0 [ 119.490849][ T5617] ? splice_from_pipe_next+0x34f/0x3b0 [ 119.496351][ T5617] ? kmalloc_array+0x2d/0x40 [ 119.500922][ T5617] vfs_iter_write+0x4c/0x70 [ 119.505473][ T5617] iter_file_splice_write+0x43a/0x790 [ 119.510917][ T5617] ? splice_from_pipe+0xd0/0xd0 [ 119.515748][ T5617] direct_splice_actor+0x80/0xa0 [ 119.520671][ T5617] splice_direct_to_actor+0x345/0x650 [ 119.526082][ T5617] ? do_splice_direct+0x190/0x190 [ 119.531146][ T5617] do_splice_direct+0x106/0x190 [ 119.536063][ T5617] do_sendfile+0x675/0xc40 [ 119.540544][ T5617] __x64_sys_sendfile64+0x102/0x140 [ 119.545759][ T5617] do_syscall_64+0x44/0xa0 [ 119.550255][ T5617] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 119.556226][ T5617] RIP: 0033:0x7ff74685bae9 [ 119.560660][ T5617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.580401][ T5617] RSP: 002b:00007ff7445d2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 119.588885][ T5617] RAX: ffffffffffffffda RBX: 00007ff74696ef60 RCX: 00007ff74685bae9 [ 119.596837][ T5617] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 119.604792][ T5617] RBP: 00007ff7445d21d0 R08: 0000000000000000 R09: 0000000000000000 [ 119.612754][ T5617] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 07:33:46 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 8) 07:33:46 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x10010, r1, 0xbd860000) ftruncate(0xffffffffffffffff, 0x7ff) fallocate(r0, 0x0, 0x0, 0x7fff) [ 119.620760][ T5617] R13: 00007fff4588734f R14: 00007ff7445d2300 R15: 0000000000022000 [ 119.628747][ T5617] [ 119.631754][ T5622] CPU: 0 PID: 5622 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 119.640083][ T5622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 119.650132][ T5622] Call Trace: [ 119.653452][ T5622] [ 119.656376][ T5622] dump_stack_lvl+0xd6/0x122 [ 119.660949][ T5622] dump_stack+0x11/0x1b [ 119.665184][ T5622] should_fail+0x23c/0x250 [ 119.669686][ T5622] ? __es_insert_extent+0x546/0xe80 [ 119.674977][ T5622] __should_failslab+0x81/0x90 [ 119.679846][ T5622] should_failslab+0x5/0x20 [ 119.684366][ T5622] kmem_cache_alloc+0x4f/0x320 [ 119.689241][ T5622] __es_insert_extent+0x546/0xe80 [ 119.694267][ T5622] ext4_es_insert_extent+0x1cb/0x19c0 [ 119.699668][ T5622] ext4_map_blocks+0xa5d/0xf00 [ 119.704433][ T5622] ext4_iomap_begin+0x4b0/0x630 [ 119.709343][ T5622] ? ext4_alloc_da_blocks+0x100/0x100 [ 119.714775][ T5622] iomap_iter+0x395/0x4a0 [ 119.719199][ T5622] __iomap_dio_rw+0x695/0x1070 [ 119.724047][ T5622] ? debug_smp_processor_id+0x18/0x20 [ 119.729420][ T5622] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 119.735346][ T5622] iomap_dio_rw+0x38/0x80 [ 119.739656][ T5622] ? ext4_file_write_iter+0x501/0x1200 [ 119.745130][ T5622] ext4_file_write_iter+0xac3/0x1200 [ 119.750500][ T5622] ? ext4_file_write_iter+0x501/0x1200 [ 119.756110][ T5622] do_iter_readv_writev+0x2de/0x380 [ 119.761343][ T5622] do_iter_write+0x192/0x5c0 [ 119.765927][ T5622] ? splice_from_pipe_next+0x34f/0x3b0 [ 119.771458][ T5622] ? kmalloc_array+0x2d/0x40 [ 119.776050][ T5622] vfs_iter_write+0x4c/0x70 [ 119.780616][ T5622] iter_file_splice_write+0x43a/0x790 [ 119.785995][ T5622] ? splice_from_pipe+0xd0/0xd0 [ 119.790868][ T5622] direct_splice_actor+0x80/0xa0 [ 119.795816][ T5622] splice_direct_to_actor+0x345/0x650 [ 119.801199][ T5622] ? do_splice_direct+0x190/0x190 [ 119.806210][ T5622] do_splice_direct+0x106/0x190 [ 119.811203][ T5622] do_sendfile+0x675/0xc40 [ 119.815614][ T5622] __x64_sys_sendfile64+0x102/0x140 [ 119.820799][ T5622] do_syscall_64+0x44/0xa0 [ 119.825229][ T5622] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 119.831143][ T5622] RIP: 0033:0x7f7c25405ae9 [ 119.835534][ T5622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.855120][ T5622] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 119.863582][ T5622] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 119.871539][ T5622] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 119.879501][ T5622] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 119.887542][ T5622] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 119.895500][ T5622] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 119.903458][ T5622] 07:33:46 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000007) 07:33:46 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) ioctl$SG_SCSI_RESET(r1, 0x2284, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) 07:33:46 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x3000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 119.931936][ T23] audit: type=1400 audit(1636443226.631:168): avc: denied { map } for pid=5625 comm="syz-executor.3" path="/proc/5625/fd" dev="proc" ino=18422 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 07:33:46 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:46 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:33:46 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x6, 0x101, 0x4, 0x2, 0x8}) fallocate(r0, 0x0, 0x0, 0x7fff) 07:33:46 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x5000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:46 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 9) 07:33:46 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000040)={&(0x7f00000002c0)={0x38c, 0x12, 0x200, 0x70bd2b, 0x25dfdbfd, {0x1a, 0xc5, 0x1, 0xc8, {0x4e22, 0x4e22, [0x96, 0x3, 0x24ce, 0xb0ee], [0xfff, 0x2, 0x7, 0xfffeffff], 0x0, [0x5, 0x1]}, 0x7}, [@INET_DIAG_REQ_BYTECODE={0xfe, 0x1, "78f78998cf79e2e58e814a59b11309400b162e823253d89cb42aed070f7f6311ffae72b55a2c17ff3759a963118f9ef602212289d8b37f18c0fc74945f740a53407fe801b40588bc2529d56b61a0dd8e6d812e32406a36397f320bf4eed9530c7f4d09ea5bc3c52e7a0e798f8f94b17d108346621ca54a23ab86f3a41ba4e9e90f453d6a616b1ba0d6b9e9ad09cf0426306bea9d7400a26eae50b5106103181c58f5b04a593d2c404cf1720209ff5573ffd14629d34f92f49a597db1ee433a9e14870454016aefcf8bc4de076062435d64f23a99701557943eb5422fd83a15e9b33efc8efcfbbca46db88397f2524a81936442fa7175e51243de"}, @INET_DIAG_REQ_BYTECODE={0x97, 0x1, "254b026702cdf445bd8845393000d55efefe5503557985b68cd8a36fa5c2e7052173302b6e3aee0fa7e40278e0dbd5708419241b88eed6cf5964723dacebd37ee0cce24debbc4f2a9cf225c1ca15a7b89aa11a32a72e67c4ab6343cf665bf2552fb9d10e550b1571d15af5f24c49c7a3d2d7785bcbb220e11b441caa81bf153312504f7fe5c544891bd978a581905bd63e34d9"}, @INET_DIAG_REQ_BYTECODE={0x3a, 0x1, "afcba9ff0b2fc752266da857fd5a70b9992fc91731303e8aca77e1b7d8eb99875695c3bc4b9faad582ef932fb57860ecf37386ce3d48"}, @INET_DIAG_REQ_BYTECODE={0x8a, 0x1, "e291ad3c19c59b3eecab8d1a4011f0505266a7f016c78599d76db61da2b37385bf3a9a41e978b08c79597bc74e346feb1be119517af12a5b08b274de906ebf66144d78ce61b4de3f639f1779aa45a3b32c456d8016f29d43d996b90635618f95fa0a7d2d09017d4d75ad819e68ef9025e8e067b3b2e221461f95b0da490b2b29d0696d88c6f0"}, @INET_DIAG_REQ_BYTECODE={0xb4, 0x1, "243ae9ac8a14f545f5bcf5e36f9bfd6c5e3b04622da8c99bbe620572b05bc652458cd387e2b1573ac4a72e391fb5185535d9273265dd0585906ed8198be39b5527358d3a68d509b70c1a2c49dd9a9d498159ad128d37daa2c48d1ea36b3db08c94b5d3a47d0765a701e625576dc8af2e1ce50b3879d824e7df978f2bb72657dca83f190ca282686626c6ce6b4313dcf805dd85f1f2c014f8a5272888b1f4c6abceec0db1b100878cb4ec82b0e1ec584d"}, @INET_DIAG_REQ_BYTECODE={0x13, 0x1, "7c72cf2ce06e95a6c6fce3e56f2a56"}, @INET_DIAG_REQ_BYTECODE={0x18, 0x1, "4182c0040ab444b6b80bc08323c346cad759c34a"}]}, 0x38c}, 0x1, 0x0, 0x0, 0x80}, 0x810) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NET_DM_CMD_START(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r2, 0x100, 0x70bd2c, 0x25dfdbfb, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000005}, 0x20000000) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) 07:33:46 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000008) 07:33:46 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x6000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:46 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r0, 0xea, 0xf0, 0x100000000, 0x101}) open(&(0x7f0000000040)='./file0\x00', 0x400800, 0x113) [ 120.260864][ T5658] FAULT_INJECTION: forcing a failure. [ 120.260864][ T5658] name failslab, interval 1, probability 0, space 0, times 0 [ 120.273580][ T5658] CPU: 0 PID: 5658 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 120.281910][ T5658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 120.291974][ T5658] Call Trace: [ 120.295253][ T5658] [ 120.298200][ T5658] dump_stack_lvl+0xd6/0x122 [ 120.302846][ T5658] dump_stack+0x11/0x1b [ 120.307086][ T5658] should_fail+0x23c/0x250 [ 120.311572][ T5658] ? mempool_alloc_slab+0x16/0x20 [ 120.316597][ T5658] __should_failslab+0x81/0x90 [ 120.321439][ T5658] should_failslab+0x5/0x20 [ 120.325952][ T5658] kmem_cache_alloc+0x4f/0x320 [ 120.330747][ T5658] mempool_alloc_slab+0x16/0x20 [ 120.335701][ T5658] ? mempool_free+0x130/0x130 [ 120.340385][ T5658] mempool_alloc+0x9d/0x310 [ 120.344950][ T5658] ? preempt_count_add+0x4e/0x90 [ 120.349910][ T5658] ? _raw_read_unlock+0x13/0x30 [ 120.354855][ T5658] ? jbd2_transaction_committed+0xad/0xc0 07:33:47 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) getresgid(&(0x7f0000000280), &(0x7f00000002c0)=0x0, &(0x7f0000000300)=0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r3, 0xee00) syz_mount_image$tmpfs(&(0x7f0000005d40), &(0x7f0000005d80)='./file0\x00', 0xfffffffffffffffe, 0x3, &(0x7f0000005f80)=[{&(0x7f0000005dc0)="fae0fbfe3a160abe281566469dbda98af7bcb4c976c6f28bccd89c25d89c60ada37bfe5261003a9818eba8f221e3f025c4d613237ad183243fb5ed9225084326868127be61ea5e1a836f153f99815013e2aae23d9afc87d382cf0fea0bc889f735769da4604a27419725c2dc91990fa652897fdcdd1e81ecf38cfbba623960776fd57f8b25f374905f006d8cf186283904811235bcd93b3b0043c16aee73bb207595cd63b3ba5bf3387280e6026ea631a5", 0xb1, 0x7fff}, {&(0x7f0000005e80)="36ba190dde57bac9dec274b0ab3b06485f5793599c2a0cb028d5765bcf50886b5ddd8907174ae844e32800009acd66edf9a199de1745fcc6ffff19b97c46831d9f434c39b72236c96105fa2e7154", 0x4e, 0x6}, {&(0x7f0000005f00)="ecd3e8401ef44c8e699f5193bdeca23fbdd4ff4d4bc7b519b78771652eadf763a7de137bb67856817d5af9f3588e6e8ffbf758ed711035bed13175f7d1eea657563158e3947df59adad1c36c1f21a3a838d46a1defbcb0bca788ece8c62b83c58f33eba061ff19759532668b", 0x6c, 0x80000001}], 0x2000800, &(0x7f0000006000)={[{@size={'size', 0x3d, [0x36, 0x38, 0x70, 0x2d, 0x35]}}, {@size={'size', 0x3d, [0x70, 0x30, 0x6b, 0x0, 0x35, 0x65, 0x65, 0x36, 0x6b]}}, {@gid={'gid', 0x3d, r1}}, {@size={'size', 0x3d, [0x4, 0x72, 0x74, 0x67, 0x34, 0x32, 0x37, 0x25, 0x78, 0x37]}}], [{@uid_lt={'uid<', r3}}]}) setresgid(0x0, 0x0, r0) getresgid(&(0x7f0000000280), &(0x7f00000002c0)=0x0, &(0x7f0000000300)) setresgid(0x0, 0x0, r4) getresgid(&(0x7f0000000280), &(0x7f00000002c0)=0x0, &(0x7f0000000300)) setresgid(0x0, 0x0, r5) recvmmsg$unix(0xffffffffffffffff, &(0x7f00000059c0)=[{{&(0x7f0000000080), 0x6e, &(0x7f00000003c0)=[{&(0x7f0000000100)=""/120, 0x78}, {&(0x7f0000000180)=""/40, 0x28}, {&(0x7f00000001c0)=""/166, 0xa6}, {&(0x7f00000002c0)=""/20, 0x14}, {&(0x7f0000000300)=""/145, 0x91}], 0x5, &(0x7f0000000440)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}}, {{&(0x7f0000000480)=@abs, 0x6e, &(0x7f0000001880)=[{&(0x7f0000000500)=""/70, 0x46}, {&(0x7f0000000580)=""/255, 0xff}, {&(0x7f0000000680)=""/244, 0xf4}, {&(0x7f0000000780)=""/193, 0xc1}, {&(0x7f0000000880)=""/4096, 0x1000}], 0x5}}, {{&(0x7f0000001900)=@abs, 0x6e, &(0x7f0000001c00)=[{&(0x7f0000001980)=""/236, 0xec}, {&(0x7f0000001a80)=""/77, 0x4d}, {&(0x7f0000001b00)=""/66, 0x42}, {&(0x7f0000001b80)=""/128, 0x80}], 0x4, &(0x7f0000001c40)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x48}}, {{&(0x7f0000001cc0), 0x6e, &(0x7f0000002000)=[{&(0x7f0000001d40)=""/9, 0x9}, {&(0x7f0000001d80)=""/39, 0x27}, {&(0x7f0000001dc0)=""/136, 0x88}, {&(0x7f0000001e80)=""/126, 0x7e}, {&(0x7f0000001f00)=""/31, 0x1f}, {&(0x7f0000001f40)=""/25, 0x19}, {&(0x7f0000001f80)=""/119, 0x77}], 0x7, &(0x7f0000002080)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}}, {{&(0x7f00000020c0)=@abs, 0x6e, &(0x7f0000003480)=[{&(0x7f0000002140)=""/102, 0x66}, {&(0x7f00000021c0)=""/121, 0x79}, {&(0x7f0000002240)=""/4096, 0x1000}, {&(0x7f0000003240)=""/216, 0xd8}, {&(0x7f0000003340)=""/147, 0x93}, {&(0x7f0000003400)=""/79, 0x4f}], 0x6}}, {{&(0x7f0000003500)=@abs, 0x6e, &(0x7f00000045c0)=[{&(0x7f0000003580)=""/4096, 0x1000}, {&(0x7f0000004580)=""/52, 0x34}], 0x2}}, {{0x0, 0x0, &(0x7f00000047c0)=[{&(0x7f0000004600)=""/205, 0xcd}, {&(0x7f0000004700)=""/169, 0xa9}], 0x2, &(0x7f0000004800)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xc8}}, {{0x0, 0x0, &(0x7f0000005980)=[{&(0x7f0000004900)=""/12, 0xc}, {&(0x7f0000004940)=""/4096, 0x1000}, {&(0x7f0000005940)=""/7, 0x7}], 0x3}}], 0x8, 0x2, 0x0) stat(&(0x7f0000005bc0)='./file0/file0\x00', &(0x7f0000005c00)) getgroups(0x3, &(0x7f0000005c80)=[0xffffffffffffffff, 0xee00, 0x0]) setxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000005cc0)={{}, {}, [{0x2, 0x4}], {0x4, 0x6}, [{0x8, 0x3, r0}, {0x8, 0x1}, {0x8, 0x0, r4}, {0x8, 0x2, r5}, {0x8, 0x0, r6}, {0x8, 0x4, r1}, {0x8, 0x0, r7}], {0x10, 0x2}}, 0x64, 0x1) [ 120.360648][ T5658] bio_alloc_bioset+0xcc/0x560 [ 120.365506][ T5658] ? iov_iter_alignment+0x34b/0x370 [ 120.370881][ T5658] iomap_dio_bio_iter+0x5ed/0xc70 [ 120.376056][ T5658] ? ext4_alloc_da_blocks+0x100/0x100 [ 120.381435][ T5658] __iomap_dio_rw+0x8b5/0x1070 [ 120.386293][ T5658] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 120.392113][ T5658] iomap_dio_rw+0x38/0x80 [ 120.396453][ T5658] ? ext4_file_write_iter+0x501/0x1200 [ 120.401943][ T5658] ext4_file_write_iter+0xac3/0x1200 07:33:47 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) ftruncate(r0, 0x2bd1eda2) r1 = fsopen(&(0x7f0000000000)='aufs\x00', 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r2) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0x6}}, './file0\x00'}) [ 120.407548][ T5658] ? ext4_file_write_iter+0x501/0x1200 [ 120.413083][ T5658] do_iter_readv_writev+0x2de/0x380 [ 120.418306][ T5658] do_iter_write+0x192/0x5c0 [ 120.422972][ T5658] ? splice_from_pipe_next+0x34f/0x3b0 [ 120.428492][ T5658] ? kmalloc_array+0x2d/0x40 [ 120.433083][ T5658] vfs_iter_write+0x4c/0x70 [ 120.437645][ T5658] iter_file_splice_write+0x43a/0x790 [ 120.443096][ T5658] ? splice_from_pipe+0xd0/0xd0 [ 120.448010][ T5658] direct_splice_actor+0x80/0xa0 [ 120.453098][ T5658] splice_direct_to_actor+0x345/0x650 07:33:47 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000009) [ 120.458482][ T5658] ? do_splice_direct+0x190/0x190 [ 120.463564][ T5658] do_splice_direct+0x106/0x190 [ 120.468421][ T5658] do_sendfile+0x675/0xc40 [ 120.472865][ T5658] __x64_sys_sendfile64+0x102/0x140 [ 120.478067][ T5658] do_syscall_64+0x44/0xa0 [ 120.482542][ T5658] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 120.488455][ T5658] RIP: 0033:0x7f7c25405ae9 07:33:47 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r3) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000b40), r3) r5 = socket(0x11, 0x800000003, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x20, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x20}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000ac0)={'gre0\x00', &(0x7f0000000a40)={'tunl0\x00', r6, 0x700, 0x20, 0x9c3, 0x0, {{0xd, 0x4, 0x0, 0x1c, 0x34, 0x66, 0x0, 0x1f, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x36}, @private=0xa010101, {[@generic={0x82, 0x4, "69d7"}, @timestamp={0x44, 0xc, 0x1e, 0x0, 0xc, [0x100, 0x735b3090]}, @end, @end, @lsrr={0x83, 0xb, 0x55, [@rand_addr=0x64010100, @local]}, @noop]}}}}}) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount(&(0x7f0000000100)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000006c0)='./file0\x00', &(0x7f00000009c0)='binder\x00', 0x40000, &(0x7f0000000a00)='\x00') pwritev2(r0, &(0x7f0000000700)=[{&(0x7f0000000880)="93de1ad245c6f991f12d2896dc4a382ad05b9d2d68491991ea5361041860315b053fe86db20298dbca56e646750aede88cc1900722ba12bc4983f042b049d99a13118800fbe2a88cdd6138702cbccaa08d61186c2e9e6003e55538da843313dbd9c94010f6964b764a5c9a906cc32e6c1556b70dc6ad6ca039d815551c568fc515cd4ac6a29ceb143460a28b7ff05132441ab09ba46ebd510973870f07f0ea2b33f7961f8855ffa2938751939463c3232f880f3846bd6d0ec6bcdafb4813f38fd2d7033474311b86a8109161c45adc09b48ad37f021858f9ad7a00fb0457de49e651d6f46f5cb394f1a50079be6587c3dcdb1b6a9d30dcd6c1ace4639e11343f9d48c514dc1b7116e3022b207ba70f48bc46b0", 0xc1}, {&(0x7f0000000140)="2e9744833e57c90834ec1beb8089bd6b12ac84bf872c72e1e4a87c7f5a123cba7350bc1c7a4c16825b1481ee97cc2cb627e43c91514d621a02334d3be9680f00a515fc4e383750701ea21c68753935a954111c51f78038c1135db9d63fc8b72542f3a3299001ff1db33a8d8557ac842e37fcc898762de3d6a47760aec81f228fffdca360db2eea4b8c332ef99d118a152b100e4cdd09a1e11a26", 0xfffffffffffffec8}, {&(0x7f00000002c0)="2c52d05aba5893deb3c9fdacee301a7d44efe079caab678e8fafa5081760d8f34a0ced0093b8f9bfe5711f54313473de4dace2b7feaa2d2fc8e9ed64322a0a9ddd42886d838f7135708d6347ba6ae7e5f23cde6c22292ee4a447ecdaa7ccc9edc2aacdf85635da1bb3d8d6fde1399df90a2511eba236a0877c5deeb874acc5e226af61bdd488e7291e525f141f3bc1f5ad7bafeb38c89ef28fc2d6b5ad2240e39d909b1189fb29230fd28cb3da3ec616293335b93cdc7d58bb9696027bf45e0829b26ceb132a045ccba36855e19adf0dd9b83bc8d79af2560971d0", 0xdb}, {&(0x7f0000000200)="a60e910d9b68e97f2f869b970d2e92ce18", 0x11}, {&(0x7f00000003c0)="7d4968008c6eaace8b9349f4c2d8b8e4cfdb24a2ff7906a07e2c5350268c7859bb19744c43e73fb8e15dde49355a66b2a1e211a575be74d5d2601bd4a95be38dbd37d92dcb0a47e56c01fdbd11d416bdd99f819f388f4734178bc4350f5fd6b7c7bb8178683a768184f99b31b5448083a8a19a8e3f849cb20e9a474706a10217c623881e4ba7667a7b73e8f56dfe9c96a2013cd5beaf8e6d4719eb6b43e56a7bae04505cd97bbd82158243a74bf93b6ae9beb1f5", 0xb4}, {&(0x7f0000000240)="a3b5668884267409f66337ba9a8c8ae869ae956765129245c461cdfdbf1ad422c4ca831e6674e7c695c4186fd3b131cfac8711d161f4f249942c", 0xfffffffffffffd4c}, {&(0x7f0000000480)="143f6d8bcde40f3ea8733b473580a57ad07de9b69a417bcdb781b96b599245b639c3bf1bed2db0b26afb0e6239e0f876997fb1c7b3dbe6298fef439e9baebd9edc44e75d6b1beb63a1e2de94e99eaba91ca3a14a7a49c0c99cc97d738c9ada3908f9f59271a02ff75b235f2ce9eaaecd7d4230294e3de1f5113cb2a611821414571c04732d7229b5aef93360fc724d021cce3342bb26fa1f3a50aef0175adc81dd301885cfaca75bd3bbaa7e4da1ac6a0486987bd17a44f5092028f2e93293c2924a0920c9d0ec2b8d3d351ad60be8e0da48e1277d5d325172e81fd7efb96d94b54063bf668fcf045e1cb756b004049e46973211", 0xf4}, {&(0x7f0000000580)="e3489b97275299a057fdcf842ec0a74d9256a26ef87f655423e6a40143417a074f214503d659bf7bce9ee04f756a757f", 0x30}, {&(0x7f00000005c0)="b4ef25956ec20ff55a561e69220eba94ae7a4d4d0afcd365231a1c9576c53669a87e667348aff4e5b6b7eabb2c927232f07afdd31eda30b73aaf780c18d972087dfbbcf59b67a8b3c88025ba94f2cf13082e080e8cad4784e3af55a18d08828a966dc085ce57fb96d4e5d10cbc5f0f14abd5420d18c3c091a405a2d6faa37a1ede6c27f187a88b24168586cc6ab830ea79841ecf41e4f94bbbaf0696b05455dfd7efae6aabfcfd08cb8d1a6401a1700dc1debc719a276476faefc1c4a439f37400e5fb77d7b83b1bbade324f853d02fbb35a58edd9c24dd504792b67aa73c9b317", 0xffffffe6}, {&(0x7f00000007c0)="d1da9105000000bc2355899732b925da3cd096f681297392bd20bc2ea212ab2ceef66bb77ffed40aec685def6170839cfaf9d505ad7a26faa24eee58196ed5f0f4dacf5b2c74d68d01abd52b67ceb6aed66cffeedd76410f0084262df94b968b3bcb1df7c528321c7d23aa9ce2f44001bd6f5e42eea99574edb7346662db1e4f639f966cf8916b0702"}], 0xa, 0xfffffffa, 0x5, 0x1b) accept4(r0, &(0x7f0000000040)=@isdn, &(0x7f00000000c0)=0x80, 0x80800) [ 120.492862][ T5658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 120.512541][ T5658] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 120.521013][ T5658] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 120.529037][ T5658] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 120.537009][ T5658] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 120.545032][ T5658] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 120.553016][ T5658] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 07:33:47 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7ffff000) 07:33:47 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x7000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:47 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) chdir(&(0x7f0000000080)='./file0\x00') rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r1, 0xee00) quotactl(0x8, &(0x7f00000000c0)='./file0\x00', r1, &(0x7f0000000100)="ead698c2f3cbc5e74470b724ff3cc27da6fb9f6f662f4839d1a6dc6e521d9a605f9a09cfd9a8e7d9f40524855f8161c6cb9b1c671f68c90b8c2e186665e2f47ae775033e741fbd50a00cdd0688bbe6236aa45c5f3e96a04e501f2c173ea26e6607bf359be43b1dbf11ed0813663111dfaa0bdd1a338103bd93a513b431b37a8b73bbe4759896e3447c58fa7a7ee5aeb9e8b81ccc000be7120a38ddfbbe9b977da33df0de037202fe469ff1e43cf9e1cf4fe1db9b871ca1a2114c3453c1a2a7e8c0dcc1d03e63e1f5735c1ee65920d8550bbe3a9cd9ca80e90f0b3f9a02a620629662b819331a632c95d528d653d8fd70d4") [ 120.561014][ T5658] [ 120.579061][ T23] audit: type=1400 audit(1636443227.281:169): avc: denied { accept } for pid=5673 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 07:33:47 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 10) 07:33:47 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000100000018000000fe6e13ffa8c6b504000000b083326e23dd1642d09345d961583234b49ebd5b8625c9057f00d5a02684934fb91aaa0f057d9632018ca24cb3a0e56938db6d2d094cf9a7", @ANYRES32=0xffffffffffffffff, @ANYBLOB="04000000100000002e2f66696c653000"]) sendto(r0, &(0x7f0000000040)="a81a7dbee91f7f44ec03ba6db580f26de0e96d45c228de6de263433efb8e5e49079a3c21b5ed39bf19bf943ceaa31a77b615166f689d10d8eedefd349d", 0x3d, 0x80, &(0x7f0000000080)=@in={0x2, 0x4e24, @multicast2}, 0x80) 07:33:47 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x8000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:47 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000002) [ 120.896662][ T5698] FAULT_INJECTION: forcing a failure. [ 120.896662][ T5698] name failslab, interval 1, probability 0, space 0, times 0 [ 120.909385][ T5698] CPU: 0 PID: 5698 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 120.917723][ T5698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 120.927831][ T5698] Call Trace: [ 120.931477][ T5698] [ 120.934412][ T5698] dump_stack_lvl+0xd6/0x122 [ 120.939010][ T5698] dump_stack+0x11/0x1b [ 120.943223][ T5698] should_fail+0x23c/0x250 [ 120.947650][ T5698] __should_failslab+0x81/0x90 [ 120.952462][ T5698] should_failslab+0x5/0x20 [ 120.956975][ T5698] kmem_cache_alloc_node+0x61/0x2d0 [ 120.962248][ T5698] ? create_task_io_context+0x36/0x1e0 [ 120.967725][ T5698] create_task_io_context+0x36/0x1e0 [ 120.973062][ T5698] submit_bio_checks+0x828/0x8e0 [ 120.978060][ T5698] ? blk_try_enter_queue+0xee/0x1f0 [ 120.983266][ T5698] __submit_bio+0x2de/0x480 [ 120.987787][ T5698] ? bio_iov_iter_get_pages+0xda8/0xe40 [ 120.993348][ T5698] submit_bio_noacct+0x418/0x4e0 [ 120.998327][ T5698] submit_bio+0x10c/0x180 [ 121.002667][ T5698] iomap_dio_bio_iter+0x9ed/0xc70 [ 121.007742][ T5698] __iomap_dio_rw+0x8b5/0x1070 [ 121.012630][ T5698] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 121.018454][ T5698] iomap_dio_rw+0x38/0x80 [ 121.022877][ T5698] ? ext4_file_write_iter+0x501/0x1200 [ 121.028343][ T5698] ext4_file_write_iter+0xac3/0x1200 [ 121.033690][ T5698] ? ext4_file_write_iter+0x501/0x1200 [ 121.039235][ T5698] do_iter_readv_writev+0x2de/0x380 [ 121.044460][ T5698] do_iter_write+0x192/0x5c0 [ 121.049068][ T5698] ? splice_from_pipe_next+0x34f/0x3b0 [ 121.054543][ T5698] ? kmalloc_array+0x2d/0x40 [ 121.059310][ T5698] vfs_iter_write+0x4c/0x70 [ 121.063878][ T5698] iter_file_splice_write+0x43a/0x790 [ 121.069265][ T5698] ? splice_from_pipe+0xd0/0xd0 [ 121.074203][ T5698] direct_splice_actor+0x80/0xa0 [ 121.079216][ T5698] splice_direct_to_actor+0x345/0x650 [ 121.084620][ T5698] ? do_splice_direct+0x190/0x190 [ 121.089676][ T5698] do_splice_direct+0x106/0x190 [ 121.096969][ T5698] do_sendfile+0x675/0xc40 [ 121.101653][ T5698] __x64_sys_sendfile64+0x102/0x140 [ 121.106987][ T5698] do_syscall_64+0x44/0xa0 [ 121.111485][ T5698] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 121.117386][ T5698] RIP: 0033:0x7f7c25405ae9 [ 121.121803][ T5698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 121.141629][ T5698] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 121.150042][ T5698] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 121.158022][ T5698] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 121.166073][ T5698] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 121.174048][ T5698] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 121.182024][ T5698] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 121.190004][ T5698] 07:33:47 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000000a) 07:33:47 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x8) acct(&(0x7f0000000140)='./file0\x00') r0 = getegid() ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee01, r0}}, './file0\x00'}) mount(&(0x7f0000000000)=@sr0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='reiserfs\x00', 0x101810, &(0x7f00000000c0)='-\x00') 07:33:47 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x9000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:48 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xa000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:48 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0xb) mount(&(0x7f0000001340)=@loop={'/dev/loop', 0x0}, &(0x7f0000002680)='./file1\x00', &(0x7f00000027c0)='ext3\x00', 0x81050, &(0x7f0000002800)='ext3\x00') syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000100)='./file1\x00', 0x1ff, 0x2, &(0x7f0000001240)=[{&(0x7f0000000140)="b7b3957a695978ed4532ce8b8c03b88cea764333011f1244f1b5ef512caf2aba28a14f5b461189698b8f48c5fcce2c7d3cceff89766e3d46c8afa12bf1944e083404beb02f48ef43219950d7b2e887db79b5b1aed3cafda42c811679bc49fb8ca5d2054a5365552fa2e5dbbf0a780a898cf2b7f6bd8d5125bbdad28679b63407c9d1bfa825ec804c1d1a6deda438d6116b260ca75d178b52d2b78853b3162a87487a082c3920cf1fed5bbeb4d76e33365791a75b32b203c8be57e73e3dd3eb27602e0e2e8d5bb60d0ddeb834c45e4a7690ed514cf0ba5a501cdd64f2f1acf11e146bab012f0daf495cebd8a931a47b26b8c9ffecd4aa9ce6a7c8e29b3309ccdaf2a62d89c6d006370c775266942b65759ecdca05e3076950dc233003287180b9803e7a9d9fb01465bb86960853e0907f9ebd7c11349b0ff87c8a380e7a7886ff4aec5131f79a4c53889842e70453ec803de9a27c0cb56eb948a09a2577d96d1b2a32d05cbdd84794d72d0db9c56fe9e0f6ddae72775cb24fd619928abe7076351baf6166fe6871c4a927ba78cd6d8407b49a56fdba4ed998993739b061cb80d8478e861bc08cac768607f77955c63c17dedae5b5659bc2a9149a5cfde1653c8a56d1aaf8bc786a6c97478afe815f60c305390419d33ff0b4d95971a4d78209cedc4f8b8d16724faef77b1d1dff919c4b4deb990d95b222418627b33c9ecdf967adb26550378235d96ab970e05e841621ebb05f9e16b2041720c452eebaa351332badd2e9dd9a4c73a3efea0d7508ddd1e8c28468cca320fd83f602ba910cb9711144cfffcfac607597d8c2b37b0c6391f0b1fc35fe6f8d0411b242ca32033ba434d2640cd584a3b3ec172c2728306657916e65d27bd01d3949c77e3a68f02a12814538f48301c53ddf1edf8f58eaeeb3031a38d7d53bae39734b52ac0c1c76b90b734a8546aa91fa32e90feb99e9a6f98ef93c59e5bd31d8f79d81b4c25053e1eae324381bbbcb648ff0596676ebefc87d0dc768850d9e264669ce03b4b6672a94c5e22a05538b0ecf464616ddad9374f4e9f7e8a5a2c4216680cfd1332918e4c55518d22d65d2109d44db8aabd10451f8550e97023b4af33152f8adb44aac7750f9deedf9ccbf12f5d9f9164c0519e2207dfac2a437ea695108e2dbba6627f13d94c3b4767bec7de85ca0345f0d32723b1130a4a96b93073d7973f6bc47e756371d3bc30504a7997b6418d7f69878d971ffd847143fd57fd71c1a5498a8eae6960c0b04829035d8bfe0cfd21af96fc8cffe576d8f93f942c8182d5908dfea399f554c3072228e36d2b6325700f99db3a3aeef573bb463d99bcc0e86c40604d12b5f55f9322d51080504564724ac3149bf98569c94cd0ba17e217a18d7ed210a77de74c5d0f7d2474d01e29b7139bd1cc4eac39c78dfeb254508f6a8e15d86db027a04b77551184b295efa24977041f6bfaa0b7e6eef0ee6aaf942bdf0e75c5a22a34dcb106da7e23abb50790d150eb1b15513b12cea81996b667ed09956d3f632ac0a1134f3e6e2e46f26e16d56b274dcd6a1596698bc72a59c983e025875df24a0616726df45fec1ae5ad27ad369d20697bb5175091bc85ecd52d27a48cba48743e8b5e260b3796fc12a905d757ad2a91b74d8a8a38db9cfc29a61ded36a810c9efd261aef08911b8bcba9656b71daeb9c8a4a9fff26a0e81581645a3b9ed28507bbc5dbde674ff0c7f337b72a5e963f9031d1ca4f669bcf843ebf374ebeb38ef78cd99d5a0bebc05db0d302c6a02524b0b649017e314693a0aeefb7e7f3c9900f7009470ad91d0e54f39091885615d53fd3ea74a6290fe8aa13bd74ea522bdae3e2263939549dd60460b8a8dfafd967e90bd3d8ae93ee4b08bf0530753fa277937f1804b8f850dfb17c5b7e2dcac7df2a95b0b3f9154d62b3405a0b853b78caf5a8cfbf38a959b68126431006a96d35333764a371d37650b95b0e1c264ab9cce485b51e351b10a157e49fd7942bec2181068decccca0481519de4f78466b8676dd0eb549420761570f7f96f1045a5933c42a792adf7450a8e8187f14dc1a9f8265f904e4798a10501ec77fcd3140fd15d4fcf04b15e3f6c0b1b8ce0a211f5a24b95b361ff28267b9f5659b8a6168eb1e5641c6c979cd303eeb7b8b3ecff407b71e1286c90b504fcc5f7aee8549a96787f66abbdaae374ea1ddbb897955981742a390618c6af2f143ef1376aa63311c3308077f345dbd2bf511c38a6cae927b8dbafdccaabf5e1f02da4303eee91038d3a30f8f7f0dd3e58d65a5eb80508cd42e4e20a01cc443eac5dd8d8ca4c7cfa22d57316bfcd1f5353f93e172a6c60cb1182fe47d14a530e31a03269232bd8fb0fdf96b19f9fce87771f277df5ab8a5e982c933b80d3aeae74a8330a3aa9f9438e09c636841107c612aeaef952e4f06a45f4a46987d7abb8f36461fc5a5a1fc840b478d5996a0ff66f58d466c0c8779c53ba133130b72acd01969b78025a74ba1017233d56efb9f8e91601342d2228232daf0c7e0c7428b75ece971d2424c7eadd06bb812892319e197d2a52e98626209d3444428a25fad33cde5493e3f52c9912a6fb03567f617eb353fd28862859c2094f0a1dd2fe309b3070241ffe47f00ed76f25b15afcf188819e1c5b1832b82112fd437702d10dec934b66ebe70f1add0c15ce57b12bdc2ce9bf1a4dc21c7857de05fbad50146bf558b3b1e7f6da46c8b51d55d7f565389f17f0a663de63cd508f8ef79b6a98f0ae39f47ba5aac07269882ddc463595201162b5023f907621c33837d8856f2d6bbe4739f1bf00fc52259e7d5948db5a4dfc714f737e23a514ebadc669960bb57ab14d54f8abfaebb4991e594700fdfbbcac1f9e7b93fd6912db27e00278d27765cf68e010704572c8bb6070579e2c03ba3346e056886ae6cdbf113d960ac8c034369f05f52725fe96f87eec0449f3e86466de576a3435f4eacee5a8595d037ea5dc1e0aadb6cf9db70ba86e6c76b56ed2338ae729d70cfe886b7fb89891410f00ed4e784c05b0b2c830a179a90122e646f7096f04fd8141918f08461ce71d605af06bdaf784f3f52e3b885e7deff22be72b4674eb58b1df01ffa465f92082eb4628ccbb21e55170675b8bbf87ef8b48d64884935334abb38eb44d6a37de1379d4cd6f3a8dcd8c0d704499ab4e98538e81beb785501c2b61c863a89cc52b922f697e9da4b997a9fca123cb43770936da3cf2d175d2ee5785494cc6b195c8d3aca9315453a9b63df6aca1e4ee178689d93d777d17da625536dd0eb005d9de75d8bcae98a8ddb1e389ae0e7489123074d7b7a48f736bb5ef9d9be9b2911d35001db665fd7ad06d8faaaffbe509e6b04cbc768ef21f3edad9f7c0e4bbb4ec78ebde26310222044dfcd3e865713a39c02472ad196b78ca368cd6d36565e6bb33261cb982d65e02e7f3addaa335044972667ede0d4469037ead4db8378b927c4fee22c7179b6a94e99fa1eed96eca16541d7474c7c7e917391709927958ce378ac199346a94eb7e3a43c5919bca1cc1e909efa6bd8c89874fea04654e4a95599eacbf83d972696c46f6722a7e81fe73ba90cbce806f430798fa774d30b2c3dee2a2268875e64c1b7daec9eed279a3f8ca5ef4be0ce657923a2c5fbae5d8bd7487b4f49785b16fd6da5fa75b7b8c0a4db539c2d42efe0b260157f8755bd4de201de6ee8904f8871f66a1a337b943fa921b30bdcad604780ecdd6a286d7dce881b828b18cdf6e028f844da1b320541252197ba6116d1259ab6e33ca93faa20844028058a94d1e609ff03522cf5152692fae1c8a8298da409237dcde7cc04c8f614cf10b5afc17f11fd31b645860a5f70931bec05651fec442a0e8270d6d92065c58631d61c24013efc7ecdf3934f302cf597007913ed998e8007bd55599e1e603de4963e01298840e7b451840edacc8844bc993eaca4e5dc11e26f871cee37a1ff6a6d6f39b3c9028590961d2d8ef3ab26a2a796f0d093981c6303d7e3c3db1810b4432c12d4773241f479ca354912656c81535b34e0a018b023c280b04175135dfe4a24071d2b7a3d0fdf81c409e4ce756f723e15a7aca7576ebebeffd6bd8c265c8daee1f2aad2e4bc482436bc6f46f0a92662909f64965e4ba2ab064262ef1c7f13754a915ef0a8ef8e1d90783b438b8da38fc38c08a168e8ed00c82e3709e30ccd3f08013aaad22e18bda61c93240ad09689a4d1c56cbf8cbdc491414926ff50fe5f2587303123f73d18d7fa8ccc780ca1136cc3b0b4a7b9ebf459f1aae36f5752a89679cdc80dcad56798b9d2a59695d2771247b9c02bcc8fd4fcb802818726e90ab8635e24761bf15d2e099facf3c6a1b9eba8553ca3f629cdb2ba626c574035fe303f88774c58cc2d84958fe9a8afbebf04eb7cec30f23aceaeee9eac40287990e25b87748827466a68c028b0cc5aab322b0b4da509e474b28cf037d2f897d8099c7a696472440dabe69a063a2215a87e6d576bde75aaa7e671c283a7b23ff29ebda79cc24c48c16a63c6e73e32a89c56652b53cf161876d3daee5a4d21ea7633cf5bfe0f1b832c5894f7c758cceed96aaf4f8217883c46863b64a4aea695f95470950abdb199a7efc9d2666abeb9b215204b21e71450907cb2f87edce48d9745e552ddbfb7f9e6d119708495d5380f8c364a82f145cba2916c51aff774a75b72488169b6f1e20215df4c3895ad633c4e1a94a77822f89cd8264e7f5523259ccdddece741ab61f9cd0cf2d767f357b959ebd9be187ef9ae15cb9305cdde3eddbfd89d3c54a0927639a97b76d358e9671635c8379956f7be5358a072182b29c9e4e5f40dd3359ff19231709b6e85a03ec8da201275c7861bf16fb1b216fe6541cb42d499bdc2ff74ed2f8427f029158b378f6dc05ce60ec971abe8da353c8cdca37390a580cee5aa4aedbfacdfaca4188bdb7bf3556dda322c2f4283fdb54a9dcb5d5a2276c3d0607d329aab9557dcf889e3d52b59095434ae223cc182e9d23efcb68f3bdad6a27e30f4ee4c0a6a880d6ac1fdf43698a50aaeff508a77929277178d60f5651f5e7948bdff75bac80b30f0540dfe2943afa6a357286337f6abb251d54ad5db7f600174c2b30ae761d44909919ea19f0b976643bea7d646cf56005fc3a991bbd3545136cfae489c53a0b5e007925d6811206762f1abfcfe0a31e41f7983fcadb55844dc6ce84d65eedcd3b59d4b20a1d96f5db44ca3ecf2aecbae6f0852a75ede83b39086ffab5ab6ad1446b6cfc0caa00dce23cbce20781892a67d8306e258742c693231d4a9969fd7bf07aec135af653398273b2592a57784ada50644d075997b7628b6358cb6036dc8fb12c928a8217bc6e24fc6326dc55a6bb63170a767a1cacea875196b043b863894280a4e51f35d86491f4f3b7de4e0cbdcb6cffd1fb9c4fdafa6c6a947667c0d16571f887d9155e4a4ad52ae2c40c15fa1855ecbafb2eb9f7075bd8321e1a8b0d29cf731fa2c1fdcb46d318fff64f92a2e6c6f4e6998e2788fc4434dbb7eded2369a46aad78775f5cd887f95cd43af230e7171494f4a233646bf2a419a61368ffeb4210c1fa652207b2adc3d709b7b9ab1a2848cdc13c32c6aa7241be04a68158a48b66b16587ca97f338cbd7999946cfcd3f324616d1637679f42a189518fb8ec45baa03940328fc1d2b3ecc4c069cca4fbbc947b4f66d5d9a7d6842845a65d77d528caa80ba56ce5da785c7b1b45390bdfac76fb979658f66677b66b734081fb1401cd8d667b4c6a815", 0x1000, 0xffff}, {&(0x7f0000001140)="b0d379d986408bc2ed8120d6c9748ba156ae9fbe12cf22ab46e91f4476a7089865c5e01d3174f58e805f9395b4386b0b7d503f799c1ad37407cf410a56751d8c2089caa40d1a2b93bfa876253ec1c60a5e70e938177d04ebad05de5e65fa78fabca35f0bea3bd0e2a6dc874af771c7f9a8ceef0c68d6f125238361388554989fc8b8fa7c6e33e25b3af54d4852c40441398637a06eb028d6adb364ab7e933da724e7aa9a3691d8c29111a5f84648f315b4591c48929039c30abcb459f327032686591951efcaa2019cb91a41f59e02c6e6deaad2b227d84c93", 0xd9, 0x1da0}], 0x40406, &(0x7f00000026c0)=ANY=[@ANYBLOB="7379737667766f75707b2c62736467726f7570732c64656275677a872c64e174613d6f7264657265642c6673757569643d62343736343800622d626163352d636435632d633032612d66323437333930302c001db39a1ad82a3baf6a79877e0885b7b48c3f76f0c6e833a6dfd9f278ccb3984fcb721e4035b8e9506d4ff5f7867ed64c42b7813880db96d2aad4499b55bd483679e12398ccaf1fc83ca4110c278f88463520493146ba502040b1b5e4c7c2de9d7574ba98a11cf2037658e94e3c04c6235730cccea21fdd68313c8c35f71de066e235ebf4d189a0e65c1fa1cdecbb9020a266cdbf1278f5e836853b6b665fe37aa1b9b406"]) r0 = inotify_init1(0x0) setxattr$security_selinux(&(0x7f00000012c0)='.\x00', &(0x7f0000002840), &(0x7f0000002880)='system_u:object_r:initctl_t:s0\x00', 0x1f, 0x1) inotify_add_watch(r0, &(0x7f0000000040)='./file1\x00', 0xc60001a1) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000100081018007c0adb851f81320000", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=0xee00, @ANYBLOB='./file1\x00', @ANYBLOB="6994f30e149ea470beb91588bab57dbc38"]) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r2) mkdirat(r2, &(0x7f00000028c0)='./file0\x00', 0x48) inotify_init1(0x800) syz_mount_image$tmpfs(&(0x7f0000001300), &(0x7f0000001280)='./file1\x00', 0x9, 0x3, &(0x7f0000002540)=[{&(0x7f0000001380)="af23443e0f6f6254c8b74289b5c6c2424ce2528987f02e19b8eadac7adc09db2e4038d9ba0881523fdeb1f9b460673be8a3497cc04d6e05d5d870a568d81b3853553691e24b4453638c420eb7b20039c8e7a0a5473c55b1ee7cf872310707c256896513ab096e5e1c4582d005d52e798092ff6ca7853c7fe2f011d44d30cd59675620415eb70603dfb24faa84499180323befb6483bf50b8501e5cc7726b95cba1dc3a74cba47879ba6c12b544345ff1fbee9fc1d0566cf06aa94b94e111b5a8a83dd29f", 0xc4, 0x8}, {&(0x7f0000001480)="ec4ec3d216e19afdc841cc8d99b1cbd6242fe770c1c4fb6493e47ea87c4d1745a5b8d292552e2e8281593c57cc6f58c5b5ef321e4c4ee6123b47a6bbce58dbd235512401e838b6f2854966e57fe1e8400d2dc3e1eed50b8bc9afc6b2f424165ac400c43da19e92086cf906838d1db98e7fa7304243a131111f16fc47a7570656f963f558a5aa59d7cb56aa09ddd5007d1b67ea53e6f8c86f589dc6895f5f2056bfc47e21a5fb164ab6e52e292289e840d79b94e3c05a9a40", 0xb8, 0xfffffffffffffffe}, {&(0x7f0000001540)="3a8c659d0e5a801eb96ede986364817d13f93364bb04c07815a5795e527f37fc069924926e18350b78b62102204133ffcda9a372b74e2c2023ba8f5327f8dd19e1ef835cff17a52eb53bbf77219e8e3755e725a7c4c43f81f1c93f53644182cfe4207c200a77de62308f0bac6b0e4805aca70348ba433bab48304fdf915e89d547033160f668babb198a4073feb0dd75ce5f5211b16cef752451963dff818d3ea13c63c5efd148183ffda172738b2a111a883348253b00a8ce1cbddd768ef28b902afef1a9f648e303a17a49a5294cdddee078ba08c8ee97e63bb9ffd195188a33e22a2c9fc84a52f748cbdf424a3ae8047f613106a989b1eb3ffb51270ea98486de0e526ef4f2664572a31cf9421e3ae7bc40ead261c39e436db315d128846cf934fdd0f2350f14ebda01984622065a0d761649fb05696fbb0f9b02c6796e345c20913b7ce645f79976828d83281621ecedc41ad2611cba19259cfc724598367cef0028ca83c0a305b119f8a3829d49424fb547c2e7b2532ed5088566d721fe49e007f443a9e3fc7b9e9d404a3baa1eb658b9da08343b59993f8b7a5c1a68cac3923168f24b69b7b7f1de30efcb58b16d89ac2489eb35dbfcbea61dc08bd1cfcaec1b887754bd81010a738a4dce54a77bc3494a408f09842baa5d48a181fb812e02e160f2bfbb74e04c2038e0b9d525b7f6c41802ab531302befbc00359a5ffe8c9bd03cf98b1f5abf1c2886fe19c282cb72052f39f05117d41ba4a74ff98189edd15e5952b388ff5ed7691ebd1a5a0d3e387e3c8baa568b2b16461f86778c61e8c98bc45114f2055e939be8bafb946cff00351961627e2ba58123ca0668351ad518bd3745280d529f8beff60f3c2ac30b053bb2d8afcd5487f106c77db7ea4e366e2245ff8f22a0a4fd728c69ad6efa8ed53be4370ca06b60af2c53827548c0d3ab5b8f2ae62f09558b6ac18ea51beb2e939f62d32cd5b81f7444371729b3cd2e9aab79c684e666b076a112c09907d77cd35d5ccb20005b251ea05e8d7a39cabad233fb3fa4b220e6c1d5bf87ff6cae0801393cde235e0c5768a20ba6df777621bbbb4e94ac39311a3316e4c2d6abf871b11e23ecf417f1268cf3817616d2d532aa8c9493c8309b3f78a6073c1dc77f816971dae84c31fcaaeec4726035bd883fe1027ac120d9db07e91a7ab324f7c4580bd9e65cfc23a5f503a61cc34343f24de427246887d6c555d740b7fbfa16b0ded3c5d3438f1c343dd0d8f28e560bbe02d8046f03d9fe8af4a17568e7e358b1bfab0dd29c967ad3aa6519ea135ce320f3928cfa58967637d399875ed4f48407ad25488190f687c16315429f1b121ceaeb212047aedd5d20d9aefe8c50fbcdd8b87306c9e4ebc7c3b738dd1e84d07da5e7fc2787eafae7ca45091344093f55af464882b74ee54e4629ae67975614aba5c12e906df379aecd1a4a77aeb121f64010f3f44a01f26c051b7c0f1fa1efd34aca2a48837fc51438a86f21c076b09e8f09d75e85952c0aeb310402ce16f430b79da768adc69f8a46cebe7cd01fc2913ce481612d200260f5bab3e95005031374502848c3716c56d2c21d9a942695d60f7453136114c9afaad0fa7e90b17d73f4922d3d1896dc7e7b0b96ef861ce86349f6810480196a5529914ab0fbd06445418b3b6f6ee79e9bd967365dd4d5a7b9e23138bbee6cc6b21bb907638dc71a0f69205a5c8db9ae59174d431b51cb45e517e016e408e76c21e521d0767c344b39f436eac90649079c6cb129b536bbf3db0c8b23e06e949b665879615ca5c941f0294aa1d7bd9d7dee93d1946ff64c71ffca396081638ac921be416e718ec864ff14eabc6dcadee8591c8bcc8ecfa8b9c7502e178703b37020494748bdbf3aa07b49613dd28e3a475cf1bd16c38abd739248c8d6e446c114abe1bf60ba13af8738b2e89fc005d969437b28c1a8bc26b10b95356e5c25c7896d7d6fc59f00baf96b18b9f0f7a7295554df2386f1baae88ed055e03f81554d8c92959d0195fcbda60932af90bd5a0e3356d02abc56420d8389d5d5511cc5b1b3480dd1d53111829aa07d6585d1476339c07e309bf5f87edcade4ce63da01cc5d286f82645a9a7d703e7efe485f7d2e5e72686a7396e5f9d0ce9af44bd559cc3eb46d1db03c893af14ce9f082e38f50ac339e1f0c0319a5d499d5e932378a4253f41b924238b18595cdafb69a83030e7f9fb6d4ffad27a863db797f18652b6a6ac104558eb13a0265fbf4c45af71fe9b4a65526a9cc6ee805fc191e3f51173788d769014be199f592963675934d7b07fe1c63c271f7b45a5d749b6ece9c1f8456e6ee727e14a9c09fbd5cf7df1dbfaebb215ec919605c1498864e008868cd3343095e3264508aedf308abcc6b1ceb4ef1f87d7c6a029125d0755148c263bd801d8f020fc0bca77444c88c596288338a1fe069e67a179b6ee291e5af9c971de15ee6cf2619a70ccfbd25d0b8a0ec47c8b30ee1dd7bc52820b10fa68f4649f52280f8871479319d294ee88151ea394e4389d428d2fafe9605d9155f75af68affb7268c31458e874b99c679e7ab20ed16fd4c8c94d475fec0fd714cf1ef629fac52dd2bdbd3bc3f1db48a749250f7df6a43136d3a0a8f97077b22dad32ca4340d54f3b3d6bf005608eeb9aa7379a1928f520c6f0b000afa9b9f1362c3f8bccfa0e22e3324bda5d7e034bac20614b7c8ba4161ea2b75f789f4635a19ed4671a54c1b35096e9a50d0b63c92f9a2b296b0c42025edaca6b0f28c41180951911d72e350c0cef891ea5fb04b1ffff4e4920f951b8cf1c1c9a8227b72d981f721cbf00c962f5ddc3d785c732206e30f42a0f2c732f501f3f41c38f9ba013061039f639d35b49abe2727783cf2ae4bf364ca15729795023436abc3e20b323bdd26db0eb028b97a5fd040c8031a5567be546f6cce8bbf0985f0a5066516780350155b3da2f97434a2da7e2dc5c4d5512177d74575938963c305320bdc1a9e29c94fb694a34589e5484dc323462c49b1e30155a94ed09ee5a496e0aaa3527c083da6e245c7bea3c5832e8b1353e87a1ecc6c28fdb7aadd8b732f80206e1dec52b38c676e6f5661b7430689a7a05412a66f9cb8704086808763fb614f51160e34eda7c40a2951a6c6025ac0404ba5b48f529668cde2c5170ce6080d2ff59794c6eceeb68a55037a6429a314443c774898fff8fdb6dbcebc0bff624339a5fb96e6fb95df743707c8d838390ccb183a34be0722c24442bccd8c615e5049d54457c2c82990a2274b87b5fe3ff123083e9407c205ba03b0ae3f57e20149f7b63c28b06177c64d82bcf8b17b206162024773738d6ee9c7c8e3d7921c5f3d0028e6cf4e559607397d851bfaab662f0490ba92b3487ce4aacd40880704f8373370d772411cd98c5550655cd03b332e3c4469cc63b35e840943043b38a9f92d5c10c5356bfe3f0bd55094c6a96f2f5e9de4e8927eb3bb6bc1a182c3abb1d2ad8122c33ee5d313d0b5c5444a573674516a2e1ab071ae8f3a536c35b0a1c61d555bef6f1888781f5619a011084bba9befed54b059aaeb94b760dbb6fda5da213d08a7969135ef61ae49c200c81aa64032f97638f539998256a3a45ce5758ee93b891c3033965f14a5b5a5137bb61e4bae0084e5345cb76a3935bda44d498fa6627ca5e1b08b399df5c6a9d00c0b855a6dbd19bd2f3803027a8d7077cefcb597696b2c0387e4772cc2870d7d8e85c943d769f2d722b2b32fab79c102975021572a011fd2f67fda137b94c386bae7e745b04a4dc64f20957c465ae11f7ed2c0d0399352bc7d2c891e9c36f2b748ee132816e320f62656d3d5748168d9f899bea12b2ab873126bbe6a500f173b681be984f5f3ad7c8511e728bd1f866439fefe271ef4ccaa22fe2890c4f212000b33d05130b944598dd4f4a10d1db48dac7b7b3acc4e0b41030d2752f326c73d6e30bc53d8dd6cba3d00d297e1eed052983c16078f941f747dd2d16d9c70054b22f7d04f39873ed0bf962cb7e2888acc1061ce2b7ba39829bc213b6de48e49380876fc93ea9ef3ee8ab0743744c19565ec0b6dd89403b8b0941acdd286a185494ff725b262719560c18f0749711533caf9efe4198dacbe5aa9faec53c1d2c558c89580227a224fa3dac87594272c4302deacf9214d66866686a0a85bb9c917e9c0e9f332423bead6300a8b72d6551aca59653d50284fd9e0348bfceb0ef20674c4a3ffedb5cbe54b265ad8a3051d4faf427d0420b866db2fbd91fb738e1d74e33465221c63536e991de65cac9a08065d48a53cfdad417e79b58c13f0766da28b370b9ad9d8a136adbfb6c89324a4a99ad9100369e50ba09ba00014a35da7332aa9dea06771bdaecff61c521bc0f8b5b5fcf90535ab18f6475937b582d192a98317db0dae18d053e1c497b5f2deb03536dde2a829ac923585246a12127116d25d70925b90d20a4cadea3dad14762b0e7abeced0614b7ea1d8f710a3acff1628bf71182b921a1291e2a7515515898f7712a2483bf2af1003f03f04566b5ad10c5f0e640756ee6713a5ae89b312e93a30d6d686715c9d6e4f62bab7275df9d3c2a95022a914ca2b16fca2e7aba864cff49dd4f60b19eec59edbbb007e5447d8940a8729b2b47b063d1a40431e31de6f2ce3b605355bafc61febc596f4e8d38ccf4f3b5bcd43e0de37a4d099519871df37ab14f5acc5f4812449097e2118923be001a6c2a5095d927835bd9738d1c2e41b6d199805cf6c4e67d1be1ead271dd308b0f9cd4a35eeef62742c4dd8b290861045fe8305d9fc141166fefbfab91995fda3778a467107095c62960701f40151697a999699db34e18eba70cbab49947b6621729f1e19e88a4f616f23d8963579d249214f43a735a24c4e13e2bf3993c2b78f999edc2691930e8ea0b33b9b3ce036e85a7c3c9b5aa717b7c06c6c39b47e7380ddfc38d3de32df00f1c1f0a8632d9ecc89443c36b17875c0f78f4b7d7b3a18cd335518754c3e6979a4209495708adb72a7705b001af17cc3caf8aed80ae648fdddb93787979a9c5fe65109db3dfe5728b478bbf593babe6c20cd84508a78540c5f04d35281e9dc4aa3e2213635d1db327eaae36d7028b235d7a91ab6ef47c74fc23bb47922dae775c80acb473f1420415636caf7875d6927f0303e5f2043115741895cee7b22c1d12dc78f1f5db320c6c37ae42b8cb7a50c72aaba5fab447c13493a0e1b98e3a184c6d2e76c424a31631a77c4b922dec1a89914a6aa28eefcea142eed5c77999400e5c9d58df9d909856231c888c8c72832f8c2d5bcb21f4db77aa60d0ea5975501e56d80e254b2e9325fbe6d7452800bd611a57effbe8bdd1fe4b4e65659436b2d124ca4c4fce24ccb057f57c795502e987dfa9bff768ce9d9d6aec749673ea71b4d8e0b98124bcd1f745f15d4f5d6fd57071daf03af0097b74b5d8d7610bab76153cc65e9208f1628f25a1ec21820c5875b1236690ec9dc526c315f5e63ad430278e5eaf9260c3b8d450787643f32b6ad1cbcf39ed3fe636bad238abbc5bef249c141d8b03e57ee264cfe4f516f9f7bdb5f4ed0114b4db4c789688431cdf4ed5293bb7c7d43c6a185ab5f097a69f0b56f9373f9f53f4b0b3b2064bdb3a89552fde671d747304924eb7d29f8e97088f0830cd072ef23e77c710fa8b2df921529be39fac6d71e1b89d74e148141e02441d5dd80a7156dcae45bd16dc845fea1e17af9ea3bb47990d4fe5f285c2c0895917f0fd1864897a461e659d195e95aa3eedf4bb", 0x1000, 0x100000000}], 0x3000020, &(0x7f00000025c0)=ANY=[@ANYBLOB="6e725f626c6f636b733d78ee7025746b2c687567653d616c776179732c6d706f6c3d6c6f63616c3d72656c61746976653a31372d352c73697a653d65256d2c73697a653d314e08673174382c687567653d77697468696e5f73697a652c6e725f626c6f636b733d7037782c686173682c646566636f6e746578743d73746166665f752c657569643c", @ANYRESDEC=r1, @ANYBLOB=',e\x00\x00\x00\x00\x00d,', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) syz_mount_image$vfat(&(0x7f0000002900), &(0x7f0000002940)='./file0\x00', 0x7, 0x8, &(0x7f0000002d40)=[{&(0x7f0000002980)="47ae7389541f38d1731983f10ac22688685ddc65cc4acfe56706d2cb774e668b0f0f4b937af5f3ec960597feb7c104558744654a61046ef3ec9892ed6c97b66032c681aa65ba7c6867d490b16d3540d86f61c22bd109eb76160d177fcf84af2f99014102abf99aa9d54c8aefbe93da4350d6e43614602f2e01970c87b04129e4f957c9b55c25f8223b1c4948190aa680103bf5343a864554acd7dc51382bcc93f4eb669280b3a8515336c466720b55", 0xaf, 0x2}, {&(0x7f0000002a40)="36217988627c332fec4154", 0xb, 0x1}, {&(0x7f0000002a80)="bb8807164b4cb91df19cccbdd8b966626fd3204676dc5aebe2503fc09ed82f3c9e4fc3cabb0f43ee387d2ca026435cc67f9d54545b2dbca0a8b0f32ba109251ad96647991da989540ebd1d58f3bb3efe12172ca9c3fb840aafb5c447a2b9e165591e09e0", 0x64, 0xfffffffffffffff9}, {&(0x7f0000002b00)="eec6b4a0b531690742a2e375a7802859ec836d45a244efa24f410572c216df91e95fa015e78396c69045f14e33e44c5a90f208ee37eca18b5398874c4a61f7c9f23f03514ab02f64d30e475e4a0473da6ea112fe65873b95ce1bd66069d20e8902e19ed877a51f9619ca5953b8d9b8bd46c35c8aa05a76428ed02da0176fabab8639a48458a7a806d40811462e9a3128b0c26902fdb3c1040057c1941e5d5d002a41aba32ffcb9f27a6c3bedb4258627f92b7bab524a1c31bb0e6f03fc3af08e9e6abdef9f9f1f3ec79804cef2b5f3a247704dba2638c48ce2a017b05fb2d5ce0f18afa4502842e1f38c81627be5b01e", 0xf0, 0x9}, {&(0x7f0000002c00)="b2763165cfe105fb7edf74f18c17c14335b0b5a8360fcbf1351dd17aee534a14fc81a1de6597e352ed7bf4495e24b5", 0x2f, 0x1}, {0x0}, {&(0x7f0000002c40)="6a75a189b7ce5aab104918a45fd86ff509b718dab924965c95f571bfe62b9956e2aee625d864cea2b04ed5dedd95", 0x2e, 0x9}, {&(0x7f0000002c80)="7b0827ea7d73447f4a05ad07568ccb5aa3c9b57a0489c632397397b7da46c63d00c6a2587156a520e379d1e2976699ae4c611c12d04688e0f06b9a093b7245293bbbebe713b9262264e7c07844d2fc20ed4c29a959c1ae3f8027832e9c545c87a264ef63cd704246bb11266306924a1c94c47d2673d2ae7e91c64289b5f7bbcfe16b2d92", 0x84, 0xbff}], 0x1000000, &(0x7f0000002e00)={[{@shortname_lower}], [{@pcr={'pcr', 0x3d, 0xd}}, {@audit}, {@seclabel}]}) 07:33:48 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xb000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 121.346721][ T5712] loop2: detected capacity change from 0 to 255 [ 121.418938][ T5712] SELinux: Context system_u:object_r:initctl_t:s0 is not valid (left unmapped). [ 121.433290][ T23] audit: type=1400 audit(1636443228.121:170): avc: denied { mac_admin } for pid=5708 comm="syz-executor.2" capability=33 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 07:33:48 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xc000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 121.454637][ T23] audit: type=1400 audit(1636443228.131:171): avc: denied { relabelto } for pid=5708 comm="syz-executor.2" name="13" dev="sda1" ino=1156 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:initctl_t:s0" [ 121.489009][ T5712] loop2: detected capacity change from 0 to 264192 07:33:48 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000003) 07:33:48 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 11) [ 121.576461][ T5712] loop2: detected capacity change from 0 to 16383 [ 121.593407][ T5722] FAULT_INJECTION: forcing a failure. [ 121.593407][ T5722] name failslab, interval 1, probability 0, space 0, times 0 [ 121.606159][ T5722] CPU: 0 PID: 5722 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 121.614487][ T5722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 121.624544][ T5722] Call Trace: [ 121.627823][ T5722] [ 121.630761][ T5722] dump_stack_lvl+0xd6/0x122 [ 121.635371][ T5722] dump_stack+0x11/0x1b [ 121.639558][ T5722] should_fail+0x23c/0x250 [ 121.643990][ T5722] ? jbd2__journal_start+0xf7/0x3f0 [ 121.649201][ T5722] __should_failslab+0x81/0x90 [ 121.654036][ T5722] should_failslab+0x5/0x20 [ 121.658608][ T5722] kmem_cache_alloc+0x4f/0x320 [ 121.663702][ T5722] jbd2__journal_start+0xf7/0x3f0 [ 121.668841][ T5722] __ext4_journal_start_sb+0x159/0x310 [ 121.674402][ T5722] ext4_iomap_begin+0x408/0x630 [ 121.679300][ T5722] ? ext4_alloc_da_blocks+0x100/0x100 [ 121.684679][ T5722] iomap_iter+0x395/0x4a0 [ 121.689017][ T5722] __iomap_dio_rw+0xb78/0x1070 [ 121.693947][ T5722] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 121.699772][ T5722] iomap_dio_rw+0x38/0x80 [ 121.704143][ T5722] ? ext4_file_write_iter+0x501/0x1200 [ 121.710308][ T5722] ext4_file_write_iter+0xac3/0x1200 [ 121.715610][ T5722] ? ext4_file_write_iter+0x501/0x1200 [ 121.721135][ T5722] do_iter_readv_writev+0x2de/0x380 07:33:48 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000000b) [ 121.726343][ T5722] do_iter_write+0x192/0x5c0 [ 121.731066][ T5722] ? debug_smp_processor_id+0x18/0x20 [ 121.736443][ T5722] vfs_iter_write+0x4c/0x70 [ 121.740955][ T5722] iter_file_splice_write+0x43a/0x790 [ 121.746342][ T5722] ? splice_from_pipe+0xd0/0xd0 [ 121.751228][ T5722] direct_splice_actor+0x80/0xa0 [ 121.756343][ T5722] splice_direct_to_actor+0x345/0x650 [ 121.761833][ T5722] ? do_splice_direct+0x190/0x190 [ 121.766936][ T5722] do_splice_direct+0x106/0x190 [ 121.771799][ T5722] do_sendfile+0x675/0xc40 [ 121.776295][ T5722] __x64_sys_sendfile64+0x102/0x140 [ 121.781537][ T5722] do_syscall_64+0x44/0xa0 [ 121.786016][ T5722] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 121.792023][ T5722] RIP: 0033:0x7f7c25405ae9 [ 121.796455][ T5722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 121.816281][ T5722] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 07:33:48 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='freezer.self_freezing\x00', 0x275a, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) sendmsg$NL80211_CMD_AUTHENTICATE(r1, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r2, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x8004}, 0x40000) fallocate(r0, 0x0, 0x0, 0x3) 07:33:48 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xd000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:48 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 12) [ 121.824869][ T5722] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 121.832849][ T5722] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 121.841183][ T5722] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 121.849160][ T5722] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 121.857216][ T5722] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 121.865218][ T5722] [ 121.911370][ T5716] loop2: detected capacity change from 0 to 255 [ 121.925732][ T5739] FAULT_INJECTION: forcing a failure. [ 121.925732][ T5739] name failslab, interval 1, probability 0, space 0, times 0 [ 121.938414][ T5739] CPU: 1 PID: 5739 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 121.946820][ T5739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 121.956949][ T5739] Call Trace: 07:33:48 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xe000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:48 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x15, 0x0, 0x0, 0x5}, {0x15, 0x0, 0x0, 0x7}, {0x6, 0x0, 0x0, 0x7ffffdbf}]}) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x20600, 0x0) syz_io_uring_setup(0x183, &(0x7f00000002c0), &(0x7f0000148000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000280)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @private}}, 0x0) syz_io_uring_setup(0x183, &(0x7f00000002c0), &(0x7f0000148000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) r7 = socket$inet(0x2, 0x4000000000000001, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000280)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r7, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @private}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r2, r6, &(0x7f0000000400)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r8, 0x0, &(0x7f00000003c0)={&(0x7f0000000180)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000200)=""/23, 0x17}, {&(0x7f0000000240)=""/50, 0x32}, {&(0x7f0000000280)=""/138, 0x8a}], 0x3, &(0x7f0000000380)=""/48, 0x30}, 0x0, 0x2}, 0x80000001) r9 = dup(r1) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r10, 0x0, 0x0, 0x7fff) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r9, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x6000}}, './file0\x00'}) ioctl$BLKTRACESTOP(r11, 0x1275, 0x0) [ 121.960349][ T5739] [ 121.963280][ T5739] dump_stack_lvl+0xd6/0x122 [ 121.967971][ T5739] dump_stack+0x11/0x1b [ 121.972132][ T5739] should_fail+0x23c/0x250 [ 121.976585][ T5739] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 121.981882][ T5739] __should_failslab+0x81/0x90 [ 121.987006][ T5739] should_failslab+0x5/0x20 [ 121.991504][ T5739] kmem_cache_alloc+0x4f/0x320 [ 121.996265][ T5739] ext4_mb_new_blocks+0x328/0x1ee0 [ 122.001394][ T5739] ? ktime_get+0x1b0/0x1e0 [ 122.005883][ T5739] ? ext4_get_branch+0x27d/0x2e0 [ 122.010874][ T5739] ext4_ind_map_blocks+0xb1c/0x1740 [ 122.016149][ T5739] ? preempt_count_add+0x41/0x90 [ 122.021128][ T5739] ext4_map_blocks+0x6e3/0xf00 [ 122.025999][ T5739] ext4_iomap_begin+0x4b0/0x630 [ 122.030834][ T5739] ? ext4_alloc_da_blocks+0x100/0x100 [ 122.036260][ T5739] iomap_iter+0x395/0x4a0 [ 122.040598][ T5739] __iomap_dio_rw+0xb78/0x1070 [ 122.045353][ T5739] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 122.051155][ T5739] iomap_dio_rw+0x38/0x80 [ 122.055473][ T5739] ? ext4_file_write_iter+0x501/0x1200 [ 122.061041][ T5739] ext4_file_write_iter+0xac3/0x1200 [ 122.066417][ T5739] ? ext4_file_write_iter+0x501/0x1200 [ 122.071870][ T5739] do_iter_readv_writev+0x2de/0x380 [ 122.077126][ T5739] do_iter_write+0x192/0x5c0 [ 122.081736][ T5739] ? splice_from_pipe_next+0x34f/0x3b0 [ 122.087274][ T5739] ? kmalloc_array+0x2d/0x40 [ 122.091995][ T5739] vfs_iter_write+0x4c/0x70 [ 122.096485][ T5739] iter_file_splice_write+0x43a/0x790 [ 122.101936][ T5739] ? splice_from_pipe+0xd0/0xd0 [ 122.106788][ T5739] direct_splice_actor+0x80/0xa0 [ 122.111771][ T5739] splice_direct_to_actor+0x345/0x650 [ 122.117131][ T5739] ? do_splice_direct+0x190/0x190 [ 122.122140][ T5739] do_splice_direct+0x106/0x190 [ 122.126990][ T5739] do_sendfile+0x675/0xc40 [ 122.131523][ T5739] __x64_sys_sendfile64+0x102/0x140 [ 122.136790][ T5739] do_syscall_64+0x44/0xa0 [ 122.141208][ T5739] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 122.147225][ T5739] RIP: 0033:0x7f7c25405ae9 [ 122.151678][ T5739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.171304][ T5739] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 122.179712][ T5739] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 122.187689][ T5739] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 122.195648][ T5739] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 122.203768][ T5739] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 07:33:48 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 13) 07:33:48 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) chdir(&(0x7f0000000000)='./file0\x00') write$binfmt_script(0xffffffffffffffff, &(0x7f0000000440)={'#! ', './file0', [{}, {0x20, '\x9e'}, {0x20, '['}, {0x20, '{I\xeb\xeb$V\x91n\xd5l`9\x11\xcc\x9d\x97\x05xO<{\xd89%'}, {0x20, 'T\xa7{\x84\x9f\x88\xce~\xef\\\xf4\x9dp\x14\xe3\x914so$\xeb\xa0\xb9\xb3f\x90\xdd\x8d\xda\xad\x03\xc52\xf7\rV\x99x\xb5\xe3\xf3\xf4\xe4\x8e\xda\xd6+cR\x06\xbeV\xa1#(\xfd\x97\xcb\xb0\xa2 Z\xb3\fl\xd8\xb11\xfb\xda\xdc\xb1\b\xe5\x0e*\x1c\xfaV\xf6\x8fk\xe7\xec\x8c\x0f\xb3\xfe\xa0\xc6\x19]B\xfd\xbe\x85\xaa\xd5[\xdb?\x17\xec\"\xd9\xed\x96\xef\xc0.\x96\xa7\xf6\xe4\xbaV[\xc6p\xdc\x88a\xa1\xa6\xfc-\xcd\xdc2\x80+\xc2\xc0\xe9R\xa5\bh\"\xf3>\x97\xbbMK\x02u\x17\x86\x8f\x1c\x15n5rI\xe8\n\xdb\x9c\xb4;\xb3\xaf\xc1`\xb5\'8\xe1\xf8\xd5\x9d\xef\'\xa9D\xa5:\xdbQ\xd7\xaf\xbe4t\x84\xd3I\x18,\xc3D6\x8d\x02\xeeeq\xd8\a\x90.m\x89\x13i\x0f\n\xb0\x92\xf5\n\x01\xfc\xfa'}, {0x20, ']o'}], 0xa, "c5318efeead706aa101ff48386e3387387e0cbc0e9f189094d0b4fcb0a3b584b2337448699c4e93af63e1e067b66d3e494318943cee7d2bda8d6ad01d5947bcf21705f38432dde4e8a4b279a226496a8722d2a00476a75e10d966590ed3fe89bdf55f3d59f098d1c8aa48ef971169bc4fadc8cdf0f5e9d5674a525e166a084f3c92082fa702b7145"}, 0x18d) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) mkdirat(r0, &(0x7f0000000100)='./file0\x00', 0x108) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) getpeername$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) [ 122.211996][ T5739] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 122.219966][ T5739] [ 122.284345][ T5751] FAULT_INJECTION: forcing a failure. [ 122.284345][ T5751] name failslab, interval 1, probability 0, space 0, times 0 [ 122.297034][ T5751] CPU: 0 PID: 5751 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 122.305538][ T5751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 122.315695][ T5751] Call Trace: [ 122.318971][ T5751] [ 122.322046][ T5751] dump_stack_lvl+0xd6/0x122 [ 122.326647][ T5751] dump_stack+0x11/0x1b 07:33:49 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x10000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:49 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000008, 0x4000010, 0xffffffffffffffff, 0x608cd000) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) ioctl$BLKGETSIZE64(r1, 0x80081272, &(0x7f0000000080)) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x21000, 0x0) ioctl$EVIOCSMASK(r2, 0x40104593, &(0x7f0000000040)={0x4, 0x1000, &(0x7f0000000180)="3b7339594211d87fc7430ded163118ecf8904fba08e078e3055685e228391e0dd41e7e9077cdfa7476b30e8164baa3a6fd202e68ed1f433a09fc7dfe1373fcf44ccf681e3e22c6929e356b63ef332276c160e15b0d6dcda96c0e608358e4c1b9cd83e32899aac17c55e1a96819308055f9b28c46972d7e9680da984a6ef5496c8c45e51fd3a38524e6528f11c3687cd81467b7b3b253878c7e9e65fde9007d12be6ca435dcd49c3115a1f2c8fadeead168ee91e5b70e2b90a1397f09f883b5146225fb4c718849a9b6eaebdaaeed3d2072dff1641a8c5e2f91e3669a29d58808c7b4b0176c346fb9f31c63083e06e94526c6be8060e7e609cb719abb66139868f437bb90a074c8d353ac5bec80220af975bca20f3584bc01ddf47b4d8579e2592c8e633e566266253ec14fddcdef1a50c83fe68b0c43a2f6695b373662f24ecd37ac1b9ff9a863f2b4a74cd5091084ec5aaaf1f7a059747d0f48e9ea900f8ea404126c6264d66b87dc894391eab91c6105cc929a6294bcf2f1f73b7ff9b5047d3224412f400f1e2cd58626586810bbe64b767ba9bd296a02e245cf62300a9e6bad73cc511b23a82139b0710bf79a9324c4416864c942c8701517860e61054bc95d0c87347f1bed8c54ab855442efa0b2dea3ad657863fce2b948a840a0b51a7c6ed380dc73bbb3295fabccc8aa7b614225f52e2fd6f9d11f412ef63d3b8e205fd8ac693674b627cb06e7e01695e0cf97d3c76301a7990afb92fb36a08f2b538e1763f58818e7bb0966b469e75f367b8cb24ac7559773aa8d7e9fcd86e3357c850ef2faaf6f45b98814a6c34a50bdaeae44a6df9736831502ce21941d6f6eb9c0609403340878d83cc01c35001ca9fc873454cc7442dcb971dd626c6bca09c7f180845d09675d0933a5ff789f399d5c029e618c2e4e84492829528539cb650408b5b395bacc84bb08384ea9be95538060cb8ecfdabee8cc142f9933c9f0b85461a7a86a020f8abe1d52bf809f3fe25a457ce9521e61fdb26d66ecf5f4498b5c2cf8c3c28108fe88e23448596ba81d8e2ee426863230fa4732c8c5a8b6c8278d1faeca2b0a03732ae7c034f6f11b2560884d6a922144a047c80586f0d8994bf532bdcf14d589f043c1e57ed5e58dcc4bc56d08c80f1476164ceccc4e93bce73f43416262348a062d9daae1a80c8ccd7aa34bcc735a97564e85f9ae61295ee825a3e6ff367f0cff5768ae2a0e144079682f7c02a339b8c57ab5303c6abb7aff022815979222d6a902f8332d3f395ae559903067106a4c0954728edd36db92876a93aeb90085d7b276fecf75288e4950515eb2a6ab35134001ca5122383ace24f7857238f134b02a70a89e722b1d830c1a5a2d3942cc97cb7db0148d3f7955445f8d69be19932d802a87f48c445e050571a7a3736c80aa72016a2804aa897547883ca2b177a155d91b80e239d0a0515c4b5260172ff44dcbe340fe474257f667efbd95d49e113d322c9b738ada33c83afdd3d56a348d3985d2fc098ebe769ba749ba99eee53bcbc8a076f7b994f90e1d2965386f92392e5c256ecba11fe39aac2c534fb503e711be22556cdac4f70a2e80f96b4a01dd1916fbea64e5ca9d3f94077f92718bbb2074cee06a9a23c9f1f58bb573dded29968036819801b3236ed76a67832a1680af06926819512786984136af398e513709ecb54520639398fd0310b1f2b6dab4aeec7dc2e6862255e3caab2bda3fac34106a9c4e0b0bddf5264afe9ade8a43aa2aa1fe23b08d2c7816b146fdeef6ec671777a853da79c60fc3090e275b392e3804657b3ab8d1c240ddf6a754ca728c358a22ee4a1a1603c158a6bdf3faca1a3e7e0be935007ee7813951ac6ba6e7f3000fefa09387697f24be2566f69797ec3d8cc168074563f9669329d62ee01f20153612fa683ba06f5c219c3dd82f637a95ac5843e6a3c2923a08fa357abde2d64888588727db5db35e4300603dc87f208acd5dd8e16839ca576a8b5a75885a81a03236c0baadb92de0b03138cc18d5127730c31ee162400d40f1e97ab534f685add7fe8b8c167b7b866fbde41caf6f0d5d376155636f2f77d31265328db496ef937928a2adfe50419d54e6f3c1c36c6183dd1362d07b4a4438da80da2e01eff490b47f148c00e768bf008045f4b7ef7cc41a8d7577c8030810601568c1cd076f4279052fcc5cf10b9065d47c1a8cbca63c60facb8cbd453486ce7300eb2d3d97b109fcbcfdc33ff83cc599df1529bf7b208039779520cbc7842930cc0969041896af8d2b900bf0ed6fad1c6679e057c176ef5192dca10c40c1b96dee9def5f57c7619099422de51a89a1f8b7cb4f5bf3137bb4f3fbb2b6907b9841d435a8fd0d5910a059e16f26af65ffb445f3636d954d68d3acb87341b23bfeda96703caa0e40d35632ea828224a8ed1d3cca6b38de976cf953f866da7285b4f0b64f67b04d2774334bb94839ccb66819e4c4ff4052100747090c4822193392df9b679eb096f7031494fbd12f6eb31045e75d59186fa49647e72ddd286d010036307e82082785b0cfd295db5b9c051370c75b77a8bb1d2ef7c816527f46ee5b1100565938f0b7a7fd48d6989b3a5bd1cc0ddf7570e8c253081f6c8befb70eee0b97ce0c16279298298c520fe6db8b8e37572843983c1cfb2ac7e461ce30ca66557030eb6c8d4b98dd9cacf2a4cd99677660e9680a9dd6d34ac699c0146754db4e645eb2425b03031b487b6432da4fa0fe376bcd943a991a78a89f44688c428fd6e225128483cc5f623be759e39ed3d73bb2c6d4b740bb98173cd5ac15bc2ca22398f9ac418066f0f3212f551a39b586152d7fcf873b1b844c14b3f313913742c28f6d1f81e08546c802b6c67503ca64cbacb33cb028c6ba22f5f73bdf6f5f9d8bfb1c54dfc546a222d3fea858aeddbee453dfee90655fe6063341c4522fae6a46fe7cf2673c3446d0a5c666941c9ad44ed2c3c3bbbbcdca0acdc421dcd315dbacfb0fce6a019c4167942053f3afb78f33004ebe88db42200da0545617f73ca1f7f9252fb2dab6222bf624d56c5f959ee370fced91a9ee46646a5af2262b9b0d68618d27ffbba7d2904889d8b8502cedba648e1e2e63db3c7ab168472cb604806d08a16fe52be9274508b38f32d83a5ff54fc37dd4fa721df23fdcf39aa55740c6d9a2252b7fa14b315969bac69e5e255aeee755a055fb1be4eed3e5e595d1f75a4ad67ddde04bbbde2e84d9a27891eb87b5f3dab5ce4958f38175f879b101a4fb3ce95e4bf0fc1cec0c77795f875c7dd95566543277313ff51a3ad91bde63cd7534ba8f3bb8da9232bf7c7b910997c84f0bfdbd4477447c50ddede980c8af7a70b5717459b3bfe15f059ff38f90e45bc30a55273d0e98e328947248c1f4afeebfb18357e50e8b12f3a37bb0f21d0bac695270ceebcf09adea4249a31b5bbaa69e39ca35dd4950eb8f3a02f52d81fc681a47d7fe0fc20eaff2fdd37990c73e38858870a546c0fb04c9cdc04f23b7453bd7964b39ac022614ee296a82bffc3e90cf263a2f0a20934fba9f3181c1330ccea1b041acc30253ec11cb1a7d211b79ad89b8a129b0a35817635f5306c03536d02ec5186bb776fac4637d73ec66e50867ceadc8775e812dab93dada59974c893d57c110a19e07891359c2b98c368c297f15d302a8d598672560246f5412d16478fbf50342ca573c26a7e5b3900cc94b5957bc2a7e9ecabe0d7e06a462ec4b2c7a2724f2229d1f6ee2d657417e62ee2d6f56df5e34ed83b1bab7273ccbf79fb393419fa014bd45f492463468cedfa08851abe544d80a1f16da53b1a8debfb630097962fd85f1aa135ab9535bdfc9425da9642a154200ac0376441250c72848567239d346f98088e108a51d23d8465f593c34fdc6fd146324520b12ffd7e1559b2101cc13ccd8f866f7ba149158ac5d40752f2fd741686bd5e3359ba3d2ce4e08341118d7cf8c8cdfd3c8cba67fbcc4b5a4d8d034fe96a19d40cd170ca5c5a144feb6912a9c71d19f20eb70ce74feef8d4f16fae73b214052bb6dc27c802a95b2836efd28a2fdd0b44b14340a55eae3c8bec2d272e02216121b552bbf55099db4d20f4a97df4ce722b18ef4ff1d13eef028b611823e13993c5bee4ed1a105bf6c07c5bc3491ab1fc3a6d4f10058a95a6d29c8fc2edbcc97d72752c3b0fad77768d85ca8a389504f9c66b8409a29a66e30a0beebd65639b18c73605847ea6fad9e20b3b9525350988f2c0ab65a12bcd7361623bc2a2c070c9bd4ac21ce15f5510cc28ea5cbb1cd1d110e9454b61b329bfc3a5bcb01f01529e4f631bc0abedaa9c65bbc072de603771ac7e00914339a0d868dbc82bd1d908791a9a0881aca3702008d3a2409e100bdb68c6a379acca103311424f1c134bd052159bf1cf290a80bbd2fff58a6ab3e752c648687409e9ba4423c3c0f26d94656e717ab673aca8a20b3f784db3d2a571dda7698c818253b11058380d8c2f6617a93b68c684d976a9c2b47e9c6b220459dad951da8da072e2e3f81dac764092a134424cb444612290ed2691ecc3ef93209be7e0c0553bdc323d0c095872641530f5c1a6d5ca28674d3e958c4b10d7476a79363caa1d6aad99d1cf40012ed40d701524653478151b2706b78b5c4d1e871fc9ee10914efaeb67ea3b7a8d37ed6d0e3f764bf3d3275d163a5769c5851f39b29849d4a8c9bd30137522a86d2492e9307ed5ed931d13d7cf17fbf61037b3ea6719037c7c4606129913e358a00221e44250fc19f690e7b223c2432e038be9a2d23fcdb6e51759eede980ed5ed7990f16135962002a5a0feca4d8545414deb366262ab0e351e7f78f3fc58cc7b9dad3cbf55da78ea56dddc7800fbc15aa7534c7009a7e275bdd4b86f7ec4241d102d46098581b589928059de0b2ad7e036a62dade5e5959d59a30f6f1cd953b91ac6110452513aacb5b5c5b77f6e00a2d66732876c1ea0f6c79b67565fba06947ef210db30282b19b43db6945a5e1b134a4995f9aa82738539f2bab1f993375e4a09d7f4923f0a5b90ec7251e56005f4b5dcf266d49afa45a67d8e40204646173af8aa4289ce4f591770b819f5806e3d9269ac62233f81434448d15b207a37c8c30824a41453d5895d956b33553cddb56b1ef3b5533a415568441171e7680fee229d3c3111a2d97780f5048b3453df48cbe9d8630da3a6b155ef41d733195d612316f3bf7cfcb38fe1b1ff98fccffb0d19ada918182c7df28720fe0f89434aed6df3239e85a5a9b1aeb86564327ec9ae87c40498dfcdfa29938c3a9e01cefbca5dcb0b9c1f509c193a02451aae8527079bb047eeabcbedcc2f1966e60fb76b8cd23c7eebc2d4d535c03e353a1ace5661c6734bebb491f2a8ba3710aa8c77fa9163eceaca4bf736c7e66c8397e89b800b3ded3a73dc82ff6f876d1eaf5deeb87868cb0de8387b60b46e1dcacce5ac9156ee72531388b6786cb3b51a99e945819d019fd9b1869873f9686f7fd802bbd674d74a27ee9234e5148438fd456edfba0592d82d333b9f3e248cc56a5bc9413d84fd6c4fd48ae64ba334c11879bddcb0f3dba51a4748fb46c3c52dae59d3393995150d7e0cc2e968f995f45b038c45700d3efdfffa0422131eea3944c052b756c6c710c5635c4c8ab11b8d86fd63085c333f79253a3effd09fca92568823471039b5942d7e372d95ba98b2f641636b00b4b4d87f9db924a634aa0b8177d1c10202d01ebc8893a55a831a88adb40e3eeb669f0c8cc16d6a1b953904151bd5646831478"}) 07:33:49 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000004) 07:33:49 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x10a) [ 122.326668][ T5751] should_fail+0x23c/0x250 [ 122.326746][ T5751] ? mempool_alloc_slab+0x16/0x20 [ 122.326764][ T5751] __should_failslab+0x81/0x90 [ 122.326784][ T5751] should_failslab+0x5/0x20 [ 122.326866][ T5751] kmem_cache_alloc+0x4f/0x320 [ 122.326887][ T5751] mempool_alloc_slab+0x16/0x20 [ 122.326906][ T5751] ? mempool_free+0x130/0x130 [ 122.326925][ T5751] mempool_alloc+0x9d/0x310 [ 122.326993][ T5751] ? preempt_count_add+0x4e/0x90 [ 122.327014][ T5751] ? _raw_read_unlock+0x13/0x30 [ 122.327093][ T5751] ? jbd2_transaction_committed+0xad/0xc0 [ 122.327113][ T5751] bio_alloc_bioset+0xcc/0x560 [ 122.327182][ T5751] ? iov_iter_alignment+0x34b/0x370 [ 122.327205][ T5751] iomap_dio_bio_iter+0x5ed/0xc70 [ 122.327227][ T5751] ? ext4_alloc_da_blocks+0x100/0x100 [ 122.405171][ T5751] __iomap_dio_rw+0x8b5/0x1070 [ 122.409954][ T5751] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 122.415949][ T5751] iomap_dio_rw+0x38/0x80 [ 122.420427][ T5751] ? ext4_file_write_iter+0x501/0x1200 [ 122.425896][ T5751] ext4_file_write_iter+0xac3/0x1200 07:33:49 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000000c) 07:33:49 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0xcd) accept$unix(0xffffffffffffffff, &(0x7f0000000040), &(0x7f00000000c0)=0x6e) 07:33:49 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) ftruncate(r0, 0x80000001) fallocate(r0, 0x0, 0x0, 0x7fff) [ 122.431306][ T5751] ? ext4_file_write_iter+0x501/0x1200 [ 122.436807][ T5751] do_iter_readv_writev+0x2de/0x380 [ 122.442058][ T5751] do_iter_write+0x192/0x5c0 [ 122.446651][ T5751] ? splice_from_pipe_next+0x34f/0x3b0 [ 122.452196][ T5751] ? kmalloc_array+0x2d/0x40 [ 122.456788][ T5751] vfs_iter_write+0x4c/0x70 [ 122.461395][ T5751] iter_file_splice_write+0x43a/0x790 [ 122.466799][ T5751] ? splice_from_pipe+0xd0/0xd0 [ 122.471700][ T5751] direct_splice_actor+0x80/0xa0 [ 122.476642][ T5751] splice_direct_to_actor+0x345/0x650 07:33:49 executing program 3: sendmsg$NFT_MSG_GETGEN(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x10, 0xa, 0x101, 0x0, 0x0, {0xc, 0x0, 0x4}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x10) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r1 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x151c00, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000008, 0x12, r1, 0xab959000) fallocate(r0, 0x0, 0x0, 0x7fff) 07:33:49 executing program 2: ioctl$BTRFS_IOC_BALANCE(0xffffffffffffffff, 0x5000940c, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) r1 = openat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x10100, 0x5, 0x1a}, 0x18) renameat(r0, &(0x7f0000000000)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00') [ 122.482018][ T5751] ? do_splice_direct+0x190/0x190 [ 122.487067][ T5751] do_splice_direct+0x106/0x190 [ 122.492038][ T5751] do_sendfile+0x675/0xc40 [ 122.496455][ T5751] __x64_sys_sendfile64+0x102/0x140 [ 122.501685][ T5751] do_syscall_64+0x44/0xa0 [ 122.506152][ T5751] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 122.512052][ T5751] RIP: 0033:0x7f7c25405ae9 [ 122.516511][ T5751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.536118][ T5751] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 122.544608][ T5751] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 122.553204][ T5751] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 122.561175][ T5751] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 122.569213][ T5751] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 122.577188][ T5751] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 07:33:49 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) open_tree(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1) [ 122.585163][ T5751] 07:33:49 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 14) 07:33:49 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='freezer.self_freezing\x00', 0x0, 0x0) r2 = signalfd(r1, &(0x7f0000000080)={[0xffffffff]}, 0x8) ftruncate(r2, 0x409) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x810, r3, 0xd20f1000) r4 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) ioctl$FITHAW(r4, 0xc0045878) fallocate(r0, 0x0, 0x0, 0x7fff) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_CLOSE={0x13, 0x5, 0x0, r1}, 0x80000001) 07:33:49 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x11000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:49 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x80) 07:33:49 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000000d) 07:33:49 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000005) 07:33:49 executing program 2: r0 = getpgid(0x0) sched_setattr(r0, &(0x7f0000000140)={0x38, 0x1, 0x21, 0xb7, 0x0, 0x0, 0x4, 0x0, 0x3e0000, 0x8}, 0x0) r1 = syz_open_procfs(r0, &(0x7f0000000580)='net/rpc\x00') fchdir(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NFNL_MSG_ACCT_DEL(r1, &(0x7f0000000900)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x4000030a}, 0xc, &(0x7f00000008c0)={&(0x7f0000000800)={0x84, 0x3, 0x7, 0x801, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x7ff}, @NFACCT_BYTES={0xc}, @NFACCT_FILTER={0x4c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x71}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x7ff}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x4}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x7}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x55}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xfff}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x800}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x48000) sendmsg$NL80211_CMD_SET_PMK(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x44, r3, 0x713, 0x0, 0x0, {{0x67}, {@val={0x8, 0xe}, @void}}, [@NL80211_ATTR_PMK={0x14, 0xfe, "5d289af4ab41f37c0640e3f452b751d5"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "3009504f65df292ebd76722a61b75ede"}]}, 0x44}}, 0x8091) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000080)={&(0x7f00000002c0)={0x2b0, r3, 0x8, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @void}}, [@fils_params=[@NL80211_ATTR_FILS_ERP_REALM={0x8, 0xfa, "af00b2a3"}, @NL80211_ATTR_FILS_ERP_REALM={0x96, 0xfa, "3f402182d2d1b95b6e1351b63d8c4bb949192af7b8831ceeae2a241bc9c530081b7d766a7105d4dfcbd2ff112b3850282f758ed937cf5aceeabbb7eb89a0eadd27685734c3fc9e9fa735572484dea0d61a6642f79c20c09b5a9c0176b22b8b4b47352c40a17f65e9eeeb12e3b6ce889c29b63f794fedbb3ee2d786f92674fc80186daf2e05dccd348527ceec8c7bd8f8689b"}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x2a}, @NL80211_ATTR_FILS_ERP_REALM={0xea, 0xfa, "ec437669cdccfa5f848501a1fe7c873ec200672b3c020ff4cf3594a61f3f8ff84656bc18703bc42e8dec083ee638975dd8bb44b3d4b3c486c879c4924f0d6f74c748485631d45d03737c0641699bfc572359199e8a3365976f7b5b6f8e394231ee60eeecc4df74b83f8f676f487af6f45895fd32202ed3e823e8c50f2d80cf6b3e9a9ab7c7afe35506c15fda15ecba19d5129dd54744a4e6a73c9c002227460ada723756f2bcbbb83d91c45657cb5ed5e27c69dbf71368d3916c9df50bfa7ff6e5714923424306fb4dec121ef33bc3149b30a04886d74553ca8657ce37b97d96389b68a75b39"}, @NL80211_ATTR_FILS_ERP_USERNAME={0x13, 0xf9, "930576e2a01b8186153c8753ff7910"}, @NL80211_ATTR_FILS_ERP_REALM={0xeb, 0xfa, "64d7e047913c84616a16bf32188eef8bab4f5f164a62a65a1257818ab403b6f722aec3dfcbdc43a3b8411440ac010473823059015fd0eaf652689abae9bdc040b677e12db7ee5cea8d00c4d884bebc4d4c2b97833034458b365dc0e1f49bcedb5084db789c52cbe36df7d891becf8c4d87a0d82c768e9a3c7ffb68ff1ea86646dc8829dd9b09244c5d492071bdf8509a09cd8dd496d4cc9e516d78b8afe9851a9a91b96b9b4bcb9b727968ec08323c1077e657a45fce5156aad9e9970c7f58b54e22376527b989cef9e8ae5414a9ed9df56611f06e2a1716b242260fb93a7e0c36742751a94464"}], @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8b}]}, 0x2b0}, 0x1, 0x0, 0x0, 0x24008845}, 0x800) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) rmdir(&(0x7f0000000000)='./file0/file0\x00') r4 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f00000005c0)) [ 122.835190][ T23] audit: type=1400 audit(1636443229.531:172): avc: denied { map } for pid=5789 comm="syz-executor.3" path="socket:[19538]" dev="sockfs" ino=19538 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 07:33:49 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f00000001c0)={'broute\x00', 0x0, 0x0, 0x0, [0x101, 0x101, 0x3ff, 0x40, 0x101, 0x163a]}, &(0x7f0000000240)=0x78) ioctl$FAT_IOCTL_SET_ATTRIBUTES(r0, 0x40047211, &(0x7f0000000180)=0x8) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = inotify_init1(0x0) ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f0000000280)) inotify_add_watch(r1, &(0x7f0000000040)='./file1\x00', 0xc60001a1) readv(r1, &(0x7f0000000340)=[{&(0x7f00000002c0)=""/127, 0x7f}], 0x1) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000000)={0x0, 0x0, 0x2, 0x0, '\x00', [{0x0, 0x2754d81f, 0x5c1a, 0x80000001, 0x8001, 0xffff}, {0x8, 0x1, 0x8, 0x5, 0x1fe00000, 0xfffffffffffff21e}], ['\x00', '\x00']}) 07:33:49 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x12000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:49 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xc0) mkdir(&(0x7f0000000180)='./file0\x00', 0x2c) setxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='user.incfs.metadata\x00', &(0x7f0000000080)='#^\x00', 0x3, 0x2) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)=""/29, 0x1d}, {&(0x7f00000002c0)=""/80, 0x50}], 0xffffc86, &(0x7f0000000340)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc0}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000004c0), 0x400, 0x0) fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, &(0x7f0000000440)='%{\\${\x00', &(0x7f0000000480)='./file0\x00', r0) lsetxattr$security_ima(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f00000001c0)=ANY=[@ANYBLOB="040b8fb59f7c426af633c25fb167fe0ebd47d68c5309663858529a3f299f080fea27682d9fcbe29a6105a3ccd0ca261ccce09449d50fff95039f74bd7dc971d156a2be7f9abb03e8e7def0"], 0x7, 0x2) [ 122.881315][ T5798] FAULT_INJECTION: forcing a failure. [ 122.881315][ T5798] name failslab, interval 1, probability 0, space 0, times 0 [ 122.893971][ T5798] CPU: 0 PID: 5798 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 122.902350][ T5798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 122.912406][ T5798] Call Trace: [ 122.915688][ T5798] [ 122.918655][ T5798] dump_stack_lvl+0xd6/0x122 [ 122.923229][ T5798] dump_stack+0x11/0x1b [ 122.927464][ T5798] should_fail+0x23c/0x250 [ 122.931947][ T5798] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 122.937224][ T5798] __should_failslab+0x81/0x90 [ 122.941969][ T5798] should_failslab+0x5/0x20 [ 122.946617][ T5798] kmem_cache_alloc+0x4f/0x320 [ 122.951463][ T5798] ext4_mb_new_blocks+0x328/0x1ee0 [ 122.956696][ T5798] ? ktime_get+0x1b0/0x1e0 [ 122.961139][ T5798] ? ext4_get_branch+0x27d/0x2e0 [ 122.966080][ T5798] ext4_ind_map_blocks+0xb1c/0x1740 [ 122.971354][ T5798] ? preempt_count_add+0x41/0x90 [ 122.976275][ T5798] ext4_map_blocks+0x6e3/0xf00 [ 122.981080][ T5798] ext4_iomap_begin+0x4b0/0x630 [ 122.985941][ T5798] ? ext4_alloc_da_blocks+0x100/0x100 [ 122.991340][ T5798] iomap_iter+0x395/0x4a0 [ 122.995659][ T5798] __iomap_dio_rw+0xb78/0x1070 [ 123.000531][ T5798] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 123.006328][ T5798] iomap_dio_rw+0x38/0x80 [ 123.010725][ T5798] ? ext4_file_write_iter+0x501/0x1200 [ 123.016267][ T5798] ext4_file_write_iter+0xac3/0x1200 [ 123.021537][ T5798] ? ext4_file_write_iter+0x501/0x1200 [ 123.026978][ T5798] do_iter_readv_writev+0x2de/0x380 [ 123.032189][ T5798] do_iter_write+0x192/0x5c0 [ 123.036776][ T5798] ? splice_from_pipe_next+0x34f/0x3b0 [ 123.042228][ T5798] ? kmalloc_array+0x2d/0x40 [ 123.046830][ T5798] vfs_iter_write+0x4c/0x70 [ 123.051365][ T5798] iter_file_splice_write+0x43a/0x790 [ 123.056732][ T5798] ? splice_from_pipe+0xd0/0xd0 [ 123.061560][ T5798] direct_splice_actor+0x80/0xa0 [ 123.066482][ T5798] splice_direct_to_actor+0x345/0x650 [ 123.071848][ T5798] ? do_splice_direct+0x190/0x190 [ 123.076960][ T5798] do_splice_direct+0x106/0x190 [ 123.081790][ T5798] do_sendfile+0x675/0xc40 [ 123.086333][ T5798] __x64_sys_sendfile64+0x102/0x140 [ 123.091568][ T5798] do_syscall_64+0x44/0xa0 [ 123.095965][ T5798] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 123.101907][ T5798] RIP: 0033:0x7f7c25405ae9 [ 123.106317][ T5798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.125947][ T5798] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 123.134576][ T5798] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 123.142558][ T5798] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 123.150515][ T5798] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 123.158527][ T5798] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 123.166548][ T5798] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 123.174523][ T5798] 07:33:49 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x18000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:49 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) chdir(&(0x7f0000000000)='./file0\x00') 07:33:49 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 15) [ 123.188619][ T5804] EXT4-fs: 62 callbacks suppressed [ 123.188631][ T5804] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 123.201143][ T5804] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 123.213587][ T5808] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 123.220711][ T5808] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 123.264679][ T5811] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 123.271945][ T5811] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 123.284250][ T5814] FAULT_INJECTION: forcing a failure. [ 123.284250][ T5814] name failslab, interval 1, probability 0, space 0, times 0 [ 123.296917][ T5814] CPU: 0 PID: 5814 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 123.298823][ T5816] EXT4-fs (sda1): Ignoring removed mblk_io_submit option 07:33:50 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x20000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:50 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fd/3\x00') r1 = fsopen(&(0x7f0000000080)='bdev\x00', 0x1) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f00000002c0)={0x0, 0x0, "abe6ef6c8145d56c8147ebf6a06252d10a4f62e3940906965234e381ddc350d2c87fd98551617f1ea205576ea3168addaa26aa96385e73b1860b0749b74b06f3f731ce6073bb2c7cd201b0d4d02ad15e291f34145f2e09d7ddff919dd84cec14e762d31102ab656a101b212bf10c9059e66e4cbeba988ec2989c455fe919d10a7fd51f3238b392349286260b21afde27d1e362e733711287547e72ec4716889d7c1bb9164aaab630feb3a4757e2394094765c6e2a0e90e2c381b8ba122a6e47a5f7d20f9a95164b42972be450efea4a4c3717ac7d0350e0ff20011e4b79341652e019e2751761c264711aecb09bd3e0925ba83c8f4bc7d21543d8b6c9fdb1d0d", "8bba67d1a41522bc84b27e8385ce7df3eefb37e552aebf74ae98ca8228d80201fb1a09ae576e00056208d1af535f5124699ffe4332a3f0a7621de5f42d62d9b80d083c82849251c287f922423a7557e2365f817973535e55ba3a088324f9888ed89d5840bee18623088e7e8b16b3f072be486bd80435f3b5823194d961230d8b199e4ee264d2973149fe5dd74ed4f0a776d5f7322def966e0ee9119b3245dd406a144dcda8cef8bcf4c636b8afe0159ee51e5001e74dfd135fe81a94b2959eb573da61735faf8ab6f48a33ec3a1223043e6310f7b09186003d141b1426e8b8e83287d500017cadd1503b3b8a305f076cbc08fb21b825d932130e2b7f282a1b59ea75aa070e8b6115c58245c4e10bb1e8f50b63b42d6b624884fcd9115ef370c138f513dbc996021dc383032e767f737e240b1b8bec54769da7f3011b2f06ac1e46028d06069856065b05314c0df21cb22690b053f673b577cb685017ee2064c3647b35eefbbb3f54f61c8dd98e745b6b23e1a3ee92f3c40801cbde5054958d76c31fc7897b0a8c625999bc728387cda3c37711ff686fd9e0e9950450cf80a3511a320174052fa06a3e39bb70c5527af29f981d24aaa75f969441b24aa011b326a09183bb12036e28046c79737b20e25c700c69230bfbf5e99f0e5b3d6c0f32563cf2f6458a36b89122edf343e5094aa01ca4995c547fee9a1967c4d9064c191db666bf2b1f6bca4fb136a334c78df0fef9d383d740291703386c66c0245e2bab92467017dea02aa75682a07dd4cf6d37926d0423cecaa8e6d457c4695c771d9ad09b2842d2fe0341a665310a40ea8a7413027fae5a4324c3a537233e845ecea76c8d6255691830392949ecd6e66b1352be9b61879cbb2fededc09fb5b2907556862d90fa5d92f92610d27b32afa6baf615c262f92c6bb1ee803e8ee9d45d40dbabfff99691b93261da0bd73ec62663d9b19cab75c863845aa547bcdf694de1538ff8d8dc0631ca682412cdc9fe9184716e0b6988f006b9f1599846da9789abfbfbbfeecdf5a32c3ee8fde5aa125cb7a82b3425233520a5c67b34882689c249b5b46971412a4d3ce360501f73b91beafe3c0768a6791c7f2a38cccb55ca654364d95a47e387cbdf0b8d6c59a0d247626a0ea23e20a964a167bc7296c7668cb89fbf686e059f7b9bf82210e1f5c964e3daa3cbbce068ac311650d1e459345c4474eabe0a8e3abc59ea45ebfc054a3546c3b3cf428fc0cb60b536035b4ac9562d4c48d2772a1e9fd9f371f1ef1534250f9a62a1b87c4fd330a01a11eeab395bc500f8a2c8689283710cf4b18a9cdbf10f666c5c53f00a4730fdc92a23c55f2be9c855e68aa73107b87a7733204b53c5b9043432e66bcfca39cc340362215f8b0747903594e5927c69128b150bca61652c6f730cbe563dcf8415d3ec4db42ab5aed2da2da92a53d58be30036a44e7903b5e94dd28d1be98ae4d024139bc0856d418b8fc0c27ba9e8448397b1404676adc1b370427e52df7cb47f19e8a9c5b0059d9f5c05e8c85761f6c355b0b57cd0b12dd44358c5c3858d16b55fe7eae842e2819a4062f7db4c32fce24cf306abe7255b3d486e954ab752bf9256acab206375e0d80a23e72030eb73b637d6802f1a368ebfba4cf545f4c686ae4b365a4c8d52c0df358be38b7b5314d6054b1c2e96c3d0d903785123acb646174418f00ffaaa997cf4ceb1bc083b805a47b6000931737ea864b66e276260f5a63b17e9d3dbc91c3f32c52d44fec8f1499eaf3512c719821c0af32fc150436ae95019ffe027a140d76f6da3500f6f305e21ab2b14da8e8e5f6f86a2718ed730312abd160d9c5a5744e226ae934db4f308e3f1dc995109dfb097f948b38262da9e1cdd8bd7cf22a9bd725f1073f60bbb9d7cff93bb2268adc9d482281de9fc2871f7ded63f3f1a66e13db59aef11c17176057f5ba4032de1bea2a90970f8cb5d34ae1849d1112a8934988f511c15975e4cfeaf4c7d68c6e0ef7b49449085d2533029ce9de6bcd2d64e28285194c190bea8be2d2c24b0702c63abf16b4b37ac6a65a8eaa5508bda37ba970d068bdf05a08b02401d3a44406e4c4b365e728869f0b75da201c9605ebfc67adbe18cc73b5467972a2c1ef9eb637ee1ea417c172e690b5b8d5b6e6e8d1a7abed35cc244c1505f9adbb5dbd13708ad34c25ead97406dfa8944708b3fc456e345f92dd3794652a7644b086ad3555f8c76c9917e5e8680270c46133b25595170e52cdedb2feb7565b427a7ed3dfc911cca31b64d427a218f8acab3bd70d03a88f67dac7bf374df28a79c2c5043f404b3b3cbd1837af592958aa040e01145b9707e6525b3593d4ef5e6ef5ec07ed3defa7617e23099ca167735a774fd8306653df563119bf17b95a8e0de4a6e98e9a719a6edecd722d8451e90a8156f06320b6dc6a2cdb77e348eb759af968c76e6187f282c58bede9e97f737ad6080b02519787033578e5dfb20278dded21b00ef1e7a126f21d5524de9a09df277b971b9ca9809c575bdd02c056f5777bcf1323e661df30ff608788bd994778aeab0856ab3fc7be67f66e9189bb5b0894ea1febd6cba99b3218f346eec8dbe4e1fe433ef959151a40d90474fd01fd74158db55a7765c6315ed2f1e9ad5c57eb307cf8f7dd4018a6d82c5bd73d9433ab6de8e4bff2fa90e99ee3a5323a50ae5bda9c8aa9a39e6d9615f1e376efe7587663992eaf1f5506ac718a71633db6bd372c62ee327905059878ad83c54679377c863976530cf39bf1e81fa971aec8d86b71e8989fecbe4cf41ddfd98934f4a9eeb4c189ce7f0ae17cf13c583dc683dcfa380a7b7ff1bb00f79496d553ceb96a6842bc946901595c1b5c3dc60b02c49f62bc58eeed63d46a36403e36611f6a8cdca16272a9d1d758a7511ad693a92ae59fcc847cb69f8fd2bf99bd60d1817dbd494c52ff0f3b7ff32d95907d0d9cff857b153af00be84e6967b40e8cb89d584b7eb6c18cf976e767c922025bfb05b2cac32b0c6687022342fbfd732f06ff970a1348fd907972b08c3e81b19062b6d6288ab411e52a2e275a33b6c6881a5cb0a56ee287c1d0a26afaf6be0bda5b8950abb9aa25feb3c61db7c49a248938b988f937b60042b75445a820fd4cd535ee4f15d2b86d467a0b8c6b66b9a746f77439429b207617e8eb17eafa0c457f22b28d9ebdecb5e5e55586f133c826c02d2d14f2c2e63fe7b95fa91c8f1aae2386cb4213e1b82aecfaccd0af9d350b558f6580c28409a5d7895f0e4338f3c26bbac2f8651e2391d5a360be318582d8fe1f8f1eb5df0893e2ee3e9212a83b87975a50f4e89351575550a6c27328a68b703f0015dd72acd549e1e389655b8519236b52973762fa5ddd19a2f773bf150f152c41fb2a36824e204ce8d154425c850beca0370fa8ce41543ba94a6ef434f0432a1e01decd74d3fdbbe5c7c29c4cba1d76d328a5875d25b6cb29c7753bdfb270d75d76d4b1475f8066198c4f06a78c1e2695117439b4aef82ff76cfc804d592402ca21fa73bbad2d39749c75fa5a6ed9815822952d37ab2fbb7758be00ebefcc6f0a0b03f2471b64f53a5c3372ce4989fde3da5c1f35d46260be6541852c9e737a0ff2beaa1b2e8df9ee58d287acee8cf4583dfc346ca245b4379bf25108cd5b90af6ce719efbd5044be423b22b1eb06c4a36c08edd98403e4994f89b73f10eb5603bb6d3b4fe5c066a9f2edcf666c8672f39f7899cb9bb2adb64dcfb599bb7a32c5ef63d8d56d07bef0fbaed4c9fb92be47279af6bb0ef4cfdcbb90fe0fbd668d5a5d805c0bbd509fabac67f484a20de019a37cf40864dfd5fa5f3f769ad972aadf2ea75c58da2f2da29180a74e2bad769a283a0fcdade682996c884c89c6930dbd9f24bd3745287ad073ab8e31edcbdae8f2acbe9590c74b60dec02cb0e27936320d8177a5098bc216724f7c0cc64b45bfa5c4ae2845cf2b02f220cda747823386ed12021f788bc6b666964ed201d451b925c5670751a8898649cf8c2ef3d5f12d9ad91cba748b20dc22960e9687f00e2e4e1ac3dfc592b5dbaf760359821823e9963eff2dc13d638db5ce945552a7a698279d25563cd08d47599012dabbfbfc03b613824f931511bbf986b377f5763d3b2afd876aab00687d228131adc80b11dcfcf6938aaded3351ef53cc75a707b78232e0d1b3510df7522ed51e8ff4d10e05f71629c94246c36f6fbab48fce34d532068191ba25f3c2252640a5a65347ff71b45ecc4dedfacf63edbed4c185b33344cd47e2fe8b70c1b53f77d08e8507e9dcb7b01182835cbd13237b1ce6ce595c5ed784dead5bc4b5899bbe1f2e7dada8cc94671c0da8abe8b75208c859c56e1744fb26c6b117987323b2e6d3a806049e73b3a98104349b2d25fc3429fb08753e13b2c800c7da3ff2798a2381fe62e6fa19223061ef44cadd020f22345cd38ffbfe35b564c38031ebc8cf4afb32c8dca7a956c1b853e426cee619e13d0157a05439fffa702485575cbdbe5a8f80c39625aa1244dd44caffceaaa855331ca49cbe8dd5dad0179e828682eb9692ed50fd1b72ff7e30c773b7b7fa4ffe3b8b0677c4ad8e80e1b58bf00d112f25447009f10ab4a5ef570eb1e4e4bdd3fb1a9139118f270cbb19cb42bdd78af4ebbe9238130d90c52943904f1b2c7e2d33fc728c75218d59bbb8766269571c52aa05f65979287b0633eda8cc8967471a32fc4adbf437c0f69424c9e42b45553fae829eecc32ba679a85e1bd98278f6cf3118b163d0ed9120623f21db8ffbfbf618f50c743eb73b953a6d1a53ac4664c8f6304839b8a6afedd068a7be6fddcf32dcc97bdf1706e90047c4ed4f46e8425f1e2cfd072a85cd7ecdd919fc6dad08b5a61030e758ddef031ca4f4afb6237f43bcf10770d1b463c4e624a2d770cb7e20bbaeb524c87644bcd4f89144f2104c517ffbf5850795331014d46d9800ff119a62c8e777028b8ab100d084caadac0697e2ad49e6372c25b23d5a021f1a52073f0598e29c5aee8c1da035b7b8860fc6eec15155a9efa54071a6dc94ae467d4b433bb3e1538a7b18a37384facd35c8c6c70729c43b3ebb3f0ca7fe039c8ebe9d97bfd95f92db65fc1fc2e212c4b38f2304147008422017f8ee5ca6d99cab47a86eafbfadc94dada54141e4c27e98a32f67130fc365c09d8ec073d7c8ef0925e212e824adf5d2753b16f9ee115397272fc7fb268ee9f66c020fd6f8ec85b27a9b3932b62301a5ae49770fd21da51993994cef9118b6156c90b713e48f24923fbd92d5ab53ee7aead6a436c5696db482da905508824520c6bc0a219888c330caef875cb2c4c23cb0fc04c878b88466f718f2d7641097cb3c8b85312555dc275b6a51176370e01be14e7a9f7224f1ddc50a5c7"}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0xc0709411, &(0x7f00000000c0)={{r2, 0x1, 0x40, 0x1f, 0xf2, 0x8001, 0x4, 0x8, 0x9, 0x4, 0x1000, 0xd8, 0x7fff, 0x9, 0x355c}, 0x38, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x1) [ 123.305284][ T5814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 123.305297][ T5814] Call Trace: [ 123.305303][ T5814] [ 123.305309][ T5814] dump_stack_lvl+0xd6/0x122 [ 123.305331][ T5814] dump_stack+0x11/0x1b [ 123.312448][ T5816] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 123.322465][ T5814] should_fail+0x23c/0x250 [ 123.352937][ T5814] ? jbd2__journal_start+0xf7/0x3f0 [ 123.358164][ T5814] __should_failslab+0x81/0x90 07:33:50 executing program 2: move_mount(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x2) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) [ 123.363144][ T5814] should_failslab+0x5/0x20 [ 123.367786][ T5814] kmem_cache_alloc+0x4f/0x320 [ 123.372594][ T5814] jbd2__journal_start+0xf7/0x3f0 [ 123.377709][ T5814] __ext4_journal_start_sb+0x159/0x310 [ 123.383174][ T5814] ext4_iomap_begin+0x408/0x630 [ 123.388054][ T5814] ? ext4_alloc_da_blocks+0x100/0x100 [ 123.393433][ T5814] iomap_iter+0x395/0x4a0 [ 123.397767][ T5814] __iomap_dio_rw+0xb78/0x1070 [ 123.402718][ T5814] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 123.408621][ T5814] iomap_dio_rw+0x38/0x80 [ 123.412954][ T5814] ? ext4_file_write_iter+0x501/0x1200 [ 123.418479][ T5814] ext4_file_write_iter+0xac3/0x1200 [ 123.423835][ T5814] ? ext4_file_write_iter+0x501/0x1200 [ 123.429484][ T5814] do_iter_readv_writev+0x2de/0x380 [ 123.434697][ T5814] do_iter_write+0x192/0x5c0 [ 123.439306][ T5814] ? splice_from_pipe_next+0x34f/0x3b0 [ 123.444810][ T5814] ? kmalloc_array+0x2d/0x40 [ 123.449444][ T5814] vfs_iter_write+0x4c/0x70 [ 123.453954][ T5814] iter_file_splice_write+0x43a/0x790 [ 123.459355][ T5814] ? splice_from_pipe+0xd0/0xd0 07:33:50 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000000e) [ 123.464306][ T5814] direct_splice_actor+0x80/0xa0 [ 123.469324][ T5814] splice_direct_to_actor+0x345/0x650 [ 123.474770][ T5814] ? do_splice_direct+0x190/0x190 [ 123.479799][ T5814] do_splice_direct+0x106/0x190 [ 123.484666][ T5814] do_sendfile+0x675/0xc40 [ 123.489106][ T5814] __x64_sys_sendfile64+0x102/0x140 [ 123.494383][ T5814] do_syscall_64+0x44/0xa0 [ 123.498876][ T5814] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 123.504864][ T5814] RIP: 0033:0x7f7c25405ae9 07:33:50 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000006) 07:33:50 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') [ 123.509356][ T5814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.529452][ T5814] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 123.538164][ T5814] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 123.546206][ T5814] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 123.554170][ T5814] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 123.562153][ T5814] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 123.570450][ T5814] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 123.578433][ T5814] [ 123.604187][ T5831] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 123.611455][ T5831] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:50 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') fallocate(r0, 0x37, 0xf403, 0x80000000) 07:33:50 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000080)=@v1={0x1000000, [{0x656, 0x3}]}, 0xc, 0x1) 07:33:50 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x22000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:50 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 16) 07:33:50 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000000f) 07:33:50 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000001900), 0x418080, 0x0) ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f0000001940)={{r2}, 0x7, 0x81, 0x80000001}) sendmsg(r0, &(0x7f0000001500)={&(0x7f0000000000)=@ll={0x11, 0x7, 0x0, 0x1, 0x1, 0x6, @link_local}, 0x80, &(0x7f0000001480)=[{&(0x7f00000002c0)="78c906d29a05cb7756715313f91f1b81166cf5d4bc84364cf92481be633c4842ad1b2b5c35cc59d1c8649775d1d78ef5e8670d3a3730edb731534705b8ef38f1691140501f4ef707539f247c40c19b4ffe9608c5fb911a079f3d6f7e19e7e8dd28d03efed04b29e8563a10cba7abff3052e6482b272246885dc95d736c1c101a19c4648394c04d5e0051f63012cefede9c91ca1c47f7c88e804780e8adf6dc4b999857f18ce14d3ee89022d7856c57e640ff39a0e64ed7d80f9b439d917e12475e6bd505644c259fd80ef76ad4721232f526525641713edb76e142c3e8d3ecb11cac58e6657e42144af244632e18a1991eb7c88837da25e26cc23c1a3bd13409d8520fc4cea7e1d1a04e362ae5220a28dd0ff341a2c907b1b6a1a882a2c9140bae1dac9e367dd0ddeb65152f5d5bcae31743af0d7d5c1665658b78d563c03f247acf27040e1bcf9ec7bce601578374e6e2050aa19f69243e101773ff6a2f4fe5a2b509f3d8730519f7dcaa5d2d1fd6580911d776d67082778f5bea68c5103dd7575c3c3729a68db308660e44d958cb6b8b19ca553d7733fd1ae64cfb7bb7396ec9b4a54cf3a5e9f945a418fba542d1b63b15a551c7439c2e95ccdffc9df01cf0af30b7c9196f70dd907364185b2ea09a8e22647606da24f32bc116e7b7be5e53592ab2e806c0e7bbb11838364f35999c03d4b58793f21b5325e3e444cd36cf14f91e8ae6a015168d2dbdc2bb1ba5745c14f4d165ad914e558bbe50092eb1ba1131a1112662e01069b90847b320a203f170701de11679e7d9db4be496389b12952b66295a149c2cf584295ad0f5cdd6cb4b848d645b55ced9388d0f92e4da2eedafe8d7a5a76ae17baf632b6d1f86b06652988ac5770ec0ff3e789a0d9976618373346e0d432f424adb27d1bc3f5305253f65977468165ebe06506cc7341149357ccb69eaa3347e879d3e638cbc16063805d279a0de0dac8937b42231e28e20fa867914759cf12cf268a69787a79c216ed6f85bdeec5ff7cea7ede6d1346c49ba5ef3a6f9365438254421f128b6b59dfbe42346fadfcf4e68023100e52d2c8132355bc54169e03103e448bb69b1251c101432be713477ed2529705b543a2dedd3c7e9f936b1d33026638329247c41e4af3783f85297a1bc874afbcb30860c54209dc8568260588e32cb1fae13afda34314df3ef6034397e99b7c14395a22ad6af1e5b495b0c3d266f276eb7f5b4ef030cfca229796eae1c971c57e6cd3733915e84fe37c04347ebac6553a8f869635979c62342eb695995a7d654fc347d7f787ff5666aa58f38b4267bed52c34aa9f82c3a866d0854c8738e9e113ecdbb0cfca9ee0ec55114e327a365e1114f51b8e6290b5ef0eae51f68bc4e530e5d97e47479cb1330848579130035b632c029ffd7d4d32948e3706a52530b911d6ddff02467af89703a9fc8c8930d1b2ca528ffe2bc48daad8d85050ec6cfc344595ace15cc41cbfcd8e0a5547e988e88b782dbc87bf62b600010d5c65be87a6ae0e3db943ed9e96bfe137f5c6d9f83321b6620a958f45350e9757bacb316b0647b497fee2e50d8d98f764ac7ac57797c5f3a1686eaa3efc0f6ec5b92b22e7878e6a76f0034ad0ec98c597f18d6a0640a06703a2501cea1df4d392b21c7f749eae1937cf984dfef7d5687964e19d13025f201534bc30482cbc5fb5e12ecb48b7f379e7896a714112c1573354322f2ca7e5d546c724e4178d43d60d4e2651b00efaac5b33b5a5e796b331a276a44e31f0f4eb19d0ab3de6288999be4381950a17d67d2733553a03c13ec18eff1ef926e1dda84e6282939282a4e474b51ff472f4c0f3448f969365c504a7fb2f8776d674aecf57b3cecc59caae938d774fb6c7f5fbd23cb95276e9c25975449fa0b7ddaa3219681d6796120e34bcd61e85f9fa0695f47e753deb4ba95b9caa77e91fcd11a15a1668f03600f490e076470f11db2ceb68d27ea4dd49d2671c91d82f535579cf4288b1e38b7a561612e150663d26c959113c55bc3c9242440a6c85dede6a55d99bbc8ad4678cf50b190062f06da15c5c81cd802691e4eddd80221cd3a5b6c803426a284934a3e8b9ac490cd6079d897b591e5cbf64d783817854c8148b9c4f9580e1f2c027da065d58dafcf4099e0548ccd291dff1a490818d2500bb307a265c710ca9f6fda0e4567b48b7d8f00d03cd9e6808f1637ff793e326eeeb7e1597f9ec81a7204c726473669e86e47ca7bc4e2d06af50800f5212f624bd7a9b19f4088bdfb9f6950b7809501a69c069c9a478311bae98503d25a821396f4f57acc46925e29a49bb961481abfd86d4e54402a74e3b732d0ce5de72ab35be2097fa66a509255a3e079359d364790796a709f3880cfbdcaf82123a474e18a83a6e60487fbb1bc1e4f161a0e9abb527b749d4b21a618aaf6fd1e525fc6fc57b28780577400dfa2c2a658de44ca3394d4fbb2d35227a327d631a114cbe51adc666dc584df08f0b6e69a982dc67242a7137891a3a58cd507a40cf2faf7ec6cdbc9a070bfd255e018ec2281e60e0376e43dbf3e87da043fa672b3810623b89df8ae70597e2e904559cfd18e0b3dd91315d40ab8d00344510475d07e335a625dd32d5266d9c97580db1dd36a888fbd149b65284a2e0613fbf24f40a663a39884f2962e74b974cc6a39e323ae2d21a2ce65963c25c7db7adb5792dbf809abc7cdb750dab59f2c20f020a3f76d7846200228574f89de638e1b277c127c9ecdf280419bf74414c1ce01a6362c18056e72d5c9ea22464f63cee3049bd20aabd3d84139e47846b861c20ca8ad560d6860662a6d49d03a4e0e0127c9ef97437f500ee8b58a09534fc77bb3c25f8ed70275f9fa213f38d95a15f2cd4b79b0bfbd6d6c3aa094fa1eef3d6155824e1cdb42ac87f39be2a4b53687ef2de2810a705ebe1125441f982bbfbb00a6c439bdf20ca1e8496a592749f133bf7510501d49c723c326945d8ecfb12911647e06f271e409e7112d14c632ba66979e9dda381d72a0610d1f4f6dcbaff616dd9a612a4eebcb5824028296ffb0925a4df9501b22286c5311bc1d7795a465a4954d5c5a013f3f15b03cfe1a567a82fd8be529a4ed8fa8a96bdad109eec9672089bb91ccc9fd34cf991c4738918c97d289ea2c3afe73878208cabf64ee8ce2c1f8889f543352c692b1af8838b8702d457a3f787cb4f49214c20d76c876a49fa057cba969cde0b5979f6120fba98bcf97387dba80b17b7656847dc7263c6156c6afeb9a90cacd5728bfb61532453f96550c4b806c6f3a09a9dfa62263fc2a366692f089dae9b529f2a5f940d16b7de65f287cf6dbd1bef1bbc4afd71fac28f923765caae84a0f3a666a390def32743efe19088af9ed69d175c3dbce8486051046af8bbf5b1e2b7617454ade8ef4a5b336bd504ee33071a46851d272dc142d41d7b41dcade2760028069e5c7d54899e8b7a80a1edb8d5ca19de9dd8e65f420ef02d8a8b9932c7c4cbd44d1021c38f4dc6213d8fb37306d95b8c22f4bbcf10658010c6d0dda671f1555e89f07e42bc906bd198b63985edf1a934a018a3dd8e5911d661d37e6f5fa14943c1a5cffa6da32bac8d3dd26079bd335d93a58640f6a5ad03e6ea9d38520ed4c206ea00d76a02f3acb4bbea53b9ea59862a32e5beaa602a2fdbaa28dd5d0a1341628765cb10a2b5e2f8188cc5939c311a73002932033f99921870acddd46b8ecdd04e8b179c21bc76ef00d69a5b87c7406ff332bde6fd693816725663c9af0c411a68083bb0df43e2931952fbadc3c9c5b65e3094dafa659faf70d41efd259edd2abfabbcd48edb7e8043a14a64a232814c673968772ab4d35affc8fbf9744b3cbfda4c0205bb78e9fb3e0d606cddd5adc933ececb2e0bbafd75034923fbc6babb44c54b6d8461a6fb5c883003d473261205179c88916e9c0b76e565d79ef4cacf491be0b75ae31c038fc125759ea4806e0e234ac80efbbc7659a0a7233b6a6c522172eaf1a73ce3bb6aa8a7460da2f617e0d38e9a586228c26aa0f1f701315647eadce7cc17eb7ce27637568267e463418df1ed0150ab8229d9ea56ad0fd16373c82cab1fefcb3116db08bc49549d3d6aa42a2512d088cab30980d736fde13b2b1b31786a74c4e3de01d494a14543d06a33097caef174862fb20c7fe4e3cee2959c364e87330eced6f1d2deffe18e1e9daacaa6e4c76c641393ed8524e0b08e6121b6a50bc570c455c0a8e9f9900c078f99812ac631a167195f0eff027de523a4ba2232737f65c90a4c5833bbc763178d2e21da78ae5c15c3c63aaf910554dd0cdadb5f36714816a6295173c1793bdda75daf1000a75cbcc5bd23eea1c25be851712a5c3ea5710e957291d014b9f42c9b9edd64f04aa84851c94510c75c638a951ec4fe58a1157bb32603fed111947b58d228b4cd5d35519a1a5c2c5197fc217d9e8c98c7330b73560600f2f18045aa9ecc2c3b1579c0099fbfae8edc36a0beac0ab2a0c5420b541571afbc76dc9543df5a771c1e6d17c19e808ea964427a5af9e190bb87d950a408b77f66b9a8f57613982f578180cd3056e1bfb025b7ce6b23855b4469ff8fdb5420fc923da055b78d954d9515e258f12c7a26e483e9551dad0f1c3c38bb6fcb99af8ec9db3f19418887c46fe21ad95fc0188e480615b535c387eaef2366654419fddae1f9b52d68a4807062d1e1be7ec5a2b9110a052d06db4c1ecf6bb735fc6fa69429bc7f1c377c903ff68b4a5f6e8398bbb4ccda74b07160e94be951f0a4a4d9fa49e43b837690acbb4c90c63d21f2988bda9cc6db64c574b2e00fb07a39e05b3fd2cbf5176a2fa1e855a6c3f082cdf6ad232e5bec98cb10b61ee3525d7c744867f59c7e2cb79e7f984cf9286bcebfb663a6bda733dd2ebb4143330ae9fa38d5d7111149a6bbe7eace910b325c797df30d2c768a0b683e3f434e464cb1e30b5e9d0804c3f539104dab6e14f2ca43e5d5f833901fdc80d3bf0db70ad9c537f3000fc82ac7bac051b78bca2eac429e7ea52e73acaa22aeddbfd64ca3f0e8af5193f68d29943452df8d2eceb78fca79d70683fec1aa438f8a5a267b2742a5133e6e8cb2a2170dbc9f5c77e4010d1f4f5b7da596a7a1a3c1f29ec2b375f0136abbdbcc777c2ff201de923b62fa4567b46adf898b4e39188f506b0cf1bed8dce34a430c4d54d8a483c17484b3876c6c40f6034ae19527de69dc5afe27fa17d285f45fc7c2dd22888836a975a7698c9bae45ba592e510009c2d6637ef1ee0fa41ef4c2b435b852238cb056700ea1685b8315950228a80d6b2459748296c517a6b3807de6ffacbb34a9346b7b59c8075651a2baed793fa582a143c2ee70b12046e0b594916f102563bbda4adb2c25229b63b882aa740ba422b3a1e17212a47e504a56fd0be81ca22135470c1658cd70213f9010441c45f80057d83bd197ce466a1e9ad499c09e1661d124d8f03b5e8033d18e6553109cf734bbccbc99afa070d9b8feea4781d6c0e22b48b70ea4cd4e50d4824924d28d3165b688c8825ec95f8a80b145c083417ca2bc10c1cdddd27c57a2860455175381de7fd0e043f06bbd68dbe68a2d0660b15f5af91b5089715a86551daf14939d51d2f9e820f45ef859303f8740033e69d576996e91af0eb72b3096b7809c50fb94b6e800623780bf1ba23bdf5468cd1ec0789bc542c9295ab59974a92ea1145b995400baea8a5eac2583ca9a0aaf89f86b5d2020dc0fe8991cee0596183b4e16430391771c8d0f360f1cd3388f93bc", 0x1000}, {&(0x7f0000000080)="0a9e70737e4501f8ce3e642a8172280a60758b5b5ca47f532c9e2e1848e03a3110a583aae689998a4ff4920829df7b9734913190fa1523b726d29d2e7dd857b786725887c85ce20f575d2d5ef32cf86fbfeb1f04b195b6fea16879d74d67c284", 0x60}, {&(0x7f0000000100)="9739ed93d962873443822d850b2d17363df51f7790951012b6f72e603e7edc47c545fd8a0cc3598c21d4a7037351f9bccec57985c54231e92790c39052b18c2483eea4600e9a1f11cc51778165c7057a836ee7940f7adac3cdf1299f18785c8516beec2b5c983f2a35fdf4fc2954f5c469c4402c3b8dd371f07e36e3218ba93091f3ea47d3c984f3380189022e33839ecdfdf73d3ae2c74b4ef3a03ad0b3e8e82a2e78919331693bb83bc929d5b97e21073995ebb4784b", 0xb7}, {&(0x7f00000012c0)="3da7d23ecbf0e42364fad1f6e68ba857ee62dc74d294f45b06cf7a3fe48502184f4237717e6c5eb51cb08770a87d113922fa0b5967e46a2c46ad2d665569157a954d2db6cc0177d121b6f58eb1ac961d4567195c80154e668058b2733621f5e2988f562f0507729b7553491ffb632353ef621c0a3b75f765b5d6430aaea00df7958a2fbc0907609c14ca5a488b55bcb5c22946db790e824c4e2ee0bfe0e0940dce193e7588d25855eb3e36957e2fda2073071fe858a075827b540743236c3096af53572370464ddb1ec782583de7058ed009dd0aab9e8f", 0xd7}, {&(0x7f00000001c0)="875b0a8832a2d6009c9cc533ad852827d3f262649c49875722d0", 0x1a}, {&(0x7f0000000200)="e94a1acd7286d109d6fb42c49bfc474a61ef2f5f5ea6ed38be7091a78d29564f9149e8c56b009615a0c34b83fc51e17c8d77f5d411581fd4185c53d4af8d0c7c94c43984c0ff3c39cfea8204a9c9db63b02d3e7b6bca7feb87a3a0ada341285e1c5175e393bcc9f5", 0x68}, {&(0x7f00000013c0)="77bfe02bfcd8ff0aa8a6063e4bd55e2fc3e861950187be2d7a1cbc29e1fbaaa7e98e62c23e5448c52ea0370c943aef044a1adb0db9f552126bc2c263a32377476e8a92114770e0289168f42362c292d94655acc5c778cd7cd447a835270981b286fb301ee5730c881861cf4541d89922a550df3f0bc7", 0x76}, {&(0x7f0000001440)="b3426578c91e22ba69", 0x9}], 0x8}, 0x0) r3 = accept$unix(r0, &(0x7f0000001540), &(0x7f00000015c0)=0x6e) sendmsg(r3, &(0x7f00000018c0)={&(0x7f0000001600)=@ieee802154={0x24, @short={0x2, 0xffff, 0xaaa1}}, 0x80, &(0x7f0000001880)=[{&(0x7f0000001680)="1c51bebb493ad91db14a5f39979fa3f17e079b1fdf73cab2d79c5ca61274532c07bd97b83af425576beefbb77703f9c03c82cad115f89be2b7c7902d57292e75de7993264cc217226cc91f6421e4d934eb4a54d48602a77a4a8c2c08579b1895a14255bf4a1e38459d2399ce6203f6b5005073cdef8401752b840a4d862a871dbb161b52dfdaac48a11c6f5881e98a90a3ef", 0x92}, {&(0x7f0000001740)="c7c9929bc789ea06fb51e9094c5c1e603dcc179bcfaacb88166c9dbcc17127839b4a4f92c601dd3cd663c9deaf583fdb2091bb2c9509fe1a3bf265fe3478b17bdb62cb1b968701e3a8c362b15074709e8dd34fcd20dc9051c9cc09882820cbaf59aa1ce9d679cd527e5129480700ad412a511083fa1ad5", 0x77}, {&(0x7f00000017c0)="7f9dc8ef4d4696546078bcd292db6e9f408e443a48a4079b9da43a00f8f09acc76fd1edc00a1840ef3caf2bf048d7346bd5c38ca15330428fb405db4c9ecc7bbd60308cfe3b795aadc8e6d603405e42f5c313c2cd061fef87c8ba3ab0021b3eeec442f4ed1540f58bd069c5fd39e4d85fa5eca2cd67d1cc37c", 0x79}, {&(0x7f0000001840)="f6d42a", 0x3}], 0x4}, 0x0) 07:33:50 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x30, 0x0, 0x7ffe) [ 123.768500][ T5838] FAULT_INJECTION: forcing a failure. [ 123.768500][ T5838] name failslab, interval 1, probability 0, space 0, times 0 [ 123.781295][ T5838] CPU: 1 PID: 5838 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 123.789638][ T5838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 123.799738][ T5838] Call Trace: [ 123.803015][ T5838] [ 123.805949][ T5838] dump_stack_lvl+0xd6/0x122 [ 123.810554][ T5838] dump_stack+0x11/0x1b 07:33:50 executing program 2: setsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f0000000000)=0x9, 0x4) mkdir(&(0x7f0000000040)='./file0\x00', 0x1da) [ 123.814776][ T5838] should_fail+0x23c/0x250 [ 123.819268][ T5838] ? mempool_alloc_slab+0x16/0x20 [ 123.824337][ T5838] __should_failslab+0x81/0x90 [ 123.829254][ T5838] should_failslab+0x5/0x20 [ 123.833765][ T5838] kmem_cache_alloc+0x4f/0x320 [ 123.838677][ T5838] mempool_alloc_slab+0x16/0x20 [ 123.843575][ T5838] ? mempool_free+0x130/0x130 [ 123.848259][ T5838] mempool_alloc+0x9d/0x310 [ 123.852764][ T5838] ? preempt_count_add+0x4e/0x90 [ 123.857790][ T5838] ? _raw_read_unlock+0x13/0x30 [ 123.862675][ T5838] ? jbd2_transaction_committed+0xad/0xc0 [ 123.868443][ T5838] bio_alloc_bioset+0xcc/0x560 [ 123.873298][ T5838] ? iov_iter_alignment+0x34b/0x370 [ 123.878507][ T5838] iomap_dio_bio_iter+0x5ed/0xc70 [ 123.883551][ T5838] ? ext4_alloc_da_blocks+0x100/0x100 [ 123.888936][ T5838] __iomap_dio_rw+0x8b5/0x1070 [ 123.893799][ T5838] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 123.899623][ T5838] iomap_dio_rw+0x38/0x80 [ 123.903993][ T5838] ? ext4_file_write_iter+0x501/0x1200 [ 123.909501][ T5838] ext4_file_write_iter+0xac3/0x1200 [ 123.914795][ T5838] ? ext4_file_write_iter+0x501/0x1200 [ 123.920292][ T5838] do_iter_readv_writev+0x2de/0x380 [ 123.925482][ T5838] do_iter_write+0x192/0x5c0 [ 123.930070][ T5838] ? splice_from_pipe_next+0x34f/0x3b0 [ 123.935630][ T5838] ? kmalloc_array+0x2d/0x40 [ 123.940604][ T5838] vfs_iter_write+0x4c/0x70 [ 123.945147][ T5838] iter_file_splice_write+0x43a/0x790 [ 123.950611][ T5838] ? splice_from_pipe+0xd0/0xd0 [ 123.955502][ T5838] direct_splice_actor+0x80/0xa0 [ 123.960531][ T5838] splice_direct_to_actor+0x345/0x650 [ 123.965906][ T5838] ? do_splice_direct+0x190/0x190 [ 123.970934][ T5838] do_splice_direct+0x106/0x190 [ 123.975831][ T5838] do_sendfile+0x675/0xc40 [ 123.980322][ T5838] __x64_sys_sendfile64+0x102/0x140 [ 123.985736][ T5838] do_syscall_64+0x44/0xa0 [ 123.990165][ T5838] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 123.996061][ T5838] RIP: 0033:0x7f7c25405ae9 [ 124.000465][ T5838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.020261][ T5838] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 124.028672][ T5838] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 124.036687][ T5838] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 124.044709][ T5838] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 124.052719][ T5838] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 124.060689][ T5838] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 07:33:50 executing program 2: clock_gettime(0x2, &(0x7f0000000000)) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) r2 = inotify_init1(0x0) inotify_add_watch(r2, &(0x7f0000000040)='./file1\x00', 0xc60001a1) ppoll(&(0x7f0000000040)=[{r0, 0x80}, {r1, 0x6220}, {0xffffffffffffffff, 0x18}, {r2, 0x8040}], 0x4, &(0x7f0000000080)={0x77359400}, &(0x7f00000000c0)={[0x1de39f5e]}, 0x8) mkdir(&(0x7f0000000280)='./file0\x00', 0xa2) 07:33:50 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x25000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:50 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) fallocate(r0, 0x59, 0xffffffffffffffdf, 0x6) 07:33:50 executing program 2: r0 = memfd_create(&(0x7f0000000000)='@&-:\x00', 0x2) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f00000000c0)) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000100)=ANY=[@ANYBLOB="000001000000000002000000000000000000d44d566aa600000890862b5327d60000000100000000000000000000000000000000020000000000000000000000000000000000000000000000000000000001000002000000000000000000000000a1a8"]) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) 07:33:50 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000007) 07:33:50 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x2e000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 124.068660][ T5838] 07:33:50 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) memfd_secret(0x0) fallocate(r0, 0x0, 0x0, 0x7fff) 07:33:51 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 17) 07:33:51 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) setxattr$trusted_overlay_opaque(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000080), 0x2, 0x1) 07:33:51 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x3f000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:51 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0) sendfile(r0, r0, &(0x7f0000000040)=0x2, 0x3) fallocate(r0, 0x0, 0x0, 0x7fff) 07:33:51 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000010) 07:33:51 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x40000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:51 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount(&(0x7f0000000000)=@sr0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='hfsplus\x00', 0x3050002, &(0x7f00000000c0)='^\xeb./#(\x00') 07:33:51 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0) r1 = getpgid(0x0) sched_setattr(r1, &(0x7f0000000140)={0x38, 0x1, 0x21, 0xb7, 0x0, 0x0, 0x4, 0x0, 0x3e0000, 0x8}, 0x0) r2 = syz_open_procfs(r1, &(0x7f0000000180)='oom_score\x00') read(r2, &(0x7f0000000040)=""/146, 0x92) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r3, 0x80489439, &(0x7f00000001c0)) fallocate(r0, 0x0, 0x0, 0x7fff) [ 124.377285][ T5889] FAULT_INJECTION: forcing a failure. [ 124.377285][ T5889] name failslab, interval 1, probability 0, space 0, times 0 [ 124.390087][ T5889] CPU: 0 PID: 5889 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 124.398425][ T5889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 124.408482][ T5889] Call Trace: [ 124.411911][ T5889] [ 124.414832][ T5889] dump_stack_lvl+0xd6/0x122 [ 124.419484][ T5889] dump_stack+0x11/0x1b [ 124.423635][ T5889] should_fail+0x23c/0x250 [ 124.428041][ T5889] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 124.433373][ T5889] __should_failslab+0x81/0x90 [ 124.438133][ T5889] should_failslab+0x5/0x20 [ 124.442644][ T5889] kmem_cache_alloc+0x4f/0x320 [ 124.447404][ T5889] ext4_mb_new_blocks+0x328/0x1ee0 [ 124.452718][ T5889] ? ext4_get_branch+0x27d/0x2e0 [ 124.457687][ T5889] ? blk_account_io_merge_bio+0x19e/0x1c0 [ 124.463509][ T5889] ext4_ind_map_blocks+0xb1c/0x1740 [ 124.468841][ T5889] ext4_map_blocks+0x6e3/0xf00 [ 124.473589][ T5889] ext4_iomap_begin+0x4b0/0x630 [ 124.478470][ T5889] ? ext4_alloc_da_blocks+0x100/0x100 [ 124.483901][ T5889] iomap_iter+0x395/0x4a0 [ 124.488233][ T5889] __iomap_dio_rw+0xb78/0x1070 [ 124.493028][ T5889] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 124.499088][ T5889] iomap_dio_rw+0x38/0x80 [ 124.503412][ T5889] ? ext4_file_write_iter+0x501/0x1200 [ 124.508859][ T5889] ext4_file_write_iter+0xac3/0x1200 [ 124.514224][ T5889] ? ext4_file_write_iter+0x501/0x1200 [ 124.519679][ T5889] do_iter_readv_writev+0x2de/0x380 [ 124.524881][ T5889] do_iter_write+0x192/0x5c0 [ 124.529515][ T5889] ? splice_from_pipe_next+0x34f/0x3b0 [ 124.534963][ T5889] ? kmalloc_array+0x2d/0x40 [ 124.539550][ T5889] vfs_iter_write+0x4c/0x70 [ 124.544114][ T5889] iter_file_splice_write+0x43a/0x790 [ 124.549480][ T5889] ? splice_from_pipe+0xd0/0xd0 [ 124.554942][ T5889] direct_splice_actor+0x80/0xa0 [ 124.559939][ T5889] splice_direct_to_actor+0x345/0x650 [ 124.565356][ T5889] ? do_splice_direct+0x190/0x190 [ 124.570428][ T5889] do_splice_direct+0x106/0x190 [ 124.575347][ T5889] do_sendfile+0x675/0xc40 [ 124.579749][ T5889] __x64_sys_sendfile64+0x102/0x140 [ 124.585011][ T5889] do_syscall_64+0x44/0xa0 [ 124.589468][ T5889] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 124.595437][ T5889] RIP: 0033:0x7f7c25405ae9 [ 124.599853][ T5889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.619688][ T5889] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 07:33:51 executing program 3: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff}, 0x4000) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, @out_args}, './file0\x00'}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) [ 124.628107][ T5889] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 124.636094][ T5889] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 124.644050][ T5889] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 124.652093][ T5889] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 124.660070][ T5889] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 124.668031][ T5889] 07:33:51 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000008) 07:33:51 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x48000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:51 executing program 2: prctl$PR_SVE_SET_VL(0x32, 0x2000030498) prctl$PR_SVE_SET_VL(0x32, 0x191c9) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) 07:33:51 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 18) 07:33:51 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.events\x00', 0x275a, 0x0) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000000)="e009395669d6be359d5028ff74662502513497d2f1d227e8df0a5e3ec1022721c6796154df438c72fea53d6b09", 0x2d}], 0x1) fallocate(0xffffffffffffffff, 0x0, 0xffffffffaadfa426, 0xaf) epoll_create(0x10001) socket$unix(0x1, 0x5, 0x0) fcntl$dupfd(r0, 0x0, r0) [ 124.753811][ T5904] FAULT_INJECTION: forcing a failure. [ 124.753811][ T5904] name failslab, interval 1, probability 0, space 0, times 0 [ 124.766660][ T5904] CPU: 1 PID: 5904 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 124.774987][ T5904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 124.785105][ T5904] Call Trace: [ 124.788441][ T5904] [ 124.791378][ T5904] dump_stack_lvl+0xd6/0x122 [ 124.795984][ T5904] dump_stack+0x11/0x1b [ 124.800219][ T5904] should_fail+0x23c/0x250 [ 124.804652][ T5904] ? jbd2__journal_start+0xf7/0x3f0 [ 124.809859][ T5904] __should_failslab+0x81/0x90 [ 124.814687][ T5904] should_failslab+0x5/0x20 [ 124.819150][ T5915] loop2: detected capacity change from 0 to 220 [ 124.819230][ T5904] kmem_cache_alloc+0x4f/0x320 [ 124.827035][ T5915] tmpfs: Bad value for 'size' [ 124.830254][ T5904] jbd2__journal_start+0xf7/0x3f0 [ 124.830283][ T5904] __ext4_journal_start_sb+0x159/0x310 [ 124.845384][ T5904] ext4_iomap_begin+0x408/0x630 [ 124.850248][ T5904] ? ext4_alloc_da_blocks+0x100/0x100 [ 124.855681][ T5904] iomap_iter+0x395/0x4a0 [ 124.860011][ T5904] __iomap_dio_rw+0xb78/0x1070 [ 124.864765][ T5904] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 124.870580][ T5904] iomap_dio_rw+0x38/0x80 [ 124.874987][ T5904] ? ext4_file_write_iter+0x501/0x1200 [ 124.880651][ T5904] ext4_file_write_iter+0xac3/0x1200 [ 124.885931][ T5904] ? ext4_file_write_iter+0x501/0x1200 [ 124.891518][ T5904] do_iter_readv_writev+0x2de/0x380 [ 124.896716][ T5904] do_iter_write+0x192/0x5c0 [ 124.901389][ T5904] ? splice_from_pipe_next+0x34f/0x3b0 [ 124.906855][ T5904] ? kmalloc_array+0x2d/0x40 [ 124.911433][ T5904] vfs_iter_write+0x4c/0x70 [ 124.915924][ T5904] iter_file_splice_write+0x43a/0x790 [ 124.921350][ T5904] ? splice_from_pipe+0xd0/0xd0 [ 124.926378][ T5904] direct_splice_actor+0x80/0xa0 [ 124.931311][ T5904] splice_direct_to_actor+0x345/0x650 [ 124.936711][ T5904] ? do_splice_direct+0x190/0x190 [ 124.941731][ T5904] do_splice_direct+0x106/0x190 [ 124.946706][ T5904] do_sendfile+0x675/0xc40 [ 124.951110][ T5904] __x64_sys_sendfile64+0x102/0x140 [ 124.956341][ T5904] do_syscall_64+0x44/0xa0 [ 124.960818][ T5904] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 124.966781][ T5904] RIP: 0033:0x7f7c25405ae9 [ 124.971256][ T5904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.990869][ T5904] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 07:33:51 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x49000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:51 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) r0 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3, 0x7, &(0x7f00000024c0)=[{&(0x7f00000002c0)="a6ec7eac27733fb8fa2ed48bf8eb81fa89359e1c12a406f542d57271e2a032ff3c4dfbb8e8328a8bc1c86d7e5dec5f9abc2ab592bfdefe244ea4291772d152200b4962ea10892526a79f2593b25bc0ff3c6648e9ab70a7a854a8dcaa2708ea2cd4981b470f24790234cf5a8969f5b84e157a72ff1c30a2ce4e521e705fc1c062bc2fa0317312356d85abdb4b0910607ec1b3bd253df84019dae8b0b7c6081398e4fa9a14b27cdd6d3297072f44e10a9fa5ce7007e298c700e3be9dfac29aba5355496af2701b2b1ea3b21d24ddcfa2cd2d0722119628a9a1feddb73acd3740e3fcc8fdff5ba3c97542c3e8c00d0eb48aceee36b44a2f313f216d1e2fe6106ff03671da43485664dfe12167c14966c7d305bf01d6b465ef3f81a20a3341a714afab4f49bb620e25660546bf4623388dba6c7b5929a6af2048002d57802e21474309a80ef7b85adebe9ca9b7085189d9528c50588dd07d94a971ec3860181d4b3d0f69b012d5b6d32ee70ed61ae9535e5bd4c1d6347c18b7871c16f930b7bf966008141e595b99c53bbc5d5503e35354f69f4cb5cc859be894330a8f69205766ca25b92711310e8ece5e342bfc0ed3a34f7cf0ee3db398875e57e2df4db241e4d1c1a4b02b7292390f748a9b7f75a792bd1048415d0dd91ff94c3f8a852b1e05984c0e27bbee76ec124da3e7340b0d0cfed83599b89b32e57f3bc6c6276ecf875a874c4ac740d54da80e5f980ab9dae88a550f4ba2bb1ec13c7eb5d3e9eb4a81a4fd70247943d2c1ce693b03c31b4bfffe208643d5e07f3823f71bffc5957c05a53111b1604068738fb88a1b5436874012f3b59eea3d9cb8151fd3919ffbb1e07f3e0afd7f0010358fd74677304b9a18d472ad86c3b6dbac15035980b9ba1c529ba8cf79be6607a3784f8a95571c165a528bbda6dd385abd13dfe575c7d43673603f0237c655aac28f34599d41c5e156a2316ea3d281d9b7e3763bde5204f9ff77e89738fe622c9bbc2eb26c48426b8ff94b33a3cd5b1561876193fbfa4136094eecb179b56f4246a5a4278b94958b9dc74c093364b42e90c6fafd5aad3d1ea6f1f9724a4c3578a0181643f60a09786e2d29f8532c6008d63067ab595ba5742d3ed3bf01bbbee63c65ef9cd9b1b88e17aeab1f82bba1ec73bfab2075d0fb5b2ffbc71d869e79a9f47be7e0dc0cd34a06d49367c6fc9071a794fdd7ba0265a6787683cdf9e641a27c99368695db06c285e53f3fe1b2e4f04fb731e179b9d8604ac323bc68e8d1dc41b15cc29fa4f248d7bf1601f9206e874fa4a5a70ac379635963fa99b55f37171859bd96eec651ae88ffb0978f0744ea54337c6cbab65f101e660be280788854089ef24d55c8a56354d439beccb41619b3b8d328e22307d9cc980d698dfe6621501de5b697de4d952ca99ba27dff5058d67aaf3390acecfb56c281731a657343fceffb25fa6881e06d23e2e8b0fee4bdd7f7faf590a94cee4a2fd1d924c6bf99174bbb022bcf0237313e86141d0e94dee088a47a2105d0be2663bdd2db70318efec062925581de075a073160d621d15e282f42ad084adc5ba48e20de2f07d2dd19b6f395e173dc4e30ce85ce70b40402dffa4e0a6f81258866825564b92484a6beb8f235a59505d75e6a49679149670aff39cd5c873520f7ed08d1c8623988e216082fc0fb414bb9754c199884f3fcef2c372d4f36e977312ec709ad1690177a792b79f39c065077e4901391a53753356a0bf8730610e4f8fefda4b37d32bcba920342687ffe39612c5755b446c558233530035a7d6b15c1f56bacd269d3aa12e80ad44d74558d439e883124469b3f2a26722ada78fe62815755bb1ae7122b807905a9663ed314dbe7956374a780db202178deb6fd6c050b851eef00c98d50db8384af300fb6916d86736df137909ec155f9bebd40929f84f9547a7bac0c9972763f7238b812c34b88cd87740a8f0fa80e80624df086e7098d038d878a2e9b4067cf9728bb280f3d3612a2d81f5a10f8666ad96806a1f134d32687cf060af25b85e619a9685b7f27cb816f97c5f2aa307614dfe9c361e7c330f81a127fc595788963bec22a3dabfd166d07ea5ffb816731ab0df3ac74669a3a084d7c7a771495e6c7ce9717f858bbb814ff9dd3ecba0b5f37aa4d2bf86293c427f00b137edc707df3c6f121cf1a9ec0a6033cd9adbdfe4664768f03d365aca9aa6ab19ccff047c919bf7fa21e61b655901487cffd2bdf384c2d8c8a45ace073f5fff1730da12c3e062f75954b0232b521c06d001ae5275632b740ddfbb2e73007e78756aad39bb0511eb925c2720da7db3d2a7991c97169713503e104000e7b5aa7ab3aca2926f3c9838e1cf2bd19471418ab951e0c7bc90c49b82d8ce736a1f4e47d4850e90fb8c9fd2ee9e4a84c3c04865ef0d7691b8bc79421f444b624b5eb609f9e97d0c4e76aa9c05d9faf1891b6c78ac683c87573d86d2d4350c5117f6cd2c00fe4a1401f24e1b389b14cc505846fdec6e18113cfb32356cd37f046c389dd62d65cced1138ef8a68e76b1d7e0ddbf74fe106e09a8aa42fdda99004865ca5419ccf128372ac0571395544b4a3cbd3c0fe9f0045a53c18cc68f871760b4fa4392ba8bb8bde27ab5ad8ac3a7d937c9aa46b7cc31d75c4161ade1aa0cf89d61f32a40ab2dcd312b802c966a3e506f612b2d2395d5fa0edb2b97b78743ca6262f5243ca411427713d873d6f5e0e8a3dece4e2b16ea4a9fd28080fa22fe43373714e238e6fa8fff793d586fbff96da90ee51c0de7123f0877863ec18869a1a1b67f336a8a4ae05afe004c33b78f3ff13c5f6b2eae3fdf4549b89a4744a93c1b1f3d51b862c42f440a012956528dfc242144f11b20dc07abf98ce7547ae61feb8d5476e9b93d06fae95c8bb14c5fbbc83321a255808d45e5f378bb07763ae1d0faf03f3a9488f86c666d6d3b869617b66db5b3144e5859e337b40488fcef85538a3ab686fd86ea222159a3bfe842cf75b497177e749717f58cc8e0a5ec576c0028d4bdc4943caecb2333827cfb49cd9ea09dcdd7fda97332a8ba83fffc17e8fbda13c8fd14dd9e13cd5aceb6193e995b77eac52268834a8fa59f63b983d654dea3d0425ccd422951ce4816cbfd54b464f8a415fd1e0d50c2b7ba1a5421a62a7491963cc7e182c3902730ac003395107ddee1f9c533fcb3529001e15033c50a9999e89a3557d433a8c8d7d58d055df15034cad370c5dd8e3c8ec32fb53d892ef1089e8d42053095d1a82876cbfdc6232372eb444e52d4c8ce8e0a50d0687014a728d3c039254574af8eb3d55bb78fcb989884b7c20209fbd0da94b1bd01971584882dc498b68e787ec4eb3db6d4c2f409c36800970711559d457726dbaf2f065952166d734c45aba6ed33575757c4374ac09dd2cd339de5580d200d1b7d44ae97f3ba6abeff35d43489bc50d84a4654a537e9fcb8016f3060a094ea55cd7af3939f09a450da2566c544522a27605c0e1d88e9880e8da49e6ab27b29c0d8f6f2155822e5c02aeb3f7b42e350859272168ba0bfbad29cdb909ebcbfe83444fef87372031d9dd77673c72a03d8d7311c69e968e713b020a274052949d2f88b499528651703b96a55dd0779e632eeafaa323dd625ac745444390c57e7e9ff349f67daa2a656cf98322fc7cedb3e0860a762510793016e79048abe6829fa1904f3aaead5e93d1986324e06d204eb044bfebb36c97a49e574be39710bab3fb79cf4ad815d3952b9d50e0b3efad129733a6bf73a7af46bee01922a9e1ea93bce913894323affd766562b0a4cc67b5c93b195fa1b4da7cfb81759180be88e444cc7d09adedfed70f93eec9151b94453d3989cefa72bb68718e7f21bf38d25f7177ecc5d36f246ad1c4a3b6fc19e34f82509a59593b325fae26a9d1ee736c6e34c9c7b6ef09f68bcceaf3bef5ef98a750272de596f5d37258521210618678dbc5cae85fa0cbaaa44e0f249f3434d3f15d04c3fad8dcd7a1421c7bb1794c1943a5495d91fc4d312ec8ef718d4603d03e71d95451c46bb9c6c8acb4b85bfc9b02c72ce6b41fb39a1c85943adad53963db60077f544dfb5a95a02f7156edcc901ba288d7aefc4d556bc4e15098fe29981763c7ec017206da287a48d9edd9a494ba191e44f131f0d3a2e91337541b951f304f25d5dd12db6f1c1d97052fce4e077395d2bc6198349113f86478fd7dcf62544190fbcda5d46df85770a948ad6c9e02002029ff642be982ad45d92980926e47c4edcb6161dd3c513e1ba30947de2ab507569b83c884e1de4fa183ed1a7a3869e2d93f020a5da9b21be3ddf9b8ff2e4e0427c6672f8790188ffab87e64a6a92b41db9bca282f542b8d18590b4a6be7700edc63f5506b0b23b3e0d06375a771219cdc7ab65c0838ee4896988b6911f26372c1b8db98f49d93944003e13afc3a1885d8e3754a9e34c52e8fcb7b2d69c683541490d1ea9f6b863c557d41ce8c3fcef69d3bfb8c6ea82cb11934e16e7c98280abdbe69abac7c3721fd7bd65ac758753023947a11ab30fa9a796be34aae24c0d09e50847a616f30b480bbf58cee9cc7b855ce7fde3fd93f7b3448001e28736dde10dbd3d389798995a8616d284a7f2545a6ef9da703629872b668830b7b261b20e8771e8511caa2c6a0cc47c5af93e3f010a64d4892f1dd6fc533049ba36e8d366fe2dce00934a955faace3155d345b779df6b0d9daf011a6ff2c77a747061aa33ea16f295c8a35e030df55252dbb79c0a925bd3082caa95a5dc2bee6d215a5eb548359c04283f5c94c459e6b01b9528aa0a75fd16c76e5f5b6507577b3d80fe36e288440f54282d4432effa0016b2388281f79aeb240bd92a806f69de7cfd518443f3838cd9d610c32968af54ebb1a015f1f82c5656334d3d6b5c7d2e5ca2fa216d7a43dabc7c69ec544411cae7984c85fe2ae7fd5071f5025d7a9b22d0a3f408ff4cacd33abae10dbdd4639b64fe725ca124ddaada1e3d26f863b11bd0498438aa8119e8ab65bbbba1a84182abb7540f6b589e9f42de849cbc09a95dd1329c6bc824e71e9b6ea41d8c2b0c40e07a02e222d88b15df19c29ff335a4fb36f348ba18d5aecb36dad578028ad0a158edb086e90133c55adc841833a17334fe2b2d06c2cfe3212610a4ade3aed391f4bf88f2a669db76a04afe997460e9d994fcd7a4107c6e77184f6e0be34c52c10df29eb7f2850b39510cf9b2d5e696b978169fffc1d7fd4b9e5f49e630b8c9e1f095cb1830a9b3071abe5f7a4be0f9cf7a23ddbca3aa87752f90774e7c7f0c40d0e5ff8859c22427270e6565a3071aad321dda95931dd3deb5b3364dd77a625e1ebf0dc8c8b712965505cb745bd3bc2c1de5aa4e423cdfa56d4d3e15e45e0f27a3244bbd7f4b9bccf7540d5279d55224cfb9c03918b3ffb5924e26905c14d792294cb7f952c607e4b19322e89e8d0e9477bd5c0fa0601023ad797348b6c6ba4bee8a4eb7b3f246e4f5bd053c00334182030bfb37f7d2525070864691ddb0fc6c733d2d376a9759133ffd0cf8dd2d68097ac726862074696ec135a9a867a6b5bc1e4c75b7101e1a1d7833bf60d25ec0c223b72588cde51ad3ddb01006a7283971701520325b95e029f5330425121e25ea3b4f4b134eccaedc46765224d331911464a2cde831a1c14ee48febdd55d3fa4ac1ce1be1119dd1784f555397559d0830606b9f5c8c2e09f7e98fddb6bc4059df5c6f4451bb4c44eb6d65c9f5dc0b28a7ddbefa9b476e9235d8bb8aa971618c6cc99d46b938c2265849", 0x1000, 0x3}, {&(0x7f00000012c0)="bd1c3ebf63ffb04f268850840af736a8361e55b745ff99419e93a0e0bd01287293ea19fd347d0aeb41eb9f6cac67e28a9572c2f938cddaf24ab178a7e542b6ec3a571b67909571952ef523029a870dcd9f10a9f55c52b5f582e31b9823ea6e48847caa495fab89498783d59ddd0ca1ebb067068d8cbeea50f74dabc1eba2ff19afd33e0f8901ab74af61c944a81b5d379c9d1be2023fb6063999e0e8d4e5b01aaac441f17d29434f26440fc684bc0a26103c46de65a018da9e529acf2aa794073c5f850e661cd723854807297eeb578047ff6b61338a79a75733760e6e86214a74278875fb6f535ea9cde014d6d6daa2caba7a9e46cee4c2c5500a07297ea25c51c8259f7b5ce94e66aec6e469b138d25797b2d2dc37de66035cd627ff6d56556843e71d6f5796ee476a08fcb4792d46583e385b3a13227838800084cabc8f85aee0304245d49ad2475703f17c376685a6fb91331b904b04e355857f177219371a570afcbb64376688a4ccb926327fe506e08c4aa970ce37c2fbcc8c6497589076ff1fba80d3a3e00efd8aacf52d250325ab0b35e1dc511cfaf6f2a6f4a487d175c9d586795b52f5044691be163cee2be2d14b6265e6980484d0ed776d3a79297285f357fd7fbd900d5db36c2deb6ab8bf62e853f480efb4d3964faf51b85cc7956732c6f613b36eda5c58882d94715d9ac03bd641a94b9ad4fcf1b34667ea3e4498a3ac40081dc851b12d60da23c8632a6daa373d4dd538a3ba451c8271e1983ef7f43e00e52fc7f6e0139368594db2c4ac95a269b34304541060e507dc210b0452da80cacc49fb34c32a72e557285822f59a68056b2ce33488b9997c1c7223a2e4baf533cbdf718c34da90764e1a5055700e4ffb54a6d6fa288589ba4ea513cf1fdec0c8b35c1022626879f44622ed0339f957885ac5ed9187a46feeab1a5f5a40139ccb52717f111ef98d2d027226e21fbf32d82f50d4d81fdfb5a9848473a78c1aab0def2f20885a6ecb840f262a9179137f15e7d0b5deb91f9e0f2d041a8cfd7272549ff59f169cdaf7caaff0f965b14a3405ad1aed08bb452c6dddae1c21dcb1b80085f871dfe4c37670508dfb7b8b77084c58e2bb1aeb8057086f2b05c3b07c105315715b81abe3c407d9f22898a95928c9798d87fa6cee821989a3c2da4d219012bc11ecd13407a56d609e429cfb557a7127c02536bbe17eebc67ff1204eae8e0e4b3eca53f088b47a21489515c5efb99392fa6c224ab4efcabb54b7972c1132e2ce635cd9fecda382943c8d7ea79243ee4002243903e895fd51087b18d4eb2c949023e6323583cbd1ce337b3e2c222d0d45947821a75431c05aeb742e2c175655d5969d10ff47398d7dec1b7a961096d879a5d806e728698b5434d7c41bdc26f21b54e6d263dc9f9c2ab0349353b9c8deb3686514cc343029c69733534ea6bbf0960943cf9c528066c23b37c38f57a21f34997a5b695c0890ed6d3e179f998a7d41cd5c30b0e97a00816ee274870ae9f019ce58ae427227ea68ab03709143c944f1d05a357c63a18890ca70503b7ce768e353f51b178be73d821624633a5d57e6e8c3e76b9ea620c284692b31286c76e0c0799ea576b9ecdfe7cb7fd2639a285c4ed816ee942c4d2dc1af93b77d5cd928c3e1f6c4324b7f682e29dff731ea9697ffa1e72c1524f39a502b8845e51de66058ba95cc8a5edbeec6689c81a959066195fe2ef53d1978d3a515e0a7fa0b88e38aaf27145e19988ffd8c3b17cf3de69001fe2f93548c3c39aa32f5a07777ed495483ceda1886caa2d52308bdee19a6596558d853c0e6948a6ad933ffa6c025cd0e8f9671d10e786285816d10f3e02c7b3e134f23dfeed0b01d08184c07cfb912d7af98e03fd7140c7a94edf85c58c0c8a9386d67db478cb3e8da1d580f87e3e0e1cbc825e56c5c0639dafe75fd566aef24288063f9c5a7091934ce24e932ce36cbab3a58bc2ca19b4efb71778a0b2791cc41d1a614a1bfaf8f63dcd3e7d4f5aa08319c1ec88755e5d71bd75c300ae3d395b2640f4ed60d5ab550b9f1b443d668cc24d8a30d9310b919414cd7f4742c329e230e86543ed8fc365b7e617163ed985c012178aa2de434285cad0db82cee5646e68825e1019b2ccc8b0ae2a9132b27932638327cea898d41264bc98ba30c7e6c3bb6035ee45798d6516135df1b26ebeede797fa8f2a6ef76de085f16fd16fb63ac9f95b80b9cf64ea0fc042089b8a6201719364c497924e5f5cc33292ec1d467be81fcbddf733ebdaf2841b1243673300e4d399c0c71534b1b2e6cfecb7779ea259b647765d21f42719e8dcda0759e899e83e9c002569576584b6ebd73b00f0327dceb42362d2309306ff98174fb405f24ef14193c8c275b92d36d16b119e77b62671981690fe5af476b13d81873c6278ace7b9b36139070d9b4f34f0b2abf2cb38f76492e569423457374436a54edac3dc88440401dc0c8b52ee1fb99c03b7073f0b6a5f75aa6e4bb132a699155b2383dabbb716169ca55ac823ccc40ab2ac87a524d577084d9b9c96c30e7720465390207406139d21e0172d30a8ee67dbbea1cd3b79921c54c045785026b9ee1a0aa8bc0fdaf509b99828ab8cc41071abaa54faa6ec288822457da9544ab1677155835999a8287814961c66c165a577d9bcb09620d1f3097db2d7f1bd52c2498860880966c73f0c858a1b081916df91bb3b2d8c263d890b3749e8fa4523d778687bf9c081bc25642a8b8f728cb51423ca479cc8ccb5ca6f0740278eae3f5fa92fbb243884c86de7048bfaebc686a420797efa7edc741423f2dc43ffe9d261d41f56b660c4ba3ebcaa48f94bcfe806bfb202e7de3dc26fff0ad24a48915b6f143c86c0d91b83dfadc32c1bc1743354c65ea649c4cfa917fbb1e1a0f9e3680a3a9774ea01e60e0682a9e1b05a160a413a5a28847885c7f3a3608797fd3446e7b7ed9bd0b957de47d55eda8b1643e2f5af5288732b1a2ff4a7d68248c6d61e06c2eade0dd8227594c16c44aa2a320e8b795e4500f39f77eda20589bc2fb4c3280436c7a45880bffc61f0dba35df31d2421ffc32a7164f780fe617f89db4a21b269f3ccbcc0e0fac51b498696ac2cd81fe4cee464198c5fb36940057e038d9ef87b56db3c60528d7cdf93b9030e4e9ae6c737c204ea8ffb259feb2ba5e3b8908dfe191357391adca98d8b68510adbc11d62d451c47524e82d00ed4d5ff8d3e727bac5b441d92fd18b2274b3ff8119fc7d0d8be2bd42613224ce08c792cd0f05ba8138c743218e730a50f2cf8cf03ed41aa63d52bde17678f37fd4de38f7ae4caf80151e050ccc99c9dfbfebea761cfdd2eb6ef4daec13a743f2339a9bcdccdcf840c2e6532ed22046914d215a7c939a28b97f728332ada97dd26cf8eb6d38b93ec1ccee758509b3151f821cb6ecd8a32b03c2d884efc222cc513246440384bd0b4e3c987f3a5c6a014a969a1b06af6aa35e1448c763ad1982f750b72ffaf6ee4f814a424dfdb1b4c7d80f6c6c4f793316d23817616d325596ea926bbab06110d47f37bfdb6bb1bf07ab19f633befa98324939369f8d6693e7d0c76452963ea33985eede1246314a5c578c6ccfdcadf80af202528d1e9eea309262ac32adb069959cb8b02b321acf292959f3a36953a33633f023462fa592a6fd2d46bf66c290b839fcf3c372aba5259dc8de1a08dfa4fc6192fcec42cf2c98d4a1fa247bd18c121f623fcde67fe355171e5f6c0ff111a356f71cbb22d7fa1c0872fe2b3dd49dd4b02e69746930b42c17c41d52f16789f388fa41670b4cfd6685a71a19eb33c06b189fa381ecbe19f82b3bbd5c87e67a5c6dc6afc3895a5101d7ccef60f124a63d8e3c1220f9d941eaef3c0ae161f972679dd64b35ed75af56dd51cb9c110291375d99ec6ff21d3ec787c635c9adcd8532c4325231306332bd791a93d17de0bd023615f5f780783bbf21676e108f7e4e97f87a52e7aea5e4b3ac5d0a605d7ba66361dd4eb2efac0bb9c44b75ba8148a730dd5ebd9aab3d305f0454ffe76c09e1a14f47576c510c5f1022558e419b27e0039c9bc168e85ac8a612eb18c6fdf0076fb225e4d60c145a4f0d88917b4e784e89ae022f823f1894b15ddea12c6b15bba2ec1e3a3e39a5d24b1ec80fee5a11ff341202dc4afae2242400f5fd04f13e171a0896ff5e239516cd1661919036e916abda1d6a8fa594020c3bc5c77b2964eecb2f4429cea5b9a0e25f09175bf49b5d5fad00bf54ce93571447e827681a1b3834348c4bc03f908aced8fa08a864c43d950a362ecc3214e98ff9de0a394e5ad8d36f6ca18c9d9a648d440335aa70e8840b168edd59a4a9fb230fe88759076dbddfd24ac840a9537dccb308b959e9809278ab793eabf54532f65c3ff6261b921d16689d2a295c6a34db78fa88bed2043c3aea85e6d4c2f4e42fe796b824804e5175e26aae07aa32b720327faaf574e60b096214a2f364f644ecb1a9cb4f3bb81deb326e2d519d0e41be1b51820a700e4bff930f5469e3dc5cdf78658766b0eada393105d65ef69007c1ecdf1005e4a63a88acf583322d502deb6f00960d71b30b261e19eb510f88e9291a8b21c77c3b1835c23c0f5c969fc5a9655d24553092600d8e1675188572cf7ed8653b18df940eb13e85e3471d3cf70065f303f3ec252f5634bdb81b7a4c1d14bbb72a922fc8a736aa0f203ae6eeac3c5a336426df2716123738afc722e684ea6f1ac9f95279c54bb62d70a5c648ba4b1e7e94da6c7ac7e01287e930c9240ccabc91f993f3a0d4e158cade6a8c8f27adf60ccbf6af8f066240d07d675d0ea4158745a73792ced649e035525cad9ee6537d4ce008711b596cd6a0c7829f70a0193827645c97e2f8eb39f008d88ecd6d46030b38ee0461af9b46fa7bb56632fc8f34f6a7128ea0fe66c4f27ebeb9bf362aad05960df5ec05fcae81db9f46779f3b64008be485c03ca9283d9c2a79944a4707cba78cdd37edf4440c7a48f278dae471654b7e773fd672106a51600ab9a6c064d56a3c56f6ae07582dd416ec23fa1d71f7933aecf2d0f973af4d6daf8c4848da733254070e93c68ac3ddc5e497d10b45718f68c22c86c312f68d6e6a8a0adcd28682e4048abdf9c7f1edb046411793352727099e9a1fd21641441b45a2a40698c6db37fecc74444e0a576c04e11c6bb13bb74cef339a2ce11e2a12115821b3fe1eaeae9540aea884a885fba02b5ba95c3696c989039404e6055cbcc7c266fc493e5d7feea4f9518864195532c3a8d6308bca1ae2409c8a112dcf3eba5a62d415ed2b2760e016d0d1730a18e160df78aa57fb0af3f0e56801417540859b6450e52f5fc7ac93ab7f17559f2928bb5255a889d6279b29278103a8665e155f585349f8cc0c6941690777e6b94800127b93af74db5ed2917f4b0ceb6ff1670a0f692e180504fde818ff035ef04ce698a562d40c3abe9f1f3456028a107465ba31365869d6bffb223a04d9980f12e139f8e3321daf6278134bfc8fbb490afd3d517d86391b033ebdf0548fde5cce5762c75fcdc358fb00a5f31e537e353e5ab12d669f15629673f555d16580e54d08a64290cec807f1286a9c54c6055e5c446a667a27f100f34450f3b69ccf4615d0d48d239e32d24110c396522c56de95e45a71aee30c8279a9f8a2dd6a8e951c3d5e6ffa29bd14bdf6372a071633cfb7b7d7b45cb59a506c265d6dbc18d8c414b135a49c78497be7aa958ee56f102e2df685f15560e167ea994ab46e7b7f6ddc9101de8d49f11b5aad5", 0x1000, 0x4c}, {&(0x7f0000000080)="67906457379aa0c9ad52a91412caf7979d130efad2e8b9917e67d0388527cc312fd30aea29ba3e84defc1a45a6f3b0819cc97fa5db8ac49f659261aa41a53d2352ef75ad375297408060fb773f3cd3bfc5aafab91c2f0176ff9946c7de2314429c63bbc62e82e7e24c2fab868c7f2ff5fc70373152751ac1c8be6646456b3c5949d5bfd9b915efa9f9d642319f7e0da8bc884db25ea697ac10d9507e45c73c2d376f0c622eaaa5961ad3", 0xaa, 0xdc25}, {&(0x7f0000000140)="8c85bba0e94efbebfac2f7fd3137100834c53d97fba6253c175959bd72831fddac5b96a9ca3f70759786560e19f6c31e13afc5a2b35d4c59c3abe1826f3e5e46a75287c3ac43899b1040f86c3e6bed770943086d220409f6f42190041dd572aa2c961a93e70a9a8a6cbc8a22523868836f4b334311dfe0720b8dae8624583e8ab67a0418f58c92c411873082c482ba9d293fb2c87c871279f7a45393f3e5078fb8a2e61e02f0ecac2f40a229500028fae0daea67f2dea7f0802a5a9d4076214ccbeee69570d0f9200d715e089cfe6b532c6b4142fd7d2e41f9fbec2d1fec973d", 0xe0, 0x1}, {&(0x7f00000022c0)="2e844af31fe8fd4a8e943547b6700b36b5291b22d84946765484d30cd66f3059b24e0d1a94cb70fd11610c98414aaf9b5c40df863da399da8f1943fa83a6360ff23078b7660644bc030ad16da3e22f6136e280e49bb633e4f4e73a49652de133f542156fb6686fe0f917f232eb364cb5ecd70bbc76e78336461c10066e44fec69683356da35e679cf641", 0x8a, 0x7}, {&(0x7f0000002380)="8c4e9bf382688e7699edf4c7ee58c69769e856bfa30c2dde9b6b25da93796c312e67b8a4e5960c4df656535f515e64e001a20be3f74a1ca22f815039c81603b6a4c6deb5374bd311b3725951372b64cebdb25a2da82aa0db8a4fcde2b0b577ecd18e0e278842daf517cbd0d4a4a7bfd37e1c4edba2cd24ead48b468390501bc60243109d19a21a7a8f0a34", 0x8b, 0x3}, {&(0x7f0000002440)="b885930f75f83b67203b82f6bcd9e2430a8accfcc2722b23d457a790f4069999295cfd7d52ef7fc33cd0c5d7d58dffd9353fb4b8a2629ab6e246f4607528720fb854a819618e997e541ca78721eb3f4d7db6a78d506d7fd3931c393237b0aecf08eeaef88c6a0c5aa7011469", 0x6c, 0x1ff}], 0x1000000, &(0x7f0000002580)={[{@size}, {@size={'size', 0x3d, [0x2d, 0x70]}}, {@mode={'mode', 0x3d, 0x8001}}, {@mode={'mode', 0x3d, 0x5}}, {@gid={'gid', 0x3d, 0xee01}}, {@gid={'gid', 0x3d, 0xee01}}], [{@pcr={'pcr', 0x3d, 0x28}}, {@fsmagic={'fsmagic', 0x3d, 0x5}}, {@fsname={'fsname', 0x3d, '\xe7-'}}, {@obj_user={'obj_user', 0x3d, '!+$'}}]}) open_tree(r0, &(0x7f0000000240)='./file0\x00', 0x8000) pivot_root(&(0x7f0000002680)='./file0\x00', &(0x7f00000026c0)='./file0\x00') [ 124.999276][ T5904] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 125.007236][ T5904] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 125.015274][ T5904] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 125.023373][ T5904] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 125.032614][ T5904] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 125.040648][ T5904] 07:33:51 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000022) 07:33:51 executing program 2: r0 = memfd_secret(0x0) r1 = openat(r0, &(0x7f0000000000)='\x00', 0x440, 0x2d) fgetxattr(r1, &(0x7f0000000100)=@known='trusted.overlay.impure\x00', &(0x7f00000002c0)=""/4096, 0x1000) epoll_pwait(r0, &(0x7f00000000c0)=[{}, {}], 0x2, 0xc7b, &(0x7f0000000080)={[0x3]}, 0x8) mkdir(&(0x7f0000000280)='./file0\x00', 0x10) open_tree(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x88000) 07:33:51 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 19) 07:33:51 executing program 3: r0 = accept4(0xffffffffffffffff, &(0x7f0000001200)=@qipcrtr, &(0x7f0000001280)=0x80, 0x80000) sendmsg$NFQNL_MSG_VERDICT_BATCH(r0, &(0x7f0000001380)={&(0x7f00000012c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001340)={&(0x7f0000001300)={0x20, 0x3, 0x3, 0x401, 0x0, 0x0, {0xa, 0x0, 0xa}, [@NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffc, 0x242}}]}, 0x20}, 0x1, 0x0, 0x0, 0x200000c0}, 0x20000800) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r1, 0x0, 0x0, 0x7fff) ioctl$SG_IO(r1, 0x2285, &(0x7f0000001180)={0x0, 0xffffffffffffffff, 0x6a, 0x81, @buffer={0x0, 0x1000, &(0x7f0000000180)=""/4096}, &(0x7f0000000000)="e5897f3d72973a42d8112a12694e0e51f90d6f4d365a42b7b2e90efd4139a9b8ba9ba62513ea0f506bfaea94e84ad614fc2514fb683793572e5b6beaacac39934e93217413cf1808777c34652528a02a53dda6ece4941ffaf5dd490b47d5e113587f8fddf14e173ba80f", &(0x7f0000000080)=""/127, 0x5, 0x0, 0xffffffffffffffff, &(0x7f0000000100)}) 07:33:51 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4c000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 125.236882][ T5929] FAULT_INJECTION: forcing a failure. [ 125.236882][ T5929] name failslab, interval 1, probability 0, space 0, times 0 [ 125.249617][ T5929] CPU: 0 PID: 5929 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 125.258105][ T5929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 125.268516][ T5929] Call Trace: [ 125.271788][ T5929] [ 125.274706][ T5929] dump_stack_lvl+0xd6/0x122 [ 125.279624][ T5929] dump_stack+0x11/0x1b [ 125.283761][ T5929] should_fail+0x23c/0x250 [ 125.288160][ T5929] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 125.293428][ T5929] __should_failslab+0x81/0x90 [ 125.298300][ T5929] should_failslab+0x5/0x20 [ 125.302898][ T5929] kmem_cache_alloc+0x4f/0x320 [ 125.307734][ T5929] ext4_mb_new_blocks+0x328/0x1ee0 [ 125.312832][ T5929] ? ext4_get_branch+0x27d/0x2e0 [ 125.317748][ T5929] ? blk_account_io_merge_bio+0x1ae/0x1c0 [ 125.323453][ T5929] ext4_ind_map_blocks+0xb1c/0x1740 [ 125.328700][ T5929] ext4_map_blocks+0x6e3/0xf00 [ 125.333446][ T5929] ext4_iomap_begin+0x4b0/0x630 [ 125.338288][ T5929] ? ext4_alloc_da_blocks+0x100/0x100 [ 125.343749][ T5929] iomap_iter+0x395/0x4a0 [ 125.348164][ T5929] __iomap_dio_rw+0xb78/0x1070 [ 125.353037][ T5929] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 125.358860][ T5929] iomap_dio_rw+0x38/0x80 [ 125.363175][ T5929] ? ext4_file_write_iter+0x501/0x1200 [ 125.368678][ T5929] ext4_file_write_iter+0xac3/0x1200 [ 125.373995][ T5929] ? ext4_file_write_iter+0x501/0x1200 [ 125.379438][ T5929] do_iter_readv_writev+0x2de/0x380 [ 125.384739][ T5929] do_iter_write+0x192/0x5c0 [ 125.389327][ T5929] ? debug_smp_processor_id+0x18/0x20 [ 125.394682][ T5929] vfs_iter_write+0x4c/0x70 [ 125.399168][ T5929] iter_file_splice_write+0x43a/0x790 [ 125.404524][ T5929] ? splice_from_pipe+0xd0/0xd0 [ 125.409428][ T5929] direct_splice_actor+0x80/0xa0 [ 125.414421][ T5929] splice_direct_to_actor+0x345/0x650 [ 125.419790][ T5929] ? do_splice_direct+0x190/0x190 [ 125.424806][ T5929] do_splice_direct+0x106/0x190 [ 125.429692][ T5929] do_sendfile+0x675/0xc40 [ 125.434622][ T5929] __x64_sys_sendfile64+0x102/0x140 [ 125.439803][ T5929] do_syscall_64+0x44/0xa0 [ 125.444202][ T5929] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 125.450134][ T5929] RIP: 0033:0x7f7c25405ae9 [ 125.454528][ T5929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.474119][ T5929] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 07:33:52 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000009) 07:33:52 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000000), &(0x7f0000000040)={0x0, 0xfb, 0x2a, 0x1, 0x8, "b930acf173f865a9a4debeddad09b019", "2e61f983adcc6f2aff83f180e82dec54e468fdf8f7"}, 0x2a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) 07:33:52 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount(&(0x7f0000000000)=@filename='./file0/file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='fuseblk\x00', 0x0, 0x0) 07:33:52 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x60000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:52 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 20) [ 125.482619][ T5929] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 125.490866][ T5929] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 125.498911][ T5929] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 125.507142][ T5929] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 125.515213][ T5929] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 125.523169][ T5929] 07:33:52 executing program 3: r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/mac80211', 0x200, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x68, 0x2, 0x6, 0x101, 0x0, 0x0, {0xc, 0x0, 0xa}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x3f}, @IPSET_ATTR_CIDR={0x5, 0x3, 0xff}, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @mcast1}}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x1}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x40815}, 0x4014) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) 07:33:52 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x68000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:52 executing program 2: mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x4) [ 125.609113][ T5946] FAULT_INJECTION: forcing a failure. [ 125.609113][ T5946] name failslab, interval 1, probability 0, space 0, times 0 [ 125.621768][ T5946] CPU: 0 PID: 5946 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 125.630101][ T5946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 125.640231][ T5946] Call Trace: [ 125.643513][ T5946] [ 125.646439][ T5946] dump_stack_lvl+0xd6/0x122 [ 125.651039][ T5946] dump_stack+0x11/0x1b [ 125.655256][ T5946] should_fail+0x23c/0x250 [ 125.659681][ T5946] ? mempool_alloc_slab+0x16/0x20 [ 125.664711][ T5946] __should_failslab+0x81/0x90 [ 125.669706][ T5946] should_failslab+0x5/0x20 [ 125.674235][ T5946] kmem_cache_alloc+0x4f/0x320 [ 125.679048][ T5946] mempool_alloc_slab+0x16/0x20 [ 125.683943][ T5946] ? mempool_free+0x130/0x130 [ 125.688675][ T5946] mempool_alloc+0x9d/0x310 [ 125.693188][ T5946] ? preempt_count_add+0x4e/0x90 [ 125.698140][ T5946] ? _raw_read_unlock+0x13/0x30 [ 125.703031][ T5946] ? jbd2_transaction_committed+0xad/0xc0 [ 125.708832][ T5946] bio_alloc_bioset+0xcc/0x560 [ 125.713604][ T5946] ? iov_iter_alignment+0x34b/0x370 [ 125.718965][ T5946] iomap_dio_bio_iter+0x5ed/0xc70 [ 125.724031][ T5946] ? ext4_alloc_da_blocks+0x100/0x100 [ 125.729426][ T5946] __iomap_dio_rw+0x8b5/0x1070 [ 125.734256][ T5946] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 125.740141][ T5946] iomap_dio_rw+0x38/0x80 [ 125.744632][ T5946] ? ext4_file_write_iter+0x501/0x1200 [ 125.750105][ T5946] ext4_file_write_iter+0xac3/0x1200 [ 125.755529][ T5946] ? ext4_file_write_iter+0x501/0x1200 [ 125.761062][ T5946] do_iter_readv_writev+0x2de/0x380 [ 125.766267][ T5946] do_iter_write+0x192/0x5c0 [ 125.770957][ T5946] ? splice_from_pipe_next+0x34f/0x3b0 [ 125.776442][ T5946] ? kmalloc_array+0x2d/0x40 [ 125.781025][ T5946] vfs_iter_write+0x4c/0x70 [ 125.785571][ T5946] iter_file_splice_write+0x43a/0x790 [ 125.791046][ T5946] ? splice_from_pipe+0xd0/0xd0 [ 125.795984][ T5946] direct_splice_actor+0x80/0xa0 [ 125.801036][ T5946] splice_direct_to_actor+0x345/0x650 07:33:52 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000041) 07:33:52 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000004, 0x10, r1, 0x622fa000) fallocate(r0, 0x0, 0x0, 0x7fff) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r2) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) 07:33:52 executing program 2: ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, &(0x7f0000000140)=""/237) r0 = memfd_create(&(0x7f0000000300)='\x00\xc2\xea\x99\xbb\x1c\xdfjw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00'/204, 0x0) write(r0, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) ioctl$BTRFS_IOC_BALANCE_CTL(r0, 0x40049421, 0x3) 07:33:52 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000000a) [ 125.806483][ T5946] ? do_splice_direct+0x190/0x190 [ 125.811498][ T5946] do_splice_direct+0x106/0x190 [ 125.816366][ T5946] do_sendfile+0x675/0xc40 [ 125.820856][ T5946] __x64_sys_sendfile64+0x102/0x140 [ 125.826136][ T5946] do_syscall_64+0x44/0xa0 [ 125.830692][ T5946] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 125.836681][ T5946] RIP: 0033:0x7f7c25405ae9 07:33:52 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) statx(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x6000, 0x400, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x3, 0x2, &(0x7f0000000140)=[{&(0x7f0000000080)="2e946086c6c2ef4a005db7c342f6f19e79e25f4ad0fae9cd7b634defa55aa083f4c96c906396e11afb6839ce13e60d32b7a8404d4e674f5dade244463daa7524b13bee26a2c976a9838dfe6f507c6b7652", 0x51, 0xfffffffffffffffb}, {&(0x7f0000000100)="2fc75b9e9389aec939c5aa30bc93ee2cd9012a0aae7f9fe44ee8c3069a3ecf73a41089a96eed2845", 0x28, 0x8000}], 0x404, &(0x7f00000003c0)={[{@commit={'commit', 0x3d, 0x80000001}}, {@norecovery}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@nolazytime}, {@journal_dev={'journal_dev', 0x3d, 0x401}}], [{@subj_type}, {@dont_appraise}, {@fowner_gt={'fowner>', r0}}, {@pcr={'pcr', 0x3d, 0x38}}]}) [ 125.841103][ T5946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.860769][ T5946] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 125.869333][ T5946] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 125.877348][ T5946] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 125.885317][ T5946] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 125.893295][ T5946] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 125.901288][ T5946] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 07:33:52 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) openat$cgroup_ro(r1, &(0x7f0000000000)='memory.numa_stat\x00', 0x0, 0x0) r2 = memfd_create(&(0x7f0000000300)='\x00\xc2\xea\x99\xbb\x1c\xdfjw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00'/204, 0x0) write(r2, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0) fallocate(r2, 0x0, 0x7, 0x35c) [ 125.909243][ T23] audit: type=1400 audit(1636443232.591:173): avc: denied { execute } for pid=5957 comm="syz-executor.3" path="/proc/5957/fd" dev="proc" ino=18891 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 125.909288][ T5946] 07:33:52 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = open(&(0x7f0000000000)='./file0\x00', 0x22cdc3, 0x101) r2 = fsmount(r1, 0x1, 0x4) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000040)='\'-\x00', 0x0, r2) 07:33:52 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x6c000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 125.953680][ T5972] loop2: detected capacity change from 0 to 16383 [ 125.968621][ T5972] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 126.023848][ T5981] loop2: detected capacity change from 0 to 16383 [ 126.037871][ T5981] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 07:33:52 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 21) 07:33:52 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x6}}, './file0\x00'}) r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0) fallocate(r1, 0x0, 0x0, 0x7fff) 07:33:52 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x74000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:52 executing program 2: prctl$PR_GET_FPEXC(0xb, &(0x7f0000000000)) mkdir(&(0x7f0000000280)='./file0\x00', 0x28) mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='devpts\x00', 0x400, &(0x7f0000000100)=',+).\x00') 07:33:52 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000044) 07:33:52 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000000b) [ 126.228343][ T5993] FAULT_INJECTION: forcing a failure. [ 126.228343][ T5993] name failslab, interval 1, probability 0, space 0, times 0 [ 126.228986][ T5989] devpts: called with bogus options [ 126.241088][ T5993] CPU: 1 PID: 5993 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 126.241110][ T5993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 126.265175][ T5993] Call Trace: [ 126.268458][ T5993] [ 126.271479][ T5993] dump_stack_lvl+0xd6/0x122 [ 126.276092][ T5993] dump_stack+0x11/0x1b [ 126.280248][ T5993] should_fail+0x23c/0x250 [ 126.284720][ T5993] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 126.290016][ T5993] __should_failslab+0x81/0x90 [ 126.294791][ T5993] should_failslab+0x5/0x20 [ 126.297733][ T5998] devpts: called with bogus options [ 126.299383][ T5993] kmem_cache_alloc+0x4f/0x320 [ 126.309377][ T5993] ext4_mb_new_blocks+0x328/0x1ee0 [ 126.314835][ T5993] ? ext4_get_branch+0x27d/0x2e0 [ 126.319778][ T5993] ? blk_account_io_merge_bio+0x1ae/0x1c0 [ 126.325652][ T5993] ext4_ind_map_blocks+0xb1c/0x1740 [ 126.330874][ T5993] ext4_map_blocks+0x6e3/0xf00 [ 126.335747][ T5993] ext4_iomap_begin+0x4b0/0x630 [ 126.340613][ T5993] ? ext4_alloc_da_blocks+0x100/0x100 [ 126.345983][ T5993] iomap_iter+0x395/0x4a0 [ 126.350324][ T5993] __iomap_dio_rw+0xb78/0x1070 [ 126.355249][ T5993] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 126.361081][ T5993] iomap_dio_rw+0x38/0x80 [ 126.365456][ T5993] ? ext4_file_write_iter+0x501/0x1200 [ 126.370922][ T5993] ext4_file_write_iter+0xac3/0x1200 [ 126.376328][ T5993] ? ext4_file_write_iter+0x501/0x1200 [ 126.381794][ T5993] do_iter_readv_writev+0x2de/0x380 [ 126.387003][ T5993] do_iter_write+0x192/0x5c0 [ 126.391645][ T5993] ? splice_from_pipe_next+0x34f/0x3b0 [ 126.397118][ T5993] ? kmalloc_array+0x2d/0x40 [ 126.401716][ T5993] vfs_iter_write+0x4c/0x70 [ 126.406303][ T5993] iter_file_splice_write+0x43a/0x790 [ 126.411688][ T5993] ? splice_from_pipe+0xd0/0xd0 [ 126.416549][ T5993] direct_splice_actor+0x80/0xa0 [ 126.421568][ T5993] splice_direct_to_actor+0x345/0x650 [ 126.426943][ T5993] ? do_splice_direct+0x190/0x190 [ 126.432035][ T5993] do_splice_direct+0x106/0x190 [ 126.436952][ T5993] do_sendfile+0x675/0xc40 [ 126.441374][ T5993] __x64_sys_sendfile64+0x102/0x140 [ 126.446576][ T5993] do_syscall_64+0x44/0xa0 [ 126.451082][ T5993] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 126.457053][ T5993] RIP: 0033:0x7f7c25405ae9 [ 126.461471][ T5993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.481108][ T5993] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 126.489619][ T5993] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 126.497610][ T5993] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 126.505587][ T5993] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 126.513563][ T5993] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 126.521575][ T5993] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 07:33:52 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x7a000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 126.529552][ T5993] 07:33:53 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x7f080000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:53 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 22) [ 126.622994][ T6006] FAULT_INJECTION: forcing a failure. [ 126.622994][ T6006] name failslab, interval 1, probability 0, space 0, times 0 [ 126.635774][ T6006] CPU: 0 PID: 6006 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 126.644180][ T6006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 126.654241][ T6006] Call Trace: [ 126.657573][ T6006] [ 126.660519][ T6006] dump_stack_lvl+0xd6/0x122 [ 126.665193][ T6006] dump_stack+0x11/0x1b [ 126.669352][ T6006] should_fail+0x23c/0x250 [ 126.673851][ T6006] ? mempool_alloc_slab+0x16/0x20 [ 126.678973][ T6006] __should_failslab+0x81/0x90 [ 126.683793][ T6006] should_failslab+0x5/0x20 [ 126.688384][ T6006] kmem_cache_alloc+0x4f/0x320 [ 126.693219][ T6006] mempool_alloc_slab+0x16/0x20 [ 126.698082][ T6006] ? mempool_free+0x130/0x130 [ 126.702777][ T6006] mempool_alloc+0x9d/0x310 [ 126.707334][ T6006] ? preempt_count_add+0x4e/0x90 [ 126.712282][ T6006] ? _raw_read_unlock+0x13/0x30 [ 126.717145][ T6006] ? jbd2_transaction_committed+0xad/0xc0 [ 126.722928][ T6006] bio_alloc_bioset+0xcc/0x560 [ 126.727792][ T6006] ? iov_iter_alignment+0x34b/0x370 [ 126.733169][ T6006] iomap_dio_bio_iter+0x5ed/0xc70 [ 126.738377][ T6006] ? ext4_alloc_da_blocks+0x100/0x100 [ 126.743793][ T6006] __iomap_dio_rw+0x8b5/0x1070 [ 126.748571][ T6006] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 126.754392][ T6006] iomap_dio_rw+0x38/0x80 [ 126.758744][ T6006] ? ext4_file_write_iter+0x501/0x1200 [ 126.764292][ T6006] ext4_file_write_iter+0xac3/0x1200 [ 126.769602][ T6006] ? ext4_file_write_iter+0x501/0x1200 [ 126.775131][ T6006] do_iter_readv_writev+0x2de/0x380 [ 126.780335][ T6006] do_iter_write+0x192/0x5c0 [ 126.784928][ T6006] ? splice_from_pipe_next+0x34f/0x3b0 [ 126.790419][ T6006] ? kmalloc_array+0x2d/0x40 [ 126.795086][ T6006] vfs_iter_write+0x4c/0x70 [ 126.799603][ T6006] iter_file_splice_write+0x43a/0x790 [ 126.805070][ T6006] ? splice_from_pipe+0xd0/0xd0 [ 126.809925][ T6006] direct_splice_actor+0x80/0xa0 [ 126.814959][ T6006] splice_direct_to_actor+0x345/0x650 [ 126.820466][ T6006] ? do_splice_direct+0x190/0x190 [ 126.825546][ T6006] do_splice_direct+0x106/0x190 [ 126.830463][ T6006] do_sendfile+0x675/0xc40 [ 126.834888][ T6006] __x64_sys_sendfile64+0x102/0x140 [ 126.840162][ T6006] do_syscall_64+0x44/0xa0 [ 126.844588][ T6006] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 126.850493][ T6006] RIP: 0033:0x7f7c25405ae9 [ 126.854910][ T6006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.874694][ T6006] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 126.883114][ T6006] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 126.891091][ T6006] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 126.899066][ T6006] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 126.907039][ T6006] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 126.915015][ T6006] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 07:33:53 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000047) [ 126.923153][ T6006] 07:33:53 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x80080000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:53 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000000c) 07:33:53 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x8cffffff, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:53 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xf6ffffff, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:53 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000004a) 07:33:53 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 23) 07:33:53 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xfeffffff, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:53 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000000d) 07:33:54 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xffffe000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 127.304210][ T6034] FAULT_INJECTION: forcing a failure. [ 127.304210][ T6034] name failslab, interval 1, probability 0, space 0, times 0 [ 127.316946][ T6034] CPU: 0 PID: 6034 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 127.325424][ T6034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 127.336009][ T6034] Call Trace: [ 127.339350][ T6034] [ 127.342311][ T6034] dump_stack_lvl+0xd6/0x122 [ 127.346970][ T6034] dump_stack+0x11/0x1b [ 127.351127][ T6034] should_fail+0x23c/0x250 [ 127.355610][ T6034] ? mempool_alloc_slab+0x16/0x20 [ 127.360906][ T6034] __should_failslab+0x81/0x90 [ 127.365705][ T6034] should_failslab+0x5/0x20 [ 127.370274][ T6034] kmem_cache_alloc+0x4f/0x320 [ 127.375055][ T6034] mempool_alloc_slab+0x16/0x20 [ 127.379999][ T6034] ? mempool_free+0x130/0x130 [ 127.384736][ T6034] mempool_alloc+0x9d/0x310 [ 127.389334][ T6034] ? preempt_count_add+0x4e/0x90 [ 127.394337][ T6034] ? _raw_read_unlock+0x13/0x30 [ 127.399198][ T6034] ? jbd2_transaction_committed+0xad/0xc0 [ 127.405025][ T6034] bio_alloc_bioset+0xcc/0x560 [ 127.409983][ T6034] ? iov_iter_alignment+0x34b/0x370 [ 127.415296][ T6034] iomap_dio_bio_iter+0x5ed/0xc70 [ 127.420372][ T6034] ? ext4_alloc_da_blocks+0x100/0x100 [ 127.425749][ T6034] __iomap_dio_rw+0x8b5/0x1070 [ 127.430556][ T6034] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 127.436457][ T6034] iomap_dio_rw+0x38/0x80 [ 127.440994][ T6034] ? ext4_file_write_iter+0x501/0x1200 [ 127.446520][ T6034] ext4_file_write_iter+0xac3/0x1200 [ 127.451820][ T6034] ? ext4_file_write_iter+0x501/0x1200 [ 127.457462][ T6034] do_iter_readv_writev+0x2de/0x380 [ 127.462668][ T6034] do_iter_write+0x192/0x5c0 [ 127.467264][ T6034] ? splice_from_pipe_next+0x34f/0x3b0 [ 127.472772][ T6034] ? kmalloc_array+0x2d/0x40 [ 127.477372][ T6034] vfs_iter_write+0x4c/0x70 [ 127.481886][ T6034] iter_file_splice_write+0x43a/0x790 [ 127.487385][ T6034] ? splice_from_pipe+0xd0/0xd0 [ 127.492243][ T6034] direct_splice_actor+0x80/0xa0 [ 127.497200][ T6034] splice_direct_to_actor+0x345/0x650 [ 127.502617][ T6034] ? do_splice_direct+0x190/0x190 [ 127.507915][ T6034] do_splice_direct+0x106/0x190 [ 127.512934][ T6034] do_sendfile+0x675/0xc40 [ 127.517543][ T6034] __x64_sys_sendfile64+0x102/0x140 [ 127.522754][ T6034] do_syscall_64+0x44/0xa0 [ 127.527181][ T6034] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 127.533158][ T6034] RIP: 0033:0x7f7c25405ae9 [ 127.537615][ T6034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 127.557299][ T6034] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 127.565807][ T6034] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 127.573784][ T6034] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 127.582019][ T6034] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 127.590115][ T6034] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 07:33:54 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000000e) 07:33:54 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xffffff7f, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 127.598116][ T6034] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 127.606191][ T6034] 07:33:54 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000004d) 07:33:54 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xffffff8c, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:54 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xfffffff6, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:54 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xfffffffe, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:54 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 24) 07:33:54 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000000f) 07:33:54 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x80000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:54 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000061) [ 127.964908][ T6060] FAULT_INJECTION: forcing a failure. [ 127.964908][ T6060] name failslab, interval 1, probability 0, space 0, times 0 [ 127.978007][ T6060] CPU: 0 PID: 6060 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 127.986376][ T6060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 127.996593][ T6060] Call Trace: [ 127.999875][ T6060] [ 128.002833][ T6060] dump_stack_lvl+0xd6/0x122 [ 128.007431][ T6060] dump_stack+0x11/0x1b 07:33:54 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x1000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 128.011600][ T6060] should_fail+0x23c/0x250 [ 128.016020][ T6060] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 128.021375][ T6060] __should_failslab+0x81/0x90 [ 128.026170][ T6060] should_failslab+0x5/0x20 [ 128.030771][ T6060] kmem_cache_alloc+0x4f/0x320 [ 128.035548][ T6060] ext4_mb_new_blocks+0x328/0x1ee0 [ 128.040676][ T6060] ? ext4_get_branch+0x27d/0x2e0 [ 128.045621][ T6060] ? blk_account_io_merge_bio+0x1ae/0x1c0 [ 128.051352][ T6060] ext4_ind_map_blocks+0xb1c/0x1740 [ 128.056571][ T6060] ext4_map_blocks+0x6e3/0xf00 [ 128.061400][ T6060] ext4_iomap_begin+0x4b0/0x630 [ 128.066477][ T6060] ? ext4_alloc_da_blocks+0x100/0x100 [ 128.072099][ T6060] iomap_iter+0x395/0x4a0 [ 128.076444][ T6060] __iomap_dio_rw+0xb78/0x1070 [ 128.081268][ T6060] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 128.087109][ T6060] iomap_dio_rw+0x38/0x80 [ 128.091490][ T6060] ? ext4_file_write_iter+0x501/0x1200 [ 128.097297][ T6060] ext4_file_write_iter+0xac3/0x1200 [ 128.102598][ T6060] ? ext4_file_write_iter+0x501/0x1200 [ 128.108152][ T6060] do_iter_readv_writev+0x2de/0x380 [ 128.113364][ T6060] do_iter_write+0x192/0x5c0 [ 128.118056][ T6060] ? splice_from_pipe_next+0x34f/0x3b0 [ 128.123523][ T6060] ? kmalloc_array+0x2d/0x40 [ 128.128124][ T6060] vfs_iter_write+0x4c/0x70 [ 128.132669][ T6060] iter_file_splice_write+0x43a/0x790 [ 128.138090][ T6060] ? splice_from_pipe+0xd0/0xd0 [ 128.142946][ T6060] direct_splice_actor+0x80/0xa0 [ 128.147974][ T6060] splice_direct_to_actor+0x345/0x650 [ 128.153416][ T6060] ? do_splice_direct+0x190/0x190 [ 128.158499][ T6060] do_splice_direct+0x106/0x190 [ 128.163361][ T6060] do_sendfile+0x675/0xc40 [ 128.167838][ T6060] __x64_sys_sendfile64+0x102/0x140 [ 128.173079][ T6060] do_syscall_64+0x44/0xa0 [ 128.177506][ T6060] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 128.183414][ T6060] RIP: 0033:0x7f7c25405ae9 [ 128.187909][ T6060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.207527][ T6060] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 128.215950][ T6060] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 128.224065][ T6060] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 128.232099][ T6060] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 128.240159][ T6060] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 128.248137][ T6060] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 128.256174][ T6060] 07:33:55 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 25) [ 128.292329][ T6067] EXT4-fs: 92 callbacks suppressed [ 128.292343][ T6067] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 128.304637][ T6067] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 128.332649][ T6069] FAULT_INJECTION: forcing a failure. [ 128.332649][ T6069] name failslab, interval 1, probability 0, space 0, times 0 [ 128.345379][ T6069] CPU: 0 PID: 6069 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 128.353869][ T6069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 128.363933][ T6069] Call Trace: [ 128.367298][ T6069] [ 128.370227][ T6069] dump_stack_lvl+0xd6/0x122 [ 128.374892][ T6069] dump_stack+0x11/0x1b [ 128.379159][ T6069] should_fail+0x23c/0x250 [ 128.383585][ T6069] ? mempool_alloc_slab+0x16/0x20 [ 128.388611][ T6069] __should_failslab+0x81/0x90 [ 128.393393][ T6069] should_failslab+0x5/0x20 [ 128.398016][ T6069] kmem_cache_alloc+0x4f/0x320 [ 128.402792][ T6069] mempool_alloc_slab+0x16/0x20 [ 128.407654][ T6069] ? mempool_free+0x130/0x130 [ 128.412395][ T6069] mempool_alloc+0x9d/0x310 [ 128.417100][ T6069] ? preempt_count_add+0x4e/0x90 [ 128.422057][ T6069] ? _raw_read_unlock+0x13/0x30 [ 128.427020][ T6069] ? jbd2_transaction_committed+0xad/0xc0 07:33:55 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000010) [ 128.432778][ T6069] bio_alloc_bioset+0xcc/0x560 [ 128.437556][ T6069] ? iov_iter_alignment+0x34b/0x370 [ 128.442838][ T6069] iomap_dio_bio_iter+0x5ed/0xc70 [ 128.447892][ T6069] ? ext4_alloc_da_blocks+0x100/0x100 [ 128.453447][ T6069] __iomap_dio_rw+0x8b5/0x1070 [ 128.458219][ T6069] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 128.464218][ T6069] iomap_dio_rw+0x38/0x80 [ 128.468672][ T6069] ? ext4_file_write_iter+0x501/0x1200 [ 128.474221][ T6069] ext4_file_write_iter+0xac3/0x1200 [ 128.479552][ T6069] ? ext4_file_write_iter+0x501/0x1200 [ 128.485084][ T6069] do_iter_readv_writev+0x2de/0x380 [ 128.490300][ T6069] do_iter_write+0x192/0x5c0 [ 128.494916][ T6069] ? splice_from_pipe_next+0x34f/0x3b0 [ 128.500445][ T6069] ? kmalloc_array+0x2d/0x40 [ 128.505141][ T6069] vfs_iter_write+0x4c/0x70 [ 128.509650][ T6069] iter_file_splice_write+0x43a/0x790 [ 128.515065][ T6069] ? splice_from_pipe+0xd0/0xd0 [ 128.519987][ T6069] direct_splice_actor+0x80/0xa0 [ 128.524999][ T6069] splice_direct_to_actor+0x345/0x650 [ 128.530476][ T6069] ? do_splice_direct+0x190/0x190 [ 128.535523][ T6069] do_splice_direct+0x106/0x190 [ 128.540385][ T6069] do_sendfile+0x675/0xc40 [ 128.544953][ T6069] __x64_sys_sendfile64+0x102/0x140 [ 128.550243][ T6069] do_syscall_64+0x44/0xa0 [ 128.554782][ T6069] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 128.560702][ T6069] RIP: 0033:0x7f7c25405ae9 [ 128.565123][ T6069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.584729][ T6069] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 128.593144][ T6069] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 128.601120][ T6069] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 128.609097][ T6069] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 128.617263][ T6069] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 128.625248][ T6069] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 128.633222][ T6069] [ 128.769880][ T6073] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 128.777127][ T6073] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:55 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xe0ffff00000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:55 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000011) 07:33:55 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000064) [ 128.882888][ T6077] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 128.890029][ T6077] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 128.931698][ T6082] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 128.938868][ T6082] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:55 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x100000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:55 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x200000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 129.033805][ T6084] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 129.041502][ T6084] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:33:55 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 26) 07:33:55 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x300000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 129.149237][ T6094] FAULT_INJECTION: forcing a failure. [ 129.149237][ T6094] name failslab, interval 1, probability 0, space 0, times 0 [ 129.161927][ T6094] CPU: 0 PID: 6094 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 129.170598][ T6094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 129.180694][ T6094] Call Trace: [ 129.183983][ T6094] [ 129.186910][ T6094] dump_stack_lvl+0xd6/0x122 [ 129.191502][ T6094] dump_stack+0x11/0x1b 07:33:55 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000067) [ 129.195663][ T6094] should_fail+0x23c/0x250 [ 129.200088][ T6094] ? mempool_alloc_slab+0x16/0x20 [ 129.205124][ T6094] __should_failslab+0x81/0x90 [ 129.209941][ T6094] should_failslab+0x5/0x20 [ 129.214531][ T6094] kmem_cache_alloc+0x4f/0x320 [ 129.219332][ T6094] mempool_alloc_slab+0x16/0x20 [ 129.224193][ T6094] ? mempool_free+0x130/0x130 [ 129.228873][ T6094] mempool_alloc+0x9d/0x310 [ 129.233373][ T6094] ? preempt_count_add+0x4e/0x90 [ 129.238342][ T6094] ? _raw_read_unlock+0x13/0x30 [ 129.243219][ T6094] ? jbd2_transaction_committed+0xad/0xc0 07:33:55 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000012) [ 129.248971][ T6094] bio_alloc_bioset+0xcc/0x560 [ 129.253743][ T6094] ? iov_iter_alignment+0x34b/0x370 [ 129.259018][ T6094] iomap_dio_bio_iter+0x5ed/0xc70 [ 129.264050][ T6094] ? ext4_alloc_da_blocks+0x100/0x100 [ 129.269517][ T6094] __iomap_dio_rw+0x8b5/0x1070 [ 129.274451][ T6094] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 129.280266][ T6094] iomap_dio_rw+0x38/0x80 [ 129.284640][ T6094] ? ext4_file_write_iter+0x501/0x1200 [ 129.290154][ T6094] ext4_file_write_iter+0xac3/0x1200 [ 129.295446][ T6094] ? ext4_file_write_iter+0x501/0x1200 [ 129.300954][ T6094] do_iter_readv_writev+0x2de/0x380 [ 129.306159][ T6094] do_iter_write+0x192/0x5c0 [ 129.310799][ T6094] ? splice_from_pipe_next+0x34f/0x3b0 [ 129.316283][ T6094] ? kmalloc_array+0x2d/0x40 [ 129.320884][ T6094] vfs_iter_write+0x4c/0x70 [ 129.325398][ T6094] iter_file_splice_write+0x43a/0x790 [ 129.330786][ T6094] ? splice_from_pipe+0xd0/0xd0 [ 129.335638][ T6094] direct_splice_actor+0x80/0xa0 [ 129.340672][ T6094] splice_direct_to_actor+0x345/0x650 [ 129.346219][ T6094] ? do_splice_direct+0x190/0x190 [ 129.351248][ T6094] do_splice_direct+0x106/0x190 [ 129.356106][ T6094] do_sendfile+0x675/0xc40 [ 129.360526][ T6094] __x64_sys_sendfile64+0x102/0x140 [ 129.365776][ T6094] do_syscall_64+0x44/0xa0 [ 129.370214][ T6094] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 129.376115][ T6094] RIP: 0033:0x7f7c25405ae9 [ 129.380529][ T6094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 129.400300][ T6094] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 129.408791][ T6094] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 129.416843][ T6094] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 129.424820][ T6094] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 129.432833][ T6094] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 129.440819][ T6094] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 129.448873][ T6094] 07:33:56 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000006a) 07:33:56 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000013) 07:33:56 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x400000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:56 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x500000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:56 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x600000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:56 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000006d) 07:33:56 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 27) 07:33:56 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x700000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 129.886902][ T6122] FAULT_INJECTION: forcing a failure. [ 129.886902][ T6122] name failslab, interval 1, probability 0, space 0, times 0 [ 129.899584][ T6122] CPU: 0 PID: 6122 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 129.907988][ T6122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 129.918041][ T6122] Call Trace: [ 129.921365][ T6122] [ 129.924327][ T6122] dump_stack_lvl+0xd6/0x122 [ 129.928961][ T6122] dump_stack+0x11/0x1b 07:33:56 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000014) 07:33:56 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x800000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 129.933119][ T6122] should_fail+0x23c/0x250 [ 129.937542][ T6122] ? jbd2__journal_start+0xf7/0x3f0 [ 129.942791][ T6122] __should_failslab+0x81/0x90 [ 129.947559][ T6122] should_failslab+0x5/0x20 [ 129.952105][ T6122] kmem_cache_alloc+0x4f/0x320 [ 129.956884][ T6122] jbd2__journal_start+0xf7/0x3f0 [ 129.961998][ T6122] __ext4_journal_start_sb+0x159/0x310 [ 129.967466][ T6122] ext4_iomap_begin+0x408/0x630 [ 129.972398][ T6122] ? ext4_alloc_da_blocks+0x100/0x100 [ 129.977783][ T6122] iomap_iter+0x395/0x4a0 [ 129.982113][ T6122] __iomap_dio_rw+0xb78/0x1070 [ 129.986887][ T6122] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 129.992731][ T6122] iomap_dio_rw+0x38/0x80 [ 129.997068][ T6122] ? ext4_file_write_iter+0x501/0x1200 [ 130.002593][ T6122] ext4_file_write_iter+0xac3/0x1200 [ 130.007926][ T6122] ? ext4_file_write_iter+0x501/0x1200 [ 130.013659][ T6122] do_iter_readv_writev+0x2de/0x380 [ 130.018940][ T6122] do_iter_write+0x192/0x5c0 [ 130.023587][ T6122] ? splice_from_pipe_next+0x34f/0x3b0 [ 130.029267][ T6122] ? kmalloc_array+0x2d/0x40 [ 130.034022][ T6122] vfs_iter_write+0x4c/0x70 [ 130.038601][ T6122] iter_file_splice_write+0x43a/0x790 [ 130.044015][ T6122] ? splice_from_pipe+0xd0/0xd0 [ 130.048898][ T6122] direct_splice_actor+0x80/0xa0 [ 130.053862][ T6122] splice_direct_to_actor+0x345/0x650 [ 130.059245][ T6122] ? do_splice_direct+0x190/0x190 [ 130.064277][ T6122] do_splice_direct+0x106/0x190 [ 130.069195][ T6122] do_sendfile+0x675/0xc40 [ 130.073663][ T6122] __x64_sys_sendfile64+0x102/0x140 [ 130.078919][ T6122] do_syscall_64+0x44/0xa0 [ 130.083345][ T6122] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 130.089304][ T6122] RIP: 0033:0x7f7c25405ae9 [ 130.093726][ T6122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.113400][ T6122] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 130.121849][ T6122] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 130.129921][ T6122] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 130.137994][ T6122] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 130.145969][ T6122] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 130.153942][ T6122] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 130.161948][ T6122] 07:33:56 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000015) 07:33:56 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000070) 07:33:57 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x900000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:57 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xa00000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:57 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 28) [ 130.454495][ T6146] FAULT_INJECTION: forcing a failure. [ 130.454495][ T6146] name failslab, interval 1, probability 0, space 0, times 0 [ 130.467257][ T6146] CPU: 1 PID: 6146 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 130.475692][ T6146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 130.485752][ T6146] Call Trace: [ 130.489069][ T6146] [ 130.492006][ T6146] dump_stack_lvl+0xd6/0x122 [ 130.496746][ T6146] dump_stack+0x11/0x1b [ 130.500913][ T6146] should_fail+0x23c/0x250 [ 130.505385][ T6146] ? jbd2__journal_start+0xf7/0x3f0 [ 130.510747][ T6146] __should_failslab+0x81/0x90 [ 130.515694][ T6146] should_failslab+0x5/0x20 [ 130.520274][ T6146] kmem_cache_alloc+0x4f/0x320 [ 130.525123][ T6146] jbd2__journal_start+0xf7/0x3f0 [ 130.530153][ T6146] __ext4_journal_start_sb+0x159/0x310 [ 130.535693][ T6146] ext4_iomap_begin+0x408/0x630 [ 130.540545][ T6146] ? ext4_alloc_da_blocks+0x100/0x100 [ 130.545920][ T6146] iomap_iter+0x395/0x4a0 [ 130.550262][ T6146] __iomap_dio_rw+0xb78/0x1070 07:33:57 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xb00000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:57 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xc00000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 130.555116][ T6146] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 130.560946][ T6146] iomap_dio_rw+0x38/0x80 [ 130.565348][ T6146] ? ext4_file_write_iter+0x501/0x1200 [ 130.571347][ T6146] ext4_file_write_iter+0xac3/0x1200 [ 130.576643][ T6146] ? ext4_file_write_iter+0x501/0x1200 [ 130.582131][ T6146] do_iter_readv_writev+0x2de/0x380 [ 130.587374][ T6146] do_iter_write+0x192/0x5c0 [ 130.592133][ T6146] ? splice_from_pipe_next+0x34f/0x3b0 [ 130.597600][ T6146] ? kmalloc_array+0x2d/0x40 [ 130.602244][ T6146] vfs_iter_write+0x4c/0x70 [ 130.606823][ T6146] iter_file_splice_write+0x43a/0x790 [ 130.612207][ T6146] ? splice_from_pipe+0xd0/0xd0 [ 130.617069][ T6146] direct_splice_actor+0x80/0xa0 [ 130.622078][ T6146] splice_direct_to_actor+0x345/0x650 [ 130.627647][ T6146] ? do_splice_direct+0x190/0x190 [ 130.632733][ T6146] do_splice_direct+0x106/0x190 [ 130.637589][ T6146] do_sendfile+0x675/0xc40 [ 130.642081][ T6146] __x64_sys_sendfile64+0x102/0x140 [ 130.647304][ T6146] do_syscall_64+0x44/0xa0 [ 130.651771][ T6146] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 130.657698][ T6146] RIP: 0033:0x7f7c25405ae9 [ 130.662118][ T6146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.681813][ T6146] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 130.690250][ T6146] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 130.698229][ T6146] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 130.706205][ T6146] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 130.714180][ T6146] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 130.722157][ T6146] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 130.730134][ T6146] 07:33:57 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000073) 07:33:57 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 29) [ 130.842551][ T6156] FAULT_INJECTION: forcing a failure. [ 130.842551][ T6156] name failslab, interval 1, probability 0, space 0, times 0 [ 130.855225][ T6156] CPU: 0 PID: 6156 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 130.863631][ T6156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 130.873719][ T6156] Call Trace: [ 130.877016][ T6156] [ 130.879962][ T6156] dump_stack_lvl+0xd6/0x122 [ 130.884560][ T6156] dump_stack+0x11/0x1b 07:33:57 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000044d00)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x0, "6b32700ef50f31"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000045d00)={0x8, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x8, "014d74068eaff8"}) r3 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f00000006c0)={0x101, [{r5, r6}, {r4}, {r5, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r4}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r4}, {r4, r6}, {r5}, {r4, r6}, {r4, r6}, {}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r4}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {0x0, r6}, {r5, r6}, {r5}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {0x0, r6}, {0x0, r6}, {r5, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r5}, {r4, r6}, {r4, r6}, {r5, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r5}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r4}, {r4, r6}, {r5}, {r5}, {r5, r6}, {r5, r6}, {r5, r8}, {r4}, {r4, r6}, {r4, r6}, {}, {r4, r6}, {r5}, {0x0, r6}, {r4}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {0x0, r6}, {r5}, {r4}, {r5, r6}, {0x0, r6}, {r4, r6}, {r5, r6}, {0x0, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r7, r6}, {r4, r6}, {r4}, {r5, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r5}, {r5, r6}, {r5}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {0x0, r6}, {r5}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5}, {r4, r6}, {r4}, {0x0, r6}, {}, {0x0, r6}, {r5, r6}, {0x0, r6}, {r5, r6}, {0x0, r6}, {r5}, {}, {r5, r6}, {}, {r4}, {0x0, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5}, {r5}, {r4, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {0x0, r6}, {r5}, {r5, r6}, {r5}, {r5}, {r4, r6}, {r5, r6}, {r4, r6}, {0x0, r6}, {0x0, r6}, {r4}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4}, {0x0, r6}, {r5, r6}, {}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}], 0x4, "350491c0a44cc4"}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f0000046d00)={{0x0, 0x764, 0x10000, 0x8a, 0x848, 0x5bb, 0x3, 0x9, 0x8, 0x9, 0x8, 0x31, 0x7, 0x2, 0x1ff}, 0x18, [0x0, 0x0, 0x0]}) r10 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r10, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r10, 0xd000943d, &(0x7f00000006c0)={0x101, [{r12, r13}, {r11, 0x0}, {r12, r13}, {r12, r13}, {r12, r13}, {r11, r13}, {r11, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {r11}, {r11, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {r11, r13}, {r11, r13}, {r11, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {r12, r13}, {r12, r13}, {r12, r13}, {r11}, {r11, r13}, {r12, 0x0}, {r11, r13}, {r11, r13}, {0x0}, {r12, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {0x0, r13}, {r11, r13}, {r11, r13}, {r11, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {r11}, {r12, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {r11, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {0x0, r13}, {r12, r13}, {r12, 0x0}, {r12, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {0x0, r13}, {0x0, r13}, {r12, r13}, {0x0, r13}, {r11, r13}, {r11, r13}, {r12, 0x0}, {r11, r13}, {r11, r13}, {r12, r13}, {0x0, r13}, {r11, r13}, {r11, r13}, {r11, r13}, {r12, r13}, {r12}, {r11, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {r11, r13}, {r11, r13}, {r11, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {0x0, r13}, {r11, r13}, {r11, r13}, {r12, r13}, {r11, 0x0}, {r11, r13}, {r12, 0x0}, {r12, 0x0}, {r12, r13}, {r12, r13}, {r12, r15}, {r11}, {r11, r13}, {r11, r13}, {0x0, 0x0}, {r11, r13}, {r12, 0x0}, {0x0, r13}, {r11}, {r12, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {0x0, r13}, {r11, r13}, {r11, r13}, {r12, r13}, {0x0, r13}, {r12, 0x0}, {r11}, {r12, r13}, {0x0, r13}, {r11, r13}, {r12, r13}, {0x0, r13}, {r12, r13}, {r12, r13}, {r11, r13}, {r11, r13}, {r11, r13}, {r12, 0x0}, {r11, r13}, {r11, r13}, {r11, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {r14, r13}, {r11, r13}, {r11, 0x0}, {r12, r13}, {r11, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {r12, r13}, {r12, r13}, {r11, r13}, {r11, r13}, {r12, 0x0}, {r12, r13}, {r12, 0x0}, {r11, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {r12, r13}, {0x0, r13}, {r12, 0x0}, {r11, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r11, r13}, {r12, 0x0}, {r11, r13}, {r11}, {0x0, r13}, {}, {0x0, r13}, {r12, r13}, {0x0, r13}, {r12, r13}, {0x0, r13}, {r12}, {0x0, 0x0}, {r12, r13}, {0x0, 0x0}, {r11}, {0x0, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r12, 0x0}, {r12, 0x0}, {r11, r13}, {r12, r13}, {r12, r13}, {r12, r13}, {0x0, r13}, {r11, r13}, {r11, r13}, {r11, r13}, {r11, r13}, {0x0, r13}, {r12, 0x0}, {r12, r13}, {r12, 0x0}, {r12}, {r11, r13}, {r12, r13}, {r11, r13}, {0x0, r13}, {0x0, r13}, {r11, 0x0}, {r11, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {r12, r13}, {r11, r13}, {r11, r13}, {r11, r13}, {r12, r13}, {r12, r13}, {r11, 0x0}, {0x0, r13}, {r12, r13}, {0x0, 0x0}, {r12, r13}, {r12, r13}, {r11, r13}, {r11, r13}], 0x4, "350491c0a44cc4"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000016c0)={0x8, [{r272, r108}, {r75, r206}, {}, {r236, r43}, {r270, r205}, {r149, r45}, {r163, r73}, {r174, r187}, {r18, r43}, {0x0, r112}, {r160, r162}, {r198, r74}, {r242, r233}, {r100, r256}, {r56, r139}, {r242, r101}, {r234, r45}, {r223, r298}, {r257, r294}, {r239, r139}, {r61, r74}, {r314, r124}, {r204, r262}, {r158, r218}, {r115, r145}, {r53, r109}, {r88, r238}, {r276, r38}, {r292, r105}, {r295, r260}, {r125, r95}, {r53, r48}, {r63}, {r272, r221}, {r140, r62}, {r208, r121}, {r186, r282}, {r239, r150}, {r87}, {r120, r50}, {r319, r206}, {r204, r64}, {r122, r267}, {r182, r80}, {0x0, r260}, {r90, r206}, {r138, r50}, {r29, r318}, {r259, r76}, {r16, r98}, {r79, r278}, {r36}, {r285, r316}, {r28, r226}, {r81, r153}, {r110}, {r143, r275}, {r92}, {r96, r154}, {r44, r107}, {r128, r240}, {r102, r107}, {0x0, r229}, {r94, r251}, {r230, r150}, {r134, r231}, {r243, r237}, {r202, r244}, {r293, r220}, {r130, r50}, {r67, r212}, {r46, r220}, {0x0, r252}, {r36, r246}, {r66, r104}, {r29, r294}, {r253, r192}, {0x0, r212}, {r34}, {r297}, {r23, r111}, {r249, r27}, {r190, r180}, {0x0, r107}, {r290, r287}, {r79, r268}, {r87, r232}, {r288, r188}, {r125, r136}, {r161, r210}, {r158, r137}, {r49, r93}, {r227, r104}, {r269, r180}, {r77, r148}, {r307, r133}, {r248, r263}, {r88, r45}, {r277, r289}, {r32, r180}, {0x0, r197}, {r281}, {r181, r103}, {r248, r60}, {r230, r176}, {r161, r216}, {r276, r135}, {r123, r282}, {r292, r91}, {r152, r17}, {r285, r209}, {r257, r196}, {r165, r263}, {r144, r89}, {r317}, {r227, r263}, {r320, r216}, {r81, r154}, {r193, r213}, {r33, r184}, {r266, r93}, {r30}, {r67, r313}, {r31}, {r85, r83}, {r63, r35}, {r11, r147}, {r78, r244}, {0x0, r157}, {r144, r178}, {r200, r203}, {r12, r68}, {r172, r39}, {r215, r108}, {r279, r159}, {0x0, r207}, {r42, r284}, {r311, r155}, {r130, r289}, {r167, r112}, {r175}, {r19, r201}, {r30, r86}, {r302, r228}, {r161, r131}, {r265, r211}, {0x0, r221}, {r77, r221}, {r194, r244}, {r71, r274}, {r270}, {r122}, {r265, r159}, {r235, r99}, {r224, r303}, {r217, r310}, {r305, r38}, {r40, r97}, {r249}, {r309, r108}, {r172, r199}, {0x0, r116}, {r156, r127}, {r24, r192}, {r26}, {r28, r255}, {r177, r57}, {r51, r180}, {r283, r252}, {r261, r80}, {r261, r119}, {0x0, r252}, {r185, r271}, {r312, r113}, {r235, r306}, {r217, r226}, {r234, r62}, {r160, r196}, {r190, r136}, {0x0, r41}, {r59, r166}, {r272, r280}, {0x0, r203}, {r222}, {r75, r216}, {0x0, r213}, {r181}, {0x0, r173}, {r191}, {r11, r289}, {0x0, r308}, {r141, r170}, {r304}, {r179, r268}, {r181, r151}, {r293, r273}, {r185, r286}, {r202, r164}, {r144, r139}, {r85, r315}, {r185, r318}, {0x0, r301}, {r12, r37}, {r202, r170}, {r12, r145}, {r163, r82}, {r195, r291}, {r32}, {r181, r97}, {r245, r183}, {r47, r168}, {r106, r171}, {r117}, {r81, r21}, {r36, r300}, {r142, r52}, {r28, r241}, {r115, r76}, {r25, r173}, {r264, r72}, {r63, r76}, {r24, r258}, {0x0, r255}, {r219, r116}, {r84}, {r19, r111}, {r146, r52}, {0x0, r267}, {r106, r173}, {r208, r58}, {r29, r126}, {r47, r20}, {r304, r136}, {0x0, r250}, {r215, r55}, {r132, r131}, {r118, r119}, {0x0, r171}, {r276}, {r169, r267}, {r16, r74}, {r189, r129}, {r247, r114}, {0x0, r218}, {r25, r70}, {r128}, {r179, r13}, {r224, r214}, {0x0, r22}, {r177, r65}, {r54, r45}, {r102, r188}, {r69, r296}, {r254, r299}, {0x0, r225}], 0x81, "471d9770899442"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000046dc0)={0x4, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x6, "448e87f8357d25"}) r323 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r323, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r323, 0xd000943d, &(0x7f00000006c0)={0x101, [{r325, r326}, {r324}, {r325, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r324}, {r324, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {r324}, {r324, r326}, {r325}, {r324, r326}, {r324, r326}, {}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {0x0, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r324}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {0x0, r326}, {r325, r326}, {r325}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {0x0, r326}, {0x0, r326}, {r325, r326}, {0x0, r326}, {r324, r326}, {r324, r326}, {r325}, {r324, r326}, {r324, r326}, {r325, r326}, {0x0, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r325}, {r324, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {0x0, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r324}, {r324, r326}, {r325}, {r325}, {r325, r326}, {r325, r326}, {r325, r328}, {r324}, {r324, r326}, {r324, r326}, {}, {r324, r326}, {r325}, {0x0, r326}, {r324}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {0x0, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {0x0, r326}, {r325}, {r324}, {r325, r326}, {0x0, r326}, {r324, r326}, {r325, r326}, {0x0, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325}, {r324, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r327, r326}, {r324, r326}, {r324}, {r325, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r324, r326}, {r325}, {r325, r326}, {r325}, {r324, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {0x0, r326}, {r325}, {r324, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325}, {r324, r326}, {r324}, {0x0, r326}, {}, {0x0, r326}, {r325, r326}, {0x0, r326}, {r325, r326}, {0x0, r326}, {r325}, {}, {r325, r326}, {}, {r324}, {0x0, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325}, {r325}, {r324, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {0x0, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {0x0, r326}, {r325}, {r325, r326}, {r325}, {r325}, {r324, r326}, {r325, r326}, {r324, r326}, {0x0, r326}, {0x0, r326}, {r324}, {r324, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324}, {0x0, r326}, {r325, r326}, {}, {r325, r326}, {r325, r326}, {r324, r326}, {r324, r326}], 0x4, "350491c0a44cc4"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000047dc0)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r321}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r1}, {0x0, r2}, {}, {0x0, r8}, {}, {r9, r13}, {0x0, r322}, {}, {r327}], 0x4, "68450c441ebc3c"}) 07:33:57 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xd00000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 130.888724][ T6156] should_fail+0x23c/0x250 [ 130.893198][ T6156] ? jbd2__journal_start+0xf7/0x3f0 [ 130.898408][ T6156] __should_failslab+0x81/0x90 [ 130.903192][ T6156] should_failslab+0x5/0x20 [ 130.907717][ T6156] kmem_cache_alloc+0x4f/0x320 [ 130.912497][ T6156] jbd2__journal_start+0xf7/0x3f0 [ 130.917580][ T6156] __ext4_journal_start_sb+0x159/0x310 [ 130.923053][ T6156] ext4_iomap_begin+0x408/0x630 [ 130.927915][ T6156] ? ext4_alloc_da_blocks+0x100/0x100 [ 130.933315][ T6156] iomap_iter+0x395/0x4a0 [ 130.937655][ T6156] __iomap_dio_rw+0xb78/0x1070 07:33:57 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) getsockopt$sock_buf(r0, 0x1, 0xc, &(0x7f0000000140)=""/63, &(0x7f0000000180)=0x3f) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000000)={0x2001}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000100)=0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000200)={0x3, 'veth1_macvtap\x00', {0x7}, 0x1}) fchdir(r1) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r1) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_MPP(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)={0x34, r4, 0x100, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0xffffff9e, 0x57}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}]}, 0x34}}, 0x4040085) sendmsg$NL80211_CMD_GET_MPATH(r1, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x28, r2, 0x4, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x80) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000001c0)='syz_tun\x00', 0x10) [ 130.942429][ T6156] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 130.948305][ T6156] iomap_dio_rw+0x38/0x80 [ 130.952745][ T6156] ? ext4_file_write_iter+0x501/0x1200 [ 130.958274][ T6156] ext4_file_write_iter+0xac3/0x1200 [ 130.963589][ T6156] ? ext4_file_write_iter+0x501/0x1200 [ 130.969116][ T6156] do_iter_readv_writev+0x2de/0x380 [ 130.974404][ T6156] do_iter_write+0x192/0x5c0 [ 130.979022][ T6156] ? splice_from_pipe_next+0x34f/0x3b0 [ 130.984511][ T6156] ? kmalloc_array+0x2d/0x40 [ 130.989185][ T6156] vfs_iter_write+0x4c/0x70 [ 130.993692][ T6156] iter_file_splice_write+0x43a/0x790 [ 130.999071][ T6156] ? splice_from_pipe+0xd0/0xd0 [ 131.004008][ T6156] direct_splice_actor+0x80/0xa0 [ 131.008982][ T6156] splice_direct_to_actor+0x345/0x650 [ 131.014387][ T6156] ? do_splice_direct+0x190/0x190 [ 131.019464][ T6156] do_splice_direct+0x106/0x190 [ 131.024357][ T6156] do_sendfile+0x675/0xc40 [ 131.028779][ T6156] __x64_sys_sendfile64+0x102/0x140 [ 131.034074][ T6156] do_syscall_64+0x44/0xa0 [ 131.038512][ T6156] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 131.044453][ T6156] RIP: 0033:0x7f7c25405ae9 [ 131.048880][ T6156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 131.068501][ T6156] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 131.077152][ T6156] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 131.085135][ T6156] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 07:33:57 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000016) 07:33:57 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r0) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000000, 0x20010, r0, 0x2604000) sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x10, 0x70bd2c, 0x25dfdbff, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) 07:33:57 executing program 2: r0 = inotify_init1(0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0x400}}, './file0/file0\x00'}) inotify_add_watch(r1, &(0x7f0000000040)='./file1\x00', 0xc60001a1) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) sendfile(r0, r2, &(0x7f0000000000)=0x1ff, 0x80) inotify_init1(0x80800) mkdir(&(0x7f0000000280)='./file0\x00', 0x2) 07:33:57 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x202102, 0x19) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) fallocate(r1, 0x4, 0x100000000, 0xbb7) open(&(0x7f0000000040)='./file0\x00', 0x84000, 0x30) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) lstat(&(0x7f00000004c0)='./file0\x00', &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000940)) recvmmsg$unix(r1, &(0x7f0000005d80)=[{{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f00000009c0)=""/213, 0xd5}, {&(0x7f0000000600)=""/45, 0x2d}, {&(0x7f0000000ac0)=""/218, 0xda}], 0x3, &(0x7f0000000c00)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x140}}, {{&(0x7f0000000d40), 0x6e, &(0x7f0000000e80)=[{&(0x7f0000000dc0)=""/186, 0xba}], 0x1, &(0x7f0000000ec0)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x48}}, {{&(0x7f0000000f40), 0x6e, &(0x7f0000002380)=[{&(0x7f0000000fc0)=""/84, 0x54}, {&(0x7f0000001040)=""/81, 0x51}, {&(0x7f00000010c0)=""/21, 0x15}, {&(0x7f0000001100)=""/200, 0xc8}, {&(0x7f0000001200)=""/150, 0x96}, {&(0x7f00000012c0)=""/118, 0x76}, {&(0x7f0000001340)=""/49, 0x31}, {&(0x7f0000001380)=""/4096, 0x1000}], 0x8, &(0x7f0000002400)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x108}}, {{&(0x7f0000002540)=@abs, 0x6e, &(0x7f0000002600)=[{&(0x7f00000025c0)=""/64, 0x40}], 0x1}}, {{&(0x7f0000002640), 0x6e, &(0x7f0000002700)=[{&(0x7f00000026c0)=""/18, 0x12}], 0x1, &(0x7f0000002740)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x90}}, {{&(0x7f0000002800), 0x6e, &(0x7f0000002c00)=[{&(0x7f0000002880)=""/204, 0xcc}, {&(0x7f0000002980)=""/228, 0xe4}, {&(0x7f0000002a80)=""/7, 0x7}, {&(0x7f0000002ac0)=""/11, 0xb}, {&(0x7f0000002b00)=""/7, 0x7}, {&(0x7f0000002b40)=""/153, 0x99}], 0x6, &(0x7f0000002c80)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb8}}, {{&(0x7f0000002d40)=@abs, 0x6e, &(0x7f0000004400)=[{&(0x7f0000002dc0)=""/106, 0x6a}, {&(0x7f0000002e40)=""/155, 0x9b}, {&(0x7f0000002f00)=""/211, 0xd3}, {&(0x7f0000003000)=""/4096, 0x1000}, {&(0x7f0000004000)=""/172, 0xac}, {&(0x7f00000040c0)=""/67, 0x43}, {&(0x7f0000004140)=""/228, 0xe4}, {&(0x7f0000004240)=""/200, 0xc8}, {&(0x7f0000004340)=""/132, 0x84}], 0x9, &(0x7f00000044c0)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58}}, {{&(0x7f0000004540)=@abs, 0x6e, &(0x7f0000004600)=[{&(0x7f00000045c0)=""/6, 0x6}], 0x1}}, {{&(0x7f0000004640), 0x6e, &(0x7f0000005c80)=[{&(0x7f00000046c0)=""/192, 0xc0}, {&(0x7f0000004780)=""/4096, 0x1000}, {&(0x7f0000005780)=""/64, 0x40}, {&(0x7f00000057c0)=""/71, 0x47}, {&(0x7f0000005840)=""/101, 0x65}, {&(0x7f00000058c0)=""/219, 0xdb}, {&(0x7f00000059c0)=""/95, 0x5f}, {&(0x7f0000005a40)=""/243, 0xf3}, {&(0x7f0000005b40)=""/224, 0xe0}, {&(0x7f0000005c40)}], 0xa, &(0x7f0000005d40)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x38}}], 0x9, 0x21, 0x0) setresuid(r4, 0x0, r5) recvmmsg$unix(r0, &(0x7f0000000240)=[{{&(0x7f0000000140), 0x6e, &(0x7f0000000840)=[{&(0x7f0000000780)=""/161, 0xa1}, {&(0x7f00000002c0)=""/27, 0x1b}, {&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000380)=""/245, 0xf5}, {&(0x7f0000000480)=""/45, 0x2d}, {&(0x7f00000001c0)=""/112, 0x70}], 0x6, &(0x7f0000000540)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xc0}}], 0x1, 0x40000040, &(0x7f0000000640)={0x0, 0x3938700}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000680)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0x0}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000006c0)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, 0xffffffffffffffff}}, './file0\x00'}) getresgid(&(0x7f0000000280), &(0x7f00000002c0)=0x0, &(0x7f0000000300)) setresgid(0x0, 0x0, r9) setxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='system.posix_acl_default\x00', &(0x7f0000000700)={{}, {0x1, 0x2}, [{0x2, 0x4, r3}, {0x2, 0x1, 0xffffffffffffffff}, {0x2, 0x5, 0xee00}], {0x4, 0x4}, [{0x8, 0x3, r6}, {0x8, 0x6, 0xffffffffffffffff}, {0x8, 0x7, r7}, {0x8, 0x1, 0xffffffffffffffff}, {0x8, 0x0, r8}, {0x8, 0x0, r9}, {0x8, 0x1, 0xee00}], {0x10, 0x5}, {0x20, 0x2}}, 0x74, 0x1) 07:33:57 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 30) [ 131.093136][ T6156] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 131.101109][ T6156] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 131.109086][ T6156] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 131.117514][ T6156] 07:33:57 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000076) 07:33:57 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000000140)={0x1, 0x1, 0xe}) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000004c0)=ANY=[@ANYBLOB="01010000000000000a004e2100000006fe880000000000000000000000000101020000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000dec8a1ba4b2222bce85a020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000020000000a004e2100000004fc010000000000000000000000000001040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e220000006100000000000000000000000000000001b6070000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c658335a6795d067b048f22d00000000000000000000000000000000000000000000000000000000000000000000f5fb8c159cda7b3d86a629648e991e5419615f500c3d2f7da2998ba06ddcd5e7b47d3d643b7200529e9329ca396b023b43458935d84d68f8a52908c64cc35e90be1b266e3f5b1ec4c6f21e32d09519dcea"], 0x190) fchdir(r0) sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x48, 0x0, 0x300, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x10000, 0x5d}}}}, [@NL80211_ATTR_IE={0x1d, 0x2a, [@channel_switch={0x25, 0x3, {0x1, 0xa5, 0x3f}}, @link_id={0x65, 0x12, {@from_mac=@device_b, @device_b, @device_b}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x11}, 0x4000001) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) [ 131.196402][ T6182] FAULT_INJECTION: forcing a failure. [ 131.196402][ T6182] name failslab, interval 1, probability 0, space 0, times 0 [ 131.209687][ T6182] CPU: 1 PID: 6182 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 131.218018][ T6182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 131.228068][ T6182] Call Trace: [ 131.231505][ T6182] [ 131.234568][ T6182] dump_stack_lvl+0xd6/0x122 [ 131.239165][ T6182] dump_stack+0x11/0x1b 07:33:57 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xe00000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:57 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0xffffffffffffffff, 0x8000) ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000040)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) r2 = accept$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @broadcast}, &(0x7f0000000240)=0x10) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000200)) r3 = openat$cgroup_type(r0, &(0x7f0000000000), 0x2, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x20010, r3, 0x56252000) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000300)) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r2, 0x80489439, &(0x7f0000000500)) dup2(r0, r2) 07:33:58 executing program 3: mount$9p_tcp(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="7472616e733d7463702c706f72743d3078303030303030303030304d0658ce766362a89d9fbfe4346532322c63616368657461673d2c7365636c6162656c2c00"]) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='cgroup.events\x00', 0x275a, 0x0) fallocate(r1, 0x0, 0x0, 0x7fff) r2 = socket$nl_audit(0x10, 0x3, 0x9) fallocate(r2, 0x25, 0xa6d, 0x1) r3 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f00000006c0)={0x101, [{r5, r6}, {r4}, {r5, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r4}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r4}, {r4, r6}, {r5}, {r4, r6}, {r4, r6}, {}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r4}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {0x0, r6}, {r5, r6}, {r5}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {0x0, r6}, {0x0, r6}, {r5, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r5}, {r4, r6}, {r4, r6}, {r5, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r5}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r4}, {r4, r6}, {r5}, {r5}, {r5, r6}, {r5, r6}, {r5, r8}, {r4}, {r4, r6}, {r4, r6}, {}, {r4, r6}, {r5}, {0x0, r6}, {r4}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {0x0, r6}, {r5}, {r4}, {r5, r6}, {0x0, r6}, {r4, r6}, {r5, r6}, {0x0, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r7, r6}, {r4, r6}, {r4}, {r5, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r5}, {r5, r6}, {r5}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {0x0, r6}, {r5}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5}, {r4, r6}, {r4}, {0x0, r6}, {}, {0x0, r6}, {r5, r6}, {0x0, r6}, {r5, r6}, {0x0, r6}, {r5}, {}, {r5, r6}, {}, {r4}, {0x0, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5}, {r5}, {r4, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {0x0, r6}, {r5}, {r5, r6}, {r5}, {r5}, {r4, r6}, {r5, r6}, {r4, r6}, {0x0, r6}, {0x0, r6}, {r4}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4}, {0x0, r6}, {r5, r6}, {}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}], 0x4, "350491c0a44cc4"}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r2, 0xc0709411, &(0x7f0000000180)={{r7, 0x96d, 0x2, 0x5, 0x7, 0x81, 0x1ae8ed19, 0x9, 0x6, 0x39, 0x6, 0x7, 0x81, 0x3, 0x2000}, 0x38, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) [ 131.243319][ T6182] should_fail+0x23c/0x250 [ 131.247745][ T6182] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 131.253210][ T6182] __should_failslab+0x81/0x90 [ 131.258017][ T6182] should_failslab+0x5/0x20 [ 131.262604][ T6182] kmem_cache_alloc+0x4f/0x320 [ 131.267469][ T6182] ext4_mb_new_blocks+0x328/0x1ee0 [ 131.272745][ T6182] ? ext4_get_branch+0x27d/0x2e0 [ 131.277768][ T6182] ? blk_account_io_merge_bio+0x1ae/0x1c0 [ 131.283553][ T6182] ext4_ind_map_blocks+0xb1c/0x1740 [ 131.288777][ T6182] ext4_map_blocks+0x6e3/0xf00 07:33:58 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x10b) chdir(&(0x7f0000000040)='./file0\x00') 07:33:58 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x6c, 0x7f, 0x7fff) [ 131.293549][ T6182] ext4_iomap_begin+0x4b0/0x630 [ 131.298416][ T6182] ? ext4_alloc_da_blocks+0x100/0x100 [ 131.303876][ T6182] iomap_iter+0x395/0x4a0 [ 131.308478][ T6182] __iomap_dio_rw+0xb78/0x1070 [ 131.313294][ T6182] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 131.319109][ T6182] iomap_dio_rw+0x38/0x80 [ 131.323440][ T6182] ? ext4_file_write_iter+0x501/0x1200 [ 131.328953][ T6182] ext4_file_write_iter+0xac3/0x1200 [ 131.334299][ T6182] ? ext4_file_write_iter+0x501/0x1200 [ 131.339833][ T6182] do_iter_readv_writev+0x2de/0x380 [ 131.345065][ T6182] do_iter_write+0x192/0x5c0 [ 131.349655][ T6182] ? debug_smp_processor_id+0x18/0x20 [ 131.355176][ T6182] vfs_iter_write+0x4c/0x70 [ 131.359717][ T6182] iter_file_splice_write+0x43a/0x790 [ 131.365136][ T6182] ? splice_from_pipe+0xd0/0xd0 [ 131.369993][ T6182] direct_splice_actor+0x80/0xa0 [ 131.374982][ T6182] splice_direct_to_actor+0x345/0x650 [ 131.380433][ T6182] ? do_splice_direct+0x190/0x190 [ 131.385459][ T6182] do_splice_direct+0x106/0x190 [ 131.390518][ T6182] do_sendfile+0x675/0xc40 [ 131.394921][ T6182] __x64_sys_sendfile64+0x102/0x140 [ 131.400114][ T6182] do_syscall_64+0x44/0xa0 [ 131.404526][ T6182] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 131.410419][ T6182] RIP: 0033:0x7f7c25405ae9 [ 131.414841][ T6182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 131.434433][ T6182] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 131.442906][ T6182] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 131.450880][ T6182] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 131.458833][ T6182] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 131.466855][ T6182] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 131.474832][ T6182] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 131.482816][ T6182] 07:33:58 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000017) 07:33:58 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x20) 07:33:58 executing program 3: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_open_pts(r0, 0x400000) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7ffc) 07:33:58 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 31) 07:33:58 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x1000000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:58 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000079) 07:33:58 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount(&(0x7f0000000000)=@sg0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x82058, &(0x7f00000000c0)='-\x00') 07:33:58 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x1100000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 131.684977][ T6215] FAULT_INJECTION: forcing a failure. [ 131.684977][ T6215] name failslab, interval 1, probability 0, space 0, times 0 [ 131.697920][ T6215] CPU: 0 PID: 6215 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 131.706351][ T6215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 131.716408][ T6215] Call Trace: [ 131.719692][ T6215] [ 131.722698][ T6215] dump_stack_lvl+0xd6/0x122 [ 131.727417][ T6215] dump_stack+0x11/0x1b 07:33:58 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000180)="f47d80e3412c383a301f1a3b0e5d7dc6de39a85321276dd1d3ec6eeb96040bb21eb93927987df8760c38ec716cf334bc52278447976e2550950bab5c29973abe257ca863e22de0e5542369df19ad9674971ec652e8df9a7e33568e7a3120183c2f813dd0c5fe7e616599010e128137cf7c09d7eab6c0e8c2d93ce5020cd511a20e3396bc504655df890629c83a29fb276ea24588780c186b812d207d43af49ce4a85f9aea2205fdefce3863abc8e7b0c7c177182ac1225a861049920a48777ff236644b040d802dcd3a5bcd02ab2be84f7a205f784ba00c000eb76ef23cb962ddb2bd82f56eb4f721da5fb8b44e3249d3de262455ba48642db77d9a17e461aeaedfadc94107507b288c958a84354fdc1765b0fe797a085e57f2e21e9b42a1f34740f4ddcc916553d7b2a36d78ac8aa9dce078bd3931cf6d7199d8353b597984adbb6704f8c91fd6d1fb726ab8821b62d8b80b856a2a34e98341c13278a8af6c354534fbd25a92b1fe35b50f52cfda697f29ca9c4a166b028ff65b3fdfcc42fe8f77321dc05da1bd123a8692315d47ea456715324d98ac22f0d9c39f15ad8b0b30f6d9493b74538810a13848c26b6ba024b5da40b6a2e9efeaceccfe22fb02935c7c5d2ae987cb877bef95f2159f62750fb793da7e8e033bbc51cea0fb8ebd4db2c93af2e6bb383cc014bfedf67a8c47a8c681f42fda06bca0f2dbf282abac6bbd09e097dc887d12197c3638e035e4b0b190ad35f37002cf6e202268425562809d53e460be60bdaef9f23cf6b481191d13acfeaab2f83a5734ece8845d1a1643b6c6dbcc9a9524bd2fd1155f72b6aa1080fb43ea177f8229bc4ee18234b9826abaa0b64f982dade7fb74e5821840750d4fdfca771e4937afe0c5246e6fa38afc5512cc3414299ddbc61ebd720f1318181107cbbb94b2a2bb1ddcf0492bb4f92a420fed53551b9701753767b539ff04c47d1d5c07c7352c36bd8998db5ac3ef3ea84882d6a0ae88f0498aefae2636680a53e9eb0886f803e92b3a3fc6cf66b98358391358eed3ebfbdc2eee52539b413437d711b273b831f05fa21c8428eb1770e008516c1635d7e67ad95677cb6a5c742d34121b68fed30332631e408167a5d6f715eba143839dcff9b9fd25137e3da1facdb36cbc6e6cbdbdb1512f336df3f6dfc12ff41967ef6c318495acd29f63ea21eceb2186e30952749d7b3d43e46548e02eb494e167fabaa651d975c7848599c07b9f3fc9a08bf5eadd9380c4ca43cc5e44bd9718739d0f5294229d1afa4d67ecddcff575e3970f65ae43f8cb78a7c5c3880cb474a48984b69037a8db3727c1e25d95477d99f51a534669d05dd95b4a19b2193e6269e72a7c6298fbab253d6e5872d4dcfd1ba118e694babf7a7934f7718607bb6638b52623a1cc71240750feea7d7b60f19b06dcd59fce040fde96822b01105d36d73042a187eaeeff848b3c26ba49181ef025b2b547d77962cdfda8f08a6f0ba324765ee2d86523efe3dcb59e9af05a3f56bf5a21b86af8b3d0bbf06b35b09a17f49b3cd26daf47a9bfb59cbd61c55fde1024905f0d8728488efb10e41274b7b9f40522debac66b6328a516d99d64b804f43758ead8ca2bcb2a1522eda4ec5d90875f85f817d44801edd757695cef609f42dad1fc4b188fb7213df42eb8aa6a9a9aa0b6d08afdc6af758928b11762143406ce45d3a8127c625da1d272989d2d752b71f09f48c87220d2e6ab29e42927779a09c7ef90d1089f2621927114b6e8f68ae77727a406b9c29281460f4d419c7e08f3d2f313faf8261d31930ed7c0d07c889c7c043d54f7f3049313af8718e782531dfddc4a5345a2dec32374b990f9b697f06f3d94f5fdafdac84192db92e603a70da199229f249a997734feb1e3df3e1b529b89101abe840504e3c78ce8345249f4fadeeef1c822c130a5951edddb85a606af69a5754282a4f32855063deda69cf73785ecfb47c3190f9c2cb54eb84ba2b42112d80ddd9a08dc0ff0a11198bc0d350d47494707a5f5e4b728995108d88eaf1c6681e7fb2f1b1b6fd119ea214d93ed15445bb831ab04be794775ac538c2eb174a7bd1de9f0e7f7625e01d866ddf1116cce22c99d4c749f34efd78b31ab14a96c6c123dfc02dc8e0e60310a3cdc9d9a4d157b9cd2226a5854de1bf1b631079daa633accc62f4def13e0942f4e6a71a2efc27e1db2d15e5ebcd5b8b57b41797d9a607535fe6ae04d1ba659869e0567a0e6f3f8546066d4d249d79a96f92ec8cd21435593c33beb9861a26a12d56a34e8282b47141a8d2a872ff4e7ea2f0b829ca672c9dde15cbe0d576fee26ecdbab68cbe7312ee800805df3b2b411d1122cebea0feb10db3bafdeae372d1f7e0f0b0ce5e97dc0b1ae45f93745a14b299d573a177ae690f0c76b929228fdf92f18fd1f0e19edaa307a2a3bff7255c1941552b6bbd01ab72b6a402b9806ac3db147b377ac4d61d8e904061ae5173a6f68ee2d871974a26acb8b13dc0881df481a8475f695b774a1f51d40d0bcc70aaba4c77d447ac813324c47bb93196c402035bcff4d714285a72f23d12051bc8dc19469ec6232289af04e85b7f988910ed03d155b416d2b318dc5249c72be205d328d18eceed88b0ab22702f82ad18719271502129bc0453e5dc9d06d8e9739733a9f6e06b0fc55804f172f203e26a70dcf6c72197078e0d60f70c01fe1721100d7dd84dc0aa650dd3edeb2d8c1e0cf459a25782fce750caf1fbb74a2e4dd501afc4d89519685f5f42c54c6b339c0b42de59d63824219066cbec3b1f80137b0f6d98ed51f9c88a39f203ce57d428105a04378211c9a4ca8cb528a4479ec585d456479640be48a844b3f62f1d0161b8628d31b76233ace62bbaa10c16fdb04a1d2d8109923825d27af6fc10038a0b1c6a12bf938b49298c68054dd50f624da9f18a3bc547e73e52e606fa8171b337e6394e49f958b493054e2283cb324ece9501c307b41bec7ad7f693d80a1b2aae2ff3a8a1f1aa329f44417dce4916b4d08ed78cf681cafcd0f0b02047d07cf816f3b68b1a50110e6737a733310658ddd13df5c8910e5ffa3e0ee16d47a610d3b87cb979edd3535b30e9eb54da5a39512a98b664ec8ee454111daa0624ba70d04874762f066827179c1cd1a0eb97f4dd33eb8ae5ce11ff038b4e2d44e1b71bf5f7125d7e3a53a3deb73b9d27720bd4360f535178155951cf6aa37b9969e2a131813756cb3637460e1ce08550cedb8eb175bccc1426062b03aa5a4f3bc717c6401f3f2ab01f10da821ac3ac1dfe9fb3c2813079845414bff7062a37dabcf2d7c9e2b86ccd9eb7fdc2ab156f75963be31f05aa8c2fdd2cd2c94cdd2bfbda3509f3d7ec89826c4f148547f22215e5ac1727f61fd9adf519c5f2df217866414902474b9491dae8c676a111f84a221384e38214decfd0d1b9173431f0e6ab1c8c86f067e12af89ae6c275cdf226bebf916d3cb5bd50e14b7ca240e3e0940dc409dde6699b2a27b40db8a159650286a42b925a44dfa82025e6d337ddf420c313de9bd648a3c780acf0a9069199af2551e3b533160720db5688144d43c40f8a13a098f34304adf4d09756382035947750b310ef0682e71ba3cb50ae6e7c224a9c3a0f2bbdb89a25eb5f2b4d9311263c76e698dabb2facc29d7109a20d53b5b0ec5573dcd3dc35b00766dd64c293e05f7e03909c4eb60eb363df75466af0c966a4b43d44d86837bee73f607eaf7798cc08f132b93ef51a0b8cfe883957c1e91f26e8362243613198418062ee7e4727c53b50ab50f13c1ecca030adb4f3f8fe45a384381a694d2d19ca296daa3a801369774fda548668a432adb5d23c4dc485fec8dbbb1c6ba965f2d3f5ae4184255d6356dabead75412820a97e0a889109854a572124a94dfa6ac27036f53b6e842851ca6bbb6c143e6c598f0bebe7157306f6cb62b66db0d0810eaea9e344372f18e9e54cf1c38bf9689982b5ec6755ca3cb931c18459637db2ee84cbe2edcb401d0ee291184216479d6937eb62b79bc05507f392dc8fec18ade715414fc0deab7b28bcc08b832f25554a0a583647073d2d4942203511d4a58245ebaaed9226ef4197413365b200a57d5ec512430bd9ffb35fe4ce3152f968a5391b6681a2fc04dfe7bedaabb853bce686ad01786919b621e3b813198e095d0abd849df258ca626d958086a43ec5f67d0b469cf2b988667bed9e8042b24110eb1181c13b192f6fda6aabe002b23b45575b0b98e78d63fc8c9eac58220942061c11e61f1f1b81dc2c98cf3aa438871dca3c7b886b262b543045de505b234d3f3706405181b9d93b31c587399e6c2b01b1cc8a50eac725cb3cddf3c2335a5fb5211da73b5645cc5850e1e4c31bc9390b9dd7d45702c0e2ec0330ec7d6760e5dec84a59e1f2f4504ae6a7eaa8c5f2970df3046f298e9385ee358ec854b3ce88dc1925e16090567d9cb47efd530f3c94bcc126103c585c0e4939ddd2505e236b9aca68bdf05fd71cff3b29467ca9ec82a52a43aa24098ff5b2b4cb3d32b67e95886deded8a653afcf915a0e748b0684517116d9cf9e45c4993c8124abeca7da6fdb4644ba71aa231203384dfd13981a75b1b770f09fb92db188e0052e10245136cde98dc6e8766d58ac2c7ef58a8134661d3bc4293d312138021d01d07550d86b5379565e932a5a63ebea794b8a5e18bf271e5bc128ece7d5e3afaa142550a1591f385c138926eed822f92b8b270a89b87d6ca9bb1c4e84e52a2a802086c69c4a4ce0e0ec99370440a3ece9ba8ea7c9f5237575645c907675641b109a11676c2181ba2ae536ec5c29ed71adab9173fc8f0769cdacdc8e621b955e63f82ac73b946aa45f1f329249c2b571c6eea92746a0903025420a7fb9872072fbb230c95052f8d4085fae5e83b70db708cc8b5e6a3ead3774523d26c782a4358c11c5a840ec75cfc178a8b0b4b8a2b0a45b071cb22245b79778eb2f4a2e5801752102432e94d9436de91abf796ba004ddbfd9a5602f9f38b9a54d8a11cf76e7ada09e7b171511f575a34ec9e758115a256c2461b0304c07e3158a3ba0c222c5c27d76ae6f17703f3a7f72cbd3e58c9e6daa3f490506decff1ea9c6f66b7921dcebdabcb3afb799bde9bbcd45c47aeb71e2a641f4878fe04a9679f0bec574501c1ef7cb38bbd65877a8d7ffa243991cc8eaa80d417774e4a5f3981b9391fe7bcbdd0e1476f5ea0d1ed73112953f729a39aa5b4be57e571e7f9df4b30b10a05b439ad64a785332535de34614f8457e19f2d88116a4a2f934fd6a138d6bd670ffa3c540973ec3bc10b4d7d6794f082da840abd158ee40cfee6d3870e79a548568fd5aa4d3dc65ed8d196ad666cef3de0ec794fbfda6d814903f5be821a1aa4a863d7f927c2fdf70e7e016ff8fd49b329755c38b722cc982bebc513e9136313e936061213fed18b8690c254cfbd5db3fa60b2e615812410dee13fda28908d6cd591bc7dde908fd2e05c86da5109c812e41113493ee03148274db51bdcee1c6e64b087937b4c8aabf244634c91f97fd831ce5d4c4d9572b2dbb158a36a67d017e94bd0b3fb223d36bf9a6de86070816c191337d4eb6b0fecbb5a9d09c1961e7e11a9c4216c5108a4d662c493064f8164e6ff7ec8452e9cb8a89aaa3ac4d7b4e87302393eef8d8bcbe9be250d9d95009ae8bda5ddc7f602e3a58ea82a0bd9b095e13e7c358441235eb14e060629484c6aca2d7e7ed193de668efe13912d1fe40fb0dcaeaa19102d56654153940d15c1285bb130635781f1ab3", 0x1000}, {&(0x7f0000000000)="e96c07ff", 0x4}], 0x2) fallocate(r0, 0x0, 0x0, 0x7fff) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x64023000) 07:33:58 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') [ 131.731586][ T6215] should_fail+0x23c/0x250 [ 131.736104][ T6215] ? mempool_alloc_slab+0x16/0x20 [ 131.741206][ T6215] __should_failslab+0x81/0x90 [ 131.745984][ T6215] should_failslab+0x5/0x20 [ 131.750583][ T6215] kmem_cache_alloc+0x4f/0x320 [ 131.755365][ T6215] mempool_alloc_slab+0x16/0x20 [ 131.760230][ T6215] ? mempool_free+0x130/0x130 [ 131.764968][ T6215] mempool_alloc+0x9d/0x310 [ 131.769480][ T6215] ? preempt_count_add+0x4e/0x90 [ 131.775104][ T6215] ? _raw_read_unlock+0x13/0x30 [ 131.779964][ T6215] ? jbd2_transaction_committed+0xad/0xc0 [ 131.785754][ T6215] bio_alloc_bioset+0xcc/0x560 [ 131.790591][ T6215] ? iov_iter_alignment+0x34b/0x370 [ 131.795820][ T6215] iomap_dio_bio_iter+0x5ed/0xc70 [ 131.800971][ T6215] ? ext4_alloc_da_blocks+0x100/0x100 [ 131.806352][ T6215] __iomap_dio_rw+0x8b5/0x1070 [ 131.811122][ T6215] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 131.816987][ T6215] iomap_dio_rw+0x38/0x80 [ 131.821327][ T6215] ? ext4_file_write_iter+0x501/0x1200 [ 131.826905][ T6215] ext4_file_write_iter+0xac3/0x1200 07:33:58 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) statx(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0, 0x800, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x1000, 0xa82, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0}) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r2) recvmsg$unix(r2, &(0x7f0000001b00)={&(0x7f0000000500), 0x6e, &(0x7f0000001980)=[{&(0x7f0000000580)=""/181, 0xb5}, {&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000001640)=""/120, 0x78}, {&(0x7f00000016c0)=""/163, 0xa3}, {&(0x7f0000001780)=""/61, 0x3d}, {&(0x7f00000017c0)=""/114, 0x72}, {&(0x7f0000001840)=""/188, 0xbc}, {&(0x7f0000001900)=""/128, 0x80}], 0x8, &(0x7f0000001a00)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xd0}, 0x41) r3 = syz_open_dev$loop(&(0x7f0000001b40), 0x4, 0x682040) ioctl$BTRFS_IOC_SCRUB(r3, 0xc400941b, &(0x7f0000001b80)={0x0, 0x0, 0x1}) stat(&(0x7f0000000200)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000440)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000480)={{}, {0x1, 0x3}, [{0x2, 0x4, r0}, {0x2, 0x3, 0xffffffffffffffff}, {0x2, 0x4, 0xee00}, {0x2, 0x2, r1}, {0x2, 0x6}, {0x2, 0x1, 0xee00}, {0x2, 0x4, r4}, {0x2, 0x1, r5}, {0x2, 0xb, 0xffffffffffffffff}], {0x4, 0x3}, [{0x8, 0x1, 0xffffffffffffffff}], {0x10, 0x6}, {0x20, 0x1}}, 0x74, 0x3) [ 131.832200][ T6215] ? ext4_file_write_iter+0x501/0x1200 [ 131.837670][ T6215] do_iter_readv_writev+0x2de/0x380 [ 131.842872][ T6215] do_iter_write+0x192/0x5c0 [ 131.847523][ T6215] ? splice_from_pipe_next+0x34f/0x3b0 [ 131.853058][ T6215] ? kmalloc_array+0x2d/0x40 [ 131.857700][ T6215] vfs_iter_write+0x4c/0x70 [ 131.862421][ T6215] iter_file_splice_write+0x43a/0x790 [ 131.867899][ T6215] ? splice_from_pipe+0xd0/0xd0 [ 131.872758][ T6215] direct_splice_actor+0x80/0xa0 [ 131.877759][ T6215] splice_direct_to_actor+0x345/0x650 [ 131.883185][ T6215] ? do_splice_direct+0x190/0x190 [ 131.888262][ T6215] do_splice_direct+0x106/0x190 [ 131.893168][ T6215] do_sendfile+0x675/0xc40 [ 131.898029][ T6215] __x64_sys_sendfile64+0x102/0x140 [ 131.903236][ T6215] do_syscall_64+0x44/0xa0 [ 131.907661][ T6215] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 131.913572][ T6215] RIP: 0033:0x7f7c25405ae9 [ 131.917988][ T6215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 131.937709][ T6215] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 131.946192][ T6215] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 131.954194][ T6215] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 131.962168][ T6215] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 131.970167][ T6215] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 131.978147][ T6215] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 131.986131][ T6215] 07:33:58 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x10000007c) 07:33:58 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000018) 07:33:58 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x1200000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:58 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x1800000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:59 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 32) [ 132.326950][ T6250] FAULT_INJECTION: forcing a failure. [ 132.326950][ T6250] name failslab, interval 1, probability 0, space 0, times 0 [ 132.339634][ T6250] CPU: 0 PID: 6250 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 132.347972][ T6250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 132.358035][ T6250] Call Trace: [ 132.361406][ T6250] [ 132.364341][ T6250] dump_stack_lvl+0xd6/0x122 [ 132.368940][ T6250] dump_stack+0x11/0x1b [ 132.373101][ T6250] should_fail+0x23c/0x250 [ 132.377554][ T6250] ? jbd2__journal_start+0xf7/0x3f0 [ 132.382763][ T6250] __should_failslab+0x81/0x90 [ 132.387610][ T6250] should_failslab+0x5/0x20 [ 132.392133][ T6250] kmem_cache_alloc+0x4f/0x320 [ 132.396958][ T6250] jbd2__journal_start+0xf7/0x3f0 [ 132.402011][ T6250] __ext4_journal_start_sb+0x159/0x310 [ 132.407482][ T6250] ext4_iomap_begin+0x408/0x630 [ 132.412410][ T6250] ? ext4_alloc_da_blocks+0x100/0x100 [ 132.417793][ T6250] iomap_iter+0x395/0x4a0 [ 132.422185][ T6250] __iomap_dio_rw+0xb78/0x1070 [ 132.427025][ T6250] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 132.432854][ T6250] iomap_dio_rw+0x38/0x80 [ 132.437258][ T6250] ? ext4_file_write_iter+0x501/0x1200 [ 132.442845][ T6250] ext4_file_write_iter+0xac3/0x1200 [ 132.448140][ T6250] ? ext4_file_write_iter+0x501/0x1200 [ 132.453611][ T6250] do_iter_readv_writev+0x2de/0x380 [ 132.458917][ T6250] do_iter_write+0x192/0x5c0 [ 132.463514][ T6250] ? splice_from_pipe_next+0x34f/0x3b0 [ 132.468991][ T6250] ? kmalloc_array+0x2d/0x40 [ 132.473620][ T6250] vfs_iter_write+0x4c/0x70 [ 132.478127][ T6250] iter_file_splice_write+0x43a/0x790 [ 132.483611][ T6250] ? splice_from_pipe+0xd0/0xd0 [ 132.488673][ T6250] direct_splice_actor+0x80/0xa0 [ 132.493715][ T6250] splice_direct_to_actor+0x345/0x650 [ 132.499109][ T6250] ? do_splice_direct+0x190/0x190 [ 132.504207][ T6250] do_splice_direct+0x106/0x190 [ 132.509130][ T6250] do_sendfile+0x675/0xc40 [ 132.513622][ T6250] __x64_sys_sendfile64+0x102/0x140 [ 132.518895][ T6250] do_syscall_64+0x44/0xa0 [ 132.523326][ T6250] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 132.529294][ T6250] RIP: 0033:0x7f7c25405ae9 [ 132.533751][ T6250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.553365][ T6250] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 132.561874][ T6250] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 132.570043][ T6250] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 132.578125][ T6250] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 132.586111][ T6250] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 132.594137][ T6250] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 132.602120][ T6250] 07:33:59 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000083) 07:33:59 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x2000000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:59 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 33) 07:33:59 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000019) 07:33:59 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x2200000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:59 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x2500000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 132.811041][ T6262] FAULT_INJECTION: forcing a failure. [ 132.811041][ T6262] name failslab, interval 1, probability 0, space 0, times 0 [ 132.823729][ T6262] CPU: 1 PID: 6262 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 132.832058][ T6262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 132.842118][ T6262] Call Trace: [ 132.845399][ T6262] [ 132.848419][ T6262] dump_stack_lvl+0xd6/0x122 [ 132.853016][ T6262] dump_stack+0x11/0x1b [ 132.857175][ T6262] should_fail+0x23c/0x250 [ 132.861733][ T6262] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 132.867031][ T6262] __should_failslab+0x81/0x90 [ 132.871875][ T6262] should_failslab+0x5/0x20 [ 132.876418][ T6262] kmem_cache_alloc+0x4f/0x320 [ 132.881198][ T6262] ext4_mb_new_blocks+0x328/0x1ee0 [ 132.886348][ T6262] ? ext4_get_branch+0x27d/0x2e0 [ 132.891296][ T6262] ? blk_account_io_merge_bio+0x1ae/0x1c0 [ 132.897083][ T6262] ext4_ind_map_blocks+0xb1c/0x1740 [ 132.902297][ T6262] ext4_map_blocks+0x6e3/0xf00 [ 132.907075][ T6262] ext4_iomap_begin+0x4b0/0x630 [ 132.911936][ T6262] ? ext4_alloc_da_blocks+0x100/0x100 [ 132.917312][ T6262] iomap_iter+0x395/0x4a0 [ 132.921714][ T6262] __iomap_dio_rw+0xb78/0x1070 [ 132.926487][ T6262] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 132.932368][ T6262] iomap_dio_rw+0x38/0x80 [ 132.936711][ T6262] ? ext4_file_write_iter+0x501/0x1200 [ 132.942176][ T6262] ext4_file_write_iter+0xac3/0x1200 [ 132.947506][ T6262] ? ext4_file_write_iter+0x501/0x1200 [ 132.952975][ T6262] do_iter_readv_writev+0x2de/0x380 07:33:59 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x2e00000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 132.958182][ T6262] do_iter_write+0x192/0x5c0 [ 132.962787][ T6262] ? splice_from_pipe_next+0x34f/0x3b0 [ 132.968255][ T6262] ? kmalloc_array+0x2d/0x40 [ 132.973090][ T6262] vfs_iter_write+0x4c/0x70 [ 132.977650][ T6262] iter_file_splice_write+0x43a/0x790 [ 132.983076][ T6262] ? splice_from_pipe+0xd0/0xd0 [ 132.987937][ T6262] direct_splice_actor+0x80/0xa0 [ 132.992892][ T6262] splice_direct_to_actor+0x345/0x650 [ 132.998294][ T6262] ? do_splice_direct+0x190/0x190 [ 133.003353][ T6262] do_splice_direct+0x106/0x190 [ 133.008217][ T6262] do_sendfile+0x675/0xc40 [ 133.012643][ T6262] __x64_sys_sendfile64+0x102/0x140 [ 133.017984][ T6262] do_syscall_64+0x44/0xa0 [ 133.022435][ T6262] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 133.028475][ T6262] RIP: 0033:0x7f7c25405ae9 [ 133.032892][ T6262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 133.052614][ T6262] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 133.061118][ T6262] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 133.069123][ T6262] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 133.077260][ T6262] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 133.085244][ T6262] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 133.093300][ T6262] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 133.101406][ T6262] 07:33:59 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x3f00000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:33:59 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000001a) 07:33:59 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000087) 07:33:59 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 34) 07:33:59 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4000000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 133.291531][ T6282] FAULT_INJECTION: forcing a failure. [ 133.291531][ T6282] name failslab, interval 1, probability 0, space 0, times 0 [ 133.304317][ T6282] CPU: 1 PID: 6282 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 133.312922][ T6282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 133.318179][ T6281] EXT4-fs: 90 callbacks suppressed [ 133.318193][ T6281] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 133.323304][ T6282] Call Trace: [ 133.323314][ T6282] [ 133.323320][ T6282] dump_stack_lvl+0xd6/0x122 [ 133.328564][ T6281] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 133.335449][ T6282] dump_stack+0x11/0x1b [ 133.361614][ T6282] should_fail+0x23c/0x250 [ 133.366129][ T6282] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 133.371450][ T6282] __should_failslab+0x81/0x90 [ 133.376290][ T6282] should_failslab+0x5/0x20 [ 133.380823][ T6282] kmem_cache_alloc+0x4f/0x320 [ 133.385632][ T6282] ext4_mb_new_blocks+0x328/0x1ee0 [ 133.390758][ T6282] ? ext4_get_branch+0x27d/0x2e0 [ 133.395698][ T6282] ? blk_account_io_merge_bio+0x19e/0x1c0 [ 133.401594][ T6282] ext4_ind_map_blocks+0xb1c/0x1740 [ 133.406881][ T6282] ext4_map_blocks+0x6e3/0xf00 [ 133.408194][ T6284] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 133.411738][ T6282] ext4_iomap_begin+0x4b0/0x630 [ 133.411765][ T6282] ? ext4_alloc_da_blocks+0x100/0x100 [ 133.418853][ T6284] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:34:00 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4800000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 133.423704][ T6282] iomap_iter+0x395/0x4a0 [ 133.444600][ T6282] __iomap_dio_rw+0xb78/0x1070 [ 133.449448][ T6282] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 133.455271][ T6282] iomap_dio_rw+0x38/0x80 [ 133.459632][ T6282] ? ext4_file_write_iter+0x501/0x1200 [ 133.465105][ T6282] ext4_file_write_iter+0xac3/0x1200 [ 133.470404][ T6282] ? ext4_file_write_iter+0x501/0x1200 [ 133.475872][ T6282] do_iter_readv_writev+0x2de/0x380 [ 133.481079][ T6282] do_iter_write+0x192/0x5c0 [ 133.485863][ T6282] ? splice_from_pipe_next+0x34f/0x3b0 [ 133.491376][ T6282] ? kmalloc_array+0x2d/0x40 [ 133.495974][ T6282] vfs_iter_write+0x4c/0x70 [ 133.500479][ T6282] iter_file_splice_write+0x43a/0x790 [ 133.505859][ T6282] ? splice_from_pipe+0xd0/0xd0 [ 133.510773][ T6282] direct_splice_actor+0x80/0xa0 [ 133.515738][ T6282] splice_direct_to_actor+0x345/0x650 [ 133.521131][ T6282] ? do_splice_direct+0x190/0x190 [ 133.526163][ T6282] do_splice_direct+0x106/0x190 [ 133.531050][ T6282] do_sendfile+0x675/0xc40 [ 133.535548][ T6282] __x64_sys_sendfile64+0x102/0x140 [ 133.540759][ T6282] do_syscall_64+0x44/0xa0 [ 133.545371][ T6282] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 133.551305][ T6282] RIP: 0033:0x7f7c25405ae9 [ 133.555724][ T6282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 133.575765][ T6282] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 133.584184][ T6282] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 133.592169][ T6282] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 133.600145][ T6282] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 133.608121][ T6282] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 133.616100][ T6282] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 133.624086][ T6282] 07:34:00 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 35) [ 133.646887][ T6286] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 133.654031][ T6286] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 133.678668][ T6287] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 133.685905][ T6287] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 133.743801][ T6289] FAULT_INJECTION: forcing a failure. [ 133.743801][ T6289] name failslab, interval 1, probability 0, space 0, times 0 [ 133.756592][ T6289] CPU: 0 PID: 6289 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 133.764958][ T6289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 133.775117][ T6289] Call Trace: [ 133.778400][ T6289] [ 133.781334][ T6289] dump_stack_lvl+0xd6/0x122 [ 133.785967][ T6289] dump_stack+0x11/0x1b [ 133.790132][ T6289] should_fail+0x23c/0x250 [ 133.794569][ T6289] ? mempool_alloc_slab+0x16/0x20 [ 133.799637][ T6289] __should_failslab+0x81/0x90 [ 133.804461][ T6289] should_failslab+0x5/0x20 [ 133.809105][ T6289] kmem_cache_alloc+0x4f/0x320 [ 133.814172][ T6289] mempool_alloc_slab+0x16/0x20 [ 133.819040][ T6289] ? mempool_free+0x130/0x130 [ 133.823774][ T6289] mempool_alloc+0x9d/0x310 [ 133.828293][ T6289] ? preempt_count_add+0x4e/0x90 [ 133.833262][ T6289] ? _raw_read_unlock+0x13/0x30 [ 133.838124][ T6289] ? jbd2_transaction_committed+0xad/0xc0 [ 133.843858][ T6289] bio_alloc_bioset+0xcc/0x560 [ 133.848635][ T6289] ? iov_iter_alignment+0x34b/0x370 [ 133.854625][ T6289] iomap_dio_bio_iter+0x5ed/0xc70 [ 133.860083][ T6289] ? ext4_alloc_da_blocks+0x100/0x100 [ 133.865465][ T6289] __iomap_dio_rw+0x8b5/0x1070 [ 133.870274][ T6289] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 133.876111][ T6289] iomap_dio_rw+0x38/0x80 [ 133.880682][ T6289] ? ext4_file_write_iter+0x501/0x1200 [ 133.886155][ T6289] ext4_file_write_iter+0xac3/0x1200 [ 133.891615][ T6289] ? ext4_file_write_iter+0x501/0x1200 [ 133.897128][ T6289] do_iter_readv_writev+0x2de/0x380 [ 133.900317][ T6296] loop2: detected capacity change from 0 to 264192 [ 133.902358][ T6289] do_iter_write+0x192/0x5c0 [ 133.902381][ T6289] ? splice_from_pipe_next+0x34f/0x3b0 [ 133.918990][ T6289] ? kmalloc_array+0x2d/0x40 [ 133.923927][ T6289] vfs_iter_write+0x4c/0x70 [ 133.928441][ T6289] iter_file_splice_write+0x43a/0x790 [ 133.933854][ T6289] ? splice_from_pipe+0xd0/0xd0 [ 133.938757][ T6289] direct_splice_actor+0x80/0xa0 [ 133.943860][ T6289] splice_direct_to_actor+0x345/0x650 [ 133.949289][ T6289] ? do_splice_direct+0x190/0x190 [ 133.954321][ T6289] do_splice_direct+0x106/0x190 [ 133.959317][ T6289] do_sendfile+0x675/0xc40 [ 133.963783][ T6289] __x64_sys_sendfile64+0x102/0x140 [ 133.969056][ T6289] do_syscall_64+0x44/0xa0 [ 133.973539][ T6289] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 133.979528][ T6289] RIP: 0033:0x7f7c25405ae9 [ 133.983945][ T6289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 134.003753][ T6289] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 134.012170][ T6289] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 134.020157][ T6289] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 134.028135][ T6289] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 134.036195][ T6289] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 07:34:00 executing program 2: preadv(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000000000)=""/217, 0xd9}, {&(0x7f0000000100)=""/253, 0xfd}, {&(0x7f00000002c0)=""/221, 0xdd}, {&(0x7f0000000200)=""/84, 0x54}, {&(0x7f00000003c0)=""/74, 0x4a}], 0x5, 0xfff, 0x1800000) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000004c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, @out_args}, './file0\x00'}) r1 = syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x200, 0x0, 0x0, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x408d1}, 0x0) sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x24, r1, 0x400, 0x70bd26, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x40000000}}, ["", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x2}, 0x40000) 07:34:00 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4900000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:00 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0xa2) 07:34:00 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x2b8033ca, 0x0, &(0x7f0000000380), 0x4001, &(0x7f0000000080)={[{@grpjquota_path={'grpjquota', 0x3d, './file0'}}, {@barrier_val={'barrier', 0x3d, 0xf8}}, {@data_writeback}, {@grpid}], [{@obj_user={'obj_user', 0x3d, 'Q{.'}}, {@uid_gt={'uid>', 0xee00}}]}) r1 = accept4$packet(0xffffffffffffffff, &(0x7f0000000580)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000005c0)=0x14, 0x800) close_range(r1, r0, 0x2) mount(&(0x7f0000000480)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)='sockfs\x00', 0x20000, &(0x7f0000000540)='barrier') [ 134.044241][ T6289] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 134.052383][ T6289] [ 134.060856][ T6296] EXT4-fs (loop2): VFS: Can't find ext4 filesystem 07:34:00 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4c00000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 134.090405][ T6299] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 134.097500][ T6299] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:34:00 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x6000000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:00 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000001b) 07:34:00 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x111) creat(&(0x7f0000000000)='./file0\x00', 0x140) 07:34:00 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x1000000f1) 07:34:00 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x6800000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:00 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x108) 07:34:01 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 36) 07:34:01 executing program 2: ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7ff}}, './file0\x00'}) sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f00000002c0)={0x42d8, 0x7, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x3}, @NFTA_RULE_EXPRESSIONS={0x42a0, 0x4, 0x0, 0x1, [{0x11c, 0x1, 0x0, 0x1, [@tproxy={{0xb}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0xc}, @NFTA_TPROXY_REG_PORT={0x8, 0x3, 0x1, 0x0, 0x10}]}}, @payload={{0xc}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_CSUM_TYPE={0x8, 0x6, 0x1, 0x0, 0x1}, @NFTA_PAYLOAD_CSUM_TYPE={0x8}]}}, @lookup={{0xb}, @void}, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_OFFSET={0x8}, @NFTA_PAYLOAD_BASE={0x8}, @NFTA_PAYLOAD_CSUM_FLAGS={0x8, 0x8, 0x1, 0x0, 0x1}, @NFTA_PAYLOAD_CSUM_FLAGS={0x8, 0x8, 0x1, 0x0, 0x1}]}}, @hash={{0x9}, @val={0x4c, 0x2, 0x0, 0x1, [@NFTA_HASH_OFFSET={0x8, 0x6, 0x1, 0x0, 0x9}, @NFTA_HASH_MODULUS={0x8, 0x4, 0x1, 0x0, 0x5}, @NFTA_HASH_LEN={0x8, 0x3, 0x1, 0x0, 0x7f}, @NFTA_HASH_LEN={0x8, 0x3, 0x1, 0x0, 0x22}, @NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_HASH_MODULUS={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_HASH_OFFSET={0x8, 0x6, 0x1, 0x0, 0xfd}, @NFTA_HASH_OFFSET={0x8, 0x6, 0x1, 0x0, 0xb}, @NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0x16}]}}, @flow_offload={{0x11}, @void}]}, {0x158, 0x1, 0x0, 0x1, [@fwd={{0x8}, @void}, @range={{0xa}, @void}, @hash={{0x9}, @void}, @socket={{0xb}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SOCKET_KEY={0x8}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_SOCKET_KEY={0x8}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SOCKET_KEY={0x8}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x11}]}}, @synproxy={{0xd}, @val={0x4c, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x3f}, @NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0x7}, @NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x3f}, @NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0xfff}, @NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0x8001}, @NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0x7}, @NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x2}]}}, @hash={{0x9}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_HASH_LEN={0x8, 0x3, 0x1, 0x0, 0x20}, @NFTA_HASH_OFFSET={0x8, 0x6, 0x1, 0x0, 0x7693dec2}, @NFTA_HASH_MODULUS={0x8, 0x4, 0x1, 0x0, 0x8}, @NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_HASH_SEED={0x8, 0x5, 0x1, 0x0, 0x4}]}}, @xfrm={{0x9}, @void}, @xfrm={{0x9}, @void}, @quota={{0xa}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x3}, @NFTA_QUOTA_FLAGS={0x8}, @NFTA_QUOTA_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x6}]}}]}, {0x2ec4, 0x1, 0x0, 0x1, [@dynset={{0xb}, @void}, @synproxy={{0xd}, @void}, @cmp={{0x8}, @void}, @ct={{0x7}, @void}, @immediate={{0xe}, @val={0x2848, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x26c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0xb2, 0x1, "527a2cb4eea29174f80282e891610d5462fc04a91c11b62b4acc89f2e7c2bc765693ca5ffcd25e5db3bdfaf335dd54432f62d9fd6c52892d76e3cc3a193ef9156d1d1b8dcc4adb59f82c4d95bf69e46f936cbdfad371ac3d0e4a5179aaff10c1d3124ff9e58654d68db30b265fdc5d218d78675d7e1ec1ed940569040d0546adb0d32596ba77ec41cc9de76c9ba740c766e2e44bfcaf21470e64ac20d5c5aa946fa84c117db177231a91066955dd"}, @NFTA_DATA_VALUE={0x21, 0x1, "4ea6c1b576fca0e9802279c819bdb76140b3a58d68f54d73cf3d503fcd"}, @NFTA_DATA_VALUE={0x87, 0x1, "17ee8c276081cf72d87f5648592b03239afbbfef3c48be2ef792199fc3c2b048e7f0f7be8f5d60030103cfc898e65213407a20302918f4f737ebeb21dbb982d5e8508b15396fdf3b3dbf38d298e8e7d850e4aadd960817dcab4ab5e52b9b18a16894b91072171a9bfbc8535cc920b74a1e9cdcd7a24da7be59cb634485e3c1d8286660"}, @NFTA_DATA_VALUE={0xe3, 0x1, "162b733878d3964f0b1f8e23101dbe725a650b9bff7bdb4d72dbd5a1899167270de2f948f4d0a85ef27eff12e3c745abce771fc4e67d7867a69d8d65dd87ecd6eb098f3a7878b47243037883b7b35de0320deb8e5994656deafa3cddddf86ee7338e1333824902a01716fb7af80039266744dc5d523a84a2fb556bfc61781fd66c0db148ee2de4c69db588d0c55bcd396a965fc7af84950b826f9c54a9b910a0c478af693b1cae15139b910374f6b71bc9f25dd00b395d1ea86bf7252b52c6f93a8da75b0c39b68205553288b270a9fdc9f4456b27f0741ca22f0e7ba895e9"}]}, @NFTA_IMMEDIATE_DATA={0x21c, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x48, 0x1, "3d7bd8c63826b63eb971fbb209607825955b015e5511d3f81833277435d12be949146788067cdb1bd58f4a2effe01c951175e6cc94140525c4086d5dd88f0b6cce0a7edd"}, @NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0x83, 0x1, "43a90462ab24b6c2bc947c2282c87431f38106d014ad6af321f6219bb93b1afc609aec9152433797a6811a09803faeeaf98ddb96d43e7b513fe2c207a3a24086b85058adf70f75f32b49d65d956ff03de1b7a7dc7926a7af9d89d8f2319f5115633995fe0ffdd22511b4841125eebfd1d881539d83b1c6c614f5dfc6637c91"}, @NFTA_DATA_VALUE={0xe6, 0x1, "8f51a40f2db5b35725482953124d716e4b8a6fdb926b5739d78d7b3a6128955b74507f0425d49bdbdcc73bf57fd69fc40ef38480a94fad50f99641fcf5d3d2b6fc5d855c4022b8f4a3c6c6b5aeb3bd77227fe38bf92c198dc278dfcaea5060200ec66d481bdfe6251ad89debe6b0001ce49c9bfb196206c00f36a8160e6ee8ace7ea3dd116faaeffe8a10eabb6e17c364173c1e14bb88d3f403acf97ff1d064beffbdccef797aa2c216328de5ae2e162faa22a15a693fdd0c5eb7c611951c1144da522eecc479f8f90792b90488bd026ac82b9f6a3cd8d11f34f224acd450171df94"}, @NFTA_DATA_VERDICT={0x34, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}]}, @NFTA_IMMEDIATE_DATA={0x1264, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0xf5, 0x1, "413f8353fda12784c17dc756ee5a97fd7a0f255fb3bfb3d9fcf504560cdf78e615104a7851f4e9ca64b10a89641a9629489293f8912e524fe2d8222c9bf077ce7bff17f2d1cfa450df0c6c7f63da8fc9d5289da08fbafb1adbadeb3f21139a74d4ae76e33a449d957cc9b01b2eb18697b8ac5d408fdba458abb2264515c09074636516200aa02f41965de2b815261a2a623705657d2980462baa36229057f3c09e5ad4553ff55b078a64247f07499d01168801b9ed0fbfbf7d5f6119e4e9cfc0e4daad78b46667056083eabe3916211916628610bcd494ab36f5dc6e3e4e73c65056862542a4519d59aedcd2b687cb7420"}, @NFTA_DATA_VALUE={0x94, 0x1, "08be5b7fa9446b5616afbcc04a0eb4f14cb3e4535993a5de8795e37f090c4efad57bd0f3ba813830f593eaff62406a669053239db4f496b76b18b56260dc8a89e8da61832f9b189fa74f365264d11281f0d2939fe84090cf3d31f791ab690da1f4336f5d108e90904221fb70c6f4a1086c8826375b1ab47ef1aeac3bf21d9c6d32f0f1192f2054852172947499350eb2"}, @NFTA_DATA_VERDICT={0x70, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0x18, 0x1, "fe4bd581f411568ec2d54fb2476d27904f11d019"}, @NFTA_DATA_VERDICT={0x20, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}, @NFTA_DATA_VALUE={0x1004, 0x1, "aa9955d9cbfb2853acb12505be06873922ad0daf670132b72f5ecdfd6d56b83de60453f7a130ecff6d6ba9471dbaae4b797a86f027c8dbe76205c082117db44b8e4d91916372fbc64b6b258e0b51465b2386a77b05628d7d443a939a9402f8248de60766d2e4fa7b7e4ab67dceb4058c05c7885d951c3fe6419b3c8c8b3edc4fcd27c251540d64121e42a31f1ffbbca68d871546b8eba88d4b2c48fe58bbc3450df8bdbfc285d8b459434ebae12f8470f07a482c6b7203a711bda573af3b97151cf7be036bad94ff834eab7a74071f6481bf3bb9e2ba189bf9f5444aa45bdae6d04b18494cbd0ec8b2033daf35fea3fb423d3b027fd1ccd2e2938eaae32e94ed5ca3132d66364abfc48d6a7903e09d36197f2d0010c0d89691fa25eb55148cac7cc7ffab0916de056eb72a421e5f5c562505955cb5fdb09644d8c1bff6d97bf85a2e6bd3a40c1c357a07e44718f5fcbd57dd48660d3465b648849b1a21f551a89b8eec38cf28ff4171dbf2ffb34a645800186fef4034682a1796ea5ecc04066a5e1749783029bc2827d26a7abd82cf88b8dac9b684c46b75a0afd3e6411b6b839a2f8f82cfdf2304a8ffab39ad04f7b562a965f0b0b49e07d4adc9702c76a41da5fe2d8c492518ae6ccfcce3380c37f0321c6bbffbfe68fc13d9977e997905eb7ead9c797630e4324a83785197062d8d07fa91d472e5e99f90d52cc1d6665f429f16fdfadfe1cdc8e7e0de642bd740ea7b1e7963dfada47250139e3a9202e432f18c363de2892976e71b0026f1e6a5e269be88589552c197a51bd6a0e360b489d2680707c76ffb5a562fd716a66b81b8a482331f33a597927ddaf4625e3e52a756acb71462358711676d895a21a92f7456a93e543a02e02fa03fd860556b874a5d530f11202d33d696c0de07187a507fe4e40870400b101e2de7547cf871cd5ed54a6c2c28808ab7e0c63ddf3887768f0a42ab94e55c5d683f3c9a403ba528859b6a0f38d4ab301c528b2b97243203a9e52d5cc2a9890c5949a95c5821145b0418f46dc0cd5f10863fb7f9b779561f937294f455651fbe305e9281d10c5b4b3a85c4ba53594a9a42e3de8f0df15bd650bce843686ce288df868d538da0c3ec5ce13a22e41073ac28c0fb8d1342b16666f12d4518f8fa25226c2b65a581cbcd752e8108d415a31b739ae3cb0c9e875cf6c60d6a87d89442ddede4d9bb443a58dd5cb7af99557e655b1fe754f843fc746b2783adc8d43acc180c8d59df6eae56ac3b5555476a18074ee6ca81f6bfb1c2ad50f2afc50ed1c478ae5880d5e09373aaad50b8ac7d5c408b26112f6d71f42f253b1eb07a608e36d23b7be15fd58930121ef67a7bbce59ecf43323b4d8a9ffe299d0b5a506c3dd547b33ce9f79c2a9c61c02ea68ceb65b1332bb42419daf19c14dfe1abf28439d5b035129e3ad3e5dabac20116c334882366300acc2fd50410aee3ebb46a08f8526ef0ac4ebb8395797c4fea758d8e8590f5af53718b9ad7b41f784dfa1de2796fc0025879278d489de5138ea7bb48dd2c6fa6e57cfdabaf59d46fbf557abafe42ac48c6a4a172fec9fc0dc3084968a65d29bdcc4905938424d4fbd51a8e47faf1b56fbe22e6fb272e66f85dc18f51feb1b3340db34bc61491bf6bc3adea9a2bafad6abc6a6557743b941558f97734092b1aa7866e2641624c172ce16fec5115eebe651b748dabc39b85d2f23212afe7a09e40c5d6020804fe86bc5c4ab47d9c143e0e1c9290b912ea5c7cad1d7a7da0136b0892430172ecaa8146c89fe698fc84de1a80301c8ba84f725f4b0ed4720ff0b57673f2d6c24a75e4fc6d96fb2092f063a2ca4b08d5fe89ac18f32389153815a4f91b4373ee873e5eaaabac1e169adeda9f0bab92a0f6dccc14e60dc77df2ffae78fb10f37daddb0f7908e30cda070d8b0128b68958f7e9de992a13afc45441268bd7d495fc494e86e4512c752cf186e3b7115ae9c980e0060e1dba2b01f322b1b0fcd16598628d20933d75b98a76211ddf9ab235169489bf407398c38db69f4a9035c909ecb36a02a280dfd20c76e718fe8141b2609a3fa9cfdc7bc56bb6700ea6b913b789202fc3097fba074d7c00ac2b99a444b05eb139dc11a4b5cc85ebfa09901352427bbf3b4e2c722b4b4118c2c388682495e59758d1fe741c43d987aaf04aeea211bace8a900fc56f62a9e12b3158d2c760f25c93da76e853e0be613395de18d6a8d32727b8724390c7eb80c9e1e313e09e8ae8fe8c50379784c8cd0a8ec42585843c0bbbaebfd8920052a335c11636e3d857679d1190cc1894fe6d3d96ce578b8d69a5cdc94e941ba717c331d2da93582b75c69d705adfbafabce73536289df4c07e9f5953083b9ca471b4250a2a235eae3647a1af3af8be97b7e6c7025c975ee46f69f97f96ed53c1d062e71035d63b08b6af78c6aac9487969a0a5e44887d437856e3b7fea6ac2bf5c6cdfccc9a00edfb8862720cb0e0c05fe3035b9dfe56b58421d1cfd8afc3fe17c3255b774f66ac67e10d59348a4a735765bbf4932aea986e2fdc43a40eac6313297ecc564d79966ad40a07dc3227556024722f0075adacc5e7919f0252a66f0f4fd704f276fd2e8932fa4d4d5ecc130da57885b24e585cc480b2ec72b37d09408a6e88bbfe1b02ed3af6a07bc944ba1f1081aa9b3edf92d4d3b630ba88becaa84611008e1d62c891716bdc1edd7aa54bcbbbd4d154d82df69d470491c79f555d9978740e1bb3dea9c4ab43f60d0b98fa41f2c201a1da10b8946c1aa9246d3c5a442e7efb9e5ef55cd4e02239245b2a703f6edbfe5cbd385563c94c9f21ff539ff4c57b73e315055188b7d5839156cb6e20e1ddc9e2e39706cd9196596859883261c0fcf6c14fbffe2015e8f964d89f680c6c38a807de31e3180b255731bb01e1d8f5a408ae40f43c68ccca0b506557da2403da6d91b61ba9570491f38ca70f157af73bb954b0b397d97562a95dbf7ebdbef0601627ab14da8ce7ed147013803499d1b10c3497b6b64a1dd2d3c487ba91bb396327962f26afd5e4079cc2bf6f4821c39727b7b4dec8ae116daf4fb6cab0cb8f7ee21b77e00b13fce2f047d9f96d4859ca060f5eb0cc86860c181b4fdbe22e4264b65673f7af558f87418f2d10c32dae14357fdf6f87327585176abdbd233e2d8b646447358fa9b1851b8aeedca6a34c8c7533df6494bf4acefa8ad19b2213583805433f2cef472de8694d6badd6b07184700fddc6fb80e88545d541c5069ee1e6b66caf86b69db81f57de90f595868d7f961bc8599cea9465c1fbb941abec274a2c75f1c94b2010bb70a78c6b1e9820d0646e7fa1a40bd91142e45d06e218c6852a001a44d579a94e026d5bc731e30a67bf7cd40305d7d62c776ee37af5f08e64dbf6cd05d6828db1e17027aad400778fa0a13c89faa9ddb039c4282f93ba50d40cc5647ac66a3d23c045beb61a97d081e5ef39f11305513a41cc6ad7aed5ce1c185e6c23418f62f8cf9514805640a6fe52d1696122a5f5fb5086394c2144c839430502b4434d63300dc6255603444ebba8c73ce8b6fb85c05286302aa852782de15d51d5f1dbc3dc9689e02f349a876643b921d8e19a9b13f564e655efd98283265a10866b579b81b9b311ac09251ddd7515620c6ba6cfe133b309012504628bcc43541dcd66273397b14f59466167ab3d418b435202f5a45cd762fa9bf065eab35805867f45a222799c7c8f68a315bd5669c01874fb52a2b2eb0cb3d39e1bb26f8daeb71b10fd2d5e2260c543fba497132ceb096ea35c891246d801cee7eae51166bcd5d0ff4bd14ce0c33daa8af61a38cd88fc544bcce6817fb47c650b07e6b98104147e0af275ba555c9f617086da40b005127d5f5236cd474fa64b8fb3ce9471f8093706ad92ce1fe5817df4dbefe107e3cb5264bb028fb490e61182b320d710b7480ca3de86182c8f9d62f22c7e3d400e2e5c77e7ebe7e655c25d76ff4dccb7a0d13e7121dc932285a9839dedb80305c9a7c8e0dca2ec677034da36b07241cc4af1a61d2bdb6c128fafb47190e7bfaba7e8dd183521ce795c716caea96cee6c6e7a9a7ffb6ee1b87539ab0d84e5ea812ef11767daf807cb61732e4a99dc19f5f086a62d0aaa7143d0a23a510da1ce27e74b91bf86cf1917740cb17b35c11d14e636297f6edd209ea1f699efb85f43911860e1ba109eb599e7b5566110102a53026e660d99df43dd46f65f7f62b7538d9409fc542769d49dd0529fffe552d11db5eba4fb0143b6f4e223b6b31f646fd10bf2b314c6e756e63f893bced8e8b55572aa259f887b583e7aab7de214a9100111da4d5dee204273042e63311e44dc99734fbdcf70a7810c76bc130465521f2628c377246c7252dc6ea6fe5bc730bd15ca0cf52c10ea7911cd737918f269498eb4f1ed3bed7e61ac3d28023c9f72351171a9c4a0f4cbabaea8810be404ed16104550153593e0c3c81e65132d90bb400b179a58a2f984ab19677aa84c281ee18bf25c2d661e4e5d8a5505a6acecd9f51245b4a1c8e31e806860ca7e19167312a86848392f13bba493993df70fda6ba7492787a693dc8a3b322940586c1e6689ea6b8769c8a04cba40811a847b21d2450244bf1af971858c3553244e3496f87fcc27148f0174138a9ef6b10ba1a830cb2cb6ecf20ee613c82a23da0431d911a63e51d6f5f27609fb1caaefb675d8ce3a14159fd53fc39885af12759efa0b6ef4d1bbe09f10063deed0a2b24bc6d309d4073f5fda24b73a82485decabda3bb838a0e12c61a03ea0af09f7ef063c49c97a00c6b1a5bbb1f5aae139a02a3ebadcc2333fde21ac8cecb20170f6080b31c1a4b6e173c137023713497191f2f0e5a3c109a2d07b3555e5fc2b5e41a158ce79eb2c7da87949317a50ed2a097737849c75ad0b22dcd6eaa197ecd9cd69178604ef7122f2b8248e057419dd444b7be5c4ecc64a3eff718bd4459ca5579af238386c7a7111a4747311809af2cb7b922ce00a3c4de66e91b89aad004214af8405b40d65f24093eddea4b23c8580a0b3f0ebd1e38d9897029dabadafdf8a4b2441f364b8acc7d48fc1b9e732030a5f292d3c5bce1e11e40ca9a82655f1a275744cec7caacd60db9053bd22d0f469755b3b42dadff9e264a10c1e10c1c199ab74b2f11dbb5b06bbfa2b96df19b565d11ad569da9bdb041f83ec0478af0facd1387387663582ed9d92440de928bd840a6d6d40f7cd8a68a83db9550381f06fedca21a2b98b06980c9c1fcef7b99ed76aa3b217f8902e5ad466c793169e053c4616b9b9ade746cfc3c1a29650306de5b16e04ac1524d138385c1551dd828ee071ec2725c0046092e1e90636fdbd074d93c31129c46ed6ae77b2b2d0abd5909968586c12024fe0ffaf51b038f30dcac03db5f7185c65ae3b7fb7a973384b7a7c808b2f9834f97b343c738cd8ddd6f037e6699acbedc030068074cc8c0a785c977570fb623e907d390b659225dd898a3fd71c7ccca893cf4c625fb3ee5c1992000b1d9c066f91bcebf15ab4d43844abc5cb7486593f6f824109220416a389f96bdba9e90f7df03bb043e32c61a39b24ae96ec976869222621fd93d032ee9bdb095add773158272d649d6f684b9d516eac3a29825a439aa778484b3cbec8efa89503b46d3c18bf51d416866c6274503e3f6af0e38bfcedc5787c40ae5497d13665f0e33fa96306a8a27f3a8338ab5f2481d1578ff82f72d4dbd837cef2525c0eb8a6523cfc4632075ff7b93d13cdd5ef17d0fcf4d1bf0d72bdc699f34"}]}, @NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_IMMEDIATE_DATA={0x1048, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}, @NFTA_DATA_VERDICT={0x34, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}, @NFTA_DATA_VALUE={0x1004, 0x1, "08a229ae4533a30f4661ad1aa32b40c096de9fd3a43fe8ef6627417cee6fa0d67eb01dc2766c0daebeb58b6844884f8d634dd8c022fcced8b42c7a53d9a22e3c91413268301c25150f313d2f540649610521152198205a98d890d5efb0a10ed1a90059ea1637263d20bd88e5579bfe91e37d7f3c36157f28ad51183fd1f77de8849c18fdb531ab05e877d556530d35e342776ed7f40d0288f86caabbf024c02fa3973360ad167f7f6b6bbe123695c687a259c748cebb6bf4c53a1c302252e9aa6a2c905dd368f7930538883b29c91fc5fe00b6ab790b2755f9a902bf601a22f9c0010df221a43bbef458f6cd0c25e4b4866562d0d59872de43222c7a6ac3095b473458f8c263d8afce34cf0ffdbefbaf52cffd0c6640ad3b43ca1955e3abdd3a43e57553166c77b57d439744fb54084d945bb31d2a7eb8d66f653b55e09c9806b14d54ac50d956f1368dc41d514a69fa061b7e272e551763fad1ca5d3005df09c8fe3ce4e0adcba7dc5ddb924b68ea74649ff97efaa85868a8595c1ea2113a8e88c3813b4175484643e60462293fc1f46e17be7a1d8f6eaf33d23486eb00e5a8f9c4e94420ca048642ce82947f93bde5d4dd42abe431ca4b6cfa65486372dc9a482e4ee4893621321c0a3e0026d260216a3808e7e49872dcdd824bef9a38fd1a5b2f6a41d26db35ae0ae9c4add7593217cb72e5aafa4212be31a18e2587249b379e986d8cf502c441a20811df77a925776370b84d42c030c312b01824e78faa918eac68372671c7f15142315b46b10df012bd8fbfe71f1f4dcd57680f79d3e28c2f949d164dbb81da8df3978d879c3a85f9915c368fc1859e59987a6b98e17729d30cac45bd2655dc4a7ec6e8970c575e868d1e123c99d31cf1dd9c902ec3e682481616fea0857161e34c1a1a7f29e9ddb6183a438104dfc72bd3add04577b5235a17fef9642a47ee07102898c3562eac90ee682657b63dd1718bd33358e6566e52ec758e30b6feb08f4e0bce46103c018c86b85fa095fcf84354a10f7a4bbe5be8236be18909e5b53b3d89ffdcf1b3f91ca065f4fd5f6abc68a6a8d6f9da537b9b018dc712e238d96a22d4f771ff9ec0c413154933b45f17f3751a46fe124fc840695dfeccbc00944ba672a4c6d3ef8a9cf95408e99bc152917d48330d664d0e00e1ef9a03930e54cd3a282a6dc52c48e24c91e6ad7b9fc40d459a43be2d40adcb892d82740abe78db4a88464b53d69419a3d3104090da928ddfdcf1a67ab095b5dbbe84d9a7f1a756662d41e0b3ad2c4d89f8ceea3dec67c5989a23e3ff950eb300ed37d8e02848a36db8b286e52826eb4c9ad45ada59f50aacf328e6b3e2ae906f3c62f30223f3af2ab099b2002ca05dfacc2013b731744651383ce1ef08c839903acfa424fa2b68897734fb89829fc7cfd534d873fd22d8839c49fe27815047b0f272a535b387a491ee9202c827914fb5bfd0e3b799088fceb90c153b9421a5b26bb8bb56d62fcbd377876cf038f358dee79775fa89d8b90a9016249879a28141068ad41f39dc3c561b1f9c3f8e1880f68cd9ec264140065b5fbf5ef8fcbae14fc996f961bd31cc1f2511ece3a4b42e83c66052a4ddd138f37f7fd5f5e5653071db098218823be4bf3b13b2a46ac353459b9593e8f5befece65a725d33fccc0da90367a6c187a6b6d2621c01e758ea00f376d095e7e71d12dc951a40e0efb238782480aa0b6a473c1959a354e12692bbe81690cd62f15c14bbadf6da88274b674e97ca5951914b0606ba766dbccbee063e3bbc483fc160f0669ccbcb0bcecb7b6b9395f20620433011c5f902cd4124eafd74a28d317251387c5478859268a8db543e097e26828568b9cff2c513d20a85e021c4ea85f19746cd2f1c31b4c1116b4c060915bbfb50642fa7d17e8819652e745f3da3edba272d52d14f9efbb191a1ebdafcc24ffbb72db42c1aeedb9b0ddf6890d4b5889a0a6e65613243cabf52d7c72832c53392977ab983643c580825e947ac495537b13a93cf2388a0fb26ba532efaf28a24dc2e926f8d36c522c121962c13db21a2015cff5b0d45f10cc4107cd91ab77b7d759cc597414a58a9218af06a7d2d8e543347440c33c14e5d3d844ea335b10fe7d858bfe9dab830ac4dffebf43d3aa81fceebd5a844fa6fbda7fcfcdabbc9becccaf73b7b8e0a1d4e79829429b0413b9156cb1362a031382db64817b12da5c5cc6c65fc4218747b4f9847549d557a7c956be798eb88eee252966c0e32db64138d3b792fba1de7b55bb03e0ebe998e49e7e9848928cf8a49948d9474569eb399dc6803461773fdd1180faced9efa157652d7f8a2be7580d430f6f7339bf3464217845841e6dc3036d3004c40513e88db62bf22417b1ccdebd6801d3551f4ed3df2fa769c44c8e6808184362321ccbc579e2441e38d647cc590d0d51e2f9baaf6f4bfc34e517adb7f3c4fad4de3de4505599004d3bd94a0a9aefc29a8a0029eb5b1137f3bf6475d07fa9271dd07fc74416bd7c53f195c37eb2d795ba9ee5be3fc2fc685bd37c446e2c8a7a8f073aa51b1a6e9dcd4d095cfeb0d01b2fab8a95b4da5d893e46c06f4135fc071302e41fa08b7298020a938f2fda29b0096ec68aecc0ee171ee5362f5aaae419daa49ee23a3d4ed2bdfcb85e8f383272baaa2548b94692b19954f22d1588bb87891e9f82be40c2da0809b8ff9903ac0eb012ca7783cf8d740b171b03b93a63b7cd7545fdecb34afca2670020ee4f7e56b98475b5443d7b32351e94c9b56053bae91958f98dbf71928c96d9467e132132521fd1d8e0b525551f510a85358619eb03eae04503291ff2d29af84bea63e8e26747616a37997f00abe5721d0f8b2d3e57054ea57d567eba64f5e7ee7592eb5e69fd7fa87981d9a6934cc4f2159ad4e1087bcc97d86fe8bc6e0cb7cb553a6d923810b2b26ce2642af73161aee780c98f11c77e538b081ed1d9f172d555150e30e1565df51e1e10fe86afa62699f4ba286f4d32710ce9afab71a334ed1b252ab3e776513adf06ecc29a76ed5a2376c06bb555be48f1dea353e7c36815bfe0fd3cf29be8fbdf8517129e298100b492982158956a6240ea7e0702c3a60938d2a1249aeb3b8736c07adde854358b86a9536f42a32d5a43b2d5b3d4c2173952fe399b0042f48287443fa60403c6a667ff1df01c41c1293e1e34af70f6b907c844f58d14b32f54668b6e9401406dfba91a68bce78b3fef10639b93286da240da778cf093765422749d0dd87eb1845ff69dd64d8076c945125bd5e7ef7984915b229826d402267c07146c1da175ba6fcf2a25426065f50307f5f2b166c08b6c49c753640911f169be9c3002813e7753550e4c2c11512da21bdb8a64e01c6314e9619a64b7550b723409520b7eede7930995afa9bb221b6c554da4ba1f93d3dc0b0381f0174feb73135f67d19ab822a94babe8103fd6bb9987421d192d31b8b0dade5291802f1057333ef19cec38e2f0a42cfc7bd939dd75c485a328da90a2c4b3c91c1e0967fbe690e6646f18d6ff2cb21e75b2b9afd5b2d34a1e47bfbd035fba040dce02e6c944f8cb823fc69c0a62422bfcb3026ab10c17a17810fb11714c4b276122416d30742c8ba5d0b1bd3767a12e227619fc6fe1e1f63f9a7f57f7f27317d0286d524fa9fa37b0f548ea0eba17750d9c11c447399517074eb899b194d3b80c9c89c1d03cac77069e96d8ed9ae77705ba7947c76ec02d56a508691cfcf6405cb62991099733e5722da1a51e78bfbe5292d083fcd3e21cc5b01826b94cdd7727e7ca6dd4785ec9689bfb7142bb6cd48293c79593667b223131d31d9d77ce59ecd9669ddbd9a7984093c8c35842b594f6c1eec2902d40d2da63301115fe25ced0d3e22a64ac7cb1483dafc7fad63b8424c163b7b0fdc5443a5c2270ecaf1daf4b685ea29bb547ea6cbc6130bdb7e2422566637d590a2f66c284f36c953344e350879e3df1e7dc828f506520acf7e5ae86a3c56eb78436f23f7a92d8e69a55eac922b91e7ef72611ac33ae35fe5fe18117ec6a2e8b8dc83ee731fbf1f1c70f0d02225f3118bdb503ab188f16956aaf4c64f417c9b0e0a0381a2f0c3929b8027467a920dd7a3c0bce05d5568cc9138acc9ded2ce2d61bf309cd51a73636799b47e5269506fff3f84e2a6725c2968866f2b9885dcf70dc7e417acf6c76dd9c72b0488bb5b8ff5202bb34b2605a70f2860a85fe3a843fe7a5320d20b02be831b45ff9ae16ea44c42692ee495127b42f93c5688bf60d96c9fa116b67c183a405d9bd844c015f2ac44d2d25d504551a385b05bf7b4f1a3c1307550389fe19f1988634e3b58573c48c4920f3becde66d4950316f29b16bb3c66d7fbb69e117f560b0f1bc801bc155586aab6148519205a8a8db9d72c29ed1524144595bf0a195a863ff5f1ac3237374594a6eadddf66433f2fbb0148d004d206f3d14a639f052e082106ea651484ddd6c4608dbec33a0cae624ea819590bf5c324b68752d4e7f3c3b6ae4fb3f7c9cd053a40f064ba5f05dfe98e3f6faec40951aff8ce2f0e7676a30738f435a2dfc1d5374e001a84a01c503886ab1d37d27cf7f69503d2b8d476732d2c0af9f341b63cd175faed5ce94a7e006e2ca3213ce26d0fc52f6701a649196bbad32e9ca85f58352bd56d9143f10da6c514bd1a4c595e67e5ef8f2a1dcd89237df26091ae3d3bb47f8cc5d466cb72d8cf6c2781591156f139433dfd3e483083115415426182077b5bd5b31dbee20f4e5c31037ccbf1a9ca4f783c93e411357e443fc156e44193cae00ca9cbe5987fa8955b2882c3da2eb2bdf621a7339b92743735e528ee819b2ee8d89c6e6f8488f08c4341518dc74dfabc0aba4d2cdf6a5af57a3901497e57dee8f06bb2bae60bd43475f29cb0a550f3ad5fb083d6cff6af0bb332803a9f598b6181bf9964216b69577a70d0b0eac556da3ec4ac20214497b219b8f5db9339d853ea6b9e490d223c0bfed8265400e7d9a68f6e51c482fefd53d87d12217b6750b5388c90692db8450440af26aa6f436fe2229cdb6a0b1c122e80704d0f6c8512b30bf43639452e3183609aa49028915b878a8e845881107173b1dbcccd9c7b84d6cf55b9403785870bd0b5efaf00241d31d8edee5d1b7ee7921d47f62910c37b28a0be8d3769c29175f830641814b6e3027fee49e46efccde3edb265ca876c3eeda9d5877bc99fa867d34ca064555996e587e91cc47a94a3b98eff56a61471030e4123daa7b66d243122a326166d939c73a7fa840d402501c5e1a729d4f53af7de8b3f17c715feb2b05484375340932ad5c521c5c76c427154bc8ff5ae86ae25e49802feb9ce84923fcc73c3ea9fb7ef5fa6bf53910cc3d18cbff5a2f45a3a27ca0b4acd56a36c8d3cc287411b722b601ee54602070d34f13939e28fe780a79170fca73df8ba43a3bd4cb843ca07621a1585c4c9adac735a3b7c54db5acdfa065674e778ced7817e9e16d217ae3bab40b43ed1fb025aa3405a3a6d5d4e073650f29f6931df6bc143fc503793508877a96bb7cadb5bc08d4083d68adea253c93570c85454145647cb3a0b6f0c772179a6812ba713d0ac4cb0fd7d16ae236bd0b46c98a5a7ffd3c8f1d5bd0bcb4850dec17c4ad507ecdd35b164f2798867a93873a91d72e01d8ce9bb5dee636b0302a7f7eeff3273b2598a36e7957c72b9ee6f7b037233904a4f5dcfb5950e1cbcfc806b2f9ee52edd2429790d78cdbc42417d9fdfcb587a399de0f8467e5ba547444de8877b8e209d4d5278406f"}]}, @NFTA_IMMEDIATE_DATA={0x108, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x27, 0x1, "72768b6baa0a9279acd782d034a9c75e3c51f6bd764194d603e0b60581240dd7cfe97f"}, @NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VERDICT={0x50, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}]}]}}, @immediate={{0xe}, @val={0x608, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0xf4, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0xf0, 0x1, "8ff70adef3165db4ecb5302eff8fad53798de54b495a9cb09fe32ad5def046da5065ba5f9fa6d9eea7309b813c2b73c69255369cff03ccc4a69601749fd35102a3451866e4cb48fb9fb91928d2bb1bd2326296e2cf90c2303a2b338df23f5cc5d4b51a9aa1753e4fb69703176971abe1921d4e675a1098df5d4565be76ab46c043d7485dacd9e1629947987524e71519cd728e819f3b3d7cb0684f62f0b0b179299bb094e42d8df5f9d5e8013a05c5a7771a8357a367d1502e867954335a8e47d1e641ed968e92ee10bccde5977ba1f68b666f85c1b7ac46b003bc53b536be2c1633cdffeef2813474fae566"}]}, @NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0x17}, @NFTA_IMMEDIATE_DATA={0x2e0, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0xc4, 0x1, "48d657598a01ff7021e2594c99c8f0eda8948ecbd3d0c9d3697f35050fef7cda825b656b1afcad4d1539078d6349870db9bb6df2a31afc953d59ab3243782a2ba63a45aec1d2e7994937608471f0a3468493ed957635996157175cb59993025a01011086bf5cdd0990ed7c6db02cd20bb43f0d53fb93e7f39af5fddb5100f0ec3a022f6aa1df9a80dba03eba634a5889c56b664abfe81784ecf512f46ff8f41bbee02cafdf775db27e10866b2f19f631d586016a99133e41309ed6188ea2d1c9"}, @NFTA_DATA_VALUE={0x31, 0x1, "fa82fa43c19c05b5ad9a5d82faa1e1951798f207de4e44fe0a0a1bcac862ed7685244a8eb0d9577e6a97ac3037"}, @NFTA_DATA_VERDICT={0x4}, @NFTA_DATA_VALUE={0xbb, 0x1, "13fc50f3c19e775162acb056c5bef5bc8c98a52f21ad8de283b2dde691a0d59b554b74ab580c862fdee6879d5b41d11651b7b38fcd14dac6a642a5a7d6251b9f3c1e74110a864c70c40ce96c4c1b73d819eeb2537796b0b3dd1bcf2a007309c5f390d67c9ecc898c934e4e0c488ab5294055d38fe75bcf1af98da97318514ba173ad5b1afa6df2a16dd59bca907f177c74b77f8f38cb6aa5ac5f2772a2b359379c5a2d0b84cc2e8a311323a50e3ac62b13c74d20770f7f"}, @NFTA_DATA_VALUE={0x47, 0x1, "145e6f75bb068ba09c0b0e528df8c7a1ed81004eb35ba9a1da4268c5dae03fa97f13b1fc6ddd35ca584dbb7779313aa054732c1323d88e59490229b302d5b3de13c907"}, @NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VERDICT={0x34, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0x7d, 0x1, "19a2830aeebfa16ae249dc28b4bbb831359961c40aad0298b023fefe2876993bfab39c246447729c5260fcce8311577a3203c3b138fa02577c680fc6b0017b9ad3af2d68c80c9e87ee37aa2f46fdd3f842a81af2c43ef99e513ef59787f713a3fd7e21ed1aa1fa02c8eb882a805ba7cec98515c95da6366c5c"}]}, @NFTA_IMMEDIATE_DATA={0x210, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0xff, 0x1, "14de9b2ff302ed82f5a3f2ee72ec88b58a1343badce9a17a1ef90dca6b3ac1d9447f8a40653f636e432e0f4d6747d204043e39c15fdb32125c1f0e2cc039046ac2b27adfe02ecd23e1eac61f3b63090de753cf463c611cf69cd3d5ce9feaa855652d53a55ab46779a2e8f874435b57169f3d0855536226b44764b22c609f81ae04a51cdc92dd442b32cd21f48c16f377cb8d36f2cd8ef933ed73b175bdce3e91e6b73be51b6201e58fc94b34904527487d71cea17b39e79a29c4e26ecce9b6537e4dd4c8febf0db79cd51c1ad7f1233e734e580f4bfa20177c6271ac11305a6d695befad7b6c0d1f97fa00d9978d559d8be62a8796163994720a10"}, @NFTA_DATA_VALUE={0xb4, 0x1, "b9765165ea243e94bb6395b5ded644f681d13d9cc99eb81375bb6f622a6b18ed567de8663c10131dd1534567c667cd5d11ad14727863097c7ef53a602f95f27c13bda9fbedc8dc56707e7da27c3f8f0a5ebd89316e2695c5cf6cc66eeebeb2afc195380b16415c9f1ce686cb0cc7dd20bd7b0e1cd4e5a119f65b24886633e66fe93f31085537da925a2eba5c4460c88ecf47097917e81763af37bb71478a5eefe4ce14147f683002076500c09038ca03"}, @NFTA_DATA_VALUE={0x29, 0x1, "9b9806019c70dc1c02635c3e0c7da1cf72f5d7baea434ab69eb04b50a110da76ad44d94f35"}, @NFTA_DATA_VERDICT={0x2c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffff8}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffa}]}]}, @NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0x17}]}}, @range={{0xa}, @void}, @reject={{0xb}, @void}, @masq={{0x9}, @void}]}, {0x1138, 0x1, 0x0, 0x1, [@range={{0xa}, @void}, @hash={{0x9}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_HASH_OFFSET={0x8, 0x6, 0x1, 0x0, 0x80000001}, @NFTA_HASH_LEN={0x8, 0x3, 0x1, 0x0, 0xa8}, @NFTA_HASH_SREG={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_HASH_OFFSET={0x8, 0x6, 0x1, 0x0, 0x6d}, @NFTA_HASH_SEED={0x8, 0x5, 0x1, 0x0, 0x7b08}, @NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_HASH_SREG={0x8, 0x1, 0x1, 0x0, 0xc}]}}, @dup_ipv4={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x17}]}}, @hash={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_HASH_SEED={0x8, 0x5, 0x1, 0x0, 0x2}]}}, @osf={{0x8}, @void}, @cmp={{0x8}, @val={0x1060, 0x2, 0x0, 0x1, [@NFTA_CMP_DATA={0x105c, 0x3, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}, @NFTA_DATA_VALUE={0x1004, 0x1, "41b47c2f2ab49fffb6cf2d0e818938522c8c254fde737a0fb2c62c4eaa5c2a2d286821baecaaa455ba945e754726937f2e72ea868a4795703c357c6b920b0b0dde1926406999dfaa8c398f16ee75f55ade181aa9ac1004e5054804fdec58e1678dce126ed53fe42a7a2ad70392f3281f091e1091a044dbe1af31c0af31a9f34e18295a441d0abf7059b18ac0a7c564a4f3014de74be252a78dd517bf04781e2a6a33f1b8803892e1965fdc01986ef03e60dd2d043247f73622b68d1521ea5ea111b246065b7265b82af16320bee0b503ab2cae62a67f9db9e7a67ee7710561615fea8d878a8ad6a0fb676c6858b1203e23d610c1ac6d491c0532825e19ad846ae2ae4f07d217aeab9d286ff800017fd5a25db6e08c69c01da0864122e63c747b9ce22ad59a2e158be929737028f992e888247a1fcfa5e5fd7dde6931a9dbcdd9f223d705f27ee766eaa76b129cc806974190d30c3dec16c63d71f636e074b8cb2daeaab85cbd03bd5ab61d440d428e2649d46d6303deff5871730e8deafff1409c264e68789413023e83c9cae0a6fab8d6ccabc99c3181bf6bfc95eee5f384241aecf5e79acbfd776df6060c0bb62716f7e2875f5f0eea1e00877b15b9564ea3350327f3f7aeba18e2b316e3c3083c202ef8bea3b15953b4386e1b334902a4215e1764d30b511eabf5503a7987f9f355c20d0c08903ab30ee836316f9228243eb97947c280d679be4e7b378636efb26fd2c94c475e6e6dba6da4f0f3897b46779e951af64c3dfb2fc1f59d18caea57fe40949d6da2c11294e0eed2eed6f5d5dd9a5aeb1853d62bae4fd9efb1b5532d425ef700f45c448ee93a49a16bf5018e474bbec0fec0ddebcc966a8078bf19c6e55752fe892cd7ccb6848605c7a03870b78e6a8e590da833baedd0e856b47e7f20b386add9af0d054f38baef5cd6ebb4d8d1fd0c15627bdb0ef9fb128464db4e623d3496a1f79fb002c071f3f364ec1db4e509515c9f43386448d88b0d09e27558c24694c737d290694aa362478db6565549893cdcae70caad65c22ec3f9ada79723acffafb65ef8ac800c103ef1a5235e89b3c68d41231b4a6ec437c9de8266841ce67d7a0a770c9b75dc9158709590c32119d0a8bac42698acd0c4afd43e7ff1a34df8c075eaf7e3d540dc0e1d2c4cb7e8ce1c28f879620dfc4d572aa0f634f9b3aa1b98869cf331e0d138085f39bd10f0adfed20b0bf02b12a941a26c74d731a5029e4c6781fa8b52d78d66b4349562c8812898b74162b6dff7f72dc13221f8db08895efff2a5b19857019231815771448b8ca0589774eff7a4cd8b24dd83f569a5094a017842187ff031f3f81da67c11e7edf25ffb5c0ab9ddb60136f3126689526c543b9f9caad85765750dfa22117e11ae0d5c4bd5ceed146e43ee876f2d21f553d80d303036a9fbb113b77ed1c28418939a7bb4d565a287191bf418bc1a401113259b2b421bd1e9d9f11f2c269c8743da7528c590ef4f8bbf5460adb5bfbbe0bd82020d785f07c7040eb27860dd09072103129495ec3410b9640811820ec4f5d6ac63ab884a442dbce953c435ee73fb6d9c6eff5b41ad17586ef811a890d93df45d4079c55dcf029dca1db2eb75c7c0f8eb8a63b0bb81eff057510c32d6f766eecb5acad543a5b1e6cd239710bb52c721dd342ba0f58a8809b6e65ec4b568447fe9e4e681af39980fc28db325cfb32aa3ca28ed44d8830069f10dbe03fdce0f7019c92bb1e091bea55639a6aaa0d118ac79fd6e59897ac1ad19f38c1bd5982beb5e1b619b0d88dc70442fa260402a2e0ab554e83e2a31bc7f16ee06e10ff71ab98b392bb795d7967a7e0712cda224916eb369d4908bf45df7e2d39584e8e31c0b1147b82fda93b2d34d0bb702fe49f8bc6cf2ccbbdd22358bfebb5910838908b7d7620a4015f9444eaa0a2b6f0cc28b8217d07ef6f60f7bf79a6cba4851d4f07577137b9bd11d3e70c80489d5caaaaae5af216712712e94b271099ca48ec2c0806dd5814686fb5dfe0d849dc41ba4138fe644bdd7d290fcdc87c45790c4666e5fa77a285c81c7c39168f0a36fb56367178af4d41293587b3a7b3764e5cbd152760a4b227997b010661d25a221cb7ef7a8285b2be291d889eb66895b9e86a95b76ab6ca31ff2e07c53df9b4bfe5f6024cc44f58f5192b156679522b298cae534780c2e9601be1a63b077349482f2f6e40c1987963670738d97b171197957f590e6a952057e69e259d205ddf6a703fa9129675d1d861cef01f5c2d57ae424f49cd0c99c230264d9d449427c8d1c959b1da3328c3770e29d125f43c3c646b01dd6b11e43129ac7e0e86d17c79257d095ae669d3da36bea5ddd93d076b94990aa682ce7bd99c6193933a264ea697aad96e3c492026b6d7a96b5c1061f06ab88107ac0f291cc081bff4de6304cf94503c0d30acda7d5690a991f328a79993448f258c45804b932e196f646582d22daad8bca3d016efcdefa86a068b72a587819316cc203f2316e8743bf560ffd9a16f14dca38abd60c98aa7bea33393d600166a3e00db02b763f8a2bc018f54847824cf488fea0f9736f84be8354bd363791510267fed5453876c82f18e4d1571cba4a6fa10ae418ac8ff92a9073c691f8cc3f2ee5f044c9f82a0ff85f46246535bb0e52fe5224b2da4d342158ea37495d9c13af55a9dc5e43cd47791890665590696a428c891af2d49d8e24d7cb41ac4b7b3aeca0c0ad566c7efe9c302a9f8779b8928866d41fb47877e94fc5315ebdfbed03b64dbb269d428166bee55fcc328e126e149392907187c31797f7e852ea944b1af4354b1e4942a6874909e836134e64def3d807e6bf162b607648674ff5d2b19d6d0b381382b483da5884aeec54ee731c2dc05207c1ca03ff8420461b668e5f7c60ac72b2d3338e606e0d5223ddac1564ceba6a01853d0a9705653c4f592e12539e6b934ac3730a1f9524a1795f58020f48ab90590127ca4f511b7f6e2df6a263a5e54d7687379f70757d6f0f128f572c64fb2ae6d41a8bdc655ff468d7feffa142cb0b81bbb4986897d2d01fcccb5093f7bc6e307294b441d511c90280cee75efa2935dc20713d80e8f7dca837534e75cc15071dcadc886dff92f3ff1a6b9eac2f59307042b7dd50bd9807adebd99188215a80485e0d251e791e292292783f3044c5b1d6a30b4fa300050eafe44265e0c85ad388c2b42c0364dcda5fef5cdf0e461fc0c47f8630659418ac52b96f7f4781319e3a7eef2f1a8f198bcdf200778497eeb3e4d3cae5034d6b509214ac911f506b7a19883d3d277fa097ccbd11f508bd93126fbbb71fa08d4cbe6a7234db9d1edc6c0147a16d91c0fddbccd2d871347c0baf828a70af0d0ea82a7c0943e8ef2ede90238320e21a5aa8b7ad6f13f6fb0d71ab555c13a5b69d7e553daf594af32a416c05f42b3956ebeb8f07565e1d52fbf592b369e95ce359bae3201e3a195700050d4e89af6a67105cbe6ea103937d5bbc5ad116f5ec80cd45b75835d57af1ab827ee24b90ebfea9a8d0510a88ed41deca36de8c2b559e3609847fb3fce281bccee0a3aa409a747bcc46bafb5f7d5281890829f440b2c8348e7c62d8a7ef68751b3e753cf76f7f2ac5766a4ea67336953d573b7dff56eeffefe6bd5c056f8c17297f246c97e17dfa35bd3b2760c686559b89c45b2ec4863068d6aa1b21f0e9e1c479d285e61895e8f59bb33c24d248a956efeeb6ca7cc5166eea30bb45f49ff4ce12714c8d70332d54c3910a68c0489ca091635711805028adcc945a8578c5b67773309267abab1bd9ceaf6bc1ade85fbe8b2f78ff4bce7a8d65ef5f596e66fe8b4f94db3338aeffd8281017c19ebf3c4d7c9586291fdfe5806cd1fef930f77885a22eeba1d151e0c2ad8e563477bcbcb6033a97e4f883d17ac79d1c5a1ce4fd4dfaa973406c2aafff0c044d9b5addaaf2ab0114e7c1836c58747d0e49d5496888a7d3067daeb25b278e96ce76541fc1a58c812c1a482d1732726244df2f94901685b548a21dcf0c291178369b36b351c8ff222fbc3ae28208e5a27d8c408fe129244b78883228630ac7c507fb303608a189f958b54bacae94485522bc6c537947906ddee6e40bdfa13cdd3033ca8b8da8b3e63b3290bd9f7ee6d83d9c8810b317ba19a0953900f0bf7a8aa5508e3558c9e62fe8b20738f7da4341e3475fcbc4cbbfd2d1e5900bcc565937c8d18dea71ad0ed9048a40475629553153ffb0cc9ecc71ffb668437a889c2edce4f5f43d6924daff4291576ed035005de8a128a1fd29bbf865d03ae36e60811efb3aad17da8f016493cf24c6e493202a3e67f25ae3b84035b07e4fd2df2bc61680a2c63006c25abdc8f2fd7cf71280c36c4867ffa14088d7111818f1d5e8837deb31200e5fc7f411e19d4154d990a8c575191cf382326baa63ca30b5aec8c3e002fadec118e953198c2b5167b7df6ca06df664a5524716c6f0c835767124ff97fc96f20290d1820d6d34d4e4fac55f98e29fbfe1b50ccc1f7d1daf8bf35cb90e380423deac3ddb1548641b6969c76a95ab95396ffad29b6c150047f02e928d7f65b58f0822b4b9769c4daba67ab686147dbc7082b9841e5b6774be6e9b19ba5f9a14474d6c2f30c81136b96c27543088615dbaaab5dd546d67ed3c73489fe46b1e9589875f895933f7b09eb571d450e17769a0aba32923dc97cc7e239f0da337ebdc262fa85f4dc75ed05e35524cfcc50fb19a3fb5a9f0465f9a44de3ea5a0d7f8e30524b6a57a1fbb099bea6c9d85a0d807151e5b5a7168524ec8f153e595f561cff6c7e52e338091244d9d0e2345d22ad744464abfbd5a963bddac8f45763a17c216264bdec843e038f64da8e48743762b2a83181686cbb08b03e00d0c3e9533185311a9b42ffcdbb8ff3293d8ff379a78930408d088539e7b8d7f74308d7191dccc421184ccf42261adf58576e8b03bd109094fb222975c81598b48b693b7484748fe2a6d6a598df8325dec82f1f8fc2325fb642648d15d4a37aa2ba2ded6d9ef9313739c0c3d1f6e25334d8be0c8b27d614e521f5b2a1988bc6a0cca0c18b204541259b1032866d813d44df43ff7369ca9c4fb195e0330a14be7d18128e1ba04ee036390a933d7b70915143e0288782184034d719de0eff6ed0a4bedbb81da861ff0ae5cbe04377614ad84730fd45d542ad97f2663e4ffe1f72dc8d539c674f0084a09a47d854d94b7d5be0f09e2837fc2b766d3b5d95cf92acc352b6272749739894a0d286769f1dfdc71b5d2b3af500bd643155f92c60c6eaefa57b90232793aacee5bea157fefe2445fe1d1fa68f5811e89284bbdbd57d71e1a840de4462ed39adad2c08fcc30655451a84f75560729fe0af68ce8763d8325baa6902afc1f01d2383f3c913679b3a07196388a6c125f8de60f08223e665f54c6db0b457d428683030c95f878c52f372092df8ad523860e96770c6a9d2446afee0754da0b7ee915f42ce16f3ae90e723c0209893e75afa3e0b8fd1020132a51b4f8aa211e02a9e48ca7a595918dab5edf9bcf32ea7a32c21ad23855d1b69ab4ba27abfbb18483d239cdedc1b45e164979c49a49780e30bdf4faebdd209272f67b5fe702c588a3785ce1f271e3f7e39669bacb3b7a8ab695e3bb757ab631e233c107ab3383a517f1047796f0b714aa7cd14029e3da77c0856cabb580505d9c718ad51ce8bd7e1bccfc516b2cf6b3a47f03a2c7841071b1ebb0619d711acf1172608f3e838eaa18d3b339f368a0766f17feb9de2ba290240a"}, @NFTA_DATA_VERDICT={0x38, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}]}]}}, @reject={{0xb}, @void}, @flow_offload={{0x11}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}}]}, {0x2c, 0x1, 0x0, 0x1, [@xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x6}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x4}]}}]}]}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x3}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}]}, 0x42d8}, 0x1, 0x0, 0x0, 0x800}, 0x4000) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) 07:34:01 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x6c00000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:01 executing program 2: write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)=0x80000000, 0x12) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) [ 134.380827][ T6331] FAULT_INJECTION: forcing a failure. [ 134.380827][ T6331] name failslab, interval 1, probability 0, space 0, times 0 [ 134.393552][ T6331] CPU: 0 PID: 6331 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 134.401963][ T6331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 134.412047][ T6331] Call Trace: [ 134.415335][ T6331] [ 134.418271][ T6331] dump_stack_lvl+0xd6/0x122 [ 134.422901][ T6331] dump_stack+0x11/0x1b [ 134.427139][ T6331] should_fail+0x23c/0x250 [ 134.431575][ T6331] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 134.436907][ T6331] __should_failslab+0x81/0x90 [ 134.441710][ T6331] should_failslab+0x5/0x20 [ 134.446348][ T6331] kmem_cache_alloc+0x4f/0x320 [ 134.451141][ T6331] ext4_mb_new_blocks+0x328/0x1ee0 [ 134.456271][ T6331] ? ext4_get_branch+0x27d/0x2e0 [ 134.461277][ T6331] ? blk_account_io_merge_bio+0x1ae/0x1c0 [ 134.467013][ T6331] ext4_ind_map_blocks+0xb1c/0x1740 [ 134.472233][ T6331] ext4_map_blocks+0x6e3/0xf00 [ 134.477141][ T6331] ext4_iomap_begin+0x4b0/0x630 [ 134.482006][ T6331] ? ext4_alloc_da_blocks+0x100/0x100 [ 134.487396][ T6331] iomap_iter+0x395/0x4a0 [ 134.491828][ T6331] __iomap_dio_rw+0xb78/0x1070 [ 134.496613][ T6331] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 134.502635][ T6331] iomap_dio_rw+0x38/0x80 [ 134.507269][ T6331] ? ext4_file_write_iter+0x501/0x1200 [ 134.512743][ T6331] ext4_file_write_iter+0xac3/0x1200 [ 134.518044][ T6331] ? ext4_file_write_iter+0x501/0x1200 [ 134.523590][ T6331] do_iter_readv_writev+0x2de/0x380 [ 134.528807][ T6331] do_iter_write+0x192/0x5c0 [ 134.533478][ T6331] ? splice_from_pipe_next+0x34f/0x3b0 [ 134.538952][ T6331] ? kmalloc_array+0x2d/0x40 [ 134.543647][ T6331] vfs_iter_write+0x4c/0x70 [ 134.548233][ T6331] iter_file_splice_write+0x43a/0x790 [ 134.553626][ T6331] ? splice_from_pipe+0xd0/0xd0 [ 134.558568][ T6331] direct_splice_actor+0x80/0xa0 [ 134.563621][ T6331] splice_direct_to_actor+0x345/0x650 [ 134.569012][ T6331] ? do_splice_direct+0x190/0x190 [ 134.574235][ T6331] do_splice_direct+0x106/0x190 [ 134.579117][ T6331] do_sendfile+0x675/0xc40 [ 134.583547][ T6331] __x64_sys_sendfile64+0x102/0x140 [ 134.588757][ T6331] do_syscall_64+0x44/0xa0 [ 134.593309][ T6331] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 134.599251][ T6331] RIP: 0033:0x7f7c25405ae9 [ 134.603685][ T6331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 134.623315][ T6331] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 134.631758][ T6331] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 134.639756][ T6331] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 134.647807][ T6331] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 134.655850][ T6331] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 134.663930][ T6331] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 134.671916][ T6331] 07:34:01 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x7400000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:01 executing program 2: getsockname$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000040)=0x1c) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) 07:34:01 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x7a00000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:01 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000001c) 07:34:01 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x7f08000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:01 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000110) 07:34:01 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(0xffffffffffffffff) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) r4 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r5, 0xee00) mount$9p_fd(0x0, &(0x7f0000000740)='./file0/file0\x00', &(0x7f0000000780), 0x180001, &(0x7f00000007c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_fscache}, {@cache_fscache}, {@privport}, {@noextend}, {@afid={'afid', 0x3d, 0x2}}, {@access_client}, {@cache_none}, {@afid={'afid', 0x3d, 0x400}}, {@cache_none}, {@mmap}], [{@uid_lt={'uid<', r5}}, {@subj_role={'subj_role', 0x3d, '\x00\xc2\xea\x99\xbb\x1c\xdfjw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00'}}, {@fowner_lt={'fowner<', r1}}, {@appraise}, {@obj_user={'obj_user', 0x3d, '!\xb1#'}}, {@obj_type={'obj_type', 0x3d, 'fd\x00'}}, {@fowner_lt={'fowner<', r1}}, {@measure}, {@defcontext={'defcontext', 0x3d, 'root'}}, {@appraise}]}}) fchdir(r2) r6 = memfd_create(&(0x7f0000000300)='\x00\xc2\xea\x99\xbb\x1c\xdfjw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00'/204, 0x0) write(r6, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) r7 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r7) ioctl$TIOCL_SETVESABLANK(r7, 0x541c, &(0x7f0000000480)) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r6, 0x0) io_submit(0x0, 0x7, &(0x7f0000000700)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x8, 0x3, 0xffffffffffffffff, &(0x7f0000000040)="0af34c4bad4dd6be7b5b7fe09f0663cc2e1898908f526f132ee2ca53572620f35c94362af792638b7f998d52cd8c8c0b81b864062810f4e8f8bc37eb557fad04a0b6c315c7519587feaeb969967d280bf7926393230ebf09b7e99576a18ec6d2dfdfb76e547f38452d6e8bd366c693eb8c85d37f0284ce1f8bf6aa989a95886562a9bd1b0d276f6760922d258bb6efdab554300489657428db0d1a315ea34527d6d2874568cf3f355286315ec0b84a47cecf659b7089bf47fdf2f5b7edad8d9409a7722054dbf6b196e504d8160c7e4a4a71203673931fe0c365bde130f1c6ecfb3a7aac8c5a1cd5c472cc943047a8c56fc823d41bea6646a8c559ef4e", 0xfd, 0x1, 0x0, 0x2}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2, 0x3, 0xffffffffffffffff, &(0x7f0000000180)='j', 0x1, 0x61b, 0x0, 0x1}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, &(0x7f00000002c0)="1039d0c35edd40a2e6c098ee53f1d85b7a3c0e342ca1c9b9c7b4fde18d24758bdfc2383b0ed11b62284137d181781c454a17abd44066dcee741282a4ec2e15d5331192dd02b1376e784a2f8d93ee1f222fa2c1e126e5c4f235255c56075bccaf86f40287742f6d7aed4023cfab504ccbcaecb97ab9754b9453cba3b7e13255e698e4b16ca9b1c8928acaa76f", 0x8c, 0x4, 0x0, 0x4}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0xff, r0, &(0x7f0000000240)="0d211f7d2265a79b81301bbd3340ab32293c833a2bd54cfeeaa819fca5d09a676d50922d4444996056bb6308e91e28", 0x2f, 0xb98}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x2, 0x1, 0xffffffffffffffff, &(0x7f00000003c0)="d6c51014edc7cb212746c9d81165f529f865a551435a10988685f96f924a0ff7becb20caf44904bd5a2b8418d9c8ad60b03d44ffeaa1f5a97cf18f9898482f9fcde185dcb8c82d5a9893c4a610585aa3", 0x50, 0x8000, 0x0, 0x1, r2}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x7f, r6, &(0x7f00000004c0)="2c4c3278ceb5fb500ac0800fc96de720f6643f1b99e874c1f18231d363ac8e0d85748a76d91402054a0b86ab32c602f1c3b666c03489d5e4832cb156b9844c735d32d30d096d783f99bdd9bec6ebf3b07fecad7027504a6041e15c0b0170e03017d715493b77348acb14aa508192395efd71758c242e496e07f69145ff711cb1c25c7e514e8d798574310278286fed116d853d85f985b07420284c7c4b7bcf2f97430426907851d4496833db800fb97516899d63bb02e233c7d92e417cced67e9e190b5903dc1b92", 0xc8, 0xac, 0x0, 0x3, r2}, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x5, 0x5, r0, &(0x7f0000000600)="24b2d6c09f88f41e8382d64b0d1dcf3ac3ccabdfd39f54bb050d56028d59dff341360b709ee97e844e34144f0d5847c4702ef8f6e9ced4562149651c32ab17210ac84f9817f9623439a164d8df5091f8483b5775e59a588cddb8d6a4767206eb2fcd54ceb744710146c09da94d8db6913dbd02565e8174cea589543bdba51ec1fac5852523a6463fd90733bf02bf461b242ebecce6c8b19b09d60af97dec", 0x9e, 0x7, 0x0, 0x2, r2}]) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x10843, 0x9c) 07:34:01 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x10002, 0x0) mount(&(0x7f00000000c0)=@sg0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='hpfs\x00', 0x20000, &(0x7f0000000180)='pipefs\x00') [ 134.909107][ T23] audit: type=1400 audit(1636443241.611:174): avc: denied { watch watch_reads } for pid=6351 comm="syz-executor.2" path="/proc/6351/fd/3" dev="proc" ino=19359 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lnk_file permissive=1 07:34:01 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 37) 07:34:01 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x8008000000000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:01 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount(&(0x7f0000000000)=@sr0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='aio\x00', 0x20001, 0x0) mount(&(0x7f00000000c0)=@md0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='vfat\x00', 0x200000, &(0x7f0000000180)='/dev/sr0\x00') 07:34:01 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000180) 07:34:01 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000001d) 07:34:01 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x8cffffff00000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:01 executing program 2: mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0xd1ca0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r1, 0xee00) syz_mount_image$ext4(&(0x7f0000000580)='ext3\x00', &(0x7f0000000140)='./file0/file0\x00', 0xef, 0x4, &(0x7f0000000440)=[{&(0x7f0000000180)="26e8d4ff4b27b0867c29443d50a46dc1cc86c831d463eedb1cb3ea23c49b301217cc838ac244f5fbbb1754ade90201c980d2f78684fcb31f68668bca5f3aad7e640d29456e4160ef0918cc1b01e37bc343462d166d33ac31b3b2f855968f00e963cc499e5422c94cb1db16583b7d9a86d69b5bf1089afc7b72", 0x79, 0x9}, {&(0x7f0000000200)="b1f9b3c54f8c5ed03a58df6ee5fd303411acbbec06a291de6354416f9164dc95349d30c735b46b933d5528a7c69869b401d322e86ed31f858a41373bcea37c0fcd72e2718c9212175c98be68c5ad591f8ab6d9915cf250fa6c101df866b6e6bcc9618ca15507f295a03ed2a94fe59a7d76dd733d40be975dd65d69be3d0c09d1b6a3463d073e85425383c83008ee99dcfb1ebb58407cdb89d4d5fa6c57bb9c09b8cfb4e63b4966589f9eed97661fe3d7a9162c73ed2899", 0xb7, 0x1}, {&(0x7f00000002c0)="007409c027a7f52567437f87b027aa691922036815ce6d8fc41ad5481625c1637cef0fc063ded5f54e19f76d480018986c5aca79b522d24db13d39b789550208205ae3ce0fbcbe7458c7ca4731daab5ff117a45b", 0x54, 0x4}, {&(0x7f0000000340)="cae848e6a89e14e0de5085232fb0ae3db91220c9acc129e2ede9e3f98144f8467cde2910a0f61cefc24bbfba6b8cf6da06a0e142aa4305e88dbad3139f439c377dc36bd7948468cb01c8528cf712dc8b80fe358f4aa24966d704c703caacdce6c22a93723f2acdf1ceb2b7584b539d5c90325ba753dfc6b0877e5ae9b868c1ce43ab28eb634836549978b477c0578ba9a160b14c52ce520b1352207ea518c6757a3775db42f9fe4e9ba1b3c77a5f95b0c6e582fdf438a9fd363a057ac99c66935604d70f7e696449b4ef", 0xca, 0x10000}], 0x1050a4, &(0x7f00000004c0)={[{@usrquota}, {@user_xattr}, {@block_validity}, {@dax}, {@nodiscard}, {@init_itable_val={'init_itable', 0x3d, 0x100000004}}, {@oldalloc}], [{@fsname}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@euid_lt={'euid<', r1}}]}) chdir(&(0x7f00000000c0)='./file0\x00') 07:34:02 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xf6ffffff00000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 135.299556][ T6377] loop2: detected capacity change from 0 to 256 07:34:02 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xfeffffff00000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:02 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000000)={0x0, 0x0}) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000080)={0x0, r2}) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) 07:34:02 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000281) 07:34:02 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xffffff7f00000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 135.530583][ T6394] FAULT_INJECTION: forcing a failure. [ 135.530583][ T6394] name failslab, interval 1, probability 0, space 0, times 0 [ 135.543331][ T6394] CPU: 1 PID: 6394 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 135.551663][ T6394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 135.561948][ T6394] Call Trace: [ 135.565333][ T6394] [ 135.568252][ T6394] dump_stack_lvl+0xd6/0x122 [ 135.572826][ T6394] dump_stack+0x11/0x1b [ 135.576965][ T6394] should_fail+0x23c/0x250 [ 135.581367][ T6394] ? mempool_alloc_slab+0x16/0x20 [ 135.586408][ T6394] __should_failslab+0x81/0x90 [ 135.591224][ T6394] should_failslab+0x5/0x20 [ 135.595715][ T6394] kmem_cache_alloc+0x4f/0x320 [ 135.600573][ T6394] mempool_alloc_slab+0x16/0x20 [ 135.605507][ T6394] ? mempool_free+0x130/0x130 [ 135.610205][ T6394] mempool_alloc+0x9d/0x310 [ 135.614770][ T6394] ? preempt_count_add+0x4e/0x90 [ 135.619822][ T6394] bio_alloc_bioset+0xcc/0x560 [ 135.624665][ T6394] iomap_dio_bio_iter+0x5ed/0xc70 [ 135.629708][ T6394] ? ext4_alloc_da_blocks+0x100/0x100 [ 135.635224][ T6394] __iomap_dio_rw+0x8b5/0x1070 [ 135.639979][ T6394] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 135.645788][ T6394] iomap_dio_rw+0x38/0x80 [ 135.650127][ T6394] ? ext4_file_write_iter+0x501/0x1200 [ 135.655597][ T6394] ext4_file_write_iter+0xac3/0x1200 [ 135.660976][ T6394] ? ext4_file_write_iter+0x501/0x1200 [ 135.666420][ T6394] do_iter_readv_writev+0x2de/0x380 [ 135.671669][ T6394] do_iter_write+0x192/0x5c0 [ 135.676240][ T6394] ? splice_from_pipe_next+0x34f/0x3b0 [ 135.681697][ T6394] ? kmalloc_array+0x2d/0x40 [ 135.686315][ T6394] vfs_iter_write+0x4c/0x70 [ 135.690803][ T6394] iter_file_splice_write+0x43a/0x790 [ 135.696295][ T6394] ? splice_from_pipe+0xd0/0xd0 [ 135.701128][ T6394] direct_splice_actor+0x80/0xa0 [ 135.706099][ T6394] splice_direct_to_actor+0x345/0x650 [ 135.711487][ T6394] ? do_splice_direct+0x190/0x190 [ 135.716632][ T6394] do_splice_direct+0x106/0x190 [ 135.721468][ T6394] do_sendfile+0x675/0xc40 [ 135.725871][ T6394] __x64_sys_sendfile64+0x102/0x140 [ 135.731169][ T6394] do_syscall_64+0x44/0xa0 [ 135.735577][ T6394] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 135.741606][ T6394] RIP: 0033:0x7f7c25405ae9 [ 135.746019][ T6394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 135.765719][ T6394] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 135.774199][ T6394] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 135.782174][ T6394] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 135.790134][ T6394] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 135.798238][ T6394] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 135.806282][ T6394] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 135.814240][ T6394] 07:34:02 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 38) 07:34:02 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB='ile0\x00\x00\x00\x00'], &(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='dax\x00', 0x1000000, &(0x7f00000000c0)='\x00') 07:34:02 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) r1 = memfd_create(&(0x7f0000000300)='\x00\xc2\xea\x99\xbb\x1c\xdfjw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00'/204, 0x0) write(r1, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) write(r1, &(0x7f00000000c0)="d0af20de52461c28d6f8d6d6f117b5be82bfb58e377e7fcbb5c3332c4b9d6408052d44702cb31f4a4b4b3d4a45137cdc3f210974bf75de170bb5ac83bbb1f4855bff99670f0c5471a915e043ebef877f741f26b5fb59ce2b91c19dfd01b0f5c62bd6cf", 0x63) preadv(r0, &(0x7f00000017c0)=[{&(0x7f0000000180)=""/147, 0x93}, {&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)=""/187, 0xbb}, {&(0x7f0000001300)=""/144, 0x90}, {&(0x7f00000013c0)=""/239, 0xef}, {&(0x7f00000014c0)=""/198, 0xc6}, {&(0x7f0000000040)}, {&(0x7f00000015c0)=""/252, 0xfc}, {&(0x7f00000016c0)=""/234, 0xea}], 0x9, 0x9, 0x4) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f00000006c0)={0x101, [{r5, r6}, {r4, 0x0}, {r5, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r4}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r4}, {r4, r6}, {r5, 0x0}, {r4, r6}, {r4, r6}, {0x0}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r4}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {0x0, r6}, {r5, r6}, {r5, 0x0}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {0x0, r6}, {0x0, r6}, {r5, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r5, 0x0}, {r4, r6}, {r4, r6}, {r5, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r5}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, 0x0}, {r4, r6}, {r5, 0x0}, {r5, 0x0}, {r5, r6}, {r5, r6}, {r5, r8}, {r4}, {r4, r6}, {r4, r6}, {0x0, 0x0}, {r4, r6}, {r5, 0x0}, {0x0, r6}, {r4}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {0x0, r6}, {r5, 0x0}, {r4}, {r5, r6}, {0x0, r6}, {r4, r6}, {r5, r6}, {0x0, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, 0x0}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r7, r6}, {r4, r6}, {r4, 0x0}, {r5, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r5, 0x0}, {r4, r6}, {r5, 0x0}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {0x0, r8}, {r5, 0x0}, {r4, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r4, r6}, {r5, 0x0}, {r4, r6}, {r4}, {0x0, r6}, {}, {0x0, r6}, {r5, r6}, {0x0, r6}, {r5, r6}, {0x0, r6}, {r5}, {0x0, 0x0}, {r5, r6}, {0x0, 0x0}, {r4}, {0x0, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, 0x0}, {r5, 0x0}, {r4, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {0x0, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {0x0, r6}, {r5, 0x0}, {r5, r6}, {r5, 0x0}, {r5}, {r4, r6}, {r5, r6}, {r4, r6}, {0x0, r6}, {0x0, r6}, {r4, 0x0}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}, {r4, r6}, {r5, r6}, {r5, r6}, {r4, 0x0}, {0x0, r6}, {r5, r6}, {0x0, 0x0}, {r5, r6}, {r5, r6}, {r4, r6}, {r4, r6}], 0x4, "350491c0a44cc4"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000016c0)={0x8, [{r265, r101}, {r68, r199}, {}, {r229, r36}, {r263, r198}, {r142, r38}, {r156, r66}, {r167, r180}, {r11, r36}, {0x0, r105}, {r153, r155}, {r191, r67}, {r235, r226}, {r93, r249}, {r49, r132}, {r235, r94}, {r227, r38}, {r216, r291}, {r250, r287}, {r232, r132}, {r54, r67}, {r307, r117}, {r197, r255}, {r151, r211}, {r108, r138}, {r46, r102}, {r81, r231}, {r269, r31}, {r285, r98}, {r288, r253}, {r118, r88}, {r46, r41}, {r56}, {r265, r214}, {r133, r55}, {r201, r114}, {r179, r275}, {r232, r143}, {r80}, {r113, r43}, {r312, r199}, {r197, r57}, {r115, r260}, {r175, r73}, {0x0, r253}, {r83, r199}, {r131, r43}, {r22, r311}, {r252, r69}, {r9, r91}, {r72, r271}, {r29}, {r278, r309}, {r21, r219}, {r74, r146}, {r103}, {r136, r268}, {r85}, {r89, r147}, {r37, r100}, {r121, r233}, {r95, r100}, {0x0, r222}, {r87, r244}, {r223, r143}, {r127, r224}, {r236, r230}, {r195, r237}, {r286, r213}, {r123, r43}, {r60, r205}, {r39, r213}, {0x0, r245}, {r29, r239}, {r59, r97}, {r22, r287}, {r246, r185}, {0x0, r205}, {r27}, {r290}, {r16, r104}, {r242, r20}, {r183, r173}, {0x0, r100}, {r283, r280}, {r72, r261}, {r80, r225}, {r281, r181}, {r118, r129}, {r154, r203}, {r151, r130}, {r42, r86}, {r220, r97}, {r262, r173}, {r70, r141}, {r300, r126}, {r241, r256}, {r81, r38}, {r270, r282}, {r25, r173}, {0x0, r190}, {r274}, {r174, r96}, {r241, r53}, {r223, r169}, {r154, r209}, {r269, r128}, {r116, r275}, {r285, r84}, {r145, r10}, {r278, r202}, {r250, r189}, {r158, r256}, {r137, r82}, {r310}, {r220, r256}, {r313, r209}, {r74, r147}, {r186, r206}, {r26, r177}, {r259, r86}, {r23}, {r60, r306}, {r24}, {r78, r76}, {r56, r28}, {r4, r140}, {r71, r237}, {0x0, r150}, {r137, r171}, {r193, r196}, {r5, r61}, {r165, r32}, {r208, r101}, {r272, r152}, {0x0, r200}, {r35, r277}, {r304, r148}, {r123, r282}, {r160, r105}, {r168}, {r12, r194}, {r23, r79}, {r295, r221}, {r154, r124}, {r258, r204}, {0x0, r214}, {r70, r214}, {r187, r237}, {r64, r267}, {r263}, {r115}, {r258, r152}, {r228, r92}, {r217, r296}, {r210, r303}, {r298, r31}, {r33, r90}, {r242}, {r302, r101}, {r165, r192}, {0x0, r109}, {r149, r120}, {r17, r185}, {r19}, {r21, r248}, {r170, r50}, {r44, r173}, {r276, r245}, {r254, r73}, {r254, r112}, {0x0, r245}, {r178, r264}, {r305, r106}, {r228, r299}, {r210, r219}, {r227, r55}, {r153, r189}, {r183, r129}, {0x0, r34}, {r52, r159}, {r265, r273}, {0x0, r196}, {r215}, {r68, r209}, {0x0, r206}, {r174}, {0x0, r166}, {r184}, {r4, r282}, {0x0, r301}, {r134, r163}, {r297}, {r172, r261}, {r174, r144}, {r286, r266}, {r178, r279}, {r195, r157}, {r137, r132}, {r78, r308}, {r178, r311}, {0x0, r294}, {r5, r30}, {r195, r163}, {r5, r138}, {r156, r75}, {r188, r284}, {r25}, {r174, r90}, {r238, r176}, {r40, r161}, {r99, r164}, {r110}, {r74, r14}, {r29, r293}, {r135, r45}, {r21, r234}, {r108, r69}, {r18, r166}, {r257, r65}, {r56, r69}, {r17, r251}, {0x0, r248}, {r212, r109}, {r77}, {r12, r104}, {r139, r45}, {0x0, r260}, {r99, r166}, {r201, r51}, {r22, r119}, {r40, r13}, {r297, r129}, {0x0, r243}, {r208, r48}, {r125, r124}, {r111, r112}, {0x0, r164}, {r269}, {r162, r260}, {r9, r67}, {r182, r122}, {r240, r107}, {0x0, r211}, {r18, r63}, {r121}, {r172, r6}, {r217, r207}, {0x0, r15}, {r170, r58}, {r47, r38}, {r95, r181}, {r62, r289}, {r247, r292}, {0x0, r218}], 0x81, "471d9770899442"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000055800)={0x81, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r314}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}], 0x1, "83bb35f663bef8"}) sendto(r2, &(0x7f0000001880)="3dce196c29deb333d7ccdd7a0005dc0de41a91922954664bb02176765ccdcfff7a47680739059d181e965a3e97e3d9ab6baf60fa6ac4f501aec0d8910a66b4b73a7af83d02d33ea4a1db461f24ab52116c53167711fa2cec088142c7fe7080a5a1e2c028f31a08e0b6064228dac447eb4e2918079e3f", 0x76, 0x4000, &(0x7f0000001900)=@generic={0x27, "fb851095f0b677e436c2e4a1cc7e79cbbc55aa3816851339394edce04e2fda749a10fd04377002b8c750e4ee786819e1f92da8ec37fa686d2965a8405dc7677f3d4fce440b2284ed89032083ac2e58d85e35bc87157ee5aaa65d0ddbb6aec496af2e77b155497766368b03053edff99c965df47bbae28172a583e4da640a"}, 0x80) ioctl$TIOCSBRK(r0, 0x5427) ioctl$TIOCSCTTY(r0, 0x540e, 0x6) prctl$PR_GET_FPEXC(0xb, &(0x7f0000000000)) r315 = openat$cgroup_ro(r0, &(0x7f0000000140)='cpuset.memory_pressure\x00', 0x275a, 0x0) fallocate(r315, 0x0, 0x0, 0x7fff) 07:34:02 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xffffffff00000000, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:02 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000001e) 07:34:02 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000300) [ 136.002852][ T6403] FAULT_INJECTION: forcing a failure. [ 136.002852][ T6403] name failslab, interval 1, probability 0, space 0, times 0 [ 136.015565][ T6403] CPU: 0 PID: 6403 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 136.023901][ T6403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 136.034283][ T6403] Call Trace: [ 136.037580][ T6403] [ 136.040510][ T6403] dump_stack_lvl+0xd6/0x122 [ 136.045108][ T6403] dump_stack+0x11/0x1b [ 136.049271][ T6403] should_fail+0x23c/0x250 [ 136.053809][ T6403] ? jbd2__journal_start+0xf7/0x3f0 [ 136.059124][ T6403] __should_failslab+0x81/0x90 [ 136.064000][ T6403] should_failslab+0x5/0x20 [ 136.068529][ T6403] kmem_cache_alloc+0x4f/0x320 [ 136.073321][ T6403] jbd2__journal_start+0xf7/0x3f0 [ 136.078356][ T6403] __ext4_journal_start_sb+0x159/0x310 [ 136.083828][ T6403] ext4_iomap_begin+0x408/0x630 [ 136.088797][ T6403] ? ext4_alloc_da_blocks+0x100/0x100 [ 136.094176][ T6403] iomap_iter+0x395/0x4a0 [ 136.098515][ T6403] __iomap_dio_rw+0xb78/0x1070 [ 136.103286][ T6403] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 136.109102][ T6403] iomap_dio_rw+0x38/0x80 [ 136.113557][ T6403] ? ext4_file_write_iter+0x501/0x1200 [ 136.119124][ T6403] ext4_file_write_iter+0xac3/0x1200 [ 136.124505][ T6403] ? ext4_file_write_iter+0x501/0x1200 [ 136.130050][ T6403] do_iter_readv_writev+0x2de/0x380 [ 136.135294][ T6403] do_iter_write+0x192/0x5c0 [ 136.139885][ T6403] ? splice_from_pipe_next+0x34f/0x3b0 [ 136.145350][ T6403] ? kmalloc_array+0x2d/0x40 07:34:02 executing program 2: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x5, 0x0, 0x6, 0x0, 0x0, 0x2001, 0xd3710, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x3, 0x0, 0x0, 0x400001}, 0x0, 0xd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) write$P9_RGETATTR(0xffffffffffffffff, &(0x7f0000000200)={0xa0}, 0xa0) fadvise64(0xffffffffffffffff, 0x0, 0x6, 0x0) perf_event_open(&(0x7f0000005180)={0x24a2f243f0833792, 0x80, 0x58, 0x4, 0x0, 0x3, 0x0, 0x7, 0x10800, 0xb, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x2, 0x3ff}, 0x8, 0x9e, 0x0, 0x0, 0x0, 0xff, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0xa) openat$null(0xffffffffffffff9c, 0x0, 0x4000, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r1, 0x2285, &(0x7f00000029c0)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) readv(r2, &(0x7f0000001900)=[{&(0x7f0000000080)=""/54, 0x36}, {&(0x7f0000000400)=""/111, 0x6f}, {&(0x7f0000000480)=""/82, 0x52}, {&(0x7f0000000500)=""/71, 0x47}, {&(0x7f0000000580)=""/107, 0x6b}, {&(0x7f0000000600)=""/240, 0xfffffd74}, {&(0x7f0000000700)=""/4096, 0x1002}, {&(0x7f00000001c0)=""/63, 0x3f}, {&(0x7f0000001700)=""/236, 0xec}, {&(0x7f0000001800)=""/254, 0xfe}], 0xa) r3 = memfd_create(&(0x7f0000000300)='\x00\xc2\xea\x99\xbb\x1c\xdfjw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00'/204, 0x0) write(r3, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x300000a, 0x30, 0xffffffffffffffff, 0x302ab000) mkdir(&(0x7f0000000000)='./file0\x00', 0x4) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r4, 0x4008240b, &(0x7f00000002c0)={0x2, 0x80, 0x34, 0x40, 0x7, 0x0, 0x0, 0xfffffffffffffff9, 0x100, 0xa, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000140), 0x5}, 0x19208, 0xc9, 0x8000, 0x3, 0x0, 0x9, 0x7, 0x0, 0xbe, 0x0, 0x743f}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000001a40)={0x0, 0x0}) perf_event_open(&(0x7f00000019c0)={0x0, 0x80, 0xc0, 0xfb, 0xa5, 0x1f, 0x0, 0xffffffff, 0x40, 0x8, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0xdb9, 0x6, @perf_config_ext={0x5, 0xffff}, 0x40, 0x7ff, 0x3f, 0x6, 0x1, 0x1ff, 0x7ff, 0x0, 0x3b5, 0x0, 0x1e}, r5, 0x5, 0xffffffffffffffff, 0x9) 07:34:02 executing program 3: recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000e00)=[{{&(0x7f0000000200), 0x6e, &(0x7f0000000740)=[{&(0x7f0000001040)=""/234, 0xea}, {&(0x7f0000002000)=""/4096, 0x1000}, {&(0x7f0000000000)=""/47, 0x2f}, {&(0x7f0000000440)=""/153, 0x99}, {&(0x7f0000000500)=""/201, 0xc9}, {&(0x7f0000000080)=""/21, 0x15}, {&(0x7f0000000600)=""/157, 0x9d}, {&(0x7f00000003c0)=""/36, 0x24}, {&(0x7f0000003000)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/65, 0x41}], 0xa, &(0x7f0000000340)=ANY=[@ANYBLOB="2c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRESDEC, @ANYRES32, @ANYRES32, @ANYRES32=0xffffffffffffffff, @ANYRES32, @ANYBLOB="0000000094e861f8fe2d002e021803195ade3d2a9244baa6e0731dfe2a19090d84476535868ca4a19e0218ba38cd00000000000000"], 0x30}}, {{&(0x7f0000000840), 0x6e, &(0x7f0000000c80)=[{&(0x7f00000008c0)=""/87, 0x57}, {&(0x7f0000004000)=""/4096, 0x1000}, {&(0x7f0000000940)=""/243, 0xf3}, {&(0x7f0000000140)}, {&(0x7f0000000a80)=""/209, 0xd1}, {&(0x7f0000000b80)=""/239, 0xef}], 0x6, &(0x7f0000000d00)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0xe0}}], 0x2, 0x0, &(0x7f0000000e80)) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xfb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0) r1 = memfd_create(&(0x7f0000001fc1)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\b\xedcJ\x8e\x84\xd4N\x12\x9b\x1f\t\xbd\x11+\x86T\x16\xa3\xb3\xae0\x9f9?\xefo\xa4k\x012>\xa1\x9c\x86x\x1c\x9f\x84\x195\xde\x97_\t~\xf3Y\x12\"p^\xc1\x0f', 0x0) fallocate(r1, 0x0, 0x2000427, 0x40) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) write(r2, &(0x7f0000000280)="578ab8c807f6f6a1a6a35e41b66c554667c461fc12ddc0311395808a6a64d82d09c8ce70809ca72883b20cf256fc0d6275dd804048fec9626b07235856ad2feed25cf8e1f9c13c0d7ed7d4324dce004721e4be9d07ea5b7d2565dac973759151317d8127acc3e749294b397d37962bf572c54c3ff954c75eb0f5b602c5191d32f3b8fdee8a5886cd28bfc64743c71468a73c9cad08037a74ea4604e746b8bd5f16a153acf958d900e1203490a1670c", 0x99) sendfile(r1, r1, &(0x7f0000001000), 0xfec) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x12, r1, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt(r3, 0x0, 0x40, &(0x7f0000000040), 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000800), 0x0, 0x0) fallocate(r4, 0x0, 0x0, 0x7fff) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000180)=@hopopts={0xf3, 0xe, '\x00', [@padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @ra={0x5, 0x2, 0x4ad}, @generic={0x8, 0x64, "6d901f675e68966be928107b7bbc6d9de911bf18277856c532e53e5d98486add7e8ee7a0b796d2ea9444139fe14102bbf1be07f1a3e2d95c02d1a8f4071539c80fad4c4fc819747b47e1361b436ddbcce807fc69bcdad6c93402c9a93630c06c177113a7"}]}, 0x80) 07:34:02 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 136.150015][ T6403] vfs_iter_write+0x4c/0x70 [ 136.154530][ T6403] iter_file_splice_write+0x43a/0x790 [ 136.159913][ T6403] ? splice_from_pipe+0xd0/0xd0 [ 136.164802][ T6403] direct_splice_actor+0x80/0xa0 [ 136.169766][ T6403] splice_direct_to_actor+0x345/0x650 [ 136.175198][ T6403] ? do_splice_direct+0x190/0x190 [ 136.180360][ T6403] do_splice_direct+0x106/0x190 [ 136.185265][ T6403] do_sendfile+0x675/0xc40 [ 136.189768][ T6403] __x64_sys_sendfile64+0x102/0x140 [ 136.194975][ T6403] do_syscall_64+0x44/0xa0 [ 136.198105][ C1] sd 0:0:1:0: tag#3641 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 136.199481][ T6403] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 136.209341][ C1] sd 0:0:1:0: tag#3641 CDB: opcode=0xe5 (vendor) [ 136.215183][ T6403] RIP: 0033:0x7f7c25405ae9 [ 136.221526][ C1] sd 0:0:1:0: tag#3641 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 136.225892][ T6403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 136.234974][ C1] sd 0:0:1:0: tag#3641 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 136.254776][ T6403] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 136.254798][ T6403] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 136.254810][ T6403] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 136.263830][ C1] sd 0:0:1:0: tag#3641 CDB[20]: ba [ 136.272294][ T6403] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 136.272307][ T6403] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 136.309584][ T6403] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 136.317563][ T6403] [ 136.325130][ T23] audit: type=1400 audit(1636443243.021:175): avc: denied { execute } for pid=6411 comm="syz-executor.3" path=2F6D656D66643A202864656C6574656429 dev="tmpfs" ino=32 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 07:34:03 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000408) 07:34:03 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000038) 07:34:03 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x3, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 136.350000][ T23] audit: type=1400 audit(1636443243.021:176): avc: denied { setopt } for pid=6411 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 07:34:03 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 39) 07:34:03 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xd, 0x110, r0, 0xe0b11000) 07:34:03 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x4, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:03 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x6c) mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) 07:34:03 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') r3 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r3) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), r2) sendmsg$IPVS_CMD_DEL_DEST(r3, &(0x7f0000000600)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1008000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="38800000", @ANYRES16=r4, @ANYBLOB="02012abd7000fcdbdf25070000002400028005000d0000000000080005000700000008000300030000000800090009000000"], 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x40081) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000640)={0xcb9, 0x2, 0x3, 0x4, 0xf, "a097fd27a03a92a5a26ec43f5c6b1dc40d6ad8"}) fchdir(r2) ioctl$KDFONTOP_SET(r2, 0x4b72, &(0x7f0000000080)={0x0, 0x1, 0xd, 0x14, 0x136, &(0x7f0000000180)="a2ed489ebb1d985206c3609e5da29bf7b2ee319488e2ff44d84afc8d6501f10437fcf18db7ad247776a279851fb9891bd9be7a3023d3c68f1e922f4688b2a3f8b9d0a4af2bd0c244e733eedb47322898b55fa80effc596e29c635b3674d3c5207badb6dbf28da539bcd80ccd61b750d086e2830f436c80d57c0fcb39c550f26725c13db82d6bfaa88fb23fcdab5d3ace5deb020bb87ac340e8837f7cc2f41efe445a3631e07c15dc825a6860cdc160b2c32ad4aa571ec0233fd05d27f1950669789f85bdd5ccb431c8b6095eb1703704ef0126080dd3af8e26615865b5f6d15cf3ca1ca37abdec876fa5ebfc4621ce7c8698601b4ba202e37171dfabfb87ec600832a311e9abbd2126971c34b3534d6cae746930cacf2be3a24b88b8921d35cd4ff742ed5cbb4a1c898ba3ace86d8da3f06f7808c75623cb35ed691ad7162fefa2b2dcacb0e1065af1e91d68ee594b22b9207c18f0d1c3c4eb7a78f8c62d6a6435ddf39fa40b318a429dd3d11015e13e2e850ceb79d94185fac45b1a21b12accfc51a23cc256bc225915a0abb2c7b597672e6780ce3ab1353bbca80ba99c429b0a594081ed34a7a849463d524c859108596221210b7a061cf23c64a36c8db19ff1c26a04323330680d0eaec83b904712be732bb22fa550de6e14f2b3fd396ab4d9b60da8ed2ed82f4c9208e4a2efb2b7b457625273398018bfd7a0471cb8618e49ea50113d623fbc5282c4288d0f1b2404dcadf4d3c7a728d056e72dc912b1024265e99e585f156bd4485affe7a98fb6cec2c4026b33466b7150fe74b015579e18c5a2404f3385b9a04432a308750c48ac3e83a03b407f26a964e6d0cb69fbed0f02bf37368923ca884c18d59b62251c5366727b82a34f09d53f2a39d30119193a2012c4999d50b727734a7ad4aacc038b7782c51089e5dbb5885b295d55c06f670cde9251917e98692997ef3dd135f7fab2683f478317440ca57db12511a60cb60f3e13aeb1b4c2f4fe09c65bbc5d388275d2ad70b208ad78d94774192ef76cd3fb2c591e2a4ddf90ade29d103808c7a0dcc1c622b06fc0b2cb0ecad9c0eef611eb8942ce8816037327386e087c6a25b91e95a730fe867e8db0a9b6bd937893c3899a82c087f970dfd9b4999d0017a004696df67107ee3ccd2cae0ff5b8058281ea653fc057bbb5105c4c45967f92de3779e1ede25216f62a7ff02d2bf5d5147a4f4f6c4bf862a5bec698992419d6a96278328906626cc6151005abf3d02f74149553ce37ccbfd89579eb12a760a50a88b329da1abc6886a5918d2190039a6fb5672332a716e4d6c5d2f14a82a9777a8fe425ce6415566a13e1215e1da7366ad5ee520c4b790e59e1e0778dc7064fd492c3fab7edf037ae8750192b7785895a8924b194042dd562c31984f93ccfc55f9b3b7cfa93cf60899c39b98b3a53d312"}) mmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000, 0x2, 0x10, r0, 0xff540000) fcntl$F_GET_RW_HINT(r1, 0x40b, &(0x7f0000000040)) [ 136.491203][ T6431] FAULT_INJECTION: forcing a failure. [ 136.491203][ T6431] name failslab, interval 1, probability 0, space 0, times 0 [ 136.504008][ T6431] CPU: 0 PID: 6431 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 136.512335][ T6431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 136.522507][ T6431] Call Trace: [ 136.525778][ T6431] [ 136.528697][ T6431] dump_stack_lvl+0xd6/0x122 [ 136.533378][ T6431] dump_stack+0x11/0x1b [ 136.537635][ T6431] should_fail+0x23c/0x250 [ 136.542035][ T6431] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 136.547308][ T6431] __should_failslab+0x81/0x90 [ 136.552202][ T6431] should_failslab+0x5/0x20 [ 136.556773][ T6431] kmem_cache_alloc+0x4f/0x320 [ 136.563135][ T6431] ext4_mb_new_blocks+0x328/0x1ee0 [ 136.568487][ T6431] ? ext4_get_branch+0x27d/0x2e0 [ 136.573577][ T6431] ? blk_account_io_merge_bio+0x1ae/0x1c0 [ 136.579278][ T6431] ext4_ind_map_blocks+0xb1c/0x1740 [ 136.584458][ T6431] ext4_map_blocks+0x6e3/0xf00 [ 136.589203][ T6431] ext4_iomap_begin+0x4b0/0x630 [ 136.594037][ T6431] ? ext4_alloc_da_blocks+0x100/0x100 [ 136.599391][ T6431] iomap_iter+0x395/0x4a0 [ 136.603707][ T6431] __iomap_dio_rw+0xb78/0x1070 [ 136.608464][ T6431] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 136.614271][ T6431] iomap_dio_rw+0x38/0x80 [ 136.618595][ T6431] ? ext4_file_write_iter+0x501/0x1200 [ 136.624114][ T6431] ext4_file_write_iter+0xac3/0x1200 [ 136.629462][ T6431] ? ext4_file_write_iter+0x501/0x1200 [ 136.635003][ T6431] do_iter_readv_writev+0x2de/0x380 [ 136.640197][ T6431] do_iter_write+0x192/0x5c0 [ 136.644771][ T6431] ? splice_from_pipe_next+0x34f/0x3b0 [ 136.650217][ T6431] ? kmalloc_array+0x2d/0x40 [ 136.654788][ T6431] vfs_iter_write+0x4c/0x70 [ 136.659287][ T6431] iter_file_splice_write+0x43a/0x790 [ 136.664745][ T6431] ? splice_from_pipe+0xd0/0xd0 [ 136.669643][ T6431] direct_splice_actor+0x80/0xa0 [ 136.674628][ T6431] splice_direct_to_actor+0x345/0x650 [ 136.679984][ T6431] ? do_splice_direct+0x190/0x190 [ 136.685018][ T6431] do_splice_direct+0x106/0x190 [ 136.689882][ T6431] do_sendfile+0x675/0xc40 [ 136.694347][ T6431] __x64_sys_sendfile64+0x102/0x140 [ 136.699577][ T6431] do_syscall_64+0x44/0xa0 [ 136.703990][ T6431] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 136.709955][ T6431] RIP: 0033:0x7f7c25405ae9 [ 136.714366][ T6431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 136.733979][ T6431] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 136.742393][ T6431] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 136.750366][ T6431] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 136.758500][ T6431] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 136.766861][ T6431] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 136.774893][ T6431] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 136.782876][ T6431] 07:34:03 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x5, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:03 executing program 3: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.events\x00', 0x275a, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r2) fallocate(r1, 0x0, 0x0, 0x7fff) openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0) 07:34:03 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x144) 07:34:03 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 40) [ 136.862321][ T6441] FAULT_INJECTION: forcing a failure. [ 136.862321][ T6441] name failslab, interval 1, probability 0, space 0, times 0 [ 136.874983][ T6441] CPU: 0 PID: 6441 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 136.883336][ T6441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 136.893535][ T6441] Call Trace: [ 136.896862][ T6441] [ 136.899772][ T6441] dump_stack_lvl+0xd6/0x122 [ 136.904382][ T6441] dump_stack+0x11/0x1b [ 136.908522][ T6441] should_fail+0x23c/0x250 [ 136.913011][ T6441] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 136.918281][ T6441] __should_failslab+0x81/0x90 [ 136.923234][ T6441] should_failslab+0x5/0x20 [ 136.927796][ T6441] kmem_cache_alloc+0x4f/0x320 [ 136.932555][ T6441] ext4_mb_new_blocks+0x328/0x1ee0 [ 136.937763][ T6441] ? ext4_get_branch+0x27d/0x2e0 [ 136.942697][ T6441] ? blk_account_io_merge_bio+0x1ae/0x1c0 [ 136.949042][ T6441] ext4_ind_map_blocks+0xb1c/0x1740 [ 136.954230][ T6441] ext4_map_blocks+0x6e3/0xf00 [ 136.959007][ T6441] ext4_iomap_begin+0x4b0/0x630 [ 136.963839][ T6441] ? ext4_alloc_da_blocks+0x100/0x100 [ 136.969193][ T6441] iomap_iter+0x395/0x4a0 [ 136.973503][ T6441] __iomap_dio_rw+0xb78/0x1070 [ 136.978451][ T6441] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 136.984322][ T6441] iomap_dio_rw+0x38/0x80 [ 136.988631][ T6441] ? ext4_file_write_iter+0x501/0x1200 [ 136.994113][ T6441] ext4_file_write_iter+0xac3/0x1200 [ 136.999384][ T6441] ? ext4_file_write_iter+0x501/0x1200 [ 137.004830][ T6441] do_iter_readv_writev+0x2de/0x380 [ 137.010015][ T6441] do_iter_write+0x192/0x5c0 [ 137.014609][ T6441] ? splice_from_pipe_next+0x34f/0x3b0 [ 137.020086][ T6441] ? kmalloc_array+0x2d/0x40 [ 137.024688][ T6441] vfs_iter_write+0x4c/0x70 [ 137.029170][ T6441] iter_file_splice_write+0x43a/0x790 [ 137.034576][ T6441] ? splice_from_pipe+0xd0/0xd0 [ 137.039407][ T6441] direct_splice_actor+0x80/0xa0 [ 137.044366][ T6441] splice_direct_to_actor+0x345/0x650 [ 137.049735][ T6441] ? do_splice_direct+0x190/0x190 [ 137.054739][ T6441] do_splice_direct+0x106/0x190 [ 137.059672][ T6441] do_sendfile+0x675/0xc40 [ 137.064082][ T6441] __x64_sys_sendfile64+0x102/0x140 [ 137.069323][ T6441] do_syscall_64+0x44/0xa0 [ 137.073853][ T6441] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 137.079765][ T6441] RIP: 0033:0x7f7c25405ae9 [ 137.084199][ T6441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 137.103907][ T6441] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 137.112300][ T6441] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 137.120295][ T6441] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 137.128321][ T6441] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 137.136436][ T6441] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 137.144393][ T6441] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 137.152416][ T6441] 07:34:03 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000500) 07:34:03 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000039) 07:34:03 executing program 2: mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount(&(0x7f0000000000)=@sr0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='rpc_pipefs\x00', 0x812004, &(0x7f00000000c0)='*$\')\x00') 07:34:03 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x6, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:03 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.events\x00', 0x275a, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x20202, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000080)={0x0, r1, 0x6, 0x3, 0x2, 0x80}) fallocate(r0, 0x0, 0x0, 0x7fff) 07:34:03 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 41) [ 137.284877][ T6456] FAULT_INJECTION: forcing a failure. [ 137.284877][ T6456] name failslab, interval 1, probability 0, space 0, times 0 [ 137.297540][ T6456] CPU: 0 PID: 6456 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 137.305974][ T6456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 137.316375][ T6456] Call Trace: [ 137.319653][ T6456] [ 137.322599][ T6456] dump_stack_lvl+0xd6/0x122 [ 137.327196][ T6456] dump_stack+0x11/0x1b [ 137.331387][ T6456] should_fail+0x23c/0x250 [ 137.335899][ T6456] ? jbd2__journal_start+0xf7/0x3f0 [ 137.341111][ T6456] __should_failslab+0x81/0x90 [ 137.345975][ T6456] should_failslab+0x5/0x20 [ 137.350591][ T6456] kmem_cache_alloc+0x4f/0x320 [ 137.355407][ T6456] jbd2__journal_start+0xf7/0x3f0 [ 137.360453][ T6456] __ext4_journal_start_sb+0x159/0x310 [ 137.366028][ T6456] ext4_iomap_begin+0x408/0x630 [ 137.370892][ T6456] ? ext4_alloc_da_blocks+0x100/0x100 [ 137.376345][ T6456] iomap_iter+0x395/0x4a0 07:34:04 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0xc7abed4779ce841e) 07:34:04 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x7, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:04 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) r2 = openat$cgroup_ro(r1, &(0x7f0000000000)='cpuacct.usage_sys\x00', 0x0, 0x0) r3 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x80000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000700100000f000000000000000000000004000000000002000020000020000000d1f4655fd1f4655f0100ffff53ef010001000000d1f4655f000000000000000001000000000000000b0000000004000008000000d2c201001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000d0a9da48497c4915a7449265c083aec0010040", 0x1f, 0x4e0}, {&(0x7f0000010300)="03", 0x1, 0x640}, {&(0x7f0000010400)="03000000040000000500000017000f000300040000000000000000000f008551", 0x20, 0x800}, {&(0x7f0000010e00)="ed41000000040000d1f4655fd1f4655fd1f4655f000000000000040020", 0x1d, 0x1800}, {&(0x7f0000011000)="8081000000180000d1f4655fd1f4655fd1f4655f00000000000001002000000010000800000000000af302000400000000000000000000000200000050000000020000000400000052", 0x49, 0x1c00}, {&(0x7f0000012700)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x14000}, {0x0}], 0x0, &(0x7f0000013800)=ANY=[]) r4 = perf_event_open(&(0x7f0000001900)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xc150d4e}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000001f80)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r5, 0x50009418, &(0x7f0000000440)={{r4}, 0x0, 0x4, @unused=[0x1fbfffffd, 0x71, 0x8, 0x8000], @devid=r6}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000300)={{}, 0x0, 0xc, @unused=[0x1, 0x0, 0x1, 0x7], @devid=r6}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000240)={0x8, 0x1, {0x80, @usage=0x2, 0x0, 0x9, 0x36dd, 0x0, 0x0, 0x1, 0x500, @usage=0x2, 0x0, 0x3, [0x3, 0x8, 0x8, 0x2, 0x9, 0x6]}, {0x1f, @usage=0xfff, r6, 0x9, 0xc48, 0x2, 0x8, 0x10001, 0x20, @usage=0x9, 0xa7, 0x0, [0x4ce3, 0x4, 0x80000000, 0x3, 0x0, 0x3fe000000]}, {0x0, @struct={0x4, 0x7}, 0x0, 0x6fe3, 0x6, 0x7f, 0x6, 0x5, 0x40, @usage=0x8, 0x6350, 0x1, [0xffffffff, 0x3, 0x1ff, 0x3ff, 0x101, 0xd781]}, {0x1ff, 0x7, 0x8}}) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000180)={0x0, 0x1, 0x7f, 0x1}) ioctl$BTRFS_IOC_BALANCE_V2(r2, 0xc4009420, &(0x7f0000000580)={0x1a, 0x5, {0x1, @usage=0x5, r6, 0x9, 0x5, 0x0, 0x3, 0x4, 0xd2, @struct={0x6, 0x4}, 0x5, 0x2, [0x10000, 0x8, 0x1d2, 0x1, 0x100000001, 0x3]}, {0x7, @usage=0xaa4, 0x0, 0x9, 0xea, 0x7, 0xfff, 0x1ff, 0x34, @struct={0x5, 0x3f}, 0x20, 0x7, [0x1ff, 0x1, 0x6, 0x364, 0x8, 0x5de5]}, {0x3ff, @struct={0x8000, 0xd6}, r7, 0x4, 0x7, 0x180000000000, 0x10000, 0x7f48, 0x88, @struct={0xff, 0x2}, 0x1, 0x1a78, [0x0, 0x800, 0x149, 0x1, 0x3, 0x3]}, {0x7fffffff, 0x4, 0x2}}) [ 137.380785][ T6456] __iomap_dio_rw+0xb78/0x1070 [ 137.385556][ T6456] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 137.391397][ T6456] iomap_dio_rw+0x38/0x80 [ 137.395794][ T6456] ? ext4_file_write_iter+0x501/0x1200 [ 137.401331][ T6456] ext4_file_write_iter+0xac3/0x1200 [ 137.406722][ T6456] ? ext4_file_write_iter+0x501/0x1200 [ 137.412521][ T6456] do_iter_readv_writev+0x2de/0x380 [ 137.417770][ T6456] do_iter_write+0x192/0x5c0 [ 137.422379][ T6456] ? splice_from_pipe_next+0x34f/0x3b0 [ 137.427855][ T6456] ? kmalloc_array+0x2d/0x40 [ 137.432493][ T6456] vfs_iter_write+0x4c/0x70 [ 137.437042][ T6456] iter_file_splice_write+0x43a/0x790 [ 137.442453][ T6456] ? splice_from_pipe+0xd0/0xd0 [ 137.443201][ T6470] loop3: detected capacity change from 0 to 1024 [ 137.447358][ T6456] direct_splice_actor+0x80/0xa0 [ 137.447386][ T6456] splice_direct_to_actor+0x345/0x650 [ 137.464188][ T6456] ? do_splice_direct+0x190/0x190 [ 137.469251][ T6456] do_splice_direct+0x106/0x190 [ 137.474199][ T6456] do_sendfile+0x675/0xc40 [ 137.478699][ T6456] __x64_sys_sendfile64+0x102/0x140 07:34:04 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000600) 07:34:04 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_PMK(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x713, 0x0, 0x0, {{0x67}, {@val={0x4, 0xe}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0xe4, r1, 0x8, 0x70bd27, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xfffffff9, 0x72}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="66b295396596"}, @key_params=[@NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "5b02d93d55"}, @NL80211_ATTR_KEY={0x20, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, "3882a717d0"}, @NL80211_KEY_IDX={0x5, 0x2, 0x2}, @NL80211_KEY_IDX={0x5, 0x2, 0x3}]}, @NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_SEQ={0x10, 0xa, "1f1fa483c8d3c576808bc8c7"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x1c, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}], @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8001}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}], @key_params=[@NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x5}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x14, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_KEY={0x10, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, "ad22c52ee1"}]}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]]}, 0xe4}, 0x1, 0x0, 0x0, 0x4011}, 0x40002) mkdir(&(0x7f0000000280)='./file0\x00', 0x80) [ 137.484254][ T6456] do_syscall_64+0x44/0xa0 [ 137.488730][ T6456] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 137.494655][ T6456] RIP: 0033:0x7f7c25405ae9 [ 137.499122][ T6456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 137.518994][ T6456] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 137.527415][ T6456] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 137.535442][ T6456] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 137.543413][ T6456] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 137.551389][ T6456] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 137.552826][ C1] sd 0:0:1:0: tag#3613 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 137.559421][ T6456] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 137.559438][ T6456] 07:34:04 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000000)={0x9, 0x4}) fstat(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000040)='./file1\x00', 0xc60001a1) r4 = memfd_create(&(0x7f0000000300)='\x00\xc2\xea\x99\xbb\x1c\xdfjw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00'/204, 0x0) write(r4, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r4, 0x0) r5 = inotify_init1(0x0) inotify_add_watch(r5, &(0x7f0000000040)='./file1\x00', 0xc60001a1) r6 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) r7 = memfd_create(&(0x7f0000000300)='\x00\xc2\xea\x99\xbb\x1c\xdfjw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00'/204, 0x0) write(r7, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r7, 0x0) r8 = fcntl$getown(0xffffffffffffffff, 0x9) getresgid(&(0x7f00000013c0), &(0x7f0000001400), &(0x7f0000001440)=0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001500)=[{{&(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000003c0)=[{&(0x7f0000000040)="0d550b660d982cf8694c9ad2683b399df776a52871e00f8eb74ece853dd0c560a9d6280a447d0e8c8507097c4a8ebd77dda065a0231d9eea92", 0x39}, {&(0x7f00000001c0)="c696be4421c6284ac1b6b63c6cdbf55838211a5f72fdaa1102915b3edb66736c85d8c1b6784f752175c556d5b40140ff75695fb98363f1b98a01cd678e981ab3c12362cc1361070390c1ddcffc4a7bfe69b4c41c4cd5d3476fdf612788decdf801c106043ee17ca573e8e2d84bba82c1539ab997cd6fb9985e844377a303c1c60eacebafd3519a1f", 0x88}, {&(0x7f00000002c0)="6b434e9468f94b72802ef71af8abbd6a42a60de6e352a9e3b6a6a6f871c8767dd00f9d30d91b945c9d87d32d53713d39459f8c5c2caeb45afa8d98d10686cd630186726c1740d79405d68fc2c98da55b37ac4bf9cad7b7451f7194f0e73570ffda9851047f83d38f20261ec5e0bd73a7c9e2914a080688baabc040d38271affe5d41de9159fbc8b86b4532b7cd77128fd820fdd0409b80ca422b2cdfec789475d14d7bc97113dda8ed909816226809e3525497f5b57f35265cbb07c9b60bea2221871ecd86e73f376cafe21ff1", 0xcd}], 0x3, &(0x7f0000000440)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, r0, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff, r0, r0, r0, r0, 0xffffffffffffffff, r0]}}], 0x70, 0x4004}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000004c0)="7f2f739309ece5e4337f62ee394c166da67bdef46fa8d798ea7fc10f530cbeb53da387c952e60d562c12c5f518e6e82e38b534413605d13d27fd6d417f09fb27f5048ccd9cad0a847d1ba0b74075ed8b5463d7ff5e42a7f89df03d67cffa2ae30711a98fc1e1d7ef1d57f1e1080ea0da7e3594de495acee2af836582a0fa13c4c7861a62bd7ff03d7b015f9c942faaf0ce6d698c7b1d4994c83c8e8fdca5a3d83c1b0d25d07bc58ce33114e7266dfcbd6dac543a0ab31c58a94c435c1e5fa32b4a5a1761f1d078935cc809dcc315b875759852f52d99f77dbfd218", 0xdb}], 0x1, &(0x7f0000000680)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r2}}}, @rights={{0x20, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff, r0]}}], 0x40, 0x4}}, {{&(0x7f00000006c0)=@file={0x2e0cc917530e9915, './file0\x00'}, 0x6e, &(0x7f0000000940)=[{&(0x7f0000000740)="44586dfdaf21df40033bbb6d219b9aadcdd75c9eb3c594073a48d8877a52865718b1dd15aaf7334567aaca002235b964b50f9573bef3bbad5fe34acb647e007da9915b82aaa198", 0x47}, {&(0x7f00000007c0)="6c2169c71a0274e2cd49f4a46f41db0412383512a682481699eadca4d8ebb5f5f6d715098976272bd6c576fb4ef343290a5c5d21973e7af949035eb145f620852b91", 0x42}, {&(0x7f0000000840)="bb00c85aa02255d1e0899a158fd4cd1a6bfcdf33d26ac319860c9c684b0fb051d99e92820ed0cb87056c832ce8d8a6261fe3eb59be5c7809908d87de58d6f5f47913a09c441ae90df8629aaa9f5b1cf971cd389fd5f168b5d9a2b8efedbf02d7985f4a5773e8a8349fa6ea03beb121ee4483fdac0e6f56928db41ff79a4c2268f6a76aeecaae38e38600c3cccf51659027503150cfe10f6de281f09385e73759653d9c7a5c14d7044b364195172adb0cdbc628e0e162058f3e95fc121e27638de186db3ff4abddfc2377fbd984", 0xcd}], 0x3, &(0x7f0000000a80)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [r0, 0xffffffffffffffff, r0, 0xffffffffffffffff, r0, r0, r0]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee01, 0xee01}}}], 0x70, 0x84}}, {{0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000000b00)="61d29df0cbca245e47d5f21192469d43b18c1f76670fea44174672cce6a20e7c919ec167a85f69f5ba8940e852570208ae59c2886d85d3f6eb27b11147cc24427d377fbc6efb88580e8c28cf24ec406c5cf1a1884e28ed6e502c27e39b4bf52d1368150bc0a243fab0f2a75f6478b6b50cca022c3f898b4cd95f36c596328d87b79f7cfa4b74d2bfffa2dd7219fe336ef65f0e55bc7e4bbfdae51866d63f15cb1d942706854c59c41cbc63d158bdd4c1c6ebbea9817eb2d42c7d1d2b1b4700906aeb0cfc2c7ebff5a9e5eae7cbd444cb7b58328d91392d4bc96b79695328479c2e39", 0xe2}], 0x1, &(0x7f0000000f40)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r2}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r2}}}, @rights={{0x30, 0x1, 0x1, [r0, r0, r0, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x90, 0x40851}}, {{&(0x7f0000001000)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001100)=[{&(0x7f0000001080)="65a6456adf44be75ab9ba0f1f3fab51df1b527f6842bdc935dff28cd55fd01c771f4ca9ef1daf4c3de5795aef7b9759c5759f4313519fcfdbc557ff1219ba1038157538eb68b05e97c865c491e17529f6ef2c4de8e375db9049fe6fc", 0x5c}], 0x1, &(0x7f0000001140)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, r0, r0]}}], 0x28, 0xc0}}, {{&(0x7f0000001180)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000001380)=[{&(0x7f0000001200)="692b015ed5c062306a0d617f23e6453197124a5c213aa7d345883351a203a233637f6bde52b3cd092a3b6e62ca6aa8f75f469ffd97859dead32848f9133db0fe8e8c23ea46510a6d3c5374ce62b46fba7541e3f691fa769ba698d33e7a7f4e803769413123064f0f29c2b5c4bec7fae0fd87e376574cf77e2b63c8cb98f0054063cb8d4536e2", 0x86}, {&(0x7f00000012c0)="f02e6a18cf1083089f76d791cc02a967ce56df6a37694c4ffa708706331d15ccc489a1820efc8f4d30a75ba8c5ab6d2cb35ddab61206c11029ca23aa650e14a6953be7eeec3d289a2c86e6eae15dff702dff85d6b986d15b08f63e30990243a29fd36ee0776547c156", 0x69}, {&(0x7f0000001340)="58065b82129e508bd02d79", 0xb}], 0x3, &(0x7f0000001480)=[@rights={{0x20, 0x1, 0x1, [r0, r3, r4, r0]}}, @rights={{0x20, 0x1, 0x1, [r0, r5, r6, r0]}}, @rights={{0x20, 0x1, 0x1, [r7, r0, r0, r0]}}, @cred={{0x1c, 0x1, 0x2, {r8, r1, r9}}}], 0x80, 0x4001}}], 0x6, 0x4000844) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) 07:34:04 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x23) creat(&(0x7f0000000040)='./file0\x00', 0x0) [ 137.580347][ C1] sd 0:0:1:0: tag#3613 CDB: opcode=0xe5 (vendor) [ 137.586692][ C1] sd 0:0:1:0: tag#3613 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 137.595747][ C1] sd 0:0:1:0: tag#3613 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 137.604792][ C1] sd 0:0:1:0: tag#3613 CDB[20]: ba 07:34:04 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000003a) 07:34:04 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x8, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:04 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 42) [ 137.673484][ T6470] loop3: detected capacity change from 0 to 1024 [ 137.689763][ T6492] FAULT_INJECTION: forcing a failure. [ 137.689763][ T6492] name failslab, interval 1, probability 0, space 0, times 0 [ 137.702572][ T6492] CPU: 0 PID: 6492 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 137.711172][ T6492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 07:34:04 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x9, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:04 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) [ 137.721230][ T6492] Call Trace: [ 137.724507][ T6492] [ 137.727453][ T6492] dump_stack_lvl+0xd6/0x122 [ 137.732147][ T6492] dump_stack+0x11/0x1b [ 137.736284][ T6492] should_fail+0x23c/0x250 [ 137.740865][ T6492] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 137.746309][ T6492] __should_failslab+0x81/0x90 [ 137.751122][ T6492] should_failslab+0x5/0x20 [ 137.755670][ T6492] kmem_cache_alloc+0x4f/0x320 [ 137.760481][ T6492] ext4_mb_new_blocks+0x328/0x1ee0 [ 137.765620][ T6492] ? ext4_get_branch+0x27d/0x2e0 [ 137.770742][ T6492] ? blk_account_io_merge_bio+0x1ae/0x1c0 [ 137.776532][ T6492] ext4_ind_map_blocks+0xb1c/0x1740 [ 137.781722][ T6492] ext4_map_blocks+0x6e3/0xf00 [ 137.786763][ T6492] ext4_iomap_begin+0x4b0/0x630 [ 137.791882][ T6492] ? ext4_alloc_da_blocks+0x100/0x100 [ 137.797299][ T6492] iomap_iter+0x395/0x4a0 [ 137.801787][ T6492] __iomap_dio_rw+0xb78/0x1070 [ 137.806616][ T6492] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 137.812589][ T6492] iomap_dio_rw+0x38/0x80 [ 137.817338][ T6492] ? ext4_file_write_iter+0x501/0x1200 [ 137.822864][ T6492] ext4_file_write_iter+0xac3/0x1200 [ 137.828303][ T6492] ? ext4_file_write_iter+0x501/0x1200 [ 137.833837][ T6492] do_iter_readv_writev+0x2de/0x380 [ 137.839023][ T6492] do_iter_write+0x192/0x5c0 [ 137.843634][ T6492] ? splice_from_pipe_next+0x34f/0x3b0 [ 137.849115][ T6492] ? kmalloc_array+0x2d/0x40 [ 137.853756][ T6492] vfs_iter_write+0x4c/0x70 [ 137.858304][ T6492] iter_file_splice_write+0x43a/0x790 [ 137.863720][ T6492] ? splice_from_pipe+0xd0/0xd0 [ 137.868562][ T6492] direct_splice_actor+0x80/0xa0 [ 137.873591][ T6492] splice_direct_to_actor+0x345/0x650 [ 137.878949][ T6492] ? do_splice_direct+0x190/0x190 [ 137.883967][ T6492] do_splice_direct+0x106/0x190 [ 137.888833][ T6492] do_sendfile+0x675/0xc40 [ 137.893436][ T6492] __x64_sys_sendfile64+0x102/0x140 [ 137.898627][ T6492] do_syscall_64+0x44/0xa0 [ 137.903090][ T6492] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 137.908971][ T6492] RIP: 0033:0x7f7c25405ae9 [ 137.913369][ T6492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 137.933169][ T6492] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 137.941564][ T6492] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 137.949559][ T6492] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 137.957520][ T6492] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 137.965561][ T6492] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 07:34:04 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, &(0x7f0000000300)={{'\x00', 0x2}, {0x6}, 0x0, 0x0, 0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6b01131b28ef082cf11086f5f2c1c0edda57b24eae8f40dd3009effae5bff176fcbe674fe3a6b688aa5a5ed3843018ee5cc694e42750cc421b7c6628eea9c6530f98cc79a514", 0x46, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="02000000b0000000000000000c43000000a5257e6f49cf9e60574e8fb7544fea8f57cca43dbd3aeede292ecf8452b515a7ddf41ac1188a40d803415f4e2bf6b92c5f09aa9a25ae46bfb7420917138e12148b12f4600000000b7d9851583d638d1f0525e0247f34902f356908716ae3342362c141d618d90cc84fad6841f39e8a0e7a3ad4b693170cdc1cc96faf9ac44e45f63bea6d5425ad318d9816a4e06ec59ebd495da6c814785f36c95425ed234ebe446dc2f690edf3c5000000ef1b4c7488f4547a93f0c1cbb7025f541df4d2fad0a2a9dec2b5411021d07e910742807e72a553ac397b701824dde2acaa25e16e24e00e466ba500f6f17486a588b30dd1eef6a5111cb6b054364152142264f446a2f1ab72888ecb34d27dc4e4692ada25c3a40a59562748ef52d2c6a3aaa0e17a4a3095a53ffa52033f91d458efa40932893ad58b2dd7e7d52fa32ba3536e23e44f9b6055a0050fe072b85242f98d44dd595f8aca3929c72b451fe9183d6b156eff6006ba39b14f81b1d323040699c7245cf7746104795f9adcb05b55535ac49c9e576bfc4ee0e046cc72092ddac37a9fc541aede0a014eaf2b1e2d2f2419a93029d26ca7dc1d209132d2ff14de07921268958d161281a1f23c15e6000000000000000000"], 0x181}) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r2) ftruncate(r2, 0x0) [ 137.973604][ T6492] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 137.981561][ T6492] 07:34:04 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 43) 07:34:04 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xa, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 138.088012][ T6506] FAULT_INJECTION: forcing a failure. [ 138.088012][ T6506] name failslab, interval 1, probability 0, space 0, times 0 [ 138.100634][ T6506] CPU: 0 PID: 6506 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 138.108965][ T6506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 138.119019][ T6506] Call Trace: [ 138.122287][ T6506] [ 138.125208][ T6506] dump_stack_lvl+0xd6/0x122 [ 138.129820][ T6506] dump_stack+0x11/0x1b [ 138.133974][ T6506] should_fail+0x23c/0x250 [ 138.138436][ T6506] ? mempool_alloc_slab+0x16/0x20 [ 138.143501][ T6506] __should_failslab+0x81/0x90 [ 138.148358][ T6506] should_failslab+0x5/0x20 [ 138.152940][ T6506] kmem_cache_alloc+0x4f/0x320 [ 138.157831][ T6506] mempool_alloc_slab+0x16/0x20 [ 138.162702][ T6506] ? mempool_free+0x130/0x130 [ 138.167440][ T6506] mempool_alloc+0x9d/0x310 [ 138.171984][ T6506] ? preempt_count_add+0x4e/0x90 [ 138.177138][ T6506] ? _raw_read_unlock+0x13/0x30 [ 138.181980][ T6506] ? jbd2_transaction_committed+0xad/0xc0 07:34:04 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000700) 07:34:04 executing program 3: ftruncate(0xffffffffffffffff, 0x2) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) 07:34:04 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x9e) 07:34:04 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xb, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 138.187731][ T6506] bio_alloc_bioset+0xcc/0x560 [ 138.192485][ T6506] ? iov_iter_alignment+0x34b/0x370 [ 138.197694][ T6506] iomap_dio_bio_iter+0x5ed/0xc70 [ 138.202814][ T6506] ? ext4_alloc_da_blocks+0x100/0x100 [ 138.208193][ T6506] __iomap_dio_rw+0x8b5/0x1070 [ 138.213011][ T6506] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 138.218830][ T6506] iomap_dio_rw+0x38/0x80 [ 138.223163][ T6506] ? ext4_file_write_iter+0x501/0x1200 [ 138.228721][ T6506] ext4_file_write_iter+0xac3/0x1200 07:34:04 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000003b) 07:34:04 executing program 2: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000083) [ 138.234061][ T6506] ? ext4_file_write_iter+0x501/0x1200 [ 138.239733][ T6506] do_iter_readv_writev+0x2de/0x380 [ 138.244991][ T6506] do_iter_write+0x192/0x5c0 [ 138.249644][ T6506] ? splice_from_pipe_next+0x34f/0x3b0 [ 138.255109][ T6506] ? kmalloc_array+0x2d/0x40 [ 138.259701][ T6506] vfs_iter_write+0x4c/0x70 [ 138.264315][ T6506] iter_file_splice_write+0x43a/0x790 [ 138.269775][ T6506] ? splice_from_pipe+0xd0/0xd0 [ 138.274679][ T6506] direct_splice_actor+0x80/0xa0 [ 138.279625][ T6506] splice_direct_to_actor+0x345/0x650 07:34:05 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000340)={0x0, 0xfffffffffffffffb, 0x7d, 0x4, @buffer={0x0, 0x89, &(0x7f0000000000)=""/137}, &(0x7f00000000c0)="17be378f63a71800c73e99634844966ff4f909431384782426c53b46fcc009bb71ce07785b27f6439822aae9fb971f0cb42aeed31f96277e16ec24f580c6f98621382c0d0a01bcf2638a70445e8580994a4e33a35cb6369194393a3fdcc60e5c83c1adebe086ece578159a8723f00ba58701ba5fda0e9ac2b0fbb5b64c", &(0x7f0000000180)=""/181, 0x3, 0x4, 0x2, &(0x7f0000000280)}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000300)={r0, 0xff, 0xaf, 0x1}) [ 138.285001][ T6506] ? do_splice_direct+0x190/0x190 [ 138.290077][ T6506] do_splice_direct+0x106/0x190 [ 138.294992][ T6506] do_sendfile+0x675/0xc40 [ 138.299408][ T6506] __x64_sys_sendfile64+0x102/0x140 [ 138.304616][ T6506] do_syscall_64+0x44/0xa0 [ 138.309182][ T6506] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 138.315084][ T6506] RIP: 0033:0x7f7c25405ae9 [ 138.319499][ T6506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 138.339139][ T6506] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 138.347681][ T6506] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 138.355653][ T6506] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 138.363756][ T6506] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 138.371957][ T6506] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 138.379930][ T6506] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 07:34:05 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_PROBE_MESH_LINK(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x510, r2, 0x800, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x0, 0x44}}}}, [@NL80211_ATTR_FRAME={0x4c2, 0x33, @mgmt_frame=@assoc_req={@with_ht={{{0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x5}, @device_a, @device_a, @random="e9789d727fa2", {0x1, 0x800}}, @ver_80211n={0x0, 0x5, 0x2, 0x0, 0x0, 0x1}}, 0x808, 0x3ff, {0x0, 0x6, @default_ibss_ssid}, @void, @val={0x2d, 0x1a, {0x8000, 0x2, 0x1, 0x0, {0x96, 0x247, 0x0, 0x40, 0x0, 0x1, 0x1, 0x2}, 0x300, 0x6, 0x80}}, [{0xdd, 0xb, "b4db9dc5cd237dcb49dd9b"}, {0xdd, 0x46, "271e191cd3310ce547aceede1386a7b8efb5a0551d5cae183b472e83633e448494016d109195c98d17d337ea9a6d5091c0057cdd08e4493beb51d53a66cfbc1674b4cf18d60b"}, {0xdd, 0x1f, "542cfafd328efede0f15c8bc60c35da1422a008514a65581e77efcf2557f17"}, {0xdd, 0x40, "5874d3773b6f7150cf56ef20dca140ad7b3da394b2c860ece52c12d6cd58706d70683daada6b4393e78c2857c5c562739077b3bd4382560f09104165bc6afa17"}, {0xdd, 0xb5, "05b7780e391a30c0f0299fdd11367375398e521476373278f89c2037c4a9b3eae2ad58530130d5c5bec910b1854e1803164794964e0d6b1609be72d467fcded71446fae6abdf7192aa5d610058656c544a247a5c320151e540f795c26c22067b84fe6f84dcd8b7aaf402d3d0b412cfd11cbb5ed21327587aedc8cd49b38aafb2439d3e9cc2a4feafa2895cc026ede7c0d643cca0b79b24c1e03b3de6659e0efafc274f2a7319289cf7abfbeab5002b8bb713f08ba0"}, {0xdd, 0x65, "12441cb87c1378228625f807027bf1d07b2d0ae276f1a67b8a58db825614b7a8ec76c168d062a0803445e16879befd2f02292d079a10167ab4c283a578f0bb715ac9732f8f24ba5aa04b8fcb04eac75b9dfe484821b135b3ff1cd88daa07e4dc15f7d37985"}, {0xdd, 0xad, "34db3268add500adbef4174b44dd9167af45a60fd5afcb4b3c05a72097ed62001409976b85c059fbb4b9b16750217fc792e5f78f224596b3666a5817f68bef6d8c28b8f0b3e976e9220e782ae599392c29f63859cf037b4ead1328e9c2a7eb070c33e8b378e42388da52b284afd3effd4c1a0bd05001d646806ec808b32ef42741e32b817b5461f1e45e0786c401251a1c23456846464b35823e57e9c8c886d344a6c991e0bea317664e8c4a3c"}, {0xdd, 0xfd, "a71b2665179411bb5e930041cd105ef60c4a5d585f5ff900e4d7c796a237325c97a8f9b08050ca11db547e59029842a47893d1996d34517ecefc0b9d30143860b021330ec7f7404772185492a09684adef6f8e285d01f704b8b73880f5c39a18e1fd3b1f4ddae7d77b166585bcac1b3c411b8839f662d8221001681ab00ea120449760a6749502beb71fb3c862347f857e0bf331a9530687dd0547694d690128fcde3d2f28e5616f8642463dd399841cd982493a89a4c83a18bec5ad38daaa014ea1ca36c0e4fb2c464c2719818daa03444601b7afc19381a4e26e216d1f833f4cbb405d82cc39a1e97a2073a9ca7caa188ba82241fef13f37550f0cfc"}, {0xdd, 0x38, "8fa279ddb8393890e0339740d4ec91965ae5b7e9091643b344ba53272eb4d1353ad9eb14f48320d93b21be2c34b1312e84e6d36cc9a8edc1"}, {0xdd, 0xba, "335a2d24fab7691e72dfd78264c3eab487b1a837bf86a8293589b9c7bc747cfbca8447110f05cbf1e53c14a9e47a791f08e29544ce5dc365b5dd4b0aea01a81d0095d226cffec5c0002ab1d433eb8331f73f6b69416bd46364913cf1a0bdff67d47998e87ea157999e398d2f1b7fb07fcd61d19835032e46ea0428931f639d8e8b1a6501346180911fe954f00440bfde5d9b9bdabf0ae50c4ff71ae0afe5f7b4773b01553de93bd623fc4675f9ebfcf965ac5c8d0f6805acf346"}]}}, @NL80211_ATTR_FRAME={0x18, 0x33, @ctrl_frame=@bar={{}, {0x3}, @device_b, @device_a, @basic={{0x1}, {0x3, 0x5}}}}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x510}, 0x1, 0x0, 0x0, 0x40004}, 0x48000) fallocate(r0, 0x0, 0x0, 0x7fff) [ 138.387985][ T6506] [ 138.406731][ T6524] EXT4-fs: 86 callbacks suppressed [ 138.406744][ T6524] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 138.419144][ T6524] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 138.431065][ T6528] EXT4-fs (sda1): Ignoring removed mblk_io_submit option 07:34:05 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) connect$packet(r0, &(0x7f0000000000)={0x11, 0x19, 0x0, 0x1, 0x7f, 0x6, @random="35f1670365de"}, 0x14) fcntl$lock(r0, 0x24, &(0x7f0000001340)={0x2, 0x1, 0x4, 0x2, 0xffffffffffffffff}) fallocate(r0, 0x0, 0x0, 0x7fff) ioctl$SG_IO(r0, 0x2285, &(0x7f00000014c0)={0x53, 0xfffffffffffffffe, 0x0, 0x0, @buffer={0x0, 0x8b, &(0x7f00000015c0)=""/139}, &(0x7f0000001340), &(0x7f0000001540)=""/94, 0xfff, 0x30, 0x1, &(0x7f0000000040)}) ioctl$PTP_PIN_SETFUNC2(r0, 0x40603d10, &(0x7f0000001440)={'\x00', 0x5, 0x0, 0x1}) 07:34:05 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xc, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 138.438218][ T6528] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 138.504295][ T6534] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 138.511513][ T6534] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 138.523583][ T6535] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 138.530833][ T6535] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:34:05 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 44) 07:34:05 executing program 3: r0 = open(&(0x7f0000000040)='./file0\x00', 0x2040, 0x14) r1 = getuid() getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0}, &(0x7f0000000140)=0xc) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r4, 0xee00) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r6, 0xee00) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000180)={{{@in6=@initdev, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@local}}, &(0x7f0000000280)=0xe8) r8 = getegid() getresgid(&(0x7f0000000280), &(0x7f00000002c0)=0x0, &(0x7f0000000300)) setresgid(0x0, 0x0, r9) r10 = getegid() setxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000400)=ANY=[@ANYBLOB="02000000010001000000000002000700", @ANYRES32=r1, @ANYBLOB="02000000", @ANYRES32=0xee01, @ANYBLOB="02000900", @ANYRES32=r2, @ANYBLOB="02000700", @ANYRES32=r4, @ANYBLOB="02000200", @ANYRES32=r6, @ANYBLOB="02000200", @ANYRES32=r7, @ANYBLOB="040007000000000100000000", @ANYRES32=r8, @ANYBLOB='\b\x00\a\x00', @ANYRES32=r9, @ANYBLOB='\b\x00\a\x00', @ANYRES32, @ANYBLOB="08000500", @ANYRES32=r10, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0xee00, @ANYBLOB="10000400000000002000030000000000"], 0x7c, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000340)={{0x1, 0x1, 0x18, r3, {0x9}}, './file0\x00'}) r11 = openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.io_merged\x00', 0x275a, 0x0) fallocate(r11, 0x0, 0x0, 0x7fff) 07:34:05 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000804) 07:34:05 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xd, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:05 executing program 2: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000076) 07:34:05 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000003c) [ 138.712615][ T6545] FAULT_INJECTION: forcing a failure. [ 138.712615][ T6545] name failslab, interval 1, probability 0, space 0, times 0 [ 138.725443][ T6545] CPU: 1 PID: 6545 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 138.725926][ T6548] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 138.734035][ T6545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 138.742881][ T6548] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. 07:34:05 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) ioctl$F2FS_IOC_GET_FEATURES(r0, 0x8004f50c, &(0x7f0000000000)) fallocate(r0, 0x0, 0x0, 0x7fff) 07:34:05 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xe, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 138.751315][ T6545] Call Trace: [ 138.751323][ T6545] [ 138.751330][ T6545] dump_stack_lvl+0xd6/0x122 [ 138.751384][ T6545] dump_stack+0x11/0x1b [ 138.777469][ T6545] should_fail+0x23c/0x250 [ 138.781900][ T6545] ? jbd2__journal_start+0xf7/0x3f0 [ 138.787113][ T6545] __should_failslab+0x81/0x90 [ 138.792041][ T6545] should_failslab+0x5/0x20 [ 138.796572][ T6545] kmem_cache_alloc+0x4f/0x320 [ 138.801546][ T6545] jbd2__journal_start+0xf7/0x3f0 [ 138.806557][ T6545] __ext4_journal_start_sb+0x159/0x310 [ 138.812090][ T6545] ext4_iomap_begin+0x408/0x630 [ 138.816974][ T6545] ? ext4_alloc_da_blocks+0x100/0x100 [ 138.822385][ T6545] iomap_iter+0x395/0x4a0 [ 138.826715][ T6545] __iomap_dio_rw+0xb78/0x1070 [ 138.831560][ T6545] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 138.837357][ T6545] iomap_dio_rw+0x38/0x80 [ 138.841707][ T6545] ? ext4_file_write_iter+0x501/0x1200 [ 138.847323][ T6545] ext4_file_write_iter+0xac3/0x1200 [ 138.852595][ T6545] ? ext4_file_write_iter+0x501/0x1200 [ 138.858039][ T6545] do_iter_readv_writev+0x2de/0x380 [ 138.863511][ T6545] do_iter_write+0x192/0x5c0 [ 138.868082][ T6545] ? splice_from_pipe_next+0x34f/0x3b0 [ 138.873541][ T6545] ? kmalloc_array+0x2d/0x40 [ 138.878139][ T6545] vfs_iter_write+0x4c/0x70 [ 138.882671][ T6545] iter_file_splice_write+0x43a/0x790 [ 138.888162][ T6545] ? splice_from_pipe+0xd0/0xd0 [ 138.893001][ T6545] direct_splice_actor+0x80/0xa0 [ 138.897956][ T6545] splice_direct_to_actor+0x345/0x650 [ 138.903324][ T6545] ? do_splice_direct+0x190/0x190 [ 138.908332][ T6545] do_splice_direct+0x106/0x190 [ 138.913166][ T6545] do_sendfile+0x675/0xc40 [ 138.917567][ T6545] __x64_sys_sendfile64+0x102/0x140 [ 138.922747][ T6545] do_syscall_64+0x44/0xa0 [ 138.927166][ T6545] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 138.933055][ T6545] RIP: 0033:0x7f7c25405ae9 [ 138.937565][ T6545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 138.957217][ T6545] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 138.965649][ T6545] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 138.973861][ T6545] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 138.982024][ T6545] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 138.990008][ T6545] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 138.997999][ T6545] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 139.005977][ T6545] 07:34:05 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x10, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:05 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 45) 07:34:05 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r3, 0xee00) r4 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r5, 0xee00) r6 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r7, 0xee00) fsetxattr$system_posix_acl(r0, &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02000000010008000000000002000700", @ANYRES32=r1, @ANYBLOB="02000600", @ANYBLOB="cab80b210320a0e31189ca1714dd6a5fd8ab5fd54d6f806b8a11cb953149efe95eb22c77cadc740d61920598cbb220ef35cdd90b72d823ce96bfd92888ee08d2e3a29a74aa529e119fdf03582ea34d3106de59b952297d49f740fe12162749d6aec4f94a5fa54626ff496490993991e6996d04be894ab41e6d0908dedb671d2bb5f59401aef224af605e68fd5497a983682ac9", @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="02000000", @ANYRES32=r5, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="867d288c58d0494ab6725797fbdc848a06ae40686f76134114719c9746180e69185a3069d8f35a1dfbc6f90e227471db9cc6319698ffffff7f8e3040e3d43bc81eaf6e599c196cd315c6a6758fed45773394bddc2050fc85c506da384dbb8d517dac4d9d7aef42d6f49fdfa8", @ANYRES32=0xee01, @ANYBLOB="02000300", @ANYRES32=r7, @ANYBLOB="02000400", @ANYRES32, @ANYBLOB="02000800", @ANYRESDEC=r5, @ANYBLOB="02000200", @ANYRES32=0x0, @ANYBLOB="040005000000000010000000000000002000040000000000"], 0x74, 0x0) r8 = openat$cgroup_type(r0, &(0x7f0000000000), 0x2, 0x0) fallocate(r8, 0x0, 0x0, 0x8003) 07:34:05 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = socket$inet(0x2, 0x5, 0x8) ioctl$AUTOFS_IOC_EXPIRE_MULTI(r1, 0x40049366, &(0x7f0000000000)=0x1) r2 = memfd_create(&(0x7f0000000300)='\x00\xc2\xea\x99\xbb\x1c\xdfjw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00'/204, 0x0) write(r2, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0) splice(r0, &(0x7f0000000040)=0x100, r2, &(0x7f0000000080)=0x8, 0x9329, 0x1) [ 139.085953][ T23] audit: type=1400 audit(1636443245.781:177): avc: denied { setattr } for pid=6559 comm="syz-executor.3" name="UDP-Lite" dev="sockfs" ino=20473 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 139.111390][ T6560] FAULT_INJECTION: forcing a failure. [ 139.111390][ T6560] name failslab, interval 1, probability 0, space 0, times 0 [ 139.124296][ T6560] CPU: 1 PID: 6560 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 07:34:05 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x11, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:05 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='freezer.state\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) [ 139.132626][ T6560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 139.142844][ T6560] Call Trace: [ 139.146140][ T6560] [ 139.149071][ T6560] dump_stack_lvl+0xd6/0x122 [ 139.153673][ T6560] dump_stack+0x11/0x1b [ 139.157833][ T6560] should_fail+0x23c/0x250 [ 139.162260][ T6560] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 139.167552][ T6560] __should_failslab+0x81/0x90 [ 139.172376][ T6560] should_failslab+0x5/0x20 [ 139.176898][ T6560] kmem_cache_alloc+0x4f/0x320 [ 139.181674][ T6560] ext4_mb_new_blocks+0x328/0x1ee0 [ 139.186871][ T6560] ? bio_will_gap+0xfc/0x4a0 [ 139.191540][ T6560] ext4_new_meta_blocks+0x84/0x180 [ 139.196683][ T6560] ext4_ind_map_blocks+0xb68/0x1740 [ 139.201944][ T6560] ext4_map_blocks+0x6e3/0xf00 [ 139.206817][ T6560] ext4_iomap_begin+0x4b0/0x630 [ 139.211678][ T6560] ? ext4_alloc_da_blocks+0x100/0x100 [ 139.217112][ T6560] iomap_iter+0x395/0x4a0 [ 139.221431][ T6560] __iomap_dio_rw+0xb78/0x1070 [ 139.226266][ T6560] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 139.232067][ T6560] iomap_dio_rw+0x38/0x80 [ 139.236405][ T6560] ? ext4_file_write_iter+0x501/0x1200 [ 139.241948][ T6560] ext4_file_write_iter+0xac3/0x1200 [ 139.247419][ T6560] ? ext4_file_write_iter+0x501/0x1200 [ 139.252891][ T6560] do_iter_readv_writev+0x2de/0x380 [ 139.258105][ T6560] do_iter_write+0x192/0x5c0 [ 139.262743][ T6560] ? splice_from_pipe_next+0x34f/0x3b0 [ 139.268213][ T6560] ? kmalloc_array+0x2d/0x40 [ 139.272914][ T6560] vfs_iter_write+0x4c/0x70 [ 139.277420][ T6560] iter_file_splice_write+0x43a/0x790 [ 139.282880][ T6560] ? splice_from_pipe+0xd0/0xd0 [ 139.287908][ T6560] direct_splice_actor+0x80/0xa0 [ 139.292871][ T6560] splice_direct_to_actor+0x345/0x650 [ 139.298594][ T6560] ? do_splice_direct+0x190/0x190 [ 139.303666][ T6560] do_splice_direct+0x106/0x190 [ 139.308503][ T6560] do_sendfile+0x675/0xc40 [ 139.312938][ T6560] __x64_sys_sendfile64+0x102/0x140 [ 139.318134][ T6560] do_syscall_64+0x44/0xa0 [ 139.322562][ T6560] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 139.328463][ T6560] RIP: 0033:0x7f7c25405ae9 [ 139.332859][ T6560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 139.352719][ T6560] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 139.361284][ T6560] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 139.369358][ T6560] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 139.377494][ T6560] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 139.385466][ T6560] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 139.393513][ T6560] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 139.401482][ T6560] 07:34:06 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000900) 07:34:06 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x800, 0x7fff) 07:34:06 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x12, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:06 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000003d) 07:34:06 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 46) 07:34:06 executing program 2: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000003) 07:34:06 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x53, 0x8000000000000, 0x7fff) 07:34:06 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x18, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 139.652575][ T6593] FAULT_INJECTION: forcing a failure. [ 139.652575][ T6593] name failslab, interval 1, probability 0, space 0, times 0 [ 139.665267][ T6593] CPU: 0 PID: 6593 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 139.673638][ T6593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 139.683714][ T6593] Call Trace: [ 139.687111][ T6593] [ 139.690103][ T6593] dump_stack_lvl+0xd6/0x122 [ 139.694703][ T6593] dump_stack+0x11/0x1b [ 139.698879][ T6593] should_fail+0x23c/0x250 [ 139.703382][ T6593] ? ext4_mb_new_blocks+0x328/0x1ee0 [ 139.708680][ T6593] __should_failslab+0x81/0x90 [ 139.713530][ T6593] should_failslab+0x5/0x20 [ 139.718136][ T6593] kmem_cache_alloc+0x4f/0x320 [ 139.722915][ T6593] ext4_mb_new_blocks+0x328/0x1ee0 [ 139.728036][ T6593] ? bio_will_gap+0xfc/0x4a0 [ 139.732628][ T6593] ext4_new_meta_blocks+0x84/0x180 [ 139.737749][ T6593] ext4_ind_map_blocks+0xb68/0x1740 [ 139.742975][ T6593] ext4_map_blocks+0x6e3/0xf00 [ 139.747787][ T6593] ext4_iomap_begin+0x4b0/0x630 07:34:06 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x22, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 139.752643][ T6593] ? ext4_alloc_da_blocks+0x100/0x100 [ 139.758023][ T6593] iomap_iter+0x395/0x4a0 [ 139.762361][ T6593] __iomap_dio_rw+0xb78/0x1070 [ 139.767133][ T6593] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 139.772954][ T6593] iomap_dio_rw+0x38/0x80 [ 139.777370][ T6593] ? ext4_file_write_iter+0x501/0x1200 [ 139.782946][ T6593] ext4_file_write_iter+0xac3/0x1200 [ 139.788361][ T6593] ? ext4_file_write_iter+0x501/0x1200 [ 139.793848][ T6593] do_iter_readv_writev+0x2de/0x380 [ 139.799112][ T6593] do_iter_write+0x192/0x5c0 [ 139.803726][ T6593] ? splice_from_pipe_next+0x34f/0x3b0 [ 139.809195][ T6593] ? kmalloc_array+0x2d/0x40 [ 139.813803][ T6593] vfs_iter_write+0x4c/0x70 [ 139.818371][ T6593] iter_file_splice_write+0x43a/0x790 [ 139.823805][ T6593] ? splice_from_pipe+0xd0/0xd0 [ 139.828669][ T6593] direct_splice_actor+0x80/0xa0 [ 139.833617][ T6593] splice_direct_to_actor+0x345/0x650 [ 139.839134][ T6593] ? do_splice_direct+0x190/0x190 [ 139.844177][ T6593] do_splice_direct+0x106/0x190 [ 139.849088][ T6593] do_sendfile+0x675/0xc40 [ 139.853692][ T6593] __x64_sys_sendfile64+0x102/0x140 [ 139.858917][ T6593] do_syscall_64+0x44/0xa0 [ 139.863349][ T6593] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 139.869321][ T6593] RIP: 0033:0x7f7c25405ae9 [ 139.874097][ T6593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 139.893810][ T6593] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 07:34:06 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 47) [ 139.902325][ T6593] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 139.910314][ T6593] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 139.918292][ T6593] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 139.926268][ T6593] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 139.934251][ T6593] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 139.942250][ T6593] 07:34:06 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x25, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 140.039984][ T6605] FAULT_INJECTION: forcing a failure. [ 140.039984][ T6605] name failslab, interval 1, probability 0, space 0, times 0 [ 140.052644][ T6605] CPU: 1 PID: 6605 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 140.061417][ T6605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 140.071482][ T6605] Call Trace: [ 140.074789][ T6605] [ 140.077724][ T6605] dump_stack_lvl+0xd6/0x122 [ 140.082586][ T6605] dump_stack+0x11/0x1b [ 140.086751][ T6605] should_fail+0x23c/0x250 [ 140.091249][ T6605] ? ext4_mb_new_blocks+0x73e/0x1ee0 [ 140.096645][ T6605] __should_failslab+0x81/0x90 [ 140.101427][ T6605] should_failslab+0x5/0x20 [ 140.105956][ T6605] kmem_cache_alloc+0x4f/0x320 [ 140.110766][ T6605] ext4_mb_new_blocks+0x73e/0x1ee0 [ 140.115990][ T6605] ? bio_will_gap+0xfc/0x4a0 [ 140.120630][ T6605] ext4_new_meta_blocks+0x84/0x180 [ 140.125810][ T6605] ext4_ind_map_blocks+0xb68/0x1740 [ 140.131075][ T6605] ext4_map_blocks+0x6e3/0xf00 [ 140.135850][ T6605] ext4_iomap_begin+0x4b0/0x630 [ 140.140815][ T6605] ? ext4_alloc_da_blocks+0x100/0x100 [ 140.146449][ T6605] iomap_iter+0x395/0x4a0 [ 140.150831][ T6605] __iomap_dio_rw+0xb78/0x1070 [ 140.155701][ T6605] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 140.161551][ T6605] iomap_dio_rw+0x38/0x80 [ 140.165970][ T6605] ? ext4_file_write_iter+0x501/0x1200 [ 140.171443][ T6605] ext4_file_write_iter+0xac3/0x1200 [ 140.176764][ T6605] ? ext4_file_write_iter+0x501/0x1200 [ 140.182241][ T6605] do_iter_readv_writev+0x2de/0x380 [ 140.187479][ T6605] do_iter_write+0x192/0x5c0 [ 140.192181][ T6605] ? splice_from_pipe_next+0x34f/0x3b0 [ 140.197698][ T6605] ? kmalloc_array+0x2d/0x40 [ 140.202359][ T6605] vfs_iter_write+0x4c/0x70 [ 140.206870][ T6605] iter_file_splice_write+0x43a/0x790 [ 140.212270][ T6605] ? splice_from_pipe+0xd0/0xd0 [ 140.217132][ T6605] direct_splice_actor+0x80/0xa0 [ 140.222170][ T6605] splice_direct_to_actor+0x345/0x650 [ 140.227679][ T6605] ? do_splice_direct+0x190/0x190 [ 140.232717][ T6605] do_splice_direct+0x106/0x190 [ 140.237728][ T6605] do_sendfile+0x675/0xc40 [ 140.242178][ T6605] __x64_sys_sendfile64+0x102/0x140 [ 140.247448][ T6605] do_syscall_64+0x44/0xa0 [ 140.251875][ T6605] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 140.257934][ T6605] RIP: 0033:0x7f7c25405ae9 [ 140.262349][ T6605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 140.282336][ T6605] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 07:34:06 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2e, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 140.290759][ T6605] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 140.298872][ T6605] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 140.306946][ T6605] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 140.314921][ T6605] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 140.322905][ T6605] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 140.331006][ T6605] 07:34:07 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000a00) 07:34:07 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 48) 07:34:07 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x48, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 140.472616][ T6614] FAULT_INJECTION: forcing a failure. [ 140.472616][ T6614] name failslab, interval 1, probability 0, space 0, times 0 [ 140.485256][ T6614] CPU: 0 PID: 6614 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 140.493745][ T6614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 140.503838][ T6614] Call Trace: [ 140.507146][ T6614] [ 140.510156][ T6614] dump_stack_lvl+0xd6/0x122 [ 140.514802][ T6614] dump_stack+0x11/0x1b [ 140.519000][ T6614] should_fail+0x23c/0x250 [ 140.523435][ T6614] ? ext4_mb_new_blocks+0x73e/0x1ee0 [ 140.528786][ T6614] __should_failslab+0x81/0x90 [ 140.533641][ T6614] should_failslab+0x5/0x20 [ 140.538166][ T6614] kmem_cache_alloc+0x4f/0x320 [ 140.543059][ T6614] ext4_mb_new_blocks+0x73e/0x1ee0 [ 140.548531][ T6614] ? bio_will_gap+0xfc/0x4a0 [ 140.553150][ T6614] ext4_new_meta_blocks+0x84/0x180 [ 140.558291][ T6614] ext4_ind_map_blocks+0xb68/0x1740 [ 140.563650][ T6614] ext4_map_blocks+0x6e3/0xf00 [ 140.568429][ T6614] ext4_iomap_begin+0x4b0/0x630 [ 140.573480][ T6614] ? ext4_alloc_da_blocks+0x100/0x100 [ 140.579077][ T6614] iomap_iter+0x395/0x4a0 [ 140.583419][ T6614] __iomap_dio_rw+0xb78/0x1070 [ 140.588220][ T6614] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 140.594042][ T6614] iomap_dio_rw+0x38/0x80 [ 140.598376][ T6614] ? ext4_file_write_iter+0x501/0x1200 [ 140.604022][ T6614] ext4_file_write_iter+0xac3/0x1200 [ 140.609324][ T6614] ? ext4_file_write_iter+0x501/0x1200 [ 140.615001][ T6614] do_iter_readv_writev+0x2de/0x380 [ 140.620268][ T6614] do_iter_write+0x192/0x5c0 [ 140.624865][ T6614] ? splice_from_pipe_next+0x34f/0x3b0 [ 140.630398][ T6614] ? kmalloc_array+0x2d/0x40 [ 140.635083][ T6614] vfs_iter_write+0x4c/0x70 [ 140.639772][ T6614] iter_file_splice_write+0x43a/0x790 [ 140.645202][ T6614] ? splice_from_pipe+0xd0/0xd0 [ 140.650086][ T6614] direct_splice_actor+0x80/0xa0 [ 140.655286][ T6614] splice_direct_to_actor+0x345/0x650 [ 140.660682][ T6614] ? do_splice_direct+0x190/0x190 [ 140.665755][ T6614] do_splice_direct+0x106/0x190 [ 140.670706][ T6614] do_sendfile+0x675/0xc40 [ 140.675133][ T6614] __x64_sys_sendfile64+0x102/0x140 [ 140.680502][ T6614] do_syscall_64+0x44/0xa0 [ 140.684932][ T6614] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 140.690848][ T6614] RIP: 0033:0x7f7c25405ae9 [ 140.696002][ T6614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 140.715858][ T6614] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 140.724278][ T6614] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 140.732301][ T6614] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 140.740365][ T6614] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 140.748345][ T6614] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 140.756456][ T6614] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 [ 140.764437][ T6614] [ 140.792642][ T348] ================================================================== [ 140.800746][ T348] BUG: KCSAN: data-race in jbd2_journal_file_inode / jbd2_journal_finish_inode_data_buffers [ 140.810821][ T348] [ 140.813144][ T348] write to 0xffff88810691a8f8 of 8 bytes by task 6598 on cpu 0: [ 140.820858][ T348] jbd2_journal_file_inode+0x17a/0x330 [ 140.826328][ T348] jbd2_journal_inode_ranged_write+0x30/0x40 [ 140.832339][ T348] ext4_map_blocks+0xdce/0xf00 [ 140.837113][ T348] ext4_iomap_begin+0x4b0/0x630 [ 140.841972][ T348] iomap_iter+0x395/0x4a0 [ 140.846314][ T348] __iomap_dio_rw+0xb78/0x1070 [ 140.851089][ T348] iomap_dio_rw+0x38/0x80 [ 140.855454][ T348] ext4_file_write_iter+0xac3/0x1200 [ 140.860831][ T348] do_iter_readv_writev+0x2de/0x380 [ 140.866037][ T348] do_iter_write+0x192/0x5c0 [ 140.870633][ T348] vfs_iter_write+0x4c/0x70 [ 140.875231][ T348] iter_file_splice_write+0x43a/0x790 [ 140.880611][ T348] direct_splice_actor+0x80/0xa0 [ 140.885566][ T348] splice_direct_to_actor+0x345/0x650 [ 140.890945][ T348] do_splice_direct+0x106/0x190 [ 140.895802][ T348] do_sendfile+0x675/0xc40 [ 140.900259][ T348] __x64_sys_sendfile64+0x102/0x140 [ 140.905460][ T348] do_syscall_64+0x44/0xa0 [ 140.909895][ T348] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 140.915798][ T348] [ 140.918121][ T348] read to 0xffff88810691a8f8 of 8 bytes by task 348 on cpu 1: [ 140.925570][ T348] jbd2_journal_finish_inode_data_buffers+0x3d/0x60 [ 140.932177][ T348] ext4_journal_finish_inode_data_buffers+0x41/0x60 [ 140.938776][ T348] jbd2_journal_commit_transaction+0x16a8/0x3460 [ 140.945118][ T348] kjournald2+0x263/0x480 [ 140.949453][ T348] kthread+0x2c7/0x2e0 [ 140.953525][ T348] ret_from_fork+0x1f/0x30 [ 140.957953][ T348] [ 140.960273][ T348] value changed: 0x0000000000199fff -> 0x000000000019afff [ 140.967371][ T348] [ 140.969688][ T348] Reported by Kernel Concurrency Sanitizer on: [ 140.975830][ T348] CPU: 1 PID: 348 Comm: jbd2/sda1-8 Not tainted 5.15.0-syzkaller #0 [ 140.983807][ T348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 140.993863][ T348] ================================================================== 07:34:07 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x8000003e) 07:34:07 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x49, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:07 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) (fail_nth: 49) 07:34:07 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 1) [ 141.087646][ T6628] FAULT_INJECTION: forcing a failure. [ 141.087646][ T6628] name failslab, interval 1, probability 0, space 0, times 0 [ 141.100574][ T6628] CPU: 0 PID: 6628 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 141.108915][ T6628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 141.119091][ T6628] Call Trace: [ 141.122369][ T6628] [ 141.125304][ T6628] dump_stack_lvl+0xd6/0x122 [ 141.129995][ T6628] dump_stack+0x11/0x1b [ 141.134159][ T6628] should_fail+0x23c/0x250 [ 141.138653][ T6628] ? getname_flags+0x84/0x3f0 [ 141.143345][ T6628] __should_failslab+0x81/0x90 [ 141.148151][ T6628] should_failslab+0x5/0x20 [ 141.148354][ T6627] FAULT_INJECTION: forcing a failure. [ 141.148354][ T6627] name failslab, interval 1, probability 0, space 0, times 0 [ 141.152712][ T6628] kmem_cache_alloc+0x4f/0x320 [ 141.170242][ T6628] getname_flags+0x84/0x3f0 [ 141.174894][ T6628] __x64_sys_mkdir+0x31/0x50 [ 141.179536][ T6628] do_syscall_64+0x44/0xa0 [ 141.183969][ T6628] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 141.189935][ T6628] RIP: 0033:0x7f28fbd1fbf7 [ 141.194347][ T6628] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 141.214026][ T6628] RSP: 002b:00007f28f9a96fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 141.222627][ T6628] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f28fbd1fbf7 [ 141.230594][ T6628] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 0000000020000000 [ 141.238552][ T6628] RBP: 00007f28f9a97040 R08: 0000000000000000 R09: 000000000001c4a6 [ 141.246531][ T6628] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0 [ 141.254929][ T6628] R13: 0000000020000000 R14: 00007f28f9a97000 R15: 0000000020000180 [ 141.262905][ T6628] [ 141.265918][ T6627] CPU: 1 PID: 6627 Comm: syz-executor.1 Not tainted 5.15.0-syzkaller #0 [ 141.274299][ T6627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 141.284353][ T6627] Call Trace: [ 141.287631][ T6627] [ 141.290559][ T6627] dump_stack_lvl+0xd6/0x122 [ 141.295158][ T6627] dump_stack+0x11/0x1b [ 141.299317][ T6627] should_fail+0x23c/0x250 [ 141.303779][ T6627] ? jbd2_journal_add_journal_head+0x6c/0x3a0 [ 141.309858][ T6627] __should_failslab+0x81/0x90 [ 141.314716][ T6627] should_failslab+0x5/0x20 [ 141.319302][ T6627] kmem_cache_alloc+0x4f/0x320 [ 141.324125][ T6627] jbd2_journal_add_journal_head+0x6c/0x3a0 [ 141.330101][ T6627] jbd2_journal_get_create_access+0x2c/0x290 [ 141.336090][ T6627] __ext4_journal_get_create_access+0x65/0x320 [ 141.342389][ T6627] ext4_ind_map_blocks+0xcf1/0x1740 [ 141.347656][ T6627] ext4_map_blocks+0x6e3/0xf00 [ 141.352596][ T6627] ext4_iomap_begin+0x4b0/0x630 [ 141.357457][ T6627] ? ext4_alloc_da_blocks+0x100/0x100 [ 141.362975][ T6627] iomap_iter+0x395/0x4a0 [ 141.367383][ T6627] __iomap_dio_rw+0xb78/0x1070 [ 141.372424][ T6627] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 141.378280][ T6627] iomap_dio_rw+0x38/0x80 [ 141.382613][ T6627] ? ext4_file_write_iter+0x501/0x1200 [ 141.388177][ T6627] ext4_file_write_iter+0xac3/0x1200 [ 141.393614][ T6627] ? ext4_file_write_iter+0x501/0x1200 [ 141.399169][ T6627] do_iter_readv_writev+0x2de/0x380 [ 141.404374][ T6627] do_iter_write+0x192/0x5c0 [ 141.409007][ T6627] vfs_iter_write+0x4c/0x70 [ 141.413781][ T6627] iter_file_splice_write+0x43a/0x790 [ 141.419165][ T6627] ? splice_from_pipe+0xd0/0xd0 [ 141.424089][ T6627] direct_splice_actor+0x80/0xa0 [ 141.429195][ T6627] splice_direct_to_actor+0x345/0x650 [ 141.434593][ T6627] ? do_splice_direct+0x190/0x190 [ 141.439680][ T6627] do_splice_direct+0x106/0x190 [ 141.444541][ T6627] do_sendfile+0x675/0xc40 [ 141.448997][ T6627] __x64_sys_sendfile64+0x102/0x140 [ 141.454203][ T6627] do_syscall_64+0x44/0xa0 [ 141.458635][ T6627] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 141.464540][ T6627] RIP: 0033:0x7f7c25405ae9 [ 141.468952][ T6627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 141.488626][ T6627] RSP: 002b:00007f7c2317c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 141.497142][ T6627] RAX: ffffffffffffffda RBX: 00007f7c25518f60 RCX: 00007f7c25405ae9 [ 141.505271][ T6627] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 141.513313][ T6627] RBP: 00007f7c2317c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 141.521447][ T6627] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000002 [ 141.529395][ T6627] R13: 00007ffc5a52f19f R14: 00007f7c2317c300 R15: 0000000000022000 07:34:08 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000016c0)={0x8, [], 0x81, "471d9770899442"}) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, &(0x7f00000006c0)={0x101, [{r3, r4}, {r2, 0x0}, {r3, r4}, {r3, r4}, {r3, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {r2}, {r2, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {r3, r4}, {r3, r4}, {r3, r4}, {r2}, {r2, r4}, {r3, 0x0}, {r2, r4}, {r2, r4}, {0x0}, {r3, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {0x0, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {r2}, {r3, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {r2, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {0x0, r4}, {r3, r4}, {r3, 0x0}, {r3, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {0x0, r4}, {0x0, r4}, {r3, r4}, {0x0, r4}, {r2, r4}, {r2, r4}, {r3, 0x0}, {r2, r4}, {r2, r4}, {r3, r4}, {0x0, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {r3, r4}, {r3}, {r2, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {0x0, r4}, {r2, r4}, {r2, r4}, {r3, r4}, {r2, 0x0}, {r2, r4}, {r3, 0x0}, {r3, 0x0}, {r3, r4}, {r3, r4}, {r3, r6}, {r2}, {r2, r4}, {r2, r4}, {0x0, 0x0}, {r2, r4}, {r3, 0x0}, {0x0, r4}, {r2}, {r3, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {0x0, r4}, {r2, r4}, {r2, r4}, {r3, r4}, {0x0, r4}, {r3, 0x0}, {r2}, {r3, r4}, {0x0, r4}, {r2, r4}, {r3, r4}, {0x0, r4}, {r3, r4}, {r3, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {r3, 0x0}, {r2, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {r5, r4}, {r2, r4}, {r2, 0x0}, {r3, r4}, {r2, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {r3, r4}, {r3, r4}, {r2, r4}, {r2, r4}, {r3, 0x0}, {r3, r4}, {r3, 0x0}, {r2, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {r3, r4}, {0x0, r4}, {r3, 0x0}, {r2, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r2, r4}, {r3, 0x0}, {r2, r4}, {r2}, {0x0, r4}, {}, {0x0, r4}, {r3, r4}, {0x0, r4}, {r3, r4}, {0x0, r4}, {r3}, {0x0, 0x0}, {r3, r4}, {0x0, 0x0}, {r2}, {0x0, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r3, 0x0}, {r3, 0x0}, {r2, r4}, {r3, r4}, {r3, r4}, {r3, r4}, {0x0, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {0x0, r4}, {r3, 0x0}, {r3, r4}, {r3, 0x0}, {r3}, {r2, r4}, {r3, r4}, {r2, r4}, {0x0, r4}, {0x0, r4}, {r2, 0x0}, {r2, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {r3, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {r3, r4}, {r3, r4}, {r2, 0x0}, {0x0, r4}, {r3, r4}, {0x0, 0x0}, {r3, r4}, {r3, r4}, {r2, r4}, {r2, r4}], 0x4, "350491c0a44cc4"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000016c0)={0x8, [{r263, r99}, {r66, r197}, {0x0, 0x0}, {r227, r34}, {r261, r196}, {r140, r36}, {r154, r64}, {r165, r178}, {r9, r34}, {0x0, r103}, {r151, r153}, {r189, r65}, {r233, r224}, {r91, r247}, {r47, r130}, {r233, r92}, {r225, r36}, {r214, r289}, {r248, r285}, {r230, r130}, {r52, r65}, {r305, r115}, {r195, r253}, {r149, r209}, {r106, r136}, {r44, r100}, {r79, r229}, {r267, r29}, {r283, r96}, {r286, r251}, {r116, r86}, {r44, r39}, {r54}, {r263, r212}, {r131, r53}, {r199, r112}, {r177, r273}, {r230, r141}, {r78}, {r111, r41}, {r310, r197}, {r195, r55}, {r113, r258}, {r173, r71}, {0x0, r251}, {r81, r197}, {r129, r41}, {r20, r309}, {r250, r67}, {r7, r89}, {r70, r269}, {r27}, {r276, r307}, {r19, r217}, {r72, r144}, {r101}, {r134, r266}, {r83}, {r87, r145}, {r35, r98}, {r119, r231}, {r93, r98}, {0x0, r220}, {r85, r242}, {r221, r141}, {r125, r222}, {r234, r228}, {r193, r235}, {r284, r211}, {r121, r41}, {r58, r203}, {r37, r211}, {0x0, r243}, {r27, r237}, {r57, r95}, {r20, r285}, {r244, r183}, {0x0, r203}, {r25}, {r288}, {r14, r102}, {r240, r18}, {r181, r171}, {0x0, r98}, {r281, r278}, {r70, r259}, {r78, r223}, {r279, r179}, {r116, r127}, {r152, r201}, {r149, r128}, {r40, r84}, {r218, r95}, {r260, r171}, {r68, r139}, {r298, r124}, {r239, r254}, {r79, r36}, {r268, r280}, {r23, r171}, {0x0, r188}, {r272}, {r172, r94}, {r239, r51}, {r221, r167}, {r152, r207}, {r267, r126}, {r114, r273}, {r283, r82}, {r143, r8}, {r276, r200}, {r248, r187}, {r156, r254}, {r135, r80}, {r308}, {r218, r254}, {r311, r207}, {r72, r145}, {r184, r204}, {r24, r175}, {r257, r84}, {r21}, {r58, r304}, {r22}, {r76, r74}, {r54, r26}, {r2, r138}, {r69, r235}, {0x0, r148}, {r135, r169}, {r191, r194}, {r3, r59}, {r163, r30}, {r206, r99}, {r270, r150}, {0x0, r198}, {r33, r275}, {r302, r146}, {r121, r280}, {r158, r103}, {r166}, {r10, r192}, {r21, r77}, {r293, r219}, {r152, r122}, {r256, r202}, {0x0, r212}, {r68, r212}, {r185, r235}, {r62, r265}, {r261}, {r113}, {r256, r150}, {r226, r90}, {r215, r294}, {r208, r301}, {r296, r29}, {r31, r88}, {r240}, {r300, r99}, {r163, r190}, {0x0, r107}, {r147, r118}, {r15, r183}, {r17}, {r19, r246}, {r168, r48}, {r42, r171}, {r274, r243}, {r252, r71}, {r252, r110}, {0x0, r243}, {r176, r262}, {r303, r104}, {r226, r297}, {r208, r217}, {r225, r53}, {r151, r187}, {r181, r127}, {0x0, r32}, {r50, r157}, {r263, r271}, {0x0, r194}, {r213}, {r66, r207}, {0x0, r204}, {r172}, {0x0, r164}, {r182}, {r2, r280}, {0x0, r299}, {r132, r161}, {r295}, {r170, r259}, {r172, r142}, {r284, r264}, {r176, r277}, {r193, r155}, {r135, r130}, {r76, r306}, {r176, r309}, {0x0, r292}, {r3, r28}, {r193, r161}, {r3, r136}, {r154, r73}, {r186, r282}, {r23}, {r172, r88}, {r236, r174}, {r38, r159}, {r97, r162}, {r108}, {r72, r12}, {r27, r291}, {r133, r43}, {r19, r232}, {r106, r67}, {r16, r164}, {r255, r63}, {r54, r67}, {r15, r249}, {0x0, r246}, {r210, r107}, {r75}, {r10, r102}, {r137, r43}, {0x0, r258}, {r97, r164}, {r199, r49}, {r20, r117}, {r38, r11}, {r295, r127}, {0x0, r241}, {r206, r46}, {r123, r122}, {r109, r110}, {0x0, r162}, {r267}, {r160, r258}, {r7, r65}, {r180, r120}, {r238, r105}, {0x0, r209}, {r16, r61}, {r119}, {r170, r4}, {r215, r205}, {0x0, r13}, {r168, r56}, {r45, r36}, {r93, r179}, {r60, r287}, {r245, r290}, {0x0, r216}], 0x81, "471d9770899442"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004cb00)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_TREE_SEARCH(r1, 0xd0009411, &(0x7f00000026c0)={{r314, 0x0, 0x5, 0x8, 0x4, 0x8000, 0xfff, 0x0, 0x0, 0x0, 0x100, 0x34d4, 0x2, 0x4, 0x401}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004cd00)={0x1, [{}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r316}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r141}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r312}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r315}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r313}], 0x1, "060cd6bed5f770"}) r317 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r317, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r317, 0xd000943d, &(0x7f00000006c0)={0x101, [{r319, r320}, {r318}, {r319, r320}, {r319, r320}, {r319, r320}, {r318, r320}, {r318, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {r318}, {r318, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {r318, r320}, {r318, r320}, {r318, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {r319, r320}, {r319, r320}, {r319, r320}, {r318}, {r318, r320}, {r319}, {r318, r320}, {r318, r320}, {}, {r319, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {0x0, r320}, {r318, r320}, {r318, r320}, {r318, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {r318}, {r319, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {r318, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {0x0, r320}, {r319, r320}, {r319}, {r319, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {0x0, r320}, {0x0, r320}, {r319, r320}, {0x0, r320}, {r318, r320}, {r318, r320}, {r319}, {r318, r320}, {r318, r320}, {r319, r320}, {0x0, r320}, {r318, r320}, {r318, r320}, {r318, r320}, {r319, r320}, {r319}, {r318, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {r318, r320}, {r318, r320}, {r318, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {0x0, r320}, {r318, r320}, {r318, r320}, {r319, r320}, {r318}, {r318, r320}, {r319}, {r319}, {r319, r320}, {r319, r320}, {r319, r322}, {r318}, {r318, r320}, {r318, r320}, {}, {r318, r320}, {r319}, {0x0, r320}, {r318}, {r319, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {0x0, r320}, {r318, r320}, {r318, r320}, {r319, r320}, {0x0, r320}, {r319}, {r318}, {r319, r320}, {0x0, r320}, {r318, r320}, {r319, r320}, {0x0, r320}, {r319, r320}, {r319, r320}, {r318, r320}, {r318, r320}, {r318, r320}, {r319}, {r318, r320}, {r318, r320}, {r318, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {r321, r320}, {r318, r320}, {r318}, {r319, r320}, {r318, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {r319, r320}, {r319, r320}, {r318, r320}, {r318, r320}, {r319}, {r319, r320}, {r319}, {r318, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {r319, r320}, {0x0, r320}, {r319}, {r318, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r318, r320}, {r319}, {r318, r320}, {r318}, {0x0, r320}, {}, {0x0, r320}, {r319, r320}, {0x0, r320}, {r319, r320}, {0x0, r320}, {r319}, {}, {r319, r320}, {}, {r318}, {0x0, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r319}, {r319}, {r318, r320}, {r319, r320}, {r319, r320}, {r319, r320}, {0x0, r320}, {r318, r320}, {r318, r320}, {r318, r320}, {r318, r320}, {0x0, r320}, {r319}, {r319, r320}, {r319}, {r319}, {r318, r320}, {r319, r320}, {r318, r320}, {0x0, r320}, {0x0, r320}, {r318}, {r318, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {r319, r320}, {r318, r320}, {r318, r320}, {r318, r320}, {r319, r320}, {r319, r320}, {r318}, {0x0, r320}, {r319, r320}, {}, {r319, r320}, {r319, r320}, {r318, r320}, {r318, r320}], 0x4, "350491c0a44cc4"}) r323 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r323, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r323, 0xd000943d, &(0x7f00000006c0)={0x101, [{r325, r326}, {r324}, {r325, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r324}, {r324, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {r324}, {r324, r326}, {r325}, {r324, r326}, {r324, r326}, {}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {0x0, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r324}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {0x0, r326}, {r325, r326}, {r325}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {0x0, r326}, {0x0, r326}, {r325, r326}, {0x0, r326}, {r324, r326}, {r324, r326}, {r325}, {r324, r326}, {r324, r326}, {r325, r326}, {0x0, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r325}, {r324, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {0x0, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r324}, {r324, r326}, {r325}, {r325}, {r325, r326}, {r325, r326}, {r325, r328}, {r324}, {r324, r326}, {r324, r326}, {}, {r324, r326}, {r325}, {0x0, r326}, {r324}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {0x0, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {0x0, r326}, {r325}, {r324}, {r325, r326}, {0x0, r326}, {r324, r326}, {r325, r326}, {0x0, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325}, {r324, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r327, r326}, {r324, r326}, {r324}, {r325, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r324, r326}, {r325}, {r325, r326}, {r325}, {r324, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {0x0, r326}, {r325}, {r324, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r324, r326}, {r325}, {r324, r326}, {r324}, {0x0, r326}, {}, {0x0, r326}, {r325, r326}, {0x0, r326}, {r325, r326}, {0x0, r326}, {r325}, {}, {r325, r326}, {}, {r324}, {0x0, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325}, {r325}, {r324, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {0x0, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {0x0, r326}, {r325}, {r325, r326}, {r325}, {r325}, {r324, r326}, {r325, r326}, {r324, r326}, {0x0, r326}, {0x0, r326}, {r324}, {r324, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r325, r326}, {r324, r326}, {r324, r326}, {r324, r326}, {r325, r326}, {r325, r326}, {r324}, {0x0, r326}, {r325, r326}, {}, {r325, r326}, {r325, r326}, {r324, r326}, {r324, r326}], 0x4, "350491c0a44cc4"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000620c0)={0x6c33, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r315}, {0x0, r322}, {r327}], 0xf8, "ef3e451510c31c"}) fallocate(r0, 0x0, 0x0, 0x7fff) 07:34:08 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 2) 07:34:08 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x4c, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:08 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000b00) [ 141.537392][ T6627] [ 141.540552][ T6627] ENOMEM in journal_alloc_journal_head, retrying. [ 141.579562][ T6635] FAULT_INJECTION: forcing a failure. 07:34:08 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x60, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 141.579562][ T6635] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 141.592755][ T6635] CPU: 1 PID: 6635 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 141.601096][ T6635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 141.611268][ T6635] Call Trace: [ 141.614635][ T6635] [ 141.617548][ T6635] dump_stack_lvl+0xd6/0x122 [ 141.622120][ T6635] dump_stack+0x11/0x1b [ 141.626330][ T6635] should_fail+0x23c/0x250 [ 141.630863][ T6635] should_fail_usercopy+0x16/0x20 [ 141.635871][ T6635] strncpy_from_user+0x21/0x250 [ 141.640723][ T6635] getname_flags+0xb8/0x3f0 [ 141.645250][ T6635] __x64_sys_mkdir+0x31/0x50 [ 141.649857][ T6635] do_syscall_64+0x44/0xa0 [ 141.654331][ T6635] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 141.660270][ T6635] RIP: 0033:0x7f28fbd1fbf7 [ 141.664774][ T6635] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 07:34:08 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r0, 0x1, 0x2, 0x2, 0x7}) 07:34:08 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 3) [ 141.684369][ T6635] RSP: 002b:00007f28f9a96fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 141.692763][ T6635] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f28fbd1fbf7 [ 141.700760][ T6635] RDX: 0000000000000000 RSI: 00000000000001ff RDI: 0000000020000000 [ 141.708715][ T6635] RBP: 00007f28f9a97040 R08: 0000000000000000 R09: 000000000001c4a6 [ 141.716839][ T6635] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000200000c0 [ 141.724801][ T6635] R13: 0000000020000000 R14: 00007f28f9a97000 R15: 0000000020000180 [ 141.732838][ T6635] 07:34:08 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x68, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 141.817755][ T6656] FAULT_INJECTION: forcing a failure. [ 141.817755][ T6656] name failslab, interval 1, probability 0, space 0, times 0 [ 141.830523][ T6656] CPU: 0 PID: 6656 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 141.838876][ T6656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 141.848963][ T6656] Call Trace: [ 141.852241][ T6656] [ 141.855159][ T6656] dump_stack_lvl+0xd6/0x122 [ 141.859859][ T6656] dump_stack+0x11/0x1b [ 141.864035][ T6656] should_fail+0x23c/0x250 [ 141.868456][ T6656] ? strndup_user+0x64/0xa0 [ 141.872946][ T6656] __should_failslab+0x81/0x90 [ 141.877804][ T6656] should_failslab+0x5/0x20 [ 141.882402][ T6656] __kmalloc_track_caller+0x6d/0x370 [ 141.887701][ T6656] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 141.893520][ T6656] memdup_user+0x22/0xb0 [ 141.897765][ T6656] strndup_user+0x64/0xa0 [ 141.902091][ T6656] __se_sys_mount+0x4e/0x2f0 [ 141.906678][ T6656] ? debug_smp_processor_id+0x18/0x20 [ 141.912081][ T6656] __x64_sys_mount+0x63/0x70 [ 141.916700][ T6656] do_syscall_64+0x44/0xa0 [ 141.921125][ T6656] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 141.927035][ T6656] RIP: 0033:0x7f28fbd2201a [ 141.931449][ T6656] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 141.951052][ T6656] RSP: 002b:00007f28f9a96fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 141.959467][ T6656] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f28fbd2201a 07:34:08 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x6c, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:08 executing program 3: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r1, 0x0, 0x0, 0x7fff) ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f0000000000)) 07:34:08 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 07:34:08 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 4) 07:34:08 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000041) 07:34:08 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000c00) [ 141.967474][ T6656] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 141.975446][ T6656] RBP: 00007f28f9a97040 R08: 00007f28f9a97040 R09: 00000000200000c0 [ 141.983790][ T6656] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 141.991763][ T6656] R13: 0000000020000000 R14: 00007f28f9a97000 R15: 0000000020000180 [ 141.999738][ T6656] 07:34:08 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x74, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:08 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 5) [ 142.055956][ T6665] FAULT_INJECTION: forcing a failure. [ 142.055956][ T6665] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 142.069164][ T6665] CPU: 1 PID: 6665 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 142.077495][ T6665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 142.087657][ T6665] Call Trace: [ 142.087665][ T6665] [ 142.087669][ T6665] dump_stack_lvl+0xd6/0x122 [ 142.087684][ T6665] dump_stack+0x11/0x1b 07:34:08 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x7a, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 142.087693][ T6665] should_fail+0x23c/0x250 [ 142.087707][ T6665] should_fail_usercopy+0x16/0x20 [ 142.087720][ T6665] _copy_from_user+0x1c/0xd0 [ 142.087731][ T6665] memdup_user+0x5b/0xb0 [ 142.087741][ T6665] strndup_user+0x64/0xa0 [ 142.087750][ T6665] __se_sys_mount+0x4e/0x2f0 [ 142.087761][ T6665] ? debug_smp_processor_id+0x18/0x20 [ 142.087773][ T6665] __x64_sys_mount+0x63/0x70 [ 142.087783][ T6665] do_syscall_64+0x44/0xa0 07:34:08 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2000003, 0x4010, r1, 0x9b33f000) fallocate(r0, 0x0, 0x0, 0x7fff) 07:34:08 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) readlinkat(r0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=""/245, 0xf5) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r1, 0x0, 0x0, 0x7fff) [ 142.087796][ T6665] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 142.087811][ T6665] RIP: 0033:0x7f28fbd2201a [ 142.087821][ T6665] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 142.087830][ T6665] RSP: 002b:00007f28f9a96fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 142.087841][ T6665] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f28fbd2201a 07:34:08 executing program 3: ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000000)={0x0, 0x2, 0x0, 0x4b3}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000080)=0x1) r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x400000, 0x120) fallocate(r1, 0x20, 0xfffffffffffffffc, 0x7fff) 07:34:08 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = openat$cgroup_subtree(r0, &(0x7f0000000000), 0x2, 0x0) fallocate(r1, 0x30, 0x82d, 0x5) [ 142.087848][ T6665] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 142.087855][ T6665] RBP: 00007f28f9a97040 R08: 00007f28f9a97040 R09: 00000000200000c0 [ 142.087862][ T6665] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 142.087869][ T6665] R13: 0000000020000000 R14: 00007f28f9a97000 R15: 0000000020000180 [ 142.087876][ T6665] [ 142.138877][ T6678] FAULT_INJECTION: forcing a failure. [ 142.138877][ T6678] name failslab, interval 1, probability 0, space 0, times 0 07:34:08 executing program 3: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r0, &(0x7f0000000040)='io.stat\x00', 0x275a, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x430100, 0x0) ioctl$IOC_PR_CLEAR(r1, 0x401070cd, &(0x7f00000000c0)={0x8}) [ 142.249346][ T6678] CPU: 1 PID: 6678 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 142.257681][ T6678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 142.268003][ T6678] Call Trace: [ 142.271293][ T6678] [ 142.274221][ T6678] dump_stack_lvl+0xd6/0x122 [ 142.278823][ T6678] dump_stack+0x11/0x1b [ 142.282993][ T6678] should_fail+0x23c/0x250 [ 142.287416][ T6678] ? __se_sys_mount+0xf7/0x2f0 [ 142.292184][ T6678] __should_failslab+0x81/0x90 [ 142.296986][ T6678] should_failslab+0x5/0x20 [ 142.301498][ T6678] kmem_cache_alloc_trace+0x52/0x350 [ 142.306990][ T6678] ? memdup_user+0x96/0xb0 [ 142.311393][ T6678] __se_sys_mount+0xf7/0x2f0 [ 142.315988][ T6678] ? debug_smp_processor_id+0x18/0x20 [ 142.321444][ T6678] __x64_sys_mount+0x63/0x70 [ 142.326022][ T6678] do_syscall_64+0x44/0xa0 [ 142.330771][ T6678] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 142.336655][ T6678] RIP: 0033:0x7f28fbd2201a [ 142.341146][ T6678] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 142.360855][ T6678] RSP: 002b:00007f28f9a96fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 142.369259][ T6678] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f28fbd2201a [ 142.377217][ T6678] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 142.385176][ T6678] RBP: 00007f28f9a97040 R08: 00007f28f9a97040 R09: 00000000200000c0 [ 142.393218][ T6678] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 142.401184][ T6678] R13: 0000000020000000 R14: 00007f28f9a97000 R15: 0000000020000180 [ 142.409138][ T6678] 07:34:09 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7ffff000) 07:34:09 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 6) 07:34:09 executing program 3: getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) 07:34:09 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x300, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:09 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000d00) 07:34:09 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000042) [ 142.654245][ T6701] FAULT_INJECTION: forcing a failure. [ 142.654245][ T6701] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 142.667359][ T6701] CPU: 0 PID: 6701 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 142.675685][ T6701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 142.685738][ T6701] Call Trace: [ 142.689018][ T6701] [ 142.691950][ T6701] dump_stack_lvl+0xd6/0x122 [ 142.696541][ T6701] dump_stack+0x11/0x1b 07:34:09 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000040)='./file1\x00', 0xc60001a1) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, &(0x7f0000000100)) r2 = memfd_create(&(0x7f0000000300)='\x00\xc2\xea\x99\xbb\x1c\xdfjw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00'/204, 0x0) write(r2, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r3) write$binfmt_script(r3, &(0x7f0000000180)={'#! ', './file1', [], 0xa, "98bf25bc4aa4dcb26f8beef6030f1284390fcee06f5fc3d3006093e175a599b7253b0a530bc88717086c6ab0237acef7719f9f984a17587eb607092353e8beaa63a69bd572b3732763a2bd827b39ee5a048c0efa76a87b619d87e1cfe6ef6aecd020d89262459a2582c725726c68191a132664dd02df11033c5129ad44"}, 0x88) fallocate(r0, 0x0, 0x0, 0x7fff) 07:34:09 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x500, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 142.700720][ T6701] should_fail+0x23c/0x250 [ 142.705157][ T6701] should_fail_usercopy+0x16/0x20 [ 142.710191][ T6701] _copy_from_user+0x1c/0xd0 [ 142.714787][ T6701] __se_sys_mount+0x119/0x2f0 [ 142.719475][ T6701] ? debug_smp_processor_id+0x18/0x20 [ 142.724879][ T6701] __x64_sys_mount+0x63/0x70 [ 142.729476][ T6701] do_syscall_64+0x44/0xa0 [ 142.733903][ T6701] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 142.739807][ T6701] RIP: 0033:0x7f28fbd2201a 07:34:09 executing program 3: r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x200400) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x3c4, r1, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0x50, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8001}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3b0}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xffffffff}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xd9}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x4}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}]}, @TIPC_NLA_NODE={0x168, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x401}, @TIPC_NLA_NODE_ID={0x7a, 0x3, "e87f5cb4de356ccd8da0f04a1f4ca3bc725218ace1b703f69dcafcc204fa53a5bbed3bf28a261182890d701cf991b2afd5b250893f5032284799327655ff67da71a796880f1609aead02771e344647fc6491341b40f0def3e7ef57b34c2feb02ed87843602d934d88a321850851d4411192d1326a5a6"}, @TIPC_NLA_NODE_ID={0xb, 0x3, "b21df0aefa9331"}, @TIPC_NLA_NODE_ID={0xb9, 0x3, "2d50613cb86a2b46bab42c157accca6ae268f3adaa6ffd830045343eb98bc8da8934d1cdb2908fa074b80b1cc69ecd2093561dd1c29cb24a078948a59545e41677dd2aec5ba935836b40555b6638be524f1d8122546c5bb6601e8f706276eb497fe7f3d97eb3aba1cfb351ed2fc22cbdc5e37a1cfef9313eb9606fe7f7227c3c50bac36801af6352f43844fca3290698c5c767ccfacf61d4557887974dd1227119f695a41dcd7cc86aff304e1f7c701490c4a65d64"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x800}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}]}, @TIPC_NLA_MEDIA={0xc8, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x800}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xebda}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}]}, @TIPC_NLA_NET={0x48, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7fffffff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xffffffffffffff3e}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffffb}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8}]}, @TIPC_NLA_LINK={0xb8, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4ec}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2ad59093}, @TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}]}]}]}, 0x3c4}, 0x1, 0x0, 0x0, 0x4}, 0x20004005) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r2, 0x0, 0x0, 0x7fff) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000580)={0xe6, 0x8, 0x5, 0x1, 0x2}) [ 142.744217][ T6701] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 142.763828][ T6701] RSP: 002b:00007f28f9a96fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 142.772327][ T6701] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f28fbd2201a [ 142.780300][ T6701] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 142.788279][ T6701] RBP: 00007f28f9a97040 R08: 00007f28f9a97040 R09: 00000000200000c0 [ 142.796425][ T6701] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 07:34:09 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) splice(r0, &(0x7f0000000080)=0x1, r1, &(0x7f0000000380), 0x1ff, 0xf) r2 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x7, 0x0, &(0x7f0000000080), 0x1000, &(0x7f00000000c0)={[{@usrjquota_path={'usrjquota', 0x3d, './file0'}}, {@noload}, {@noquota}], [{@euid_lt}, {@func={'func', 0x3d, 'FILE_CHECK'}}]}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000180)) 07:34:09 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 7) [ 142.804402][ T6701] R13: 0000000020000000 R14: 00007f28f9a97000 R15: 0000000020000180 [ 142.812382][ T6701] 07:34:09 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x600, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 142.862502][ T6729] FAULT_INJECTION: forcing a failure. [ 142.862502][ T6729] name failslab, interval 1, probability 0, space 0, times 0 [ 142.875187][ T6729] CPU: 1 PID: 6729 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 142.883615][ T6729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 142.893767][ T6729] Call Trace: [ 142.897031][ T6729] [ 142.899942][ T6729] dump_stack_lvl+0xd6/0x122 [ 142.904515][ T6729] dump_stack+0x11/0x1b [ 142.908653][ T6729] should_fail+0x23c/0x250 [ 142.913139][ T6729] ? getname_flags+0x84/0x3f0 [ 142.917900][ T6729] __should_failslab+0x81/0x90 [ 142.922649][ T6729] should_failslab+0x5/0x20 [ 142.927171][ T6729] kmem_cache_alloc+0x4f/0x320 [ 142.931923][ T6729] getname_flags+0x84/0x3f0 [ 142.936428][ T6729] ? should_fail+0xd6/0x250 [ 142.940937][ T6729] user_path_at_empty+0x28/0x110 [ 142.945869][ T6729] __se_sys_mount+0x217/0x2f0 [ 142.950536][ T6729] __x64_sys_mount+0x63/0x70 [ 142.955213][ T6729] do_syscall_64+0x44/0xa0 [ 142.959647][ T6729] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 142.965665][ T6729] RIP: 0033:0x7f28fbd2201a [ 142.970064][ T6729] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 142.990070][ T6729] RSP: 002b:00007f28f9a96fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 142.998467][ T6729] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f28fbd2201a [ 143.006509][ T6729] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 143.014471][ T6729] RBP: 00007f28f9a97040 R08: 00007f28f9a97040 R09: 00000000200000c0 [ 143.022439][ T6729] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 143.030492][ T6729] R13: 0000000020000000 R14: 00007f28f9a97000 R15: 0000000020000180 [ 143.038700][ T6729] 07:34:09 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000002) 07:34:09 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 8) 07:34:09 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000e00) 07:34:09 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x700, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:09 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) io_uring_enter(r0, 0x6199, 0x73ad, 0x3, &(0x7f0000000000)={[0x2]}, 0x8) [ 143.260433][ T6738] FAULT_INJECTION: forcing a failure. [ 143.260433][ T6738] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 143.273592][ T6738] CPU: 1 PID: 6738 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 143.282204][ T6738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 143.292258][ T6738] Call Trace: [ 143.295541][ T6738] [ 143.298552][ T6738] dump_stack_lvl+0xd6/0x122 [ 143.303304][ T6738] dump_stack+0x11/0x1b [ 143.307537][ T6738] should_fail+0x23c/0x250 [ 143.312285][ T6738] should_fail_usercopy+0x16/0x20 [ 143.317323][ T6738] strncpy_from_user+0x21/0x250 [ 143.322156][ T6738] getname_flags+0xb8/0x3f0 [ 143.326645][ T6738] ? should_fail+0xd6/0x250 [ 143.331167][ T6738] user_path_at_empty+0x28/0x110 [ 143.336120][ T6738] __se_sys_mount+0x217/0x2f0 [ 143.340886][ T6738] __x64_sys_mount+0x63/0x70 [ 143.345461][ T6738] do_syscall_64+0x44/0xa0 [ 143.349869][ T6738] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 143.355852][ T6738] RIP: 0033:0x7f28fbd2201a [ 143.360259][ T6738] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 143.379861][ T6738] RSP: 002b:00007f28f9a96fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 143.388267][ T6738] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f28fbd2201a [ 143.396228][ T6738] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 07:34:10 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000043) 07:34:10 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000040)='./file1\x00', 0xc60001a1) ioctl$BTRFS_IOC_SEND(r1, 0x40489426, &(0x7f0000000040)={{r0}, 0x1, &(0x7f0000000000)=[0x2], 0xfffffffffffeffff, 0x2, [0x79, 0xfffffffffffffffc, 0x6, 0xd05000000]}) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x9}}, './file1\x00'}) write$cgroup_int(r2, &(0x7f0000000100), 0x12) fallocate(r0, 0x0, 0x0, 0x7fff) 07:34:10 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x87f, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:10 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 9) [ 143.404189][ T6738] RBP: 00007f28f9a97040 R08: 00007f28f9a97040 R09: 00000000200000c0 [ 143.412143][ T6738] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 143.420185][ T6738] R13: 0000000020000000 R14: 00007f28f9a97000 R15: 0000000020000180 [ 143.428145][ T6738] 07:34:10 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r1 = memfd_create(&(0x7f0000000300)='\x00\xc2\xea\x99\xbb\x1c\xdfjw\x97\x05\xa3\xa2\'\xdd\xe4q\xbf\t\x8c\xe0\x19`\x8e\x00\x00\x00\x00\x00\x00\x00\x00\x00\b \xff\x13\x96\xe3?\xdfH\x8c\xe4V\xe2\xfe\v8\x04\xa5\xb9\xc4:\xf3\xf6y_w\xd8\xcf\x90k\x05\x00\xf9\x1e\xe8m\xec\x12\xa015\xc2\xb3u|K\x111\xd4\f8\xeb\x18\xad\xbb!1\x85\x96P\x1b\xa1\x9a\x81\xf8\xb1\xecB)\xe5\xaa7\xfe\xdd,_D\xe5|\xb1j^\xaec}\x1a\xb4\x17\xafP\x85I\xd5\xa0I\xb0\xaf\xb5\x8b\\\x05\xd7g\xcbV\x8e\xd0\xac\x87I7\xbd\xc6\x9bI\x92\xb2\x87.\xb3\x1fs\xe7%\xdd+\r\xb4\x117\xa7ei~\xb8\x16\xd1P\xf2\x84\x89K\x16\xd0F|\xa3\x89\xc9~9\x00'/204, 0x0) write(r1, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x9, 0x100000000, 0x9, 0x5}) fallocate(r0, 0x0, 0x0, 0x7fff) [ 143.465431][ T6753] EXT4-fs: 85 callbacks suppressed [ 143.465443][ T6753] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 143.477670][ T6753] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 143.484685][ T6755] FAULT_INJECTION: forcing a failure. [ 143.484685][ T6755] name failslab, interval 1, probability 0, space 0, times 0 [ 143.502068][ T6755] CPU: 1 PID: 6755 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 07:34:10 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x44, 0x0, 0x7fff) [ 143.510413][ T6755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 143.520467][ T6755] Call Trace: [ 143.523739][ T6755] [ 143.526663][ T6755] dump_stack_lvl+0xd6/0x122 [ 143.529898][ T6760] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 143.531314][ T6755] dump_stack+0x11/0x1b [ 143.538521][ T6760] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 143.542569][ T6755] should_fail+0x23c/0x250 [ 143.558054][ T6755] ? alloc_fs_context+0x46/0x500 07:34:10 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r0) openat$cgroup_ro(r0, &(0x7f0000000000)='net_prio.prioidx\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/fib_triestat\x00') fchdir(r1) openat$cgroup_ro(r1, &(0x7f00000000c0)='freezer.self_freezing\x00', 0x0, 0x0) r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) fallocate(r2, 0x0, 0xfffffffffffffffc, 0x107fff) [ 143.563092][ T6755] __should_failslab+0x81/0x90 [ 143.567904][ T6755] should_failslab+0x5/0x20 [ 143.572490][ T6755] kmem_cache_alloc_trace+0x52/0x350 [ 143.577869][ T6755] alloc_fs_context+0x46/0x500 [ 143.582638][ T6755] ? security_capable+0x91/0xa0 [ 143.587521][ T6755] fs_context_for_reconfigure+0x42/0x50 [ 143.593068][ T6755] path_mount+0x120d/0x1c40 [ 143.597616][ T6755] __se_sys_mount+0x24b/0x2f0 [ 143.602410][ T6755] __x64_sys_mount+0x63/0x70 [ 143.607006][ T6755] do_syscall_64+0x44/0xa0 [ 143.611454][ T6755] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 143.617838][ T6755] RIP: 0033:0x7f28fbd2201a [ 143.622319][ T6755] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 143.641973][ T6755] RSP: 002b:00007f28f9a96fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 143.650458][ T6755] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f28fbd2201a [ 143.658418][ T6755] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 143.666469][ T6755] RBP: 00007f28f9a97040 R08: 00007f28f9a97040 R09: 00000000200000c0 [ 143.674434][ T6755] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 143.682479][ T6755] R13: 0000000020000000 R14: 00007f28f9a97000 R15: 0000000020000180 [ 143.690440][ T6755] 07:34:10 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000003) 07:34:10 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x880, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:10 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000f00) 07:34:10 executing program 3: r0 = request_key(&(0x7f0000000040)='keyring\x00', &(0x7f0000000100)={'syz', 0x1}, 0x0, 0xfffffffffffffffe) keyctl$restrict_keyring(0x3, r0, 0x0, 0x0) add_key$fscrypt_v1(&(0x7f00000003c0), 0x0, 0x0, 0x0, r0) add_key$keyring(&(0x7f0000000000), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f00000000c0)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0) fallocate(r1, 0x6, 0x0, 0x1) bind$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e) 07:34:10 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 10) [ 143.890755][ T6771] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 143.897876][ T6771] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 143.916782][ T6775] FAULT_INJECTION: forcing a failure. [ 143.916782][ T6775] name failslab, interval 1, probability 0, space 0, times 0 [ 143.929431][ T6775] CPU: 0 PID: 6775 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 143.935287][ T6778] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 143.938305][ T6775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 143.938317][ T6775] Call Trace: [ 143.938323][ T6775] [ 143.945392][ T6778] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 143.955516][ T6775] dump_stack_lvl+0xd6/0x122 [ 143.955546][ T6775] dump_stack+0x11/0x1b [ 143.981648][ T6775] should_fail+0x23c/0x250 [ 143.986172][ T6775] ? legacy_init_fs_context+0x2d/0x70 [ 143.991549][ T6775] __should_failslab+0x81/0x90 [ 143.996324][ T6775] should_failslab+0x5/0x20 [ 144.000841][ T6775] kmem_cache_alloc_trace+0x52/0x350 [ 144.006157][ T6775] ? kmem_cache_alloc_trace+0x24b/0x350 [ 144.011709][ T6775] legacy_init_fs_context+0x2d/0x70 [ 144.016913][ T6775] alloc_fs_context+0x419/0x500 [ 144.021794][ T6775] fs_context_for_reconfigure+0x42/0x50 [ 144.027343][ T6775] path_mount+0x120d/0x1c40 [ 144.031848][ T6775] __se_sys_mount+0x24b/0x2f0 [ 144.036613][ T6775] __x64_sys_mount+0x63/0x70 [ 144.041210][ T6775] do_syscall_64+0x44/0xa0 [ 144.045842][ T6775] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 144.051846][ T6775] RIP: 0033:0x7f28fbd2201a [ 144.056261][ T6775] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 144.076649][ T6775] RSP: 002b:00007f28f9a96fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 07:34:10 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000060) 07:34:10 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x900, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:10 executing program 3: open(&(0x7f0000000040)='./file0\x00', 0x200000, 0x82) sendmsg$TIPC_CMD_GET_NETID(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0x8, &(0x7f0000000080)={&(0x7f0000000100)={0x1c, 0x0, 0x1, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20004001) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x4, 0x7fff) [ 144.085090][ T6775] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f28fbd2201a [ 144.093060][ T6775] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 144.101035][ T6775] RBP: 00007f28f9a97040 R08: 00007f28f9a97040 R09: 00000000200000c0 [ 144.109066][ T6775] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 144.117029][ T6775] R13: 0000000020000000 R14: 00007f28f9a97000 R15: 0000000020000180 [ 144.125105][ T6775] 07:34:10 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 11) [ 144.156599][ T6784] EXT4-fs (sda1): Ignoring removed mblk_io_submit option [ 144.163738][ T6784] EXT4-fs (sda1): re-mounted. Opts: mblk_io_submit,init_itable,,errors=continue. Quota mode: writeback. [ 144.195398][ T6794] FAULT_INJECTION: forcing a failure. 07:34:10 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xa00, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:10 executing program 3: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r0, 0x1, 0x70bd2c, 0x25dfdbff, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0x2, 0x79}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x50}, 0x4000) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r1, 0xe, 0x200, 0xb52) 07:34:10 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000004) [ 144.195398][ T6794] name failslab, interval 1, probability 0, space 0, times 0 [ 144.208051][ T6794] CPU: 0 PID: 6794 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 144.216385][ T6794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.226590][ T6794] Call Trace: [ 144.229915][ T6794] [ 144.232845][ T6794] dump_stack_lvl+0xd6/0x122 [ 144.237571][ T6794] dump_stack+0x11/0x1b [ 144.241825][ T6794] should_fail+0x23c/0x250 [ 144.246301][ T6794] ? ext4_remount+0x67/0x1980 [ 144.250990][ T6794] __should_failslab+0x81/0x90 07:34:10 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100001001) [ 144.255775][ T6794] should_failslab+0x5/0x20 [ 144.260304][ T6794] __kmalloc_track_caller+0x6d/0x370 [ 144.265737][ T6794] ? list_lru_add+0x260/0x280 [ 144.270585][ T6794] kstrdup+0x31/0x70 [ 144.274548][ T6794] ext4_remount+0x67/0x1980 [ 144.279149][ T6794] ? __dentry_kill+0x3e6/0x450 [ 144.283915][ T6794] ? __dput_to_list+0x153/0x250 [ 144.288833][ T6794] ? shrink_dentry_list+0x2e6/0x300 [ 144.294149][ T6794] ? ext4_statfs+0x6a0/0x6a0 [ 144.298805][ T6794] legacy_reconfigure+0x8e/0xa0 07:34:11 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x6b, 0x0, 0x7fff) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000180)={0x7f, 0x8, 0x1, 0x4, 0x4, 0x7f}) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) r2 = inotify_init1(0x0) inotify_add_watch(r2, &(0x7f0000000040)='./file1\x00', 0xc60001a1) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000200)={0x0, r2, 0x81, 0x2, 0x8, 0xffffffffffffa673}) r3 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r3) openat$cgroup_ro(r3, &(0x7f00000001c0)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x0, 0x0) write$binfmt_script(r0, &(0x7f0000000000)={'#! ', './file0', [{0x20, 'cgroup.events\x00'}], 0xa, "6e71fd551666267b28c484d50c9cc891368fa1e1cf50cfe976e5541b0536857b95aa415c0ee34f821aaa43ec091f5b9f44e667c71626c705ccc621f5ad9ea58ae8c9b9a708946ebaa3b0b21bedf128f1e32e7f0449be4d0d0dd594265b22df8ef694bbf29b74d4ae72a7fd3a84d9f4f590cc092ed702fcfc7c3144e7b798a636e0e67a5c063f88a306bf22018e0f3a819d0f1502a5abd0bbcd0c31aa8be44c84dcc720f82d64cfcb497aae64983447e96b017df802ac82f577b3875bd31dc41bc1d76ac7c372414726c1a34a1a157aea9156971cb80b281d60c9b683895e005d087c63b1fe4f3dc82712f77e95a5fb7604"}, 0x10b) [ 144.303681][ T6794] reconfigure_super+0x175/0x540 [ 144.308638][ T6794] path_mount+0x13f9/0x1c40 [ 144.313163][ T6794] __se_sys_mount+0x24b/0x2f0 [ 144.318021][ T6794] __x64_sys_mount+0x63/0x70 [ 144.322715][ T6794] do_syscall_64+0x44/0xa0 [ 144.327196][ T6794] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 144.333161][ T6794] RIP: 0033:0x7f28fbd2201a [ 144.337573][ T6794] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 144.357303][ T6794] RSP: 002b:00007f28f9a96fa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 144.363492][ T6803] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 127 (only 8 groups) [ 144.365890][ T6794] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f28fbd2201a [ 144.365906][ T6794] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 144.365917][ T6794] RBP: 00007f28f9a97040 R08: 00007f28f9a97040 R09: 00000000200000c0 07:34:11 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) 07:34:11 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xb00, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:11 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 12) [ 144.365939][ T6794] R10: 000000000001c4a6 R11: 0000000000000206 R12: 00000000200000c0 [ 144.408410][ T6794] R13: 0000000020000000 R14: 00007f28f9a97000 R15: 0000000020000180 [ 144.416395][ T6794] [ 144.493593][ T6811] FAULT_INJECTION: forcing a failure. [ 144.493593][ T6811] name failslab, interval 1, probability 0, space 0, times 0 [ 144.506425][ T6811] CPU: 0 PID: 6811 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 144.514804][ T6811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.524861][ T6811] Call Trace: [ 144.528156][ T6811] [ 144.531088][ T6811] dump_stack_lvl+0xd6/0x122 [ 144.535726][ T6811] dump_stack+0x11/0x1b [ 144.539885][ T6811] should_fail+0x23c/0x250 [ 144.544383][ T6811] ? getname_flags+0x84/0x3f0 [ 144.549078][ T6811] __should_failslab+0x81/0x90 [ 144.553904][ T6811] should_failslab+0x5/0x20 [ 144.558421][ T6811] kmem_cache_alloc+0x4f/0x320 [ 144.563252][ T6811] getname_flags+0x84/0x3f0 [ 144.567784][ T6811] getname+0x15/0x20 [ 144.571843][ T6811] do_sys_openat2+0x6d/0x2b0 [ 144.576570][ T6811] __x64_sys_openat+0xef/0x110 [ 144.581391][ T6811] do_syscall_64+0x44/0xa0 [ 144.585902][ T6811] entry_SYSCALL_64_after_hwframe+0x44/0xae 07:34:11 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000234) 07:34:11 executing program 3: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0xe4, r0, 0x20, 0x70bd27, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_OPER_CLASS={0x5}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x9}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x178}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x9}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1f}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15ce}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xb}], @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x26}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1a6}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x98a}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xb}, @NL80211_ATTR_CENTER_FREQ2={0x8}], @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x4d}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0xff}, @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x1}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0xe4}, 0x1, 0x0, 0x0, 0x40000}, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r1, 0x0, 0x0, 0x7fff) r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r2, 0xc0709411, &(0x7f0000000040)={{0x0, 0x7ff, 0x1, 0x1, 0x2, 0x5, 0x1, 0x0, 0x4, 0x8, 0xfffffffa, 0x81, 0x9, 0x2, 0x8}, 0x8, [0x0]}) 07:34:11 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xc00, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 144.591854][ T6811] RIP: 0033:0x7f28fbcd3a04 [ 144.596259][ T6811] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 144.615913][ T6811] RSP: 002b:00007f28f9a96f30 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 144.624359][ T6811] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f28fbcd3a04 [ 144.632329][ T6811] RDX: 0000000000010000 RSI: 0000000020000000 RDI: 00000000ffffff9c 07:34:11 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000005) 07:34:11 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100001f00) [ 144.640370][ T6811] RBP: 0000000020000000 R08: 0000000000000000 R09: 00000000200000c0 [ 144.648485][ T6811] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000010000 [ 144.656458][ T6811] R13: 0000000020000000 R14: 00007f28f9a97000 R15: 0000000020000180 [ 144.664556][ T6811] 07:34:11 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xd00, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:11 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = getpgid(0x0) sched_setattr(r1, &(0x7f0000000140)={0x38, 0x1, 0x21, 0xb7, 0x0, 0x0, 0x4, 0x0, 0x3e0000, 0x8}, 0x0) r2 = syz_open_procfs(r1, &(0x7f0000000080)='fd\x00') fchdir(r2) io_uring_enter(r2, 0x5a88, 0x53f9, 0x6, &(0x7f0000000000)={[0x7ff]}, 0x8) 07:34:11 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 13) 07:34:11 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) pwritev2(r1, &(0x7f00000004c0)=[{&(0x7f0000000000)="eaf7f4b0682bbea24d268a9918f9c3865fc70a18e6b6451b362df87a999bbca94fc1ba1c5cfb00abe5eec14b623168d42254d7e6dc9eb1f1d6b77e3200ca93cef1ee95244e3a490d3bbd37e7583ea6d11510996c84bb321a6ab5f07782d3cd10972444664e42cc296928f4125b6c39c537dc3e54f31a99451390e0b1ad65476955e10f9a9595d6bbab1fb432aadfc4436d2c", 0x92}, {&(0x7f00000000c0)="c7bbde0968801f442bbd060e14fae5780fff9f1c2c4cd1cfd70a0b792b02f95b1586ef9c12c386724aa3f1a62b59", 0x2e}, {&(0x7f0000000100)}, {&(0x7f0000000180)="c4afc754ab729da17eabf9b34d728eaed53748258c66394cccde04f3bd6bdc60df8ca164dbbf6570c8bad373ea33ed6c4bb5a09957d835f5c72622fad0c3dfd0200011846056c2d900403017085f65a59d5d59fb24c4b679afd95f13d2f4b067ca5f81156ab7c9c80603b9508a6dacd867a5530970ee9cec75bc245c690f19ff67278f3d35055b3febb1aa9179e64c250d4aa13d7e3a8bf41738f3d26f11c965ddc79462ebe4469e079d8fe2de33290aa5e174be3902fe491f37a6fd6835e0204228f4a61ac24982c8d5635ede3de1e4466b698a39cab559465c681ee85a8f3a2a50aa23b15eda502c7e1d", 0xeb}, {&(0x7f0000000280)="2664201f93c64899d9b058ecbf5ff44db782ad862c732de31c90480505acabd452eebd012784c584809f8b1fd7a4045179e6155bbff22706b95f0d1a5c06651486b04a62b5ee47c883a5146a39058bdd01090efa9ec402dac58122d583768ec1d2d1cef652ab5c6fb9bad2256ca243ad9187c7a2c5e021d95e38913780606630f6a3aa0ffb40f4a4a4239241425725fdf9b031596a803a7c8e824908b3a0776a3a27b6ed0dbb95c7ef52349b1ad5501b3473afa6629b01059953ff301eaa178b47f75e5761301f9433075923fa8ae2891817ccf143a6260d255320051445ae590c979f7429be3ae9b33818ec239e", 0xee}, {&(0x7f0000000380)="9e1c2dc4a8300be0c6f3b2e1235002c4442aa1d27df0c1f5ff9593cd601d0d584f59327bff000dd0b6eeacdfd9f83a6047635f3391bb9738fda0e29a9a82668072a2f0ac074809f1acdb9e4e9f5fe35be16735a0eab02e15cd5af2926b060430b2fd1c318df85242afa70dc64f8b7b7a14cc956de968f481f1", 0x79}, {&(0x7f0000000400)="84b1b0ac9780954afd1efa", 0xb}, {&(0x7f0000000440)="ccd8b914d15b66bf0fc751475a252a16952b3ecb4291d6304c73d6005a156dde65b52d8b136a4565d2f2c2596f7155a86c038463563a5a28c7716e1258a1f09264b22335b6c1d2d009a2875fb77e482c5e43f19ec8f21256df6dcce7e85d390b137384f88e62", 0x66}], 0x8, 0x8001, 0x71, 0x1) fallocate(r0, 0x0, 0x0, 0x7fff) 07:34:11 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xe00, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 144.824273][ T6837] FAULT_INJECTION: forcing a failure. [ 144.824273][ T6837] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 144.837424][ T6837] CPU: 0 PID: 6837 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 144.845815][ T6837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.855869][ T6837] Call Trace: [ 144.859170][ T6837] [ 144.862097][ T6837] dump_stack_lvl+0xd6/0x122 [ 144.866738][ T6837] dump_stack+0x11/0x1b [ 144.870896][ T6837] should_fail+0x23c/0x250 [ 144.875318][ T6837] should_fail_usercopy+0x16/0x20 [ 144.880351][ T6837] strncpy_from_user+0x21/0x250 [ 144.885205][ T6837] getname_flags+0xb8/0x3f0 [ 144.889728][ T6837] getname+0x15/0x20 [ 144.893669][ T6837] do_sys_openat2+0x6d/0x2b0 [ 144.898303][ T6837] __x64_sys_openat+0xef/0x110 [ 144.903086][ T6837] do_syscall_64+0x44/0xa0 [ 144.907511][ T6837] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 144.913416][ T6837] RIP: 0033:0x7f28fbcd3a04 [ 144.917830][ T6837] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 144.937525][ T6837] RSP: 002b:00007f28f9a96f30 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 144.946203][ T6837] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f28fbcd3a04 [ 144.954173][ T6837] RDX: 0000000000010000 RSI: 0000000020000000 RDI: 00000000ffffff9c [ 144.962145][ T6837] RBP: 0000000020000000 R08: 0000000000000000 R09: 00000000200000c0 07:34:11 executing program 3: sendmsg$ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)={0xc4, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@ETHTOOL_A_WOL_SOPASS={0xaf, 0x3, "944718fd31cdf0b402ff56f0ed94aa480fd85ba37057054e54051a00d3044179d8644bc6dd0c7be5d1fe63370943bd37f9ef1d8531115851488a7f424b7844765a2c6950d291e37926d2029a9b666dbb9c42fd279af8089bcc8485caf6e09db659049e6a98a81a10819e999c573d71dd0a8eb871c27e02ee5800ba3345739c905252f3dc38e53abb9f83ff29d8176b400a8c1c78400496f59c1ef1942a2ce29145362708507a73cedecc12"}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000080}, 0x24040810) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) [ 144.970278][ T6837] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000010000 [ 144.978321][ T6837] R13: 0000000020000000 R14: 00007f28f9a97000 R15: 0000000020000180 [ 144.986308][ T6837] 07:34:11 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000006) 07:34:11 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000235) 07:34:11 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1100, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:11 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000040)='./file1\x00', 0xc60001a1) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000000, 0x13, r2, 0x652a9000) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x4010, r1, 0xe6948000) 07:34:11 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100002000) 07:34:11 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1200, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:11 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 14) 07:34:11 executing program 3: ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00 ./file0\x00']) sendmsg$OSF_MSG_REMOVE(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000180)={0x964, 0x1, 0x5, 0x801, 0x0, 0x0, {0x0, 0x0, 0x7}, [{{0x254, 0x1, {{0x0, 0x6}, 0x40, 0xa3, 0x8, 0x400, 0x1, 'syz1\x00', "f47887b809fe2a9f29b94e22c94b87cdf199776b655930913ed71cae9559931d", "ac51ee1c52dc0ed807022b17ac8ca8765b5be80b052e4114cd9ea544db479250", [{0x24db, 0xfffd, {0x2, 0x4}}, {0x800, 0x7a0, {0x3, 0x7}}, {0x6, 0xff, {0x1, 0x1000}}, {0x0, 0x20, {0x0, 0x3}}, {0x80, 0x3, {0x2, 0x9}}, {0x8, 0x101, {0x3, 0x7c0}}, {0x98e1, 0x64, {0x0, 0x6}}, {0xc, 0x400, {0x3, 0x4}}, {0x7, 0x200, {0x2, 0x7}}, {0x401, 0x4, {0x3}}, {0x0, 0x6, {0x0, 0x2}}, {0x2, 0x1000, {0x0, 0x4}}, {0xd3, 0x101, {0x3, 0x74c0}}, {0x6, 0x5, {0x2, 0x4}}, {0x1000, 0xc79a, {0x3, 0x6}}, {0x0, 0x8000, {0x3, 0x3}}, {0x8, 0xff7d, {0x1, 0x6}}, {0x4, 0x7, {0x2, 0x3ff}}, {0x5, 0x40}, {0x1ff, 0x6, {0x3, 0x8}}, {0x5, 0x101, {0x3}}, {0x1b7, 0x7, {0x3, 0x401}}, {0x81, 0x9, {0x3, 0x9}}, {0x25, 0x8, {0x0, 0x6}}, {0x8, 0xb92e, {0x2, 0x7f}}, {0x8, 0x7f, {0x0, 0x5}}, {0x6, 0x6, {0x3, 0x1}}, {0x1, 0x0, {0x3, 0x826b}}, {0xfffd, 0x9, {0x1, 0xfffff000}}, {0x8001, 0xdbaf, {0x0, 0x1ff}}, {0x7, 0x800}, {0x1, 0x2, {0x3, 0x1}}, {0x3d4b, 0xfffe, {0x1, 0x4}}, {0x8, 0x4, {0x0, 0x8}}, {0x4, 0x7fff, {0x1, 0x4}}, {0x7, 0x0, {0x0, 0x5}}, {0x2, 0x1ff, {0x1, 0x3}}, {0x8001, 0x1, {0x2}}, {0xffff, 0x4, {0x0, 0x6}}, {0x9, 0x6, {0x1, 0x7}}]}}}, {{0x254, 0x1, {{0x0, 0x8}, 0x80, 0x5, 0x3f, 0x9, 0x1a, 'syz0\x00', "6fe3651147f1cf3257456ebec838f6c61b52b27fc3acfe8cebefac29c1616b07", "ff4b9acd71faf31aed7c9cc34a7e233bdbe8e2d2b16b2bb359da75112e09189b", [{0x1, 0x9, {0x2, 0x7ff}}, {0x80, 0x1000, {0x3, 0x7}}, {0x20, 0x9, {0x3, 0x1}}, {0x8, 0x1, {0x3, 0x8}}, {0x1313, 0x7f, {0x3, 0x5}}, {0xffff, 0x1, {0x2, 0xcc2b}}, {0x4, 0x9, {0x0, 0x5}}, {0x1, 0x3, {0x2, 0x4}}, {0x680e, 0x4, {0x1, 0x9}}, {0x4, 0x1, {0x1, 0x2}}, {0x7, 0x4, {0x3}}, {0x2, 0x26c5, {0x2, 0x8}}, {0x3, 0x9, {0x0, 0x400}}, {0xace, 0x3ff, {0x1, 0x101}}, {0x6, 0xa2, {0x0, 0x10001}}, {0x3529, 0x7ff, {0x1, 0x7}}, {0x7f, 0x6, {0x3, 0x5}}, {0x2, 0x5cd1, {0x2, 0x8}}, {0x1, 0x7, {0x0, 0x101}}, {0x9b6, 0x4, {0x1, 0xfffffff7}}, {0x8001, 0x9, {0x1, 0x9b27c82}}, {0x1, 0x2, {0x2, 0x2}}, {0x81, 0x25aa, {0x0, 0x4}}, {0x0, 0x7, {0x2, 0x10001}}, {0x6, 0x0, {0x3, 0x8}}, {0x7ff, 0x101, {0x1, 0x3}}, {0x4, 0x800, {0x2}}, {0x8000, 0xcac, {0x2, 0x7}}, {0x8, 0x1ff, {0x0, 0x2}}, {0x20, 0x4f8, {0x3, 0x5}}, {0xff, 0x40, {0x2, 0x7f}}, {0x4, 0xffff, {0x0, 0x4c}}, {0x5, 0x200, {0x1, 0x52}}, {0x400, 0xfeff, {0x3, 0x800}}, {0x695, 0x3, {0x0, 0x800}}, {0x8, 0x8, {0x2, 0x8}}, {0x2, 0x81e1, {0x3, 0x1f}}, {0x5, 0xfe00, {0x2, 0x3f}}, {0x7, 0x3, {0x3, 0x4c1}}, {0x100, 0x6, {0x0, 0x40}}]}}}, {{0x254, 0x1, {{0x2, 0xef}, 0x20, 0x4b, 0xfff7, 0x4, 0xe, 'syz1\x00', "7151a10943a45d72e17232d7edef82f28cf3004f9be2be7e313bf2b6868e2e8f", "cb188bfb2a61676bba783204d8fd264b43d79dad3859cf2120d9adc66c052dbd", [{0x8001, 0x7ff, {0x2, 0x4}}, {0x5, 0x6, {0x1, 0x1}}, {0x8001, 0x81, {0x2, 0x7f}}, {0x1, 0x4, {0x2, 0xffffff01}}, {0x4, 0x2, {0x2, 0xffffffff}}, {0x51f, 0xfff8, {0x0, 0x80000001}}, {0xdcb1, 0x5, {0x1, 0xc48}}, {0x80, 0xffff, {0x1, 0x3}}, {0x1000, 0x77, {0x1, 0x1}}, {0x1, 0x0, {0x2, 0xea}}, {0x6, 0xd90, {0x2, 0x8000}}, {0x1000, 0x7, {0x2, 0x2}}, {0xfff, 0x5, {0x1, 0x3}}, {0xfd53, 0x101, {0x3, 0x7980}}, {0x8, 0x8, {0x3, 0x80000000}}, {0xe1, 0x2, {0x0, 0x2}}, {0x4, 0xf51, {0x3, 0xffff0001}}, {0xac7, 0x100, {0x0, 0x7}}, {0xac44, 0x4, {0x3, 0x2}}, {0x7, 0x3, {0x3, 0x5000}}, {0x5, 0x1ff, {0x2, 0xfffffffb}}, {0x7f, 0x6, {0x3, 0x2}}, {0xfff, 0xc017, {0x2, 0xa212}}, {0xff81, 0x1, {0x0, 0x1}}, {0x80, 0x8000, {0x0, 0x7f}}, {0x3, 0x2, {0x3, 0x20}}, {0x9, 0x1, {0x2, 0x80000000}}, {0xad, 0xac79, {0x3, 0xffffffff}}, {0xfffc, 0x6, {0x3, 0x1}}, {0x2, 0x9a, {0x0, 0x1ec}}, {0x3, 0x8, {0x3, 0x3ff}}, {0x6, 0x9, {0x3}}, {0x40, 0x6, {0x1, 0xfffffff9}}, {0x0, 0x3, {0x2, 0x5e}}, {0x8, 0x6}, {0x3, 0x200, {0x1, 0xfffffeff}}, {0x40, 0x4f5, {0x3, 0xda}}, {0x789d, 0x4, {0x1, 0x9}}, {0x9, 0x6, {0x3, 0x7}}, {0x3, 0x5525, {0x2, 0x401}}]}}}, {{0x254, 0x1, {{0x3, 0x1}, 0x40, 0x7, 0x1, 0x2, 0x21, 'syz0\x00', "183f8a8e951bb34a11efe46697799512c6bcc4985ec9bc0aef9c736befba82fb", "ec56321e97eaedcb1e05968bb870c1668236986ff806a4326a34606e711c2b5f", [{0x3, 0x4, {0x2, 0x7fffffff}}, {0xbc46, 0x0, {0x1, 0x5}}, {0x20b2, 0x3ff, {0x0, 0x2}}, {0x2, 0x5, {0x1, 0x2}}, {0x8, 0xff, {0x3, 0x1}}, {0x9, 0x7, {0x6, 0x77}}, {0xaf, 0x6, {0x1, 0x4}}, {0x3, 0x6, {0x0, 0x5}}, {0x8, 0x7, {0x2, 0x5}}, {0xcc18, 0x31c5, {0x0, 0x3}}, {0x9, 0x2, {0x3, 0x7c9f}}, {0x0, 0x0, {0x0, 0xd197}}, {0x5, 0x20, {0x0, 0x6}}, {0x5, 0x4, {0x0, 0x7fffffff}}, {0x2, 0x6, {0x3, 0x6}}, {0xb1, 0x2, {0x0, 0xffffffff}}, {0x8bb, 0xeb, {0x3, 0x3599d97d}}, {0x9, 0xff, {0x2, 0xfff}}, {0x7fff, 0xfffd, {0x2, 0x4}}, {0xf2a3, 0x0, {0x2, 0x6}}, {0xb65f, 0x1000, {0x1, 0x3}}, {0x7, 0x1f, {0x2, 0x6}}, {0x3f, 0x4, {0x0, 0x8000}}, {0x1ff, 0x0, {0x0, 0x1}}, {0x1000, 0xffe1, {0x1, 0x2}}, {0x9, 0x2, {0x3}}, {0x8, 0xfff, {0x0, 0x6}}, {0x0, 0x100, {0x0, 0x8}}, {0xb8e, 0xfeff, {0x1, 0x3f}}, {0x7, 0xf7, {0x3, 0xfffffffa}}, {0xe000, 0xce, {0x0, 0x2}}, {0x40, 0x2, {0x0, 0x5}}, {0xb1, 0x1, {0x0, 0x7}}, {0x5, 0xb3, {0x2, 0x10000}}, {0xa52, 0xffc0, {0x3}}, {0x553, 0x6, {0x1, 0x7}}, {0x7, 0x4, {0x3, 0x1}}, {0xee6c, 0x800, {0x0, 0x1}}, {0x6, 0xfff, {0x3, 0x6}}, {0x1ff, 0x12f, {0x2, 0x7}}]}}}]}, 0x964}, 0x1, 0x0, 0x0, 0x10}, 0x40000) close(0xffffffffffffffff) r1 = signalfd(0xffffffffffffffff, &(0x7f0000000100)={[0x578]}, 0x8) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000b00)={{0x1, 0x1, 0x18, r1, {0x51, 0x10000}}, './file0\x00'}) preadv(r1, &(0x7f0000000bc0)=[{&(0x7f0000000b40)=""/6, 0x6}, {&(0x7f0000000b80)=""/49, 0x31}], 0x2, 0x1f, 0x9) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r2, 0x0, 0x0, 0x7fff) 07:34:11 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1800, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:11 executing program 3: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_EXTERNAL_AUTH(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0x80, r0, 0x100, 0x70bd26, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x3, 0x72}}}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "1a6394aa59d938d4e5c8df8638f7dffd"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x59}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_PMKID={0x14, 0x55, "87d1fb3f9df07c025c82f2cd40d98960"}]}, 0x80}, 0x1, 0x0, 0x0, 0x4000}, 0x44810) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r1, 0x0, 0x0, 0x7fff) 07:34:12 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x7fff) r1 = dup(0xffffffffffffffff) ioctl$AUTOFS_IOC_SETTIMEOUT(r1, 0x80049367, &(0x7f0000000000)=0x80) 07:34:12 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2000, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 145.381114][ T6882] FAULT_INJECTION: forcing a failure. [ 145.381114][ T6882] name failslab, interval 1, probability 0, space 0, times 0 [ 145.393764][ T6882] CPU: 1 PID: 6882 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 145.402100][ T6882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 145.412152][ T6882] Call Trace: [ 145.415427][ T6882] [ 145.418351][ T6882] dump_stack_lvl+0xd6/0x122 [ 145.422949][ T6882] dump_stack+0x11/0x1b [ 145.427106][ T6882] should_fail+0x23c/0x250 [ 145.431530][ T6882] ? strndup_user+0x64/0xa0 [ 145.436466][ T6882] __should_failslab+0x81/0x90 [ 145.441426][ T6882] should_failslab+0x5/0x20 [ 145.445990][ T6882] __kmalloc_track_caller+0x6d/0x370 [ 145.451280][ T6882] ? perf_trace_kmem_cache_free+0x5a/0x150 [ 145.457095][ T6882] memdup_user+0x22/0xb0 [ 145.461344][ T6882] strndup_user+0x64/0xa0 [ 145.465681][ T6882] __se_sys_mount+0x4e/0x2f0 [ 145.470277][ T6882] ? debug_smp_processor_id+0x18/0x20 [ 145.475669][ T6882] __x64_sys_mount+0x63/0x70 07:34:12 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000007) [ 145.480259][ T6882] do_syscall_64+0x44/0xa0 [ 145.484688][ T6882] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 145.490590][ T6882] RIP: 0033:0x7f28fbd2201a [ 145.495016][ T6882] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 145.514647][ T6882] RSP: 002b:00007f28f9a75fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 145.523062][ T6882] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f28fbd2201a 07:34:12 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000236) 07:34:12 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100002200) 07:34:12 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2200, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:12 executing program 3: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004cb00)={0x0, ""/256, 0x0}) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x5) r2 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0xa}, 0x0, 0x0, 0x5, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, &(0x7f0000058c40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1}], 0x0, "2156816c73038c"}) close(0xffffffffffffffff) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000580)={0x0, 0xffffffffffffffff, 0xb1, 0x6, @buffer={0x0, 0x0, &(0x7f0000000240)}, &(0x7f0000000440)="d77b2d61eca8c093530eb80ad5d0a865bf8cc11b961ed589eae117f6e03c0039ed7fd59ce2f97c611e9ef4700adfff63e7f6173a82248c9d98cf500f999d8550b70ab13216e870dfc0ab0f0bc110b98b42c59bf3ffcaf5a76e685eff47acbe6da409fd7c7ef49889b19082808316e97ba19c31a2b2de1db997965405316bf2784e04c2f464dcf49cef8e38e766797f9a0def919ba8802b08bf41be4632c5bd0724aeb2be82ec0819f3530bc8869bc386c6", &(0x7f0000000500)=""/101, 0xd479, 0x8074, 0x0, 0x0}) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000c80)) ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000380)={0x53, 0xfffffffffffffffc, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x4, 0x0, 0x0}) ioctl$FIDEDUPERANGE(r3, 0xc0189436, &(0x7f0000000f40)=ANY=[@ANYBLOB="4ead00000000000000100000000000000400000000000000", @ANYRES32=r3, @ANYBLOB="000000000200"/28, @ANYRES32=r0, @ANYBLOB="0000000000b689218abd96b1983bb9950b08000000000000000000000200"/40, @ANYRES32=r4, @ANYBLOB="000000000100"/28, @ANYRES32, @ANYBLOB="00000000000000000100"/28]) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000c00)={0x53, 0xfffffffffffffffd, 0x63, 0x3, @scatter={0x5, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000600)=""/172, 0xac}, {&(0x7f00000006c0)=""/246, 0xf6}, {&(0x7f00000007c0)=""/212, 0xd4}, {&(0x7f00000008c0)=""/90, 0x5a}, {&(0x7f0000000940)=""/135, 0x87}]}, &(0x7f0000000a80)="ac4ed748817f98bb9aa7a405bf48729e36af9439425843e95a8922ec8cd06a752e928d35d4e747b7b77f2965522d5704b4e31ff408564800efde0bf762ca3d3469948cef883014ef79e538a36927f4356bebcbeb706525b4ff1371e10429507a5e2c8d", &(0x7f0000000b00)=""/240, 0x19, 0x10007, 0x0, &(0x7f0000000240)}) syz_io_uring_setup(0x0, &(0x7f0000000140), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000040)) io_uring_enter(0xffffffffffffffff, 0x450e, 0x0, 0x0, 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount$tmpfs(0x20100000, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) setxattr$incfs_id(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x0, 0x0, 0x0) clone(0x52004400, &(0x7f00000002c0)="08b5dfca315700ce487880a9c272d9875bb2e99ac5bc700ddda7c1a3b4e0010ed23c66d4d9c037642aad59aae4982cb5758b921895616d29c83841052633ffc0e2fae6c48b63933e66b08bd0", &(0x7f0000000280), 0x0, 0x0) 07:34:12 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 15) [ 145.531041][ T6882] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000000 [ 145.539015][ T6882] RBP: 00007f28f9a76040 R08: 00007f28f9a76040 R09: 00000000200000c0 [ 145.547010][ T6882] R10: 000000000001c4a6 R11: 0000000000000202 R12: 00000000200000c0 [ 145.554967][ T6882] R13: 0000000020000000 R14: 00007f28f9a76000 R15: 0000000020000180 [ 145.563194][ T6882] [ 145.616447][ T6898] FAULT_INJECTION: forcing a failure. [ 145.616447][ T6898] name failslab, interval 1, probability 0, space 0, times 0 [ 145.626515][ C1] sd 0:0:1:0: tag#3627 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 145.629205][ T6898] CPU: 0 PID: 6898 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 145.638989][ C1] sd 0:0:1:0: tag#3627 CDB: opcode=0xe5 (vendor) [ 145.647346][ T6898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 145.654050][ C1] sd 0:0:1:0: tag#3627 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 145.664214][ T6898] Call Trace: [ 145.664221][ T6898] [ 145.664226][ T6898] dump_stack_lvl+0xd6/0x122 [ 145.673265][ C1] sd 0:0:1:0: tag#3627 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 145.676484][ T6898] dump_stack+0x11/0x1b [ 145.676501][ T6898] should_fail+0x23c/0x250 [ 145.679425][ C1] sd 0:0:1:0: tag#3627 CDB[20]: ba [ 145.683969][ T6898] ? security_file_alloc+0x30/0x190 [ 145.699518][ T23] audit: type=1400 audit(1636443252.401:178): avc: denied { mount } for pid=6892 comm="syz-executor.3" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 145.701748][ T6898] __should_failslab+0x81/0x90 [ 145.738942][ T6898] should_failslab+0x5/0x20 [ 145.743477][ T6898] kmem_cache_alloc+0x4f/0x320 [ 145.748271][ T6898] security_file_alloc+0x30/0x190 [ 145.753299][ T6898] __alloc_file+0x83/0x1a0 [ 145.757778][ T6898] alloc_empty_file+0xcd/0x1c0 [ 145.762681][ T6898] path_openat+0x6a/0x1eb0 [ 145.767204][ T6898] ? ext4_remount+0x1783/0x1980 [ 145.772170][ T6898] ? debug_smp_processor_id+0x18/0x20 [ 145.777544][ T6898] ? mod_objcg_state+0x490/0x5c0 [ 145.782515][ T6898] ? refill_obj_stock+0x140/0x220 [ 145.787560][ T6898] ? __rcu_read_unlock+0x5c/0x290 [ 145.792617][ T6898] ? __rcu_read_lock+0x32/0x40 [ 145.797380][ T6898] do_filp_open+0x105/0x220 [ 145.801949][ T6898] do_sys_openat2+0xb5/0x2b0 [ 145.806594][ T6898] __x64_sys_openat+0xef/0x110 [ 145.809287][ T23] audit: type=1400 audit(1636443252.481:179): avc: denied { sys_admin } for pid=6892 comm="syz-executor.3" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 145.811409][ T6898] do_syscall_64+0x44/0xa0 [ 145.811436][ T6898] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 145.842867][ T6898] RIP: 0033:0x7f28fbcd3a04 [ 145.847368][ T6898] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 07:34:12 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2500, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:12 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x100000, 0x0) mkdir(&(0x7f0000000040)='./file0/file0\x00', 0x0) mount(&(0x7f0000000100)=@filename='./file0/file0\x00', &(0x7f0000000380)='./file0/file0\x00', 0x0, 0x201000, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x141000, 0x80) mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x80000, 0x0) mount(&(0x7f00000003c0)=@filename='./file0\x00', &(0x7f0000000400)='./file0/file0\x00', 0x0, 0x1000, 0x0) mount(&(0x7f00000002c0)=ANY=[@ANYBLOB='/'], &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x200f080, 0x0) umount2(&(0x7f00000001c0)='./file0\x00', 0xa) [ 145.867321][ T6898] RSP: 002b:00007f28f9a96f30 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 145.875805][ T6898] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f28fbcd3a04 [ 145.883872][ T6898] RDX: 0000000000010000 RSI: 0000000020000000 RDI: 00000000ffffff9c [ 145.891891][ T6898] RBP: 0000000020000000 R08: 0000000000000000 R09: 00000000200000c0 [ 145.899873][ T6898] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000010000 [ 145.907884][ T6898] R13: 0000000020000000 R14: 00007f28f9a97000 R15: 0000000020000180 [ 145.915865][ T6898] 07:34:12 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) (fail_nth: 16) 07:34:12 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000008) 07:34:12 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x2e00, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) [ 145.954411][ T23] audit: type=1400 audit(1636443252.651:180): avc: denied { mount } for pid=6907 comm="syz-executor.3" name="/" dev="ramfs" ino=21914 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 145.976990][ T23] audit: type=1400 audit(1636443252.651:181): avc: denied { mounton } for pid=6907 comm="syz-executor.3" path="/root/syzkaller-testdir640046461/syzkaller.wZItu9/275/file0" dev="ramfs" ino=21914 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=dir permissive=1 [ 146.004970][ T23] audit: type=1400 audit(1636443252.651:182): avc: denied { unmount } for pid=6907 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 146.045153][ T6916] FAULT_INJECTION: forcing a failure. [ 146.045153][ T6916] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 146.058267][ T6916] CPU: 0 PID: 6916 Comm: syz-executor.2 Not tainted 5.15.0-syzkaller #0 [ 146.066599][ T6916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 146.076752][ T6916] Call Trace: [ 146.080032][ T6916] [ 146.082962][ T6916] dump_stack_lvl+0xd6/0x122 [ 146.087604][ T6916] dump_stack+0x11/0x1b 07:34:12 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100003f00) 07:34:12 executing program 3: ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, &(0x7f00000001c0)) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$PIO_CMAP(0xffffffffffffffff, 0x4b71, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000000c0)=0x13) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000100)={0xffff, 0x0, 0x0, 0x0, 0x0, "b0473019f75f3399ba084805d2d26ec6ce1bce"}) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[], 0xb) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)) [ 146.091760][ T6916] should_fail+0x23c/0x250 [ 146.096188][ T6916] should_fail_usercopy+0x16/0x20 [ 146.101221][ T6916] _copy_to_user+0x1c/0x90 [ 146.105687][ T6916] simple_read_from_buffer+0xab/0x120 [ 146.111074][ T6916] proc_fail_nth_read+0x10d/0x150 [ 146.116175][ T6916] ? proc_fault_inject_write+0x230/0x230 [ 146.121832][ T6916] vfs_read+0x1e6/0x750 [ 146.125994][ T6916] ? __fget_light+0x219/0x260 [ 146.130684][ T6916] ksys_read+0xd9/0x190 [ 146.134874][ T6916] __x64_sys_read+0x3e/0x50 [ 146.139364][ T6916] do_syscall_64+0x44/0xa0 [ 146.143892][ T6916] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 146.150101][ T6916] RIP: 0033:0x7f28fbcd369c [ 146.154518][ T6916] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 146.174331][ T6916] RSP: 002b:00007f28f9a97170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 146.182896][ T6916] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f28fbcd369c [ 146.190878][ T6916] RDX: 000000000000000f RSI: 00007f28f9a971e0 RDI: 0000000000000003 [ 146.198958][ T6916] RBP: 00007f28f9a971d0 R08: 0000000000000000 R09: 00000000200000c0 [ 146.206945][ T6916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 146.214910][ T6916] R13: 00007ffcaaa8149f R14: 00007f28f9a97300 R15: 0000000000022000 [ 146.222891][ T6916] 07:34:12 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x3f00, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:12 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000237) 07:34:12 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) 07:34:13 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x2, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) 07:34:13 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x4000, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:13 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x3, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) 07:34:13 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.memory_pressure\x00', 0x275a, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x1b1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r2 = inotify_init1(0x0) inotify_add_watch(r2, &(0x7f0000000040)='./file1\x00', 0xc60001a1) r3 = syz_open_procfs(0x0, &(0x7f0000000180)='projid_map\x00') fchdir(r3) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000140)={{0x1, 0x1, 0x18, r3, {0xee00}}, './file0\x00'}) ftruncate(r4, 0x804008003) r5 = socket$inet(0x2, 0xa, 0x0) dup3(0xffffffffffffffff, r2, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r6) fsconfig$FSCONFIG_SET_BINARY(r6, 0x2, &(0x7f0000000040)='cpuset.memory_pressure\x00', &(0x7f0000000080)="b9c92c46289213d6ed29053b1161", 0xe) getsockopt$sock_buf(r5, 0x1, 0x1c, 0x0, &(0x7f00000000c0)) 07:34:13 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x4, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) 07:34:13 executing program 1: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000009) 07:34:13 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x4800, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:13 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100004000) [ 146.420612][ T6946] syz-executor.3 uses obsolete (PF_INET,SOCK_PACKET) [ 146.428534][ T23] audit: type=1400 audit(1636443253.131:183): avc: denied { read } for pid=365 comm="syslogd" name="log" dev="sda1" ino=1125 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 07:34:13 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x4900, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:13 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x7, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) [ 146.451120][ T23] audit: type=1400 audit(1636443253.151:184): avc: denied { getopt } for pid=6944 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 07:34:13 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000238) 07:34:13 executing program 3: ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000040)={{0x0, 0x0, 0x41e0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4}, 0x10, [0x0, 0x0]}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000001b80)={0x0, 0x0, "492be95fafc38a98846f0b3098ddfcd41a77eeac830f66ed5a019407ef4879e9738c69a9dc30be941762d56b81a3ab9b53409e2273d3902b3dac9701284f45655cf70a180318cb0314cfe41e48d00ebafd8b15e5af6e1cb59bd642f5a5d7167b66e2172b6d38c989e78070b3704a024a7db8d127fe4c759530e6835ae923a7655cfee5ff42eef62bc9eb5041f68cf08e877618ca71fc62c021df9bc2460a07e38be4b8920297c8ca714c31c3c00c4e30692518a71f7f1752afbc25686120ad73226acb7eab26318779189a54fb3d3b145a6bb7d619f446c7f74ed4eb9780330917fca0f826c12666ca73716a0bdf88372613f82eace27ad9207c04672a372f48", "04f5c4f95b8e2b74acacbddc9eb2b2ef2fe17fb5a4fbd9a37848281c4886fa555f3326b0690634458fe8757acea6d423dca1e4fa23e920bf22c6bb03bcbd05bd8bc5c3cb6fdbc301602d532cdf98afe160ddae20b53b058e160916da22696697cc5a1db1b1cf83f6f5a9d7318978693576fb20c6896043135c8ad3bfef9c25410ba8a1ed7f57f354554c0d83c8384ab16fd36bc4ce12f7c988808d6295fa436c0e3f43bc397f49a6bfb19aa6378b847977bf46c62658ee2898456bb94d3babe70d097c2cd8b490f12d7b88df7f804e78d576aa03aeaf23a1400f2f022fb4ce013b209ce1cb741c14d6483033099fc9eda53925ea27098fc0c2149d88b25d9e737d764e819b87868ea50f303b3bd3dfb36de6bca1ee658195b63eda86c7adfc734b07cf51a37927e21de22a348780cb11ebfb5a5498888b534d1b62305ca15886059efe820f3a16d8c69735ba4cc5518afa9a90605d8f411dd8ff4a7c750a820f91236747a425463627f305eaf49958131adcc10b0cb2648ae63d22c0a516e21312a6bab4deec35ae95ff356f132f3b48b5de38cc2a2ceff47da49172e0c04363b4879e6fd99df71612598e475f200f291c7d5bf85710c13e4b97c8150c1aa2afe6af89cfaea6c8a298e247b537060cd3e6597f115cbf38ebda5123ee3b7d654dbac36cd5cc99ff6597cdffbd89a5cd987237835d02aa0fdf5be14f14beee585cf03d02f05c743b5381ce62cdf2d8764592fc8ea13157aceef0c6bca35da69e5e5e9418431a0700d591f379efe03265d38d404d9649f14d127a9d16344c8320c338ac22c11e0cfaf65f2da49a56709a8732e718d7a28c3e7e03fec67d6f941d5680bf94ecef8804eeca96dbe82f28f9b2f010d80b437dc8bf7e50104e71efefb746418c2b1240f7f3725bb8f0667939bfb4f7a0dd9efeab58755003f22d19edc60e78aaa7a8ed2d5022d0d1700b90a1a34063a754aadf2b0d1f2933b0b1c5b8dc84392e0dc7db06b6e722c8518e765018ab0675132ff2ba242c6ca236515d47187b8746fe6950148e37e8d4ec26862ed42025883ae8c46388e5243095b8cd11dcd8b6f3bcdc4c50ce90f588879f4267cf1c360428484a9cd398ec88b0099dc0844e0f286656c149da6a79a53b23ab1e73d40997c6f23ea840e4c0f6a9a4ae34a0f42921180a6506245aaad020d41671c6fc5e9749cbaecdbc0bfcb556f8f5e317fe8169b35e291ae48d333902514e478b3c3c618252701ebb2ca51ca2962c9b45bac0627b846a60e5a2a98597cf3d01dab3a19525b39d94450ed58c1492bf003e5db279b018b5d772efaa0a4fb87fa4e7619ed80737ea0b054f6c4d477a8ea033c7a8aa4c79f01552012513284a09d8d3b945453ac02b65ecf30ae36d67708963bf66bb53ff64a14f2462dcb5668ca6fcf6b354712b59449133c95ab5ac6ae9e25cbf9462d7e0da75e1736c90b6c8f62d5933ae4bcc9d8b9c66580b95a242f24d7ea506b3ce11ed34b6e0a1c0b61670a6ddce2085268ead232b8e67e1b889f9d83740df6460f2a3400ee47e804e7146a7d8778624c31a456105aabf8e0e2c726104fe4ef3bd06014e8a6dcaa82f6f3a76138c229a0a0b170aaa4ad797a8efada61f557f7b895245afafa595fcd4fbff28850756ab6dd27cda82b8ddd11bf0003a87d562b431ad94f372b26fe2842c46322675891c3c5733db71b5287ae3d5d524a7f58bc78f3cd8d69b2b557c6f744090439fb3edca41b094a21174851839c11f154570577bb81fd847acfa49e7a02f3e5a60445a52abbd169f275409cf5353b475a15bfc5f58a96662043965464e0e2a4503133e4103edfa9f15241e556ea57a6787407526d35373be2eaa990bf25b9e54f4b835a5883619a15917f31dfe2eec2d24cd8ad53a1de40b007a8e67e75e1afebf7bc728c37b89653e7a364d604e1e5dcb34637014e9d5578d325ed175fc8e980826973e5ada9a3a121ed445eff389853cf3785c54e581845085fb42c66281afb71b72ba32922a70a54f39aa099cf352a620611174f6d78552d8b1e88db6fd991e1e2e63fe6a9ff0280968d8684345b39028e845563bc10faab879c92b6112600878dd37adf7047bb7cdeba80bb9fa51a61b38572a26523d27a943c21a1374c0aa6b24f50ffd2daed3c08d09e7df8cf1d4105c0f291eacc1aa760c89733bb5534da893e66a5df9d2af4bb4f3e681d5d2f0508d2f5756ef20b23e6e272e425ec0acc201a18cc0477da19c110995551a041048b89a46d75a7c7d0f7d80c4fb259f8295f8e319cb50ad66b527f850c9bada932253a703395cfdd1ce30ff448da7520b170000fbb04f2e6223d4a1c3c27b339ebbf5a92b8e917bdcd2d5eab696d157a6c1190709781010eb313e843c9f99c28e1b7c655d72a10fee259dabf1b0746ad9cbe47b57d6fc8244e1e6de5aeebafce812dc34654df50dbbd039d712de57d1d62b33f35d61e50be641606976d18068df84022f7d5da7aa10b3a2e7a7343e02a852890ad405a90b1af9c533c3559b4a225f9dd2890370e01eb645b9501a06017af04cb343048f62e9245ae25e97e2aade1438d0be41f924282cba283477c57586dd1acee0ebf901943856a8e94e57a430033db9c06508f377eb84b239d3b07b486a9a63575c7782d087ded0d47870c6fb7ef4508d802e54e7ccfc75077a0fbdeed2635795fed87221f0249fa4bef42f93813ed4536e6f7ed8fc2fc7fc61176fecd3607ddf4530ea92d0f0d319a2c4f52430975324ee84108a799825e2569e593d56443fe0e7d7df892573fdf9100d409e3c3bf8652c2e8ab4a3b25bdae887c3238050360fff87082b8f1629ca9c6493c54e8887d8dfe53591e18427cbf7813784523e34c2a7cd4cf94a5eab839a87e5230963fd01ac8afce4cce252eac1eeb96951c29c3c29f398ea868fadfd95ce972a6336a3ee0413391a63ed854371f7ea23bc4ce6c8c3bcb0f114d4c6e22fc86b91bf3545f5332821abd7fb71bc5e0e020f54f84db6ee13dcb304f46c92c5c4848ba579c481041d21f9dd10510b89ccbd6f8e655fae8653de9f9bc0e2f6dc4dff0d7b02baad851e8bb0901853e2027ea1f19422ca949beb111bea06c41d166627b8a46ea7553ac1adf91051b4ce3f42468b1d13b11f749ceac6b172e9ef9c31327c91fe48793de4a9aeba24b78ba06218579f3d37a9b55b90ad8944761e551c257e18297cc5a07a63db017acdbf9bf40a55de569200e9efd067d066c0c665ba105300b79ca763b6bc7297f54f5bf80561b00785bbd4fd2ecfddcaaa3c41a4bdd7cb458627e93136af69245da18c5567a4c35d569304d40ffa7b7bcc6357c4d9d76e25ebc9436f6dcd6494fb7cfa213170bd1aca0a4b9e3e421b700bbec657a83161ac26825027cf3193f9be448799c73f75d859bcc91067074653c06fe9ee34aad2a75f23a0a8aa7b0a5ac4f459bc52d3dd2849e3a6a686b2c3073801a139a6afa42f4de32f9c8e63fca09d3f97cd92af925207c604ccbc9235d7e1252d3e053ec4806da0314dc884b7c2277963ff5a1f05e0e8944652af0699d25ac97680d0f699957391a51833348ddc5040d836c508f9df9609c1f68a0d33cbd494708391183aec327a8184fa7a4afff6481765bff866974098837f4340e2e695ef5f6938a49dec00eae80287e37390268425c868e0571c7c95277039623e804d283ef0e92cf34be52f73ea0aa1dc00a2985bd8fb5e2aac5aae7111bc6718c23f7f178107547a2118cbb6d69a220efdc3f57fb4101182244863ab44c0bab822a6bcd95531f2a2ab7c48c1dc4a816b34d904e0e0d857671f8e27e75d589c8fde21a6242227e392126e3f16cec7318abf78f560af3cb6049d7c04d243784268f10c30055c521e540b1689ca21eeb56f4529ecaff9fc75cd29e01c27842b682077a41e56b1fe689a079a951965dd6096b1263ccbf521c18abc60082c912a4f1e93a06e573e5d7dad6787eb4382a3831d8480a3d3b3ca1c354e9d51ef1d6fc02bbce8e6e549973b8965dfb9d56829f1fa079e2190c2818f43db23a99f4393356cb70644d942eee6f980984236a2d41563b94e0cc432fa3e0b49dee51962bb717142c169fe15e84e5ee149021127ce2fff0d129b771ce3b75bffdcecc9e5a578edb939059a3d8bdc57084b3195e1f329de16c4321141faf450f93f811cd1d7c6fc389731c8bab8467d52e8d196552bbd308b5b1bc85592e5fd5c1db9dd5410e3a2957d3e4c08e09d622b20cc2ba1750b3b273593c9cd9bc7f6adc8df9a3129340930b412dbe3a4ce1d2c4d81c4d10036c3e46cfedaa885dc91e4ea403c9f18a167cfb3c87572a5c6f1d8a090a4baf526efbcd2383be9eef0cfb42e8bb80014d95bfeaaaee1d9f18e9da3efcf9fb7a2268353364ce540689c1b71f9260b856ec2c454d015a160b81b25b76cc9c2d3772011bdf8de7a9e4ae7c6908a5a38c0af07e0374dbe90564b352b3dc45f6913dc0571688bd9cebd0d4fe69e7acc815467b11594fc7104afc081a45beac4ef50c81808133d5fce021ee2f9d49d73a2cf4432aa2b3f0223fa6ded403529b26b2772b3c69fd0f309c319e3f3d7005ae353bd4380700b729dcfaa0c071628d38f78771fe0668afdf35d1a62c2ab8ecb10eb5b2d2de2e30fe9fabf3e7372f689bce5b39569e33495f3b33b0beeab5335df1d6e8f15e58b9020028b17eeff23010f04d1a260dfc41377b128aa646ddc72d31dfd5e18fbecd8958d0743fbe63ef8ada7b6841e84eb59a7de4ebeb87dc01653cb20c29d28718cfee4a903a4b607128ce9e50574eb919c0ac32242d886bf985aec2296b4b22b501dd81bf74f4d7ccedcdc44cd8c61db21715a738084c88fb37dd9d408c25a4e712266f897b4c6584f34ab4662b8b3b58c33863f045cc7058a08828535d00f5817a1bce817639116d31576e4a7ebf83803341d3879361e1b42152699e4f58808ce09f21277c43cda1281b182bc51920c838e8087060ce303f1b934f064d81a6c243a7e3a716b0edd24ad04153a44f115f450e3ef0f38b3f3125a94abb0cd0014fc50acfab85ed67dea8a0ada9e1b700153e6b3e789740cb8015520e77437de1d111c584f8bd5843a0813482938854d8fb6a53155fef1c4c6d92ad6dcc0b5d296c63d4cac6cea06fe84e85301e4a60a264b3483c03ae78ff744b2a48a4cd428b3060eb08a131b781663535013115287ea673a0cc8ebac7dd934cef1b5a0cb370fbdfa63e9102473972e6b1fff575bf8a633b18a031409aeec64d4a36e0ab789c957edeca265bbc891c75d7fa397f3c9eed3b5eca4afa8eeec4f94c47ec5df39b7c85a7f5364b7fb7d8555f12c0a4c8161d68c1742f8163f095c67e96297504e0410324f012b62f6a8f242824df97816793b265861"}) r0 = creat(0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'}) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r2) ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f0000000200)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001640)) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}], 0x1, "2156816c73038c"}) syz_io_uring_setup(0x4396, &(0x7f00000000c0)={0x0, 0x4829, 0x1, 0x1, 0xf1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000000)=0x0, &(0x7f0000000140)) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, 0x0, &(0x7f0000000180)=@IORING_OP_FSYNC={0x3, 0x5, 0x0, @fd_index=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r6}}, 0xfffff801) r7 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r7, 0xd000943d, &(0x7f0000058c40)={0x1, [], 0x1, "2156816c73038c"}) r8 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fallocate(r8, 0x100000011, 0x0, 0xffffffff000) 07:34:13 executing program 0: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x4c00, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@mblk_io_submit}, {@init_itable}]}) 07:34:13 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2081090, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x8, 0x0, 0x0, 0x1c4a6, &(0x7f0000000180)={[{@init_itable}]}) 07:34:13 executing program 5: r0 = open(&(0x7f0000000980)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00'