00280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0xd1, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2630.014893] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2630.024489] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2630.157574] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2630.172770] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2630.193492] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2630.206475] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2630.221908] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2630.233198] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:44:25 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:25 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x44}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:44:25 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='ocfs2\x00', 0x2000008, 0x0)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0, 0x100820, &(0x7f0000000140)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=0x0, @ANYRESDEC])
syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x2000003, 0x4010, 0xffffffffffffffff, 0x10000000)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x329000, 0x2)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000240)='./file0\x00', 0x6, 0x1, &(0x7f00000005c0)=[{&(0x7f0000000400)="69abf47a45aefa3a264c9a9a09d61040a2cf8478561d0afb4ec065b9288bb59dae808dc3303e306ae576bed520ab9431598161c18742bf0935085b2d8d0d23ecb3114f2440d4da20f88d0a58bcf351aad0d3c307f76dba668b0d2b1d540fe0354675970712d5b605d3b605d0a69a1efb07db861664abad2c0da224fa3ae7a99893761ba6fb52f80b4634a02d895cc1e74ee2d28aea7101f79c2c000000", 0x9d, 0x2}], 0x8400, &(0x7f0000000600)={[{@fat=@gid}], [{@mask={'mask', 0x3d, 'MAY_EXEC'}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@func={'func', 0x3d, 'CREDS_CHECK'}}]})
syz_io_uring_submit(r0, r2, &(0x7f0000000180)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r3, 0x4, 0x0, 0xfa, 0x0, 0x0, {0x0, r4}}, 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r5, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r5, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r5, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r5, &(0x7f00000002c0)=ANY=[], 0x10)
openat(r5, &(0x7f0000000580)='./file0\x00', 0x0, 0x42)

13:44:25 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:25 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x72}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:44:25 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000)={0x0, 0xb221, 0x1, 0x0, 0x30f}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

13:44:25 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x48, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:25 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x23, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2647.634886] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2647.642939] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2647.666322] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2647.689450] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2647.707436] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:44:25 executing program 3:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000)={0x0, 0xb221, 0x1, 0x0, 0x30f}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

[ 2647.729324] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2647.751029] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2647.800717] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:44:39 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x27, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:39 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x73}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:44:39 executing program 3:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000)={0x0, 0xb221, 0x1, 0x0, 0x30f}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

13:44:39 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000200)="af", 0x1}], 0x1)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
fallocate(r2, 0x0, 0x0, 0x8000)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
ioctl$NS_GET_PARENT(r3, 0xb702, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4000006})
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0x0, r1, 0x2})
poll(0x0, 0x0, 0x1)

13:44:39 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x2, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:39 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4c00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:39 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x45}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:44:39 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x4c, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2662.037124] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2662.048292] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2662.054455] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2662.071518] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2662.082263] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2662.102097] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2662.105839] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2662.114139] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:44:39 executing program 3:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000)={0x0, 0xb221, 0x1, 0x0, 0x30f}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

13:44:39 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x49}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:44:39 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x48, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:39 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:39 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x68, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:39 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x3, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:39 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r0, 0x0)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = perf_event_open(0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = open(0x0, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000200)="af", 0x1}], 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, r4, 0x8000000)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff)
write$binfmt_elf64(r2, &(0x7f0000000280)=ANY=[], 0xfdef)
syz_io_uring_complete(r1)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0xfffc}, 0x0, 0xffdfffffffffffff, 0xffffffffffffffff, 0x3)
sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000328bd7000fbdbdf25030000000500040002000000080006000000000000000001000000000000000000000000000000001e5b60a8abef001fc2b57a1aad084dafdb53f4eb5a0a6eda68f8e619a65db996118b421953c17029bb04674d67eb554271bd5f03d262ef3e388afdae02cc"], 0x38}, 0x1, 0x0, 0x0, 0x8008}, 0x4804)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'gretap0\x00'})

13:44:39 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x74}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:44:39 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000)={0x0, 0xb221, 0x1, 0x0, 0x30f}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

[ 2662.503913] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2662.549031] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2662.560860] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2662.581300] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2662.592452] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2662.595295] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2662.609835] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:44:40 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x4a}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 2662.633320] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:44:40 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000)={0x0, 0xb221, 0x1, 0x0, 0x30f}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

13:44:56 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x4b}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:44:56 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x4, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:56 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000)={0x0, 0xb221, 0x1, 0x0, 0x30f}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

13:44:56 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x4c, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:56 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x75}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:44:57 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6c00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:57 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x6c, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:57 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0, {0x6}}, './file0\x00'})
accept4$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @private2}, &(0x7f0000000180)=0x1c, 0x80800)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000040)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x24, 0x0, "ffbe3ebcd2193c000143581d7f5e9883a8d0dd3b0af00000e7c0fed0f40b0118650117c2230000000000030000ffff00"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f00000011c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, "0792ade4eff3d51ae1c35206d8098758db6a56ba977a856d7c576d40c2e65ca2d5773618a27635f95bd9c12b6bdda484bb130ef53e11060c0c7d9a04e184707c41a839dbdac13e41c451f4d88987a291"}, 0xd8)
close_range(r0, 0xffffffffffffffff, 0x0)

[ 2679.419102] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2679.455470] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2679.473265] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2679.480902] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2679.495921] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2679.507617] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2679.540529] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2679.543900] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:44:57 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x4c}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:44:57 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1, &(0x7f00000004c0)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000012900))
setxattr$trusted_overlay_redirect(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8, 0x2)

13:44:57 executing program 3:
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000)={0x0, 0xb221, 0x1, 0x0, 0x30f}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

13:44:57 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x74, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:57 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x76}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:44:57 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6f01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:57 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x5, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:44:57 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x68, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2679.868149] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2679.874481] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2679.882470] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2679.890335] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2679.901920] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2679.906232] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2679.919888] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2679.927722] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:45:14 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:14 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x6c, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:14 executing program 3:
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000)={0x0, 0xb221, 0x1, 0x0, 0x30f}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

13:45:14 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x7a, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:14 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x4f}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:45:14 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000009c0)=ANY=[@ANYBLOB="98000000200039040000000000000000020000000dc0c23671f1a964651e4d52c3dc9432e6af519d60c901a7ea83dce8f6a9c36adbbf7c23348ed7953cc124f0f2e2f1324bf1187b4e1f5a7bf5116e03f38056144e579e46004fbfb9ae99572129d57aa41a4c792b56978ebd2e72f57ca14145d7bcd879afed4e97abd691d56cf2d815f272170c0011000000000000000000bb3e3c7562af739c74b82fd57e7bd51e163e9c2394948632056b9357f234b64631cba457c59e6d0eae9098c89e3c7aa8b1cbc03bd674263161cff69945516e14595dfad881c353d7fb9bbdc2fb19f3306b4f29f5ac8dddb92ee4fe33f6e190dffd186aa055b9a9547a834f1d619073f3ccf4b3acda5d78a8cff254a2de72f20938d689ca4044fab0a3ee36278183e00f05d56ee58c70cc78f1fe11e55c898d61e09dd9ec4bdefd952f33df697d06ffd93de78dd16ff6fabb99fb6b42eb449d317ff0f62c982878d984496c08a7a672102affbb245b18bb39d4a7b9a75298857b75fa243b23c8cf9643bb00000000005fcbe43f062951cd61eb7fd89947c9213bca5dc0b85ccc521acda794895462c77f5ff370f89a2e870f5d485e58951dd7d1e27236dc52ce2c5ad9c73e0a61401a4a516c41604d7981f0c5d28db9d69e06008070a1c8a29ab4b046f86a311abc00000000000000000000000021d58c77edb293cc9578f585bdd701f9ee2106436f5fcf55fe6240095b6b3d472798f8f9275542afa54cb35bead6ff06f9faacfe22aecf3a338b66d6b6d7493b8154647492b7504ee04560f3f09be3740b31fc8e83b0d8d71b009490cc8c05463d87a3dc636dd21e096d9d81c6d82e6476e7d92eac37b40eabf6c87bcf97f4e81c20d6cbc305948014b499ce164cd61e37a219f9e9d6192534a1e19508041dee4e6388131d075a48f73d985675042259c55328516aa0d7714a86cb42c54b353075a75bd6c97f07e67799bb3c4acdf717de323a07b094965969ea17dedd4e913cc697ce6454df791c397f653bc1d2408fe440061011d098bba54b0d10a129c468dc1c556c655499d5a8d997d7ba122c42209860f8dd4e3f2993f60563fbb3017e10130ba23b7a165e98be854f41773afda6d73adb0f00d1a977cbdb5c3cb7e00897420f0df622573b78bd6c04d38822dc8a2c0a34984c28fe9b13010e182ad77a6d7186202d8177d60129be4d487ab48759eabcb23ff4fc1a149c01dff17dca8148be0262812a"], 0x98}}, 0x0)
close_range(r1, r0, 0x0)
fcntl$addseals(r1, 0x409, 0x8)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000440)=0x7, 0x4)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0xffffffff, 0x8, &(0x7f0000000140)="ef3003e7d4d5730dd9bc0d2116cbd2ec2d4cef0397c67262d0882d05da47c1147ab3a8e1b3dfac797791d00529f0be39c7c3024d4751fcbfb4d3ec4b7b6dc1", 0xfffffffffffffcdc, 0x1e, 0x1}, 0x9)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0x0)
r3 = add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, r2)
add_key$keyring(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, r2)
r4 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
request_key(&(0x7f00000002c0)='id_legacy\x00', &(0x7f0000000340)={'syz', 0x2}, &(0x7f0000000380)='\x00', r3)
futimesat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400))
r5 = add_key(&(0x7f0000000200)='keyring\x00', &(0x7f00000004c0)={'syz', 0x1}, &(0x7f0000000640)="18726d0eed55eaa57fc580dc3a0b12e0a5ee08da294ac8119c4c73f93694f2a935d17a81959d084839f846dca8739131e4a9c45c6509af44529537eae3a4a4793a9a0aacfd7a75f2b566b874939829b82a35d20d1985a92c5d7ba971251e89286f64438d080e8e214a050893fd3fa27a56032a79c1d099b5108ecb2e5f36d3e7e1c749ad35c2064fa087cf6359507a36eb69853e0cdd920cbb7586aedf5a2e5a9a1a6b8d3cb6ad16918b01d07c92179dfae1ef58835b5fa4be28fbd3b3eac1c9f3cf74fbe20900c55d23902439133eecfafb2e0f", 0xd4, 0xffffffffffffffff)
add_key(0x0, 0x0, 0x0, 0x0, r5)
add_key$keyring(&(0x7f0000000100), &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, r4)
syz_open_procfs(0xffffffffffffffff, 0x0)
unshare(0x48020200)

13:45:14 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x77}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:45:14 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x6, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2696.982557] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.4'.
13:45:14 executing program 3:
syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000)={0x0, 0xb221, 0x1, 0x0, 0x30f}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

[ 2697.066820] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2697.078330] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2697.091570] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2697.099004] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2697.106973] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2697.157335] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2697.162339] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2697.177072] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:45:14 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x7a}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:45:14 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7a00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:14 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x7, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:14 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x74, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:14 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0xb8, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:15 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0xb221, 0x1, 0x0, 0x30f}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

13:45:15 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x51}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 2697.507382] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2697.533336] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:45:15 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r2, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r2, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r2, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r2, &(0x7f00000002c0)=ANY=[], 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r0)
sendmsg$DEVLINK_CMD_PORT_SPLIT(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, r3, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0x9, 0x2}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000004}, 0x404)
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000001c00210c000000000000000007"], 0x1c}}, 0x0)

[ 2697.588404] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2697.613569] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2697.661283] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2697.674398] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2697.685446] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2697.694938] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:45:31 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x52}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:45:31 executing program 4:
r0 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x2)
fcntl$addseals(r0, 0x409, 0x10)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000240))
r1 = getpgrp(0x0)
pidfd_open(r1, 0x0)
r2 = creat(&(0x7f00000002c0)='.\x00', 0x180)
clone3(&(0x7f0000000300)={0x2200, &(0x7f0000000000), &(0x7f0000000080), &(0x7f00000000c0), {0x1f}, &(0x7f0000000100)=""/20, 0x14, &(0x7f0000000140)=""/254, &(0x7f0000000280), 0x0, {r2}}, 0x58)
write(r0, &(0x7f0000001100)="7f", 0x1)

13:45:31 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xd100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:31 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x7a, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:31 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:45:31 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0xb221, 0x1, 0x0, 0x30f}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

13:45:31 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x13, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:31 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0xd1, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2713.789825] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2713.804722] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2713.858049] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2713.866237] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2713.870670] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
13:45:31 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0xb221, 0x1, 0x0, 0x30f}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

[ 2713.882883] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2713.898360] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 2713.907760] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2713.922096] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2713.939674] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:45:31 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0xb8, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:31 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0xd1, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:31 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x1517f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:31 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x22, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:31 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0xdd, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:31 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:45:31 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x53}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:45:31 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

[ 2714.268474] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2714.282502] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2714.306543] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2714.323084] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2714.327697] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2714.352547] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2714.376990] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2714.388105] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:45:48 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@dev, 0x2000000, 0x0, 0xff, 0x1, 0x0, 0x0, 0x5000000}, 0x20)
setsockopt$inet6_tcp_int(r0, 0x6, 0xc, &(0x7f0000000100)=0x1, 0x4)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@private2, 0x2000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5000000}, 0x20)

13:45:48 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x54}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:45:48 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

13:45:48 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:48 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:48 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0xec, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:48 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x23, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:45:48 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x2}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 2730.859286] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2730.894109] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2730.898115] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2730.919857] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2730.930551] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:45:48 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, 0x0, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

[ 2730.938235] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2730.961578] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2730.996367] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:45:48 executing program 4:
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000640)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000040)={0x0, 0x0, 0xfffffffd, 0x0, 0x80000000})
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f00000001c0)={0x2, 0x2, 0xffffffff, 0x2, 0x4})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000)={0x0, 0x7000000, 0x0, 0x100000})
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(0xffffffffffffffff, 0x80286722, &(0x7f0000000100)={&(0x7f0000000080)=""/85, 0x55, 0x93, 0x5})
ioctl$sock_SIOCGIFINDEX(r1, 0x8914, &(0x7f0000000140)={'ipvlan0\x00'})
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bond_slave_0\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8914, &(0x7f0000000140)={'ip6tnl0\x00'})

13:45:48 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x27, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2731.263501] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2731.304447] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:04 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x30f}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

13:46:04 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x23, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:04 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x48, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:04 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x55}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:46:04 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x2, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:04 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:04 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x3}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:46:04 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x1da688, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2747.140500] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2747.191411] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2747.223696] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:04 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x57}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 2747.240502] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2747.250915] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:04 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x30f}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

[ 2747.268119] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2747.292069] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:04 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x4}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 2747.330822] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:05 executing program 4:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x515]}, 0x8)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="0dccf337ad3c19ced5b114dc24ba36ec", 0x10)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$sock_inet_tcp_SIOCATMARK(r1, 0x8905, &(0x7f00000000c0))
r2 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x3, 0x1)
ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r3=>r0, {0x1000}}, './file0\x00'})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000240)={'ip6gre0\x00', &(0x7f00000001c0)={'syztnl0\x00', <r4=>0x0, 0x0, 0x84, 0x9, 0x6, 0x1, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, @mcast2, 0x8, 0x8000, 0x200, 0x64}})
sendmsg$BATADV_CMD_GET_VLAN(r3, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x5c, 0x0, 0x300, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x2}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r4}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4f5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4000081)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x68, 0x0, 0x10, 0x70bd27, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_DISABLE_VHT={0x4}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, {0x8000, 0x2, 0x6, 0x0, {0x5, 0x1f, 0x0, 0x5, 0x0, 0x0, 0x1, 0x3, 0x1}, 0x6, 0x6, 0x6}}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x9}, @NL80211_ATTR_MAC_HINT={0xa}, @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, {0xc, {0x5, 0x2, 0x81, 0x40}}}]}, 0x68}, 0x1, 0x0, 0x0, 0x840}, 0xc000)
ioctl$BTRFS_IOC_SNAP_DESTROY(r0, 0x5000940f, &(0x7f00000004c0)={{r2}, "906abff5fce9d8fd982af06ba02060bb88a6f551aca12879bad2834914c9b699ca8300f60b8babf5406177c4c8713dc494c4d5764b3d3b36b4550c51b9fd6cb5644f765b64bf0ffc781d382a2003d77eb6af62d64f328f97260644bcb2d0838ba61fd81e9c75074fe1f0757f173272529df69face6ea92a9d0d17b2a5c6cfb86ad26851a33e592dc9b37e48153c684f6e6ca8dd0b2b066120d2b4b7c50d7b02ee4f1dc1634dc0cf265ed56f6725f2ccddc23a9a1af1ed109aad975a7ac853ca2beae0f742e41475255ccd1d815e3e28123f1d56d646931e5822760f26aac47a25d2a159e6a786a52194adc014109518c0ed9e1dbefa0a95f7e647e7de982bc61d5389515917d183ea3da73087c657c2c95b2239f52907a6acb952700b149350539052013787af79429889b29eb93c037659ee2774c17fd41dd92276b0698291526513667f4fae452fbaf9d159b32c0f7d4b8613b02e1eecc136553a5c11946c94ce44e946b1d2a9a29f1ebfa81699666d6b489d29a9da5f09bfd46268e9d27aaf2148910c1a70987867800580eaf710d124fafd20d5b6fe6f71b3f9a2f7e582bd014603668905e747f8be106761f6e4e93978185294d10c04e152ed753e9d769359ca389c9fb55f286895cafe835fcb580a4929536b56ba21e29012f1d125f0cf745904d88359be2817e935d8fc292712bb2f765806cacab599835672e3d95d7ea5b8a979bd8a5a20aa1b371e705c80c369adcd591828aac3d7541b998c8a06cda7358d0c79bce3e3539ef59075cc7e1a4c11b82c0c143bfa1a24ae9be038e3a74d73755b1c1fe273306571c816ead3e3f5d7423e695a8ff8ae1310868f410516194ad5e25dadf86f703d0f4c521d4ce704236fa359496e56dac3bffc4380261e9d7aa945e4693e65212c10e98cb62bc6fc78ad44dfcdebedd92c9b9567b65d55c88ab13921c58e8032f465f9d07fd0eda33eaaf68f727847bc34794d7faab156e6bb61efb309df1b0c3944509c63b755fd54989735ba525c301b4b81ce4bba9db05bfc67bc99107d902aa54f6a10945d6841642fdee47a90eccfae33440f0776307c92b428d5f1198b08fa7c75b0a71fb93fc3ab66de2507c80485ff623a786ba460e0b16d8d4df780f4e569d7a49c45dafe0bd39f9815166952c5a064ffe250cb96086fb2a135d097ea48cf20f8f9c1355b226f65a217c8cb284419f3dcf8277d57206a0fed44cd9fee9ae6de421a504853300ef9f45aa1b1e04823efb270ed49055ae752c28c06d09d62692856f68ffcb4ff7ac5b8770787a7ec7a7c1e1880da62e7fce314ed96d7aa765ec17733a8dbec3adf580e86b4e57d40779e3d049f329c856cd9292507666bec9fd6d6082c9f73e51bca02138eef7ea22e231712d89e8e50a317de32b9dc35ac3688df2cdf98bd8cc21ebaf8923199cd9d34fccd95a36ba7ed25c63c634efd27103a38e840fe48df279524ead26c687e3909ec4400d9e1cc5350b6068dad8303194f3d8282b4cdc45c0827af2097a3f6b69fd864109edfd69f2d5db03cff9f2bb1c98c129d8031fe0f2a8d66df53ee6d2c987e77af79eec4eff9cfd2b1d40236b476749061d54aa04882aab12c11bb881760d51fb195c55fb9cbdde7ae40a770cde06dccccff0131670b8ecca63b8f3942920bfe33f372100b8aa83ba77d096ff36550020e682c914147730d9bb9f82105afd68d5ce3b1ce888d506df6f1e4b9a294eb2418c2923fdeb6477fffdb165830100cf4a59748c9c974f86734baf0582ed44ede0f513bd3206103bc0be677db03fcd634e56a49f6ae87ad3b3b869793ae0d05da70d45e62376fae0de8a7b83a96baeb8fdf0c50388231643ff71bb0c91a9cc13231556289021da31246a8e914c15509db42dea12570f528a54f5b3ce350d72435dc62030fb57397ee9cfc9dd27fc0d102431a12f616e51b96e1d85e6ad2ed4f8e20ef3d8a3bce1ec79ab659f198eeeee044d2c5fc1dc5c0a24210f7256fcc0d1afabfa198ff41d0e450f10657e5bdc2be8862f760f418316f5490744e5a3b9bcd238f25e175bda270f6cfb12363d05d878f559886913e8c30ad8a44deff47ba26c5a023b0b88cd8022fd73a08995505c86d1e1d8982a1324e508d4d8f8087168cf16a86b38f81fc0ffedc977ad44ceccfb8623928c6455eaa93a66cc6ac7b207f10d1a5194ead1e6210a8d71f21db11a51d0d59bb3b6084b574549448117cc3082f42e16bf28454f32f65bddeec21afa9d0cfa60590e0406cfe8c552fad9071e964005b73442bfdbad6d928ca184da4c9d94819e0357bb00b2d9a23ae0cb8b911f09be94a8b3bcffe035a568774cf21506812bb90daf1c4ac651db97340d67171a5129721f44564f149e607bdc538202db9da9630c65d020dd3f02cc81161c0603eba51068b717f10c3430da0e6d8a33b47125415db35806444f8f66599e870bf5cca05d1194befa84269125c3fd4677bbc9affdd7c86747642d757f7f8f721d2b77e5f8485116de889dfb680219c855a80638a924e37bd937d084c9ad0245efb37d4f37a703942fa548bd7626673087d62c2902d969f1b0554056279a40d0f2a67af4d386172d074908abcd4681e6178af680cbae0fafb89ae1fcddcb32affaefb0ca2d676a49c5c437657591c83c56743adf70a0af16729417e6cc6d72e2825ae27aa415fe38998b2e5d4ca68f838882e40c46b8bff7bb709c4136114460162a5ca9bbdae7e140b454e328ac85aa1c440564808272cfab44c76c95884e96e0c8fbcea5bb45e3baf0a71c2ac88f274138a51a067eba70850f911bdd08e3666d41a749c9fd3f9fd1b2aaefa9f5488d8b58222b62396d9fe21c9498e72184cef622b5e23ff2f5d7ac577492f3db5cbb5aa35bedf439cc680c288fe1e10cbbd69b8e9b644f04ff0a8b4632e2bb06b3dabde50c06b94b8fc69f074995ad6ba20a9de1d867358ba7e913aec8e0e0bdeb9c57c488528dfe9a3c13101de1a3d6b8eab52e3362b9c3cdcfafa66459a9219affaa8113435691bd54f3002b03d03d44cf2e638e8c735a7195387d2188d8ea1f8c33522f7e2e5b1d4990dfd473de6473c0057cb0fbcc6ffd0e29b2cc7a2ff92c3efd2325bd03c9dfeeb02879a7dd01b4a3405c4abd99c3414e7c18d7540e1a639b33744a9ad1fc7645969393e1fdf55420464af63ac3ba3bb951bbb4f9922afbf86cee6d6156791a8966238e4124b65c5fa7dd81944ba690bdb3807c0f753aa487aa93cc18eea4c216b4eb5a41140af862bf46486c56ab50bd7441586af04f97ef8a0cb4ddc2035d054edbd6993b598dbed08a8569184e0a8a4bc5986f59aab219c56691d63ffef2ef4e41234860702f08c8ceaa809bdf1579c4b00c85e3bd9e0d93bc66dc879c3fa7067f2b2d07ab6689b328d14bea5926ecf93bbea12a386dcba65a8d9166dd4c22ea78d4492319bb1232ae47030546892592988aa2ba604b8a4bfcfd7ca9db1eb6a90baea94562a9272eaeed52256d13a5b2e78eef38a53e0b187b3bbb5d48dab4e294fea4c280fce5f516efefafcf3510d1c5f0e0888d79dca22b573df282b2f62aedfceb0bd68a1123c997283c3e5a5a3ebb07b6eeaa6179a4ad410216be753b027aed1298c4d1844fa56171d434887c065b07850aa331399a65604feb111cd6cc055c3572d3b5043132557ddb02a32eb7f9cb808f84e61917f2b6e7a386edeca7e05e8090de79a83c7b48d1c834d59f46c2d31723bc2b8aab24bc9eb9674721a15492ee929e93399c2f21b5e186a6caed3961e634ba86246ebf2f8a967a20c5f342d16b0dcd420aad7ec2c31d0dc75fd1b359b4060eb512d7ba01d401a0839c36af7a2e78724b01b97e5fb63f77aacd5d0e6557cbdf6254a841f243e4e2c106a5ddeb5f2c7c756c6fa708af15cfdd1232041dd78fe10c303825951e4acc18c5efa539ce44fb4e7f59532623acf090dba8f6672ce43815883449879af21c2c0a83b862e4b7a24ea2d5ee6adac6580cf254d9cefb2cfb5f05f9993f326e4a7a1f109a3d057a5ec47784919f230a26ca6e9281ffee606dcc22f29e93acf6f58b0952453bf036ece38ef69987028e3443a16d23efd3ba3565233b089437768b4a8a8aa104e7211c1eebd0f490124a0a25bb63f9be823d298d1e46500de4b93e8bf5a5c3d39d40c27957aff42947d8a0056b8b8cb12b15bfe608703f5502c110fc15a0f4fcba2536177ee0813b9cb31619474c43355deb1680dfbd1f5ae6527f1eb14d883b6c033269157c7a8cdc9d0aceba42637f16979a481cc7fc396e8d61f2c88b064d40f04af43fde7f289a65d3f2ab5e7947f32f9086997c57cfd0ffcba63ae757a0ad8f8d5f4436229cac0706c1dff212a79b8af6ae661d11a9c722a10cee86537e917c29e1551be988ee02a35a4be4007ac692f43b66a2dbce92a6bc1df55b8e6c0bc5ea7fefec8ac6d0eb5150cac459fb299a9865873b379c9ec00370451b5b3688978cbab5c99c79686cfe0851e692270e8a5355b95031447b2367e1f2c1bf2f3156f32dbf519bcee8e65d6c43ef7043622127db904965dccdcdc68dac4bea0c42098f672283b9101d3697af43d8740c1f7650c0c3a29d1ff504fa38bb9cdf31c7fb7f501c0edfd53c6cf9490cebaf6f70268a57d8d5ac052357bdd0c2fd13cf8de3d9a5f59b8abf567b55c1c37be5bb544ea65ccbfae0542a3be86f285ad8a7c0667a913f18db0d0f47aa9903484cae6c8df2e108852866808ec90c67bddd71d41700621d0e25c0bf97ffb33ef2a42a0d738959197ab107d3bb1b6949f11dcfbec1e17395bac9ff7b823797c5ebc3bb5143db72b4387325b9ec175bd382273eb3cce83a3a76a61262f6cdf6c51fea576284f791b44e08cfe8b2e61e18eb2497a26c4ecad94aef554ea2eed57373c0ae8f9f2216205de448c5dd7266bf892a607a4f05b6d229d1676a021167fbd03bbec7776eb2a22a18f187a8812139e5dc5c2d3b953b90b733af6aff29b69bb45a626ff0899e976d1bc38e7af8efefcfbf4db032a0e106ccfff4dec35d295c4eae3ee44ccae11635f08c8166786b62b8779fe08b66243d4c357d07405430bc6b903593d7e65a4f5e73c1608e665ce68c84b8b29ef6085e821205038b5d834fcb3df4086f601c2a1947944e2189c73f4540e41b5767c83899a34b6da6aec6c8c33911fe4e487aefec8a99fe4629717f1c8c704bdfa31fa9d6d4202dbfaef74de52ac2c9a97a4f574c206d340303bb7d189d7bd38b654cad9dd7f7d18c0d32031865ea2a96a8b56db41981fb0abfe43101e0cc747a1e1202ab24b433162d3c2b188553fb12b48df20ac670286e7357835706c4565332237b3fa4805e86b0d208cc0cebe681914e8bc1fbafd3d1e01b775be48cb8621e48ef323b03a9ebe73bde6013216fd80d302b6ba9ccc2a4510a74475bf14874b4ec65d0450dc21815bb43d6c49715314b29c6da6c2b8102790fcc9b9d5731132803682e34af2e5ad8724795fcf4df3cf6cfdd0b87355dc05b1f80639acad8e21556b7b4d99d10a3e24d4325009533c1b432c318edce865516d621a16bf97779e08793cafa9ae1a8df2db9cbcbf8fe3dc1aba5d23c55aff6cc15b42b56ffdac90c975d7d0ddf0534b742ae2143aaee5ce57ec75ea5aab3edf5572320e824ac0c0a3d7037b4940332a285d0f4bd32104fedd24b76d0dea14b7200bf5257381fe34cef03981c2866f56438766dae69484de4e672840f8c3345a4c9bd2c64ae57354c6b997b174951c2a6548e3809"})
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(r5, 0x40086607, &(0x7f00000014c0)=0x2)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000003, 0x80010, r0, 0x0)
syz_io_uring_submit(r6, 0x0, &(0x7f0000001500)=@IORING_OP_FADVISE={0x18, 0x1, 0x0, @fd_index=0x4, 0x7fff, 0x0, 0x1b, 0x0, 0x1}, 0xe0)
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000001540), 0x20000, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000015c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(r7, &(0x7f0000001680)={&(0x7f0000001580)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001640)={&(0x7f0000001600)={0x28, 0x0, 0x600, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x0, 0x44}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x890)
r9 = dup3(r5, r3, 0x80000)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r5, 0xc0c89425, &(0x7f00000016c0)={"20536716421cad0c197365f9f89edda8", 0x0, <r10=>0x0, {0x4, 0xffff}, {0x4, 0x4}, 0x0, [0x800, 0x100000001, 0x2, 0x9, 0x0, 0xcd2, 0x4, 0x20, 0x7, 0x2, 0xb0, 0x1, 0x1, 0xfffffffffffffff7, 0x4, 0x5]})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r9, 0xc0c89425, &(0x7f00000017c0)={"587ebf4a5bbca1250180e9206cfb8242", r10, 0x0, {0x7, 0x1}, {0x9, 0x2466}, 0x7, [0x12, 0x29, 0x8, 0xffffffff, 0x25, 0x10000, 0x1, 0x75, 0x0, 0x1, 0x7, 0x20, 0x3, 0x1c, 0x1000, 0x4000000000000000]})

13:46:05 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x4c, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:05 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x3, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:05 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x2, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:05 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:05 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100))

[ 2747.466105] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2747.508002] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:05 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x59}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 2747.593886] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:05 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x5}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:46:05 executing program 4:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x100, 0x0, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = creat(&(0x7f0000000080)='./file1\x00', 0x21)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/timer_list\x00', 0x0, 0x0)
getdents64(r2, &(0x7f0000000280)=""/46, 0x2e)
getdents64(r2, &(0x7f00000001c0)=""/76, 0x4c)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
stat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r4, 0x80186803, &(0x7f00000000c0)={'ip6tnl0\x00', 0x0})
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r4, 0xc0189378, &(0x7f00000002c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="010002012e2f03006c655d36d640211fbdf214e8f8852c322c44c29fef16b3bbff6d0b7627ff80b30127af7f6506861006227b44e9027bcb631baa8da3ced36c8e72f5a71aa1b7bdf9a3"])
r5 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r5, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r5, 0x1000003)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3d91e31b7892f71f3ac842db783e431d605372ea606c253e7c4ff3d013e13614b38210b49077cca3b953d867fd849b8fe2ff2f49a2849f897aa0aa580d9181e218f7c241c047d0a0ef6ba946c262de8447d2ec493165f730d46f80926ffc3aaadd9660fff9cea9b11f2ff3704df391d2bdb33465bfa785d15ef405e901c59cb0dfc75ae84a5ce85db5f2f363979cb753db158729cd7ca20d8cb5989348", @ANYRES32=r5, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',cache=mmap,cache=loose,noextend,nodevmap,dont_appraise,dont_measure,subj_type=,dont_measure,fscontext=system_u,fsmagic=0x000000000000008c,uid=', @ANYRESDEC=r3, @ANYRES32])
r6 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ppoll(&(0x7f0000000000)=[{r6, 0x108}], 0x1, 0x0, 0x0, 0x0)
fcntl$dupfd(r0, 0x0, r6)
socket$inet6_udplite(0xa, 0x2, 0x88)

13:46:05 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, &(0x7f0000000100))

[ 2747.613145] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2747.619932] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2747.623355] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:05 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x68, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2747.633002] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2747.637012] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:05 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x3, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2747.786317] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2747.827465] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2747.867280] 9pnet: Insufficient options for proto=fd
[ 2747.874468] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2747.923585] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2747.944110] 9pnet: Insufficient options for proto=fd
13:46:22 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, &(0x7f0000000100))

13:46:22 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x4, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:22 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x80ffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:22 executing program 4:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0xee00, 0xee00}}, './file0\x00'})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
openat(r1, &(0x7f0000000280)='./file0\x00', 0x42000, 0x40)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x50002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = dup(0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, &(0x7f0000000400), &(0x7f0000000440)=0x10)
preadv(r3, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x0, 0xffff57e9, 0x4)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x80202, 0x100)
openat(r4, &(0x7f0000000380)='./file0\x00', 0x24000, 0x20)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r3, 0x40189429, &(0x7f0000000240)={0x1, 0x3})
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

13:46:22 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x5a}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:46:22 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x6}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:46:22 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x6c, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:22 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x4, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2764.862126] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2764.896091] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2764.923774] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2764.931214] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2764.947337] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2764.948961] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2764.951913] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
13:46:22 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x5, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:22 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, &(0x7f0000000100))

[ 2764.984141] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2764.999104] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2765.015260] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2765.029299] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2765.038700] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2765.050308] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2765.206140] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2765.216055] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:40 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x5, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:40 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x74, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:40 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x6, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:40 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), 0x0)

13:46:40 executing program 4:
syz_io_uring_setup(0x0, 0x0, &(0x7f0000fef000/0x11000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, &(0x7f0000000300))
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x80, 0xfffffffd, 0xb419}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = dup(0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(r2, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f00000006c0)="fe09e419c5ee5b4c2cf11557e56a865c80b8758e512b60cb38691b7a7ecee18a15c136fb2948e2d222425cc3f7545add0392505a5fe7b749e9e3a0e197f2aa142ac8a6a8f8d58067f2f0b6f860fdcb0e5cfb0c866fb4bcf77f1558272cc00fac3e68b48f39a1a26c43b8a7c0bfa3d0599f54713eb543335fdd5341e7b30f3f30590fd30711fee17b40a24f608cd1d3a2c3814b8edff65dd694aff072ebb5648c1c25137f35cbf59353331ee4a9884ce4d86c4c9376fafc27fb34258a5c639048ed6decca3260741da334eeeece752a9e0162c4c68b9d0532e1a567816adfef785f3e4c4540de06e8a23aace010ed2b35239a2243f8e7ae0da2275d6739124805")
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x80202, 0x100)
r4 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0x4)
openat(r3, &(0x7f0000000280)='./file0/file0\x00', 0x300, 0x31)
sendmsg$nl_generic(r4, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000001a0011cd"], 0x1c}}, 0x0)
readv(r4, &(0x7f0000000400)=[{&(0x7f0000000180)=""/43, 0x2b}], 0x1)
sendmsg$NL80211_CMD_GET_STATION(r4, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000002c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="55fec4ec2d201e9edd4339046dd7bac0c4ed20b9e5fd5b9f75f801342f66b1e91dbcdff7ec22b0a926ff8bfed51e370b024389862818ce1f13a1b3b395b061bc6ba143e39e0ab9c9e4f607944b8767b4a1107479a5582c79ec28f11260b8fe9a492a7e0f0c058596619ecc05097961dd51e106941e28eb4de9f59e3b54efae", @ANYRES16=0x0, @ANYBLOB="100000040000fbdbdf2511009ec4473d072f981ad9706d2c00000600ed001c060000"], 0x28}, 0x1, 0x0, 0x0, 0x40804}, 0x884)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

13:46:40 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:40 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x7}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:46:40 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x5c}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 2782.665999] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2782.682866] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2782.703309] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2782.711417] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2782.716925] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2782.736123] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2782.741895] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2782.753338] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:40 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), 0x0)

[ 2782.767046] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2782.774180] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2782.775769] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2782.778365] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
13:46:40 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x7, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2782.843823] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
13:46:40 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:40 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x6, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:40 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x7a, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:40 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x5d}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 2782.982530] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:40 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x9}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:46:40 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), 0x0)

13:46:40 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2783.012186] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2783.053004] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2783.065906] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2783.091145] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2783.123721] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2783.131007] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2783.186817] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:40 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0xc, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2783.281924] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:40 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x5e}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:46:40 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:40 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x7, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2783.331127] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:41 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0xf}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 2783.415425] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2783.420304] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2783.463854] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2783.470748] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:46:58 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:46:58 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0xd1, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:58 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 1)

13:46:58 executing program 4:
r0 = creat(&(0x7f0000000000)='./file2\x00', 0x0)
fcntl$setlease(r0, 0x400, 0x1)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r3 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file2\x00', 0x78a67dce, 0x2, &(0x7f0000000240)=[{&(0x7f0000000100)="05c9e0f881dd290d", 0x8, 0x2}, {&(0x7f0000000140)="67e852beab1b0096bfbfc77d9b654ecd9f355b99622675306b5fb323c0e866075d3e3b9985b8b8b8eb8feea7fbd3e6e358e265b043902aed6b82d73c5d5cbc476fa2bc75edc6ab2deebc2ef64c3df116dbf865b9de0020945f005db36a01c291bf395c5b213d8d35e3b9baeb3743b2790e2dd9aab39efb39aeffbcf1c767bb6a1cf80ab50c28d9d0f20619976c50efa273063b6570c7ce2ecc00dc65ba42946800a6a3f29606f014ebf4b88cf6b6ec2975eb890000cfb1f69668f37d23637886a3c56e457bc5cb325b2cf92856b90b0025d92c011906bc030d221e631d9239dd", 0xe0, 0x1c000000000}], 0x1086401, &(0x7f0000000280)={[{@journal_dev={'journal_dev', 0x3d, 0x4}}, {@noauto_da_alloc}], [{@dont_hash}, {@fsuuid={'fsuuid', 0x3d, {[0x38, 0x34, 0x30, 0x30, 0x635ba769d6b39901, 0x51, 0x39, 0x35], 0x2d, [0x33, 0x64, 0x32, 0x33], 0x2d, [0x32, 0x61, 0x7d, 0x65], 0x2d, [0x62, 0x2, 0x32, 0x66], 0x2d, [0x61, 0x35, 0x65, 0x38, 0x32, 0x61, 0x60, 0x35]}}}, {@smackfsdef={'smackfsdef', 0x3d, '.'}}, {@fsname={'fsname', 0x3d, '-('}}, {@subj_role={'subj_role', 0x3d, '^\''}}, {@uid_eq}]})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
ftruncate(r4, 0x4)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r4, 0x0)
syz_io_uring_setup(0x4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r5, r7, &(0x7f0000000180)=@IORING_OP_SEND={0x1a, 0x2, 0x0, r4, 0x0, &(0x7f0000000300), 0x0, 0x8080, 0x1}, 0x0)
r8 = syz_io_uring_complete(r6)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000800)=@IORING_OP_FALLOCATE={0x11, 0x3, 0x0, @fd_index=0x2, 0x7fffffff, 0x0, 0xffff0002, 0x0, 0x0, {0x0, r9}}, 0x362c)
syz_io_uring_submit(r5, r7, &(0x7f0000000240)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r8, 0x7f, 0x0, 0x10000, 0x0, 0x0, {0x0, r9}}, 0x6)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000340)=@IORING_OP_CLOSE={0x13, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}, 0x80000000)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x80000, 0x0)

13:46:58 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x22, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:58 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:58 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x22, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:46:58 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x5f}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 2800.451860] FAULT_INJECTION: forcing a failure.
[ 2800.451860] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2800.454262] CPU: 1 PID: 14439 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2800.455668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2800.457490] Call Trace:
[ 2800.457978]  dump_stack+0x107/0x167
[ 2800.458639]  should_fail.cold+0x5/0xa
[ 2800.459334]  _copy_from_user+0x2e/0x1b0
[ 2800.460085]  io_uring_setup+0x9b/0x2980
[ 2800.460928]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2800.461802]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2800.462910]  ? wait_for_completion_io+0x270/0x270
[ 2800.463871]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2800.464721]  ? vfs_write+0x354/0xb10
[ 2800.465395]  ? fput_many+0x2f/0x1a0
[ 2800.466071]  ? ksys_write+0x1a9/0x260
[ 2800.466761]  ? __ia32_sys_read+0xb0/0xb0
[ 2800.467636]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2800.468694]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2800.469830]  do_syscall_64+0x33/0x40
[ 2800.470510]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2800.471460] RIP: 0033:0x7f2ccc8b5b19
[ 2800.472133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2800.475989] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2800.477373] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2800.478871] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2800.480549] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2800.481852] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2800.483317] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2800.513890] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2800.525380] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2800.528543] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2800.542415] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2800.552094] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2800.561965] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2800.573410] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2800.584016] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:47:16 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 2)

13:47:16 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x23, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:16 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {<r1=>r0}}, './file0\x00'})
bind$bt_sco(r1, &(0x7f0000000040)={0x1f, @none}, 0x8)

13:47:16 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x60}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:47:16 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x23, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:16 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:16 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x2}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:47:16 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x5000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2818.592046] FAULT_INJECTION: forcing a failure.
[ 2818.592046] name failslab, interval 1, probability 0, space 0, times 0
[ 2818.595215] CPU: 0 PID: 14484 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2818.597124] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2818.599279] Call Trace:
[ 2818.599995]  dump_stack+0x107/0x167
[ 2818.600938]  should_fail.cold+0x5/0xa
[ 2818.601836]  ? io_uring_setup+0x258/0x2980
[ 2818.602921]  should_failslab+0x5/0x20
[ 2818.603843]  kmem_cache_alloc_trace+0x55/0x320
[ 2818.604875]  io_uring_setup+0x258/0x2980
[ 2818.605923]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2818.607164]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2818.608340]  ? wait_for_completion_io+0x270/0x270
[ 2818.609624]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2818.610685]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2818.611780]  do_syscall_64+0x33/0x40
[ 2818.612249] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2818.612741]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2818.612760] RIP: 0033:0x7f2ccc8b5b19
[ 2818.612785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2818.612795] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2818.612815] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2818.612836] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2818.627667] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2818.629505] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2818.631351] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2818.658909] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2818.683767] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2818.700834] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:47:16 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 3)

[ 2818.718795] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2818.750776] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:47:16 executing program 4:
capset(&(0x7f0000001c40)={0x19980330}, &(0x7f0000001c80))
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = accept4$unix(r0, &(0x7f00000000c0), &(0x7f0000000140)=0x6e, 0x800)
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getdents(r2, &(0x7f0000000440)=""/200, 0xc8)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r4, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(0xffffffffffffffff, 0x80)
ioctl$FS_IOC_FSSETXATTR(r4, 0x40086602, &(0x7f0000000000)={0xfffffffd, 0x7, 0x20400, 0x4})
write$P9_RREADLINK(r4, &(0x7f0000000200)=ANY=[@ANYRES32], 0x10)
ioctl$FS_IOC_FSSETXATTR(r4, 0x40086602, &(0x7f0000000000)={0x0, 0x0, 0x4})
ioctl$BTRFS_IOC_SCRUB(r3, 0xc400941b, &(0x7f0000000540)={0x0, 0x1, 0x400, 0x1})
ioctl$AUTOFS_IOC_READY(r0, 0x9360, 0x0)
write$P9_RREADLINK(r2, &(0x7f00000002c0)=ANY=[], 0x10)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000240))
r5 = pidfd_getfd(r2, r3, 0x0)
clone3(&(0x7f0000000040)={0x40908200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000200), 0x0, {r5}}, 0x58)

13:47:16 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x26, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:16 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:16 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x27, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:16 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x62}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:47:16 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x3}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:47:16 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2819.010223] FAULT_INJECTION: forcing a failure.
[ 2819.010223] name failslab, interval 1, probability 0, space 0, times 0
[ 2819.012696] CPU: 1 PID: 14509 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2819.014146] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2819.015924] Call Trace:
[ 2819.016504]  dump_stack+0x107/0x167
[ 2819.017295]  should_fail.cold+0x5/0xa
[ 2819.018124]  ? create_object.isra.0+0x3a/0xa20
[ 2819.019114]  should_failslab+0x5/0x20
[ 2819.019953]  kmem_cache_alloc+0x5b/0x310
[ 2819.020825]  create_object.isra.0+0x3a/0xa20
[ 2819.021760]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2819.022846]  kmem_cache_alloc_trace+0x151/0x320
[ 2819.023864]  io_uring_setup+0x258/0x2980
[ 2819.024742]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2819.025763]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2819.026841]  ? wait_for_completion_io+0x270/0x270
[ 2819.027925]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2819.029035]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2819.030137]  do_syscall_64+0x33/0x40
[ 2819.030936]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2819.032046] RIP: 0033:0x7f2ccc8b5b19
[ 2819.032846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2819.036803] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2819.038429] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2819.039975] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2819.041498] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2819.043021] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2819.044566] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2819.076924] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2819.119688] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:47:16 executing program 4:
r0 = syz_io_uring_setup(0x13bb, &(0x7f0000000140), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0)
sync_file_range(r3, 0xff, 0x2, 0x1)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000040)={<r4=>r3, 0x10000, 0x400, 0x5})
ioctl$INCFS_IOC_CREATE_FILE(r4, 0xc058671e, &(0x7f0000000580)={{}, {0x1}, 0x42, 0x0, 0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)="9418070bc8e303aecc11ac17cf3fa2efbc20566ab10f51d24dfeb0c501fdf55edee51b58faeff6eaedb8d8640b80d238aee135ae0b3d17d992fa2f949626f7177fdb49630f23aac26538a7aad31284ab8ea576e2a64c669d7abf3370e93209c835be70aa36aff48120fbeb137f6aae7fde24191ff7f2ef94317e83edd94fd33d78bb7693ae0ea0e87d409fcb8bc62bbbd7528defc1f82beb0af7771fdf1df6a616a55c6d37cd7dfc76b97b197bde1d34efe9ced350dfc91c15fd6a216e927b5aaa799fcda70039d8cd7d079d11db2f9067b6c318c13e525baf2701f0c1dc311feaac46dac0c530c98a4400cd384edd65356e94f32249aab803fa4d0dcef692ee801ceeba38ef3a394c851db45f57610b0008b79c4b688fb813682214cb0f8e2d6e3d5de8da1757991ce7e4fc8cc8a9c14a053897ecb789585fe39b2ba53eb6dbb3f8f681abaa391d5cd5b84a4ad3854c4d9737b45257018dc346269fed3d2929", 0x160, 0x0, &(0x7f00000003c0)={0x2, 0x109, {0x1, 0xc, 0xc, "a5b50e313055771fdea44b43", 0xf0, "aa0b7307ba339594455986a425b95fb2fe5eb16b5490e2ec30ea1aaf9cf62ab6b5205bb571e325c0dcec4a800bb6a2bc00db97232a6b5e36ffe17453b57e2ea2fd10893604856022ea9ee7a1c5890a1790cd70fa45046799095064ff2fc542c760a0b80d1665cc6c6c50ce3a5ad2e3ea4a1623e97fb8d25dda16dd4d3ce660496fa64cef443b7264fba995ff6324323a631b031a7136b245c0c1c03f5e046e972e2e86de321df26d35ff88134bc461dda7c0c0b782af4c86c46be6e81e003819c6061684099263e3612c941daff4275cdf3ecf55a5619c52369fa4f01e3027b4f4909c1a6454a3ff975605ce9e705ef5"}, 0x90, "2ce5490a910258f8eae44703a67a0bfa6b849b29892b456d09cc5d23a8f7707d4322e8efe2a1d15c32189f544df5d9f57531479ef3f10fdbad80e744a0fec839cbea5be8c6cc0d4389c53f3f278cef0aa3cde19a1595e6f462944ea091ae0cac90675b1ea45715da33181f4877e366640ae8b6bc9716a8a938e23fce91ce8d8c5c905fa4548d65983bd831d1f2c20741"}, 0x1a5})
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 2819.147522] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x4
13:47:16 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 4)

[ 2819.189447] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x4
13:47:16 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x27, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2819.211812] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2819.235397] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2819.260324] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2819.286630] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2819.348468] FAULT_INJECTION: forcing a failure.
[ 2819.348468] name failslab, interval 1, probability 0, space 0, times 0
[ 2819.351047] CPU: 1 PID: 14538 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2819.352488] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2819.354458] Call Trace:
[ 2819.355002]  dump_stack+0x107/0x167
[ 2819.355769]  should_fail.cold+0x5/0xa
[ 2819.356549]  ? io_uring_setup+0x33c/0x2980
[ 2819.357569]  should_failslab+0x5/0x20
[ 2819.358449]  __kmalloc+0x72/0x390
[ 2819.359279]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2819.360380]  io_uring_setup+0x33c/0x2980
[ 2819.361215]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2819.362338]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2819.363502]  ? wait_for_completion_io+0x270/0x270
[ 2819.364529]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2819.365753]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2819.366814]  do_syscall_64+0x33/0x40
[ 2819.367633]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2819.368782] RIP: 0033:0x7f2ccc8b5b19
[ 2819.369704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2819.374000] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2819.375948] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2819.377574] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2819.379140] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2819.380851] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2819.382434] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:47:17 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:17 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x48, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:17 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2819.449237] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:47:17 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2819.479300] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:47:17 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x63}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 2819.633091] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2819.663030] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2819.682400] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2819.700703] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:47:32 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x64}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:47:32 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x4}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:47:32 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x4c, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:32 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:32 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 5)

13:47:32 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x35, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:32 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x22000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:32 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x8, &(0x7f0000000040)=0x8b, 0x4)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

[ 2835.246938] FAULT_INJECTION: forcing a failure.
[ 2835.246938] name failslab, interval 1, probability 0, space 0, times 0
[ 2835.248475] CPU: 0 PID: 14585 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2835.249461] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2835.250484] Call Trace:
[ 2835.250816]  dump_stack+0x107/0x167
[ 2835.251276]  should_fail.cold+0x5/0xa
[ 2835.251783]  ? create_object.isra.0+0x3a/0xa20
[ 2835.252354]  should_failslab+0x5/0x20
[ 2835.252827]  kmem_cache_alloc+0x5b/0x310
[ 2835.253326]  create_object.isra.0+0x3a/0xa20
[ 2835.253868]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2835.254493]  __kmalloc+0x16e/0x390
[ 2835.254940]  io_uring_setup+0x33c/0x2980
[ 2835.255440]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2835.256047]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2835.256666]  ? wait_for_completion_io+0x270/0x270
[ 2835.257277]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2835.257925]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2835.258563]  do_syscall_64+0x33/0x40
[ 2835.259026]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2835.259663] RIP: 0033:0x7f2ccc8b5b19
[ 2835.260122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2835.262397] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2835.263338] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2835.264237] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2835.265109] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2835.265988] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2835.266876] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2835.284530] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2835.287790] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x8
[ 2835.296254] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2835.299052] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2835.308065] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2835.313414] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2835.320604] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x8
[ 2835.325160] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:47:32 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0)
preadv(r0, &(0x7f0000001580)=[{&(0x7f00000015c0)=""/4106, 0x100a}], 0x1, 0x0, 0x0)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x505000, 0x0)
readv(r0, &(0x7f0000000340)=[{&(0x7f0000000080)=""/170, 0xaa}, {&(0x7f0000000140)=""/138, 0x8a}, {&(0x7f0000000200)=""/245, 0xf5}, {&(0x7f0000000300)=""/44, 0x2c}], 0x4)
ioctl$AUTOFS_IOC_FAIL(r1, 0x9361, 0x400)

13:47:33 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x48, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:33 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:33 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x68, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2835.508308] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2835.512018] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2835.557794] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2835.563080] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:47:48 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:48 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x23000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:48 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x6c, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:48 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 6)

13:47:48 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x65}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:47:48 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x5}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:47:48 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:48 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x4c, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2851.000671] FAULT_INJECTION: forcing a failure.
[ 2851.000671] name failslab, interval 1, probability 0, space 0, times 0
[ 2851.003151] CPU: 1 PID: 14630 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2851.004594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2851.006350] Call Trace:
[ 2851.006913]  dump_stack+0x107/0x167
[ 2851.007684]  should_fail.cold+0x5/0xa
[ 2851.008464]  ? io_uring_setup+0x40b/0x2980
[ 2851.009350]  should_failslab+0x5/0x20
[ 2851.010144]  kmem_cache_alloc_trace+0x55/0x320
[ 2851.011083]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2851.012157]  io_uring_setup+0x40b/0x2980
[ 2851.013002]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2851.014002]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2851.015078]  ? wait_for_completion_io+0x270/0x270
[ 2851.016156]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2851.016386] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x14
[ 2851.017279]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2851.017302]  do_syscall_64+0x33/0x40
[ 2851.017322]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2851.017335] RIP: 0033:0x7f2ccc8b5b19
[ 2851.017364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2851.027379] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2851.028974] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2851.029332] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x14
[ 2851.030479] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2851.030490] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2851.030501] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2851.030513] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2851.085102] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2851.107130] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2851.112863] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2851.121152] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2851.125238] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2851.130335] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:47:48 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x68, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:48 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x27000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:48 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 7)

13:47:48 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000780), 0x400001, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x32, 0x71, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r1 = syz_io_uring_setup(0x573b, &(0x7f0000000200)={0x0, 0x5727, 0x8, 0x3, 0x58}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000100), &(0x7f0000000140))
read(r1, &(0x7f00000001c0)=""/1, 0x1)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x22, &(0x7f0000000280)=0x1, 0x4)
openat$incfs(r0, &(0x7f0000000080)='.log\x00', 0x410102, 0x44)
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3}, 0x2}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4712d520085aba68)

13:47:48 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x14e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:48 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x74, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:47:48 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x66}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:47:49 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x6}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 2851.372426] FAULT_INJECTION: forcing a failure.
[ 2851.372426] name failslab, interval 1, probability 0, space 0, times 0
[ 2851.374850] CPU: 0 PID: 14659 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2851.375287] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2851.376326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2851.376335] Call Trace:
[ 2851.376361]  dump_stack+0x107/0x167
[ 2851.376382]  should_fail.cold+0x5/0xa
[ 2851.376404]  ? create_object.isra.0+0x3a/0xa20
[ 2851.376426]  should_failslab+0x5/0x20
[ 2851.376445]  kmem_cache_alloc+0x5b/0x310
[ 2851.376469]  create_object.isra.0+0x3a/0xa20
[ 2851.376485]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2851.376509]  kmem_cache_alloc_trace+0x151/0x320
[ 2851.376538]  io_uring_setup+0x40b/0x2980
[ 2851.376558]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2851.376579]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2851.376594]  ? wait_for_completion_io+0x270/0x270
[ 2851.376635]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2851.376654]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2851.376675]  do_syscall_64+0x33/0x40
[ 2851.376693]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2851.376706] RIP: 0033:0x7f2ccc8b5b19
[ 2851.376725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2851.376735] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2851.376755] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2851.376766] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2851.376777] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2851.376799] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2851.391517] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2851.392385] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2851.433507] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2851.472372] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x14e
[ 2851.502001] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2851.542006] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x14e
13:47:49 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2851.554157] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2851.569461] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2851.781179] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2851.797071] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:48:06 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 8)

13:48:06 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x6c, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:06 executing program 4:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r1, &(0x7f00000027c0)={&(0x7f00000000c0)={0xa, 0x4e24, 0x0, @dev}, 0x1b, 0x0}, 0x0)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x109400, 0x0)
pipe2(&(0x7f00000006c0), 0x86800)
r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000c80), 0x206100, 0x0)
sendmsg$inet6(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000cc0)=[{0x0}, {&(0x7f0000000ec0)="aa7f839bdd947fb7a0dd560be62628aa77ff0603a80ffa491cea46acc47fc6bf3cc6a9b218e89925884624f1a0b100411b00000000000000cdf7301acd84b34e05ab9ed7600c02ca0e7481c04c97c224733452433289e02463c8c7dfd8ab079e363f066092c890d5e53f2fb59fe038e006729737d09a8bc95b54c73cd83e7bbf5133b3ca17c2555a46cfb85966eafb8e701eeb8c4e05e780b7564643e7b9a914418dba3e1296b46d6fa2f23663c8110c2fbc8034811004db40ab6714fd138b6ead83ebbfdd83dc2bc221fe8ebbe63131438daecc7c2f6a10553ab5155fc4ac3b48457d956c97d6555fc50f1d1e9f7ca9d6ac76c96cc31ab53f846ddd3b7cf4af2cf2686d002c9a3e73a26f5bf20dc7b5676ed08b0c74e2a7b5d055b0a6d60196bc611a4a84625e5e6fbe0e3071150b560108f49f8a60f91ab7f791d78291d12ac3f85720a5be4270b5fb4fdfa249ff906efdd1a1871bc6a908340cb34c12497814cfcefebd786e072ebbf2efb25cc34872db9f09e9919929000aeac82b16cc871d32a2cc4781dc79553d000b91f066a135691ef0abcc16598ee2804b5c8866bd3128031f41d87553ec425f9184fd7cd6b45cf4b0014315075915c35ea88224", 0xfe}, {&(0x7f0000000280)="2d002bc9fa4b243e74f3dbd000bf1136d395999b22e5fe0de02e3af72d27f3573a14e14f01fa75529ce20daca6a89e6598a2a3562b540f9de065622004e5de14b2bcaf47d20c741f7600099bf6f3069bd2672a0f88aac201d59d96504b389f2a66bcdf20cd62d926aaba930bc329d43bc6b09bdd7d25494c9076992a41024cbbeeee8094bf88cc65d2ee433afaa03cc972f42d6b00080829e3b184bb5e34171a30", 0xa1}], 0x3}, 0x4004890)
pread64(r2, 0x0, 0x0, 0x0)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x14101, 0x0)
sendmmsg$inet6(r4, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000340)="27eef03a5add979e2ceac424404a702db8d8ff97b0080445c5395a39c548edb723a277ec745dd7552e8b047bfe59b731a82df0fb98bf150b94286479a5176b7ee99c4edf07e12503c11f68d7ac8ba2ae8967cf88d3e04d34582704185bdb873d35f9bd91f7d0803101b9fda29c3a7d918446e3b41dac1e74d56bb74a17fd6c8ab8a4ae43401979684d", 0x89}, {&(0x7f0000000580)="9db73a51717304755886b6617efc406b4782ba82f91a4d34fa6a64e466aa7c191efd65924ad3954485d3abeb4c397a259078491153b6e18d3897e5cfbb8e7ebbcb79a8efc83b3f54f487fcdf3e41f717513c8a4050bd367f4a29576890caf1f16cc296294645f56c081500ec024487041faf897c20d62f916e9e976446717280c9c3f0c936af482774a892ba5906ca6f8709d57c7aad0d70c4cfd674ae69a4a62c62ce73e42f870e03705ecda8a0b854ec91758b741906e071d5a39b17e9c4019bc1085ae610ab6716c7664f072edd04fa537e", 0xd3}, {&(0x7f0000000100)="fad653ffdf80770de3b9a22f9cfd2004be2641f020cd662712f5bd7aac0bdd90c072a2754bb63d34ad7913964fb2d3c90c200a4efc08a43e", 0x38}, {&(0x7f0000000840)="49e8a93615ffe11b11d4e2fa12bcf2695a724737bfb4fa0c34fba09ee65ec7b50fb04f43e652ee1604cf212c6409d99e29201212150fb766a21c2bbda5d04c2f51ddd869785487e3c815ef7cdca6dfbd3f4fb02bef69005180835454428ed1b2a7f7908c72ab7fa00ffbd55b3f1f42b61a5a9626cbcff8e56fcc9a8571dd48d42b2694cdb171fe3292df91f437c82ad3be2f3aa0a5f07fc75138148b63fd542e92644fa3a63acfca4da6c3dfff2c56da106b512178c93ed655a9b650aa1e92bbb04b2f49d64b0645ad669339cc521e4e6a8136e6c7d0abdf5745a5b9d246a8018fe6c0a0", 0xe4}, {&(0x7f0000000240)="8418464e586ba3104f75ac5438cd8c5932b781dfdea2ae53907f14394f22a913022f51be270d158ec586f77110059dd2c16945", 0x33}, {&(0x7f0000000940)="2b18cef098a841f450abcb8c66fc5a9c89fa0132a13596269a6f9a3579a48ce3af20d60bb4d9b6c1594fd0e00b69ab78786e0469a24f4c6eeead0e992994ecbd48ee6178c249cb7824646ab565eaffd05badce1839416422b731534cfa470fd565afbb002cad4d0859078fcb3e8729032ca8c17c1beecf0d0565852f721dd2eb4e1a665dfe7ff7d7243ba91eb9c8df7d546a16c5bcab95981243e5ca3aa90866044c06648d8c28500938dd6dbaef28c32be855ac7a82de92fec0aed768bf99043bda2724e7fbe3f437947ab5ccf30f5e78730ad003caef28a6f4a3e2e6efef10c08fa2c401206d3faefd2fd65399c9a3a3491498d9fb49fb8abfdb697e59", 0xfe}], 0x6, &(0x7f0000000ac0)=[@dontfrag={{0x14, 0x29, 0x3e, 0x5}}, @hopopts={{0x30, 0x29, 0x36, {0x2c, 0x2, '\x00', [@calipso={0x7, 0x10, {0x2, 0x2, 0x7f, 0x5, [0x1000]}}]}}}, @hopopts={{0x100, 0x29, 0x36, {0x8, 0x1d, '\x00', [@calipso={0x7, 0x10, {0x1, 0x2, 0x6, 0x7dbe, [0x6]}}, @enc_lim={0x4, 0x1, 0x1}, @pad1, @generic={0x1d, 0x66, "5603d15d9710bc7f687c28b610ce36226d27ac18ae03d9dc133fc35cbfbfaaacf7fc2cfa505bf99f5585672494e92e9b1eeefa79ca0c5ab50e296f61d775bb2c730d0a6d4e07110e55491d4118b352e1a095e927a9bb6660fbb357f749efa7a9083f61050bff"}, @jumbo={0xc2, 0x4, 0x6}, @generic={0x6, 0x5c, "f6622e0f98565e87a0d473ffe6b3ca58570cb2a7066f1fa6712af770424aa6c5ee1c679b9f0e162298377d8453d88da443e8355ffa60c823d19501cf6d42fcb8254023607a627a7b867ab5bb481747a38f8094ba5c2e2a8f509d339f"}, @padn={0x1, 0x2, [0x0, 0x0]}]}}}, @hopopts={{0x30, 0x29, 0x36, {0x6, 0x2, '\x00', [@pad1, @padn={0x1, 0x1, [0x0]}, @jumbo={0xc2, 0x4, 0xfff}, @ra={0x5, 0x2, 0x9}, @pad1, @ra={0x5, 0x2, 0x8000}]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x1ff}}], 0x190}}], 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4ea0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c)
syz_open_dev$vcsa(&(0x7f0000000080), 0x6, 0x301000)
socket$packet(0x11, 0x3, 0x300)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8600, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000d00)=ANY=[@ANYBLOB="7f454c8cfd6b0981800000000000000003000600070000000c0300000100000040000000000000009903000000000000030000003f00380002000d000300000104000070fe050000ff070000000000000081000000000000010000000000000008ecffff7f00000007000000000000000200000000000000c0ead5e922bd9647d6a717f07414ae03eb9f96a720ff162b0d97e76185d7fcbbf4f733e01b95b3a7124a14d862ce18ce50cd7fab61ab8ee8033ecfff7a1287cc2e8251f9fdad861624b388d7c10c38f65737c0bedb11ddd6d5adcfcefce0f235bc921704fa4d28ba736ee4074cbc16f74500a73e0f32fcebeb70b3a1e3eaff33e3bdf4e43b6d6263b4affb0eaa066a44af68d3212856c0462a94f72fbbe1daa83380a2b82fed4378a35ccc024f3e983e0a047af549ca6fb83730496138f3f582e3773b07f90053c90795fc371420eac633a995aa66c8054e9b135fee4af729cb0509f67258bbbf29c2575fbb0adac1a566c6133be798247b4ea1e7cf9ffb54540a53d2979383"], 0xc3)

13:48:06 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x7}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:48:06 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x1fe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:06 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x7a, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:06 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x67}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:48:06 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x48000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2868.709136] FAULT_INJECTION: forcing a failure.
[ 2868.709136] name failslab, interval 1, probability 0, space 0, times 0
[ 2868.711999] CPU: 0 PID: 14701 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2868.713795] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2868.715543] Call Trace:
[ 2868.716119]  dump_stack+0x107/0x167
[ 2868.716874]  should_fail.cold+0x5/0xa
[ 2868.717673]  ? create_object.isra.0+0x3a/0xa20
[ 2868.718634]  should_failslab+0x5/0x20
[ 2868.719408]  kmem_cache_alloc+0x5b/0x310
[ 2868.720415]  create_object.isra.0+0x3a/0xa20
[ 2868.721369]  kmemleak_alloc_percpu+0xa0/0x100
[ 2868.722341]  pcpu_alloc+0x4e2/0x1240
[ 2868.723133]  ? io_tctx_exit_cb+0xf0/0xf0
[ 2868.723998]  percpu_ref_init+0x31/0x3d0
[ 2868.724830]  io_uring_setup+0x47a/0x2980
[ 2868.725870]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2868.726893]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2868.727932]  ? wait_for_completion_io+0x270/0x270
[ 2868.728935]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2868.730028]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2868.731103]  do_syscall_64+0x33/0x40
[ 2868.732066]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2868.733187] RIP: 0033:0x7f2ccc8b5b19
[ 2868.733953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2868.737770] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2868.739437] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2868.740918] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2868.742508] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2868.744260] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2868.745797] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2868.754390] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2868.787333] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2868.808918] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2868.826998] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2868.845531] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2868.875501] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:48:06 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 9)

[ 2868.899259] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x1fe
13:48:06 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4c000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:06 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x74, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2868.983523] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x1fe
13:48:06 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x8}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:48:06 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0xd1, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:06 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000001880)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
chmod(&(0x7f0000000040)='./file0\x00', 0xc3a45a9b1f066eb6)
openat$dir(0xffffffffffffff9c, &(0x7f0000001300)='./file0\x00', 0x532482, 0xfd70c1c74e342dae)

[ 2869.122130] FAULT_INJECTION: forcing a failure.
[ 2869.122130] name failslab, interval 1, probability 0, space 0, times 0
[ 2869.125270] CPU: 1 PID: 14737 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2869.127025] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2869.129135] Call Trace:
[ 2869.129807]  dump_stack+0x107/0x167
[ 2869.130727]  should_fail.cold+0x5/0xa
[ 2869.131690]  ? create_object.isra.0+0x3a/0xa20
[ 2869.133227]  should_failslab+0x5/0x20
[ 2869.134272]  kmem_cache_alloc+0x5b/0x310
[ 2869.135163]  create_object.isra.0+0x3a/0xa20
[ 2869.136239]  kmemleak_alloc_percpu+0xa0/0x100
[ 2869.137380]  pcpu_alloc+0x4e2/0x1240
[ 2869.138270]  ? io_tctx_exit_cb+0xf0/0xf0
[ 2869.139156]  percpu_ref_init+0x31/0x3d0
[ 2869.140132]  io_uring_setup+0x47a/0x2980
[ 2869.141167]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2869.142358]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2869.143413]  ? wait_for_completion_io+0x270/0x270
[ 2869.144465]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2869.145827]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2869.147000]  do_syscall_64+0x33/0x40
[ 2869.147872]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2869.149066] RIP: 0033:0x7f2ccc8b5b19
[ 2869.149946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2869.154122] RSP: 002b:00007f2cc9de9108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2869.155777] RAX: ffffffffffffffda RBX: 00007f2ccc9c90e0 RCX: 00007f2ccc8b5b19
[ 2869.157332] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2869.158866] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2869.160432] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2869.161955] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:48:06 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x6b}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 2869.215424] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2869.235453] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:48:06 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2d000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2869.259423] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2869.294704] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2869.389302] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2869.436515] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2d000
[ 2869.454207] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2869.478442] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2d000
13:48:23 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x6c}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:48:23 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:23 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x68000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:23 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 10)

13:48:23 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x7a, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:23 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x9}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:48:23 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:23 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x6)
close(0xffffffffffffffff)
r1 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000300)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000000)="0bb568bd3499", 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x87e2, 0x0)
getdents(r2, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r2, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r2, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r2, &(0x7f00000002c0)=ANY=[], 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c0000002e00210c000008400000007b76ffffff3800008008000e00", @ANYRESDEC=r1, @ANYRESDEC, @ANYRESHEX=r2, @ANYRESDEC=r1], 0x4c}, 0x1, 0x0, 0x0, 0x240480e7}, 0x20000140)
open$dir(&(0x7f0000000000)='.\x00', 0xa40, 0x5e)
chmod(&(0x7f00000003c0)='./file0\x00', 0x13)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r3, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000500)={{{@in=@local, @in6=@private0}}, {{@in6}, 0x0, @in6=@dev}}, &(0x7f0000000400)=0xe8)
syz_genetlink_get_family_id$fou(&(0x7f0000000380), r0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_config_ext={0x0, 0xffffffffffff0bde}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fallocate(r3, 0x3, 0x4077, 0x8000)

[ 2885.909004] FAULT_INJECTION: forcing a failure.
[ 2885.909004] name failslab, interval 1, probability 0, space 0, times 0
[ 2885.911860] CPU: 1 PID: 14786 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2885.912481] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2885.913363] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2885.913370] Call Trace:
[ 2885.913394]  dump_stack+0x107/0x167
[ 2885.913414]  should_fail.cold+0x5/0xa
[ 2885.913436]  ? percpu_ref_init+0xd8/0x3d0
[ 2885.913458]  should_failslab+0x5/0x20
[ 2885.913477]  kmem_cache_alloc_trace+0x55/0x320
[ 2885.913497]  ? io_tctx_exit_cb+0xf0/0xf0
[ 2885.913514]  percpu_ref_init+0xd8/0x3d0
[ 2885.913537]  io_uring_setup+0x47a/0x2980
[ 2885.913557]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2885.913579]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2885.913593]  ? wait_for_completion_io+0x270/0x270
[ 2885.913633]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2885.913653]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2885.913676]  do_syscall_64+0x33/0x40
[ 2885.931099]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2885.932212] RIP: 0033:0x7f2ccc8b5b19
[ 2885.932764] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2885.933044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2885.939798] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2885.941409] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2885.942902] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2885.944411] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2885.945902] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2885.947470] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2885.980539] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2886.005092] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:48:23 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2886.033115] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2886.040487] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:48:23 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:23 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6c000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:23 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x6d}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:48:23 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0xb8, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:23 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0xf}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:48:23 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 11)

13:48:23 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, {0x120}}, 0x0)
syz_io_uring_setup(0x368c, &(0x7f0000000180), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500))
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x4, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
r5 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0)
syz_io_uring_submit(r8, r7, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_submit(r1, r7, &(0x7f0000000040)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x4, 0x0, r3, 0x0, &(0x7f0000000540)="bc457425a2fd49299b45a05f18eabc61936c8578b006f8d50417861ebe816c5e57ea4a3382fd8674117a2cf727d6559259bbd78a9989b9be69bf733b555d9cc352f8d02847797ae5d66bcdf8017c08dbb176e3c0302e04ea5156e24b4aa34ef858ac59d213707c0e2c4951faa34b38c4fdd58d0649131467a504bf681a5b31fb0d2956b7263a6a28263bf1d3a1f994339eef90e9732e18c8b8931ecf7b49e6a650890d1806fc28aa71945f9496f31fb03fb0941087dbafe6e7b9ce511b901d05e4ac577f0ca828c21361157ac26c558fdaca2d96019c138cc76b843ddd4d9046be7ad672eba8d73f88f5d78d58a68bcef38a7c3daa4e426561f090de1e05bf4da8d2a9a329acb3aae2ba45e68458dac263ed55c6571e73a3479b62f5fb88d083e10a3c8adcc1cb9c204ddb2cff3024723bbe1254fea547a113bfc7fdf2b656ed4536f08545040333b757e9fac36536b6a2051fab63f45dd3c8ca2c3bb3c171c1eba90f3068a0c92efac46c2122a77d3235c2b64086f0e79e1f737a257650b3f8b2df83b7149513e49c84809042bc5d3feeff7b4636ef3c5c8067eebd6278084776a52aa81cdf32bef83f859ba905ad5a465241f46888f239431c5bb5f891b75ed6e71547e9f177eb1c0a25f3bd385b6e377a600c0bd20cd035717b3b6874aa6b61ea3f136cef240e44096997223e6db08e512b96b16435beba8f70091a4edb5d2b1416908940142627f49289d346e2e87411a358c99cb02d0d78b9e0558b4c58908d90ebf87f875ae4127f331cdd5f841b785bbdb2fef33038e2d1b7af5467fa7dc3790f725ef2220d708fd34e58f4e0d5d488a7765a9f65d2c479b1cf1edcf2fb172ac1a9ac1ef919682945267023052d7021bf376175cd4680e32aa28e06d51d7ff5383e0d65f9194b6ba1fccbe20db38a6a1c41cd537da40fc0d6eedf7fb037bf28c3bfb1d512c84e60f03a6a53b9bd5a665ad621ca8415da8bcf3ef7fe0607a0245464e4961f839416ff013056b53463ed5e5bfe581df0dc72404fef3469988e32874775fa330c27441d35fca7485bf2d3b34284b8dda263d9e5e008e4be3a9b693192da0fa6531a2407fc3aff1a0dc0249d6b3926fcdff646ad19f14bc695cb90b000f15ec38f22f37b4dab1b2623be2491870c0b4ec5694f5d81ac231dfef2eb4765893d7c260f702a5d3b225b84f900245db4c453129e4eaed90da59db37e78b2542904822018abfe0aaae040df51de82e01d5065947b5e24cdf6f3040f6afafe8002fd961b22ace25ac700429330d4f4dd85af78b9e0495d5853b92843a410af2145010bd48e0a833b249622b5566a8bb71d859dddf58913b1ac2b3e63cc8acefaa050c44881fbad77bc2a34c8bde0ab444c83b693fdb98c50b5290894b71b02f46fe3f4a1716cb5fcac2e236814d4697683d27b9bfae5a6953d441eee859af0927443b01c27fe83ea8e632a117b8fd1b9851352c3aed01c98b398d60123070e8ee225430604e903e675608241f5d89b820cc293350b5e5bf0f7167d1163d19080ac1a50582e00729bee5db26e2a899dac9b48f80b96188b7939994e6f9b898a6572daec48a52722f4bcf619ae56d6414f045611fadaf80089560371ce6f3cd7016777347714af7b022c7b0f7d6b27acfc74333679edd95c36c2c17d050d3f4752d0a7bce848b497b64d338efccc4c8609c0abd4d04d40d9a118169239e0181438d5169e06063ab084d4b259af858bc12f706e97452bac9e3c7d9147b4bef61eb9a9469c01fe9fb65832c2dd93ffd45dcf48ec870462475a947c5d65e290d7941b4c969bc9fbeb1f11e9f7017854df71115cf9588aa8f73c7be9946aca35cff4b650a597e6daaed14def69cd39ef81620ce7ff161f794438f31adef811737c1f117c40ceba7a2893589840716fe51613153889bcb33113e07a80ad984ed85c1c77bb429b12309d15c57853a70e9338f5c38b6ebae28e5241133f838be53e06d633adc7e634ee5546aba47d262ff201c4e30db63c9ec7713028264a7a0169b38d363af05a46e9183797591d467605319dfb1623ba5a37f78da55beae60d757fa0af0d43cbec7b4c4a848258f6e31762f931883bab1a652b07a777d8c2c3aa830cc42d0689b9f10e07653cbf257789b2d4a46822ff7d4a5cf709115a0582a3aef5a2d154c0150ee5837e2b9e12bc4d1c8eb1a0ea7390530f9ccc3d285ace0323da11612141da86566ef8a51e5c27abe114413a063994a067fe8677f8fe8555f176d1efdca1878c2e41e5213e460ce5ddf3a3e3f8dcc99f20bed09cb72ff709d5a98859e8a6e3b2b4fe6fdeabbe13dea916a18b0e054ae24d36c95e4e55ca16a1c6d8e9cf74bfcb9239b674c2c481bdda89e3f541fdf19249463dc2228f8a01828170fd5d0f6b9e390d1f85d8b8a48a065f297f32fcf05e75917131a88ce1008f9610d6026b5f825aeb4a9b74983de3b7cea4061f3ea5e57cd5a187f3276620ee6360a8bdb2bfc9e02e332287562eeb578080f7647f77934e44c927bac433b7d005a44c250b4831e212453ca057d2ce29b7b64da5240e56e7879b95bdd7f3d5615464c73ef07aca0393707f97d7df5ac4534b7ff8666d862592eb8aecd21b1eca9abd87d708373456c03048548bfd59b2c1bebd77e003cee7c3bd428720d7e379f83f397fc1d8b4bf32a7c89e3083d67ae70581b1734edaef2fe8034876f4e3d260664722f5e0f8b39a25322c88454c79aeaed8ffeeee03048553946cd338fdddec0624c4fb771925a1de7e349174a01498bafab911407f7fb48ecc1e269001a77e1b6b1a452c8e743a0ac4d8b7201af553227e90e5fab2c36d2bcd275ad744baea7b6ced532cfb2b287a1fae221967e5d17117e45b7a30f908547d9c88bfe1788eba7151aa698fcbe69ee66d31ca6454cc1cc70680423fbf876d2f23aecd516fd9c5f91991a05aa16c0af48ca1ef56ce92dd9f725855a5d2aa0b49415a82636688815209b2587b8d8aceabb0645bcef26e03df865452942c5fd18b4ed62eab4f5492137e8deee95166ee5b55446ef4722b982aad0f14e8508c70cf226c33a7b08b4926c38cfaa448e7d506607021d5f7139a6d80b79547f63a111d30b1dd36c24a9d8a79867b1c44e9a791db79b915f181d0fe008d9b98d7f63e96ad2b9a4a499df1a3a09cc3f57dee92398b31043a1749092971642779c53d99591aa2cdc1e0cd3df1f34fb08ceb79e1ed92a817b2ce9ee0bd6adee5764169ea9cae38249be855cece2650f9b33e188e2c364113c540a10ded6d4209de203c1746724f315afb64a21f3366039c2a0923e2c76191841f13e0e538bf761c3043f4fd1bf2c2ddba2f3b9a52322236d306cc929f6f45d9e3e780e5d18045a6c056b2896fe31b2bd496ba28eacf8535a6719c72e320a4586305a237378ce3d671edfbac334919d048d6f3d71b27da187cc10b07a702c7f7fbfc0b428c31131f373472c1d97b8eeb6fb59a7275b8ebec07278366a82e0b8ff88108146a7d5562df022c2fb2b35d330d31bb4fc0d8425bcb7fbedcc6310215324f1fa316ef77b22566f1dbaf7f15d79b7e902c1f515ddb14ea70c5e160ee466f8fa63ce0e153b4123f0e4ec1caa6f59ed4c2a4b8e1f80b1720e71f2e23d93933a35088e067cf7967cce5ac53c742ba445c0d28329ad17d192b01f0fe926926ae1de333042d19c60a56d64a3d9fa64c6f9b80cd3864baa244ab62a2203459a7af2b4720f5cc631b3e2884691b5f50be679e58d1903b10108d5f3d1fba3a4870f8f05dc1a92d0e44bc14a0bf20b072133128ffbbc8d7e784427ce2874d229fe7632576662f70cdacc2870b4c6229652e7f7c4e14f4e4ada0aa06df23253449815a739421c6c84d174cd9b3d13cd7d95ae48a9487a25867a7c8cd5e817321a7cf5ea65b685ed4c093e73b4fe049f9d8b2a17b76e32f1094bf9afa6c514cd0550cea36eb11e4b59953162608a176be96b1910d191fc35cfd989eb9d1e9c77be097766ed2c332547ad00156b7944ac86e23d62546f025a45d4c67fa0570dd57025a034d867e8c5a1496bbb2841b92cb544af4eb0fd783b5b90540ec4469f2545174ea4f58eaac1edbfc0b2f4711db44d042fd7dfa6e70ef7fa133cc54baaa2f259160758cc614991a304ca4a5af6feb9443d59a109027acca394edff76821b2359127120d387b3ff417c73679fe790fff59179ec0c89851a6a1b38f1aabbca7034915ff6220953a8b6df75c8f4f0641601d17149b7ff14cfdf488e84c96f2e12f3c6086c1cc13852ed994c47a91cb8df1f0a6517d769039ec3c55f343f7e311f0d3aeacbd0214422fcbf40dbb46cddabcc5c185a861c9cfa1a07b998cb1cf824e8e339a22839d18bedd9bcae9849d25aeeec931bd929b75b0454fbf337dc54cdda072f6c85ce09c5682b359d5b5f0f22e9ed9947aa5cfe93629812b77657c8112c4d99a27f0b8d769cb444f3b0634994aef48adf411cca529f31df24e7635b57e04e54d06dad53f69e76d1878a782edea69ed6d9dbf61e617335c4e95a442d8124261b8ce15be4172d59025293407c7ffa42da8e0469d35e138c22ad99a32d3b6ae845ebeb694fb6de5c937f8360a0d666be86ed1f35ba54a18cd347c49894fb1580e75d544ad0091b90929a86c4764f5616560428aa3fb097155774cc7b36a7554161cb7ade75de6afc46040a520483f7050fdc0b2e7c1e3dad1d330e17a175b173856a76e2916e7ed7a2e6bc989a8dd3319c721c4dc05c087abf94c5da544f40c95249a1c675c0898809fa07c769dff7e1ce8d9f86d745cf17c20ab218645ff19d4c4a55e5a683d4c4f8accee241233a4d2f2baeb4cb6700785163803811531c05e1b70276646752b49d487983ea3d854292b3e2b7e338cd1e2738956ff8548edb773eb2a1a767cd2e6e06a27709723072d718f52ca7746b3c1d48e1c89583beaf485938c657832ed680a3bb4de0315b32c7ecc2ea6149ca1b11ef2a3652f9ec6e07535e68c75d697bd72e4eb351d9386f31f06fdf0773adf990092c91f7cf61d737398bdc99812d1a7cf75c6d7b3c38cf2d6e550ff8eff993edf0bfc4c24925570b31d55ec732fdb3660233722db35732bd4d698ba270a70d5c6c45dabb8e53db9da93354a0bde554b258a17ea97349b5e129b2a5654995e8bc396838d6771ae2bd9ebed3b9d3f50fe386679fc420ac19f7d266f2efc09b8e6dc3b9b7173a1663ef57658040b930bd26f9ad6282f03faf21cae0c9c168bc5ea7c524ce51c444b4bf2881ec7d5b53f2ab72879492e2321823119ba14509ffefe5d45e6a9825cfca25561482934438a02fddac3b6d4488497e89760328f6b50e0b680706a5c07fb013359a26d0ffc0ab92ac675914f988c337d3497cca4a932e5521727c44760f43fc234c43e634cca04c33599911e2123c654ba35f3abd1d5fb8069a8998e6248eab18d794b6c73c8d03715160ab38f7bc341a678fb378cfc10b2aaad86d43443e8011983994be113997e330cc2a01a4a9efc653730547c34cc98ec3e815feb4bb715c083883c045dbecb68b7cccdd8c2abec8bd3af1e7711242f1ae1905859431746ec508615e983e651a5c4444ea6ba2d5fb9525dc4923f041ecc3f1a1c3b991f8c391668a5ae0c648af9c9eae59b603424ebf69224c6325fd6d9aebf4848f8e527907423519dee88cb4c6af8dc262eef5c40aefe993cc9a03b005bd8e795a79f0710fda7a7bab424674fbf1443b131263f5ed8d5fae0de7d4380c5fad93d4f001ea84e0d49768f124f7a87bfe7", 0x1000, 0x40000040, 0x1}, 0x33)

[ 2886.238490] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2886.252984] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:48:23 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2886.337823] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x4
[ 2886.342213] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2886.360192] FAULT_INJECTION: forcing a failure.
[ 2886.360192] name failslab, interval 1, probability 0, space 0, times 0
[ 2886.362674] CPU: 1 PID: 14820 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2886.364152] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2886.365896] Call Trace:
[ 2886.366457]  dump_stack+0x107/0x167
[ 2886.367230]  should_fail.cold+0x5/0xa
[ 2886.368047]  ? create_object.isra.0+0x3a/0xa20
[ 2886.369016]  should_failslab+0x5/0x20
[ 2886.369821]  kmem_cache_alloc+0x5b/0x310
[ 2886.370684]  create_object.isra.0+0x3a/0xa20
[ 2886.371611]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2886.372697]  kmem_cache_alloc_trace+0x151/0x320
[ 2886.373682]  ? io_tctx_exit_cb+0xf0/0xf0
[ 2886.374540]  percpu_ref_init+0xd8/0x3d0
[ 2886.375383]  io_uring_setup+0x47a/0x2980
[ 2886.376251]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2886.377281]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2886.378350]  ? wait_for_completion_io+0x270/0x270
[ 2886.379400]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2886.380518]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2886.381606]  do_syscall_64+0x33/0x40
[ 2886.382398]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2886.383479] RIP: 0033:0x7f2ccc8b5b19
[ 2886.384279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2886.387438] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x4
[ 2886.388213] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2886.388236] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2886.388247] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2886.388268] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2886.396599] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2886.398105] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2886.401273] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2886.432479] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2886.478355] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:48:24 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0xf0}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 2886.668364] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2886.722230] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:48:39 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x1c2}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:48:39 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:39 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:39 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6f010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:39 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 12)

13:48:39 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x72}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:48:39 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0xd1, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:39 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000680)={<r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r3, 0x0, &(0x7f00000003c0)}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x300000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x9, 0x0, 0x6, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40604}, 0x0, 0x0, 0xffffffffffffffff, 0xa)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 2902.176368] FAULT_INJECTION: forcing a failure.
[ 2902.176368] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2902.178252] CPU: 0 PID: 14863 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2902.179263] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2902.180591] Call Trace:
[ 2902.181028]  dump_stack+0x107/0x167
[ 2902.181579]  should_fail.cold+0x5/0xa
[ 2902.182158]  __alloc_pages_nodemask+0x182/0x600
[ 2902.182866]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 2902.183780]  ? cap_capable+0x1cd/0x230
[ 2902.184386]  alloc_pages_current+0x187/0x280
[ 2902.185056]  __get_free_pages+0xc/0xa0
[ 2902.185647]  io_uring_setup+0xe27/0x2980
[ 2902.186267]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2902.187035]  ? wait_for_completion_io+0x270/0x270
[ 2902.187781]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2902.188587]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2902.189364]  do_syscall_64+0x33/0x40
[ 2902.189928]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2902.190703] RIP: 0033:0x7f2ccc8b5b19
[ 2902.191261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2902.194093] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2902.195392] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2902.196552] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2902.197662] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2902.198730] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2902.199796] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2902.238513] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2902.246100] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2902.247958] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:48:39 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 13)

[ 2902.262136] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2902.275371] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2902.288909] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:48:39 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:40 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x74000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:40 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0xdd, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2902.438466] FAULT_INJECTION: forcing a failure.
[ 2902.438466] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2902.441291] CPU: 0 PID: 14889 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2902.442832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2902.444594] Call Trace:
[ 2902.445149]  dump_stack+0x107/0x167
[ 2902.445916]  should_fail.cold+0x5/0xa
[ 2902.446726]  __alloc_pages_nodemask+0x182/0x600
[ 2902.447712]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 2902.449005]  ? cap_capable+0x1cd/0x230
[ 2902.449841]  alloc_pages_current+0x187/0x280
[ 2902.450784]  __get_free_pages+0xc/0xa0
[ 2902.451616]  io_uring_setup+0xf9a/0x2980
[ 2902.452488]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2902.453562]  ? wait_for_completion_io+0x270/0x270
[ 2902.454606]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2902.455728]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2902.456826]  do_syscall_64+0x33/0x40
[ 2902.457618]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2902.458684] RIP: 0033:0x7f2ccc8b5b19
[ 2902.459467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2902.463323] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2902.464936] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2902.466429] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2902.467937] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2902.469442] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2902.470930] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2902.634937] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2902.644383] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2902.651506] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2902.663786] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:48:54 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7a000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:54 executing program 4:
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000a00), 0xffffffffffffffff)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)

13:48:54 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:54 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x300}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:48:54 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x73}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:48:54 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 14)

13:48:54 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:54 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0xec, 0xfe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2916.878489] FAULT_INJECTION: forcing a failure.
[ 2916.878489] name failslab, interval 1, probability 0, space 0, times 0
[ 2916.881073] CPU: 0 PID: 14914 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2916.882591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2916.884363] Call Trace:
[ 2916.884928]  dump_stack+0x107/0x167
[ 2916.885701]  should_fail.cold+0x5/0xa
[ 2916.886514]  ? io_rsrc_node_switch_start.part.0+0x43/0x250
[ 2916.887699]  should_failslab+0x5/0x20
[ 2916.888519]  kmem_cache_alloc_trace+0x55/0x320
[ 2916.889486]  io_rsrc_node_switch_start.part.0+0x43/0x250
[ 2916.890632]  io_uring_setup+0x14f6/0x2980
[ 2916.891515]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2916.892625]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2916.893737]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2916.894833]  do_syscall_64+0x33/0x40
[ 2916.895626]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2916.896717] RIP: 0033:0x7f2ccc8b5b19
[ 2916.897498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2916.901424] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2916.903031] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2916.904545] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2916.906057] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2916.907561] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2916.909080] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:48:54 executing program 4:
openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x561601, 0x0)

[ 2916.929964] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2916.937468] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2916.957512] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2916.960729] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2916.964437] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x14
[ 2917.003741] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2917.027277] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x14
[ 2917.038998] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:48:54 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 15)

13:48:54 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x74}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:48:54 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7f510100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:54 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:54 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:54 executing program 4:
perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000040)={@link_local={0xbb, 0x80, 0xc2, 0x4, 0x1c}, @local, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @random="64e7d326c1e3", @private=0xa010102, @multicast, @remote}}}}, 0x0)
syz_emit_ethernet(0x4c7, &(0x7f0000000540)={@broadcast, @remote, @val={@val={0x9100, 0x2, 0x0, 0x1}, {0x8100, 0x0, 0x0, 0x4}}, {@mpls_mc={0x8848, {[{0x3, 0x0, 0x1}, {0x7, 0x0, 0x1}, {0xfffff, 0x0, 0x1}, {0x1, 0x0, 0x1}, {0x5}, {0x20, 0x0, 0x1}, {0xffff7}, {0x20}, {0x1, 0x0, 0x1}], @ipv6=@gre_packet={0x1, 0x6, "e0945b", 0x465, 0x2f, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @multicast1}, {[@hopopts={0x2c, 0x2, '\x00', [@ra={0x5, 0x2, 0x365}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x65c5}, @pad1, @padn={0x1, 0x1, [0x0]}]}, @srh={0x2, 0x8, 0x4, 0x4, 0x20, 0xc, 0xdc3, [@local, @local, @empty, @ipv4={'\x00', '\xff\xff', @multicast2}]}, @hopopts={0x5c, 0x3, '\x00', [@hao={0xc9, 0x10, @mcast1}, @jumbo={0xc2, 0x4, 0xff}]}, @srh={0x33, 0x12, 0x4, 0x9, 0x0, 0x40, 0xff, [@empty, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev={0xfe, 0x80, '\x00', 0x35}, @dev={0xfe, 0x80, '\x00', 0x10}, @dev={0xfe, 0x80, '\x00', 0x27}, @mcast1, @empty, @empty, @remote]}, @routing={0x87, 0x6, 0x0, 0x9, 0x0, [@private2={0xfc, 0x2, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @local]}, @dstopts={0x21, 0x1, '\x00', [@enc_lim, @pad1, @jumbo={0xc2, 0x4, 0x1}]}, @fragment={0x8, 0x0, 0x5, 0x1, 0x0, 0x1c, 0x67}], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x880b, 0xf7, 0x2, [0xfff, 0xbf5], "a3b8e60616beec397afbd1302269596afc96c5c994d695e695e1f7d62ab510f368c345359e76fe5a4da66fc4ec25f86ec18d2d3574f6283046b891cc259d48d91c8d957b46d7686ea4b90d6b51d64eac9d61bccb9ff52245832edf69a34d0d2f014be0a46ae006be7c4e92fc47f44df13b774dcb2d9f556d1882220c3a1e1b2f9bf559e6ec6e9c1815db75228e06d379bf3c9894501b28c56667ec376d860ede6769e42984d998a35edfcf51626ca525b3016d84a28535069c91ae49c3c6418013dafd739a777aab8932d4236cf6cbc259cb9e2d2dfee2e397b7b8c6483f85f32c618092eafc6cd23885942b65f0e5b35facb511bf0add"}, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800, [0x3ad, 0x7ff], "dbadffe0ebb178bf198827dfe851d51d7bfb0c51d0d8faa9e9678c743907d596c0aebfba4e058dca7084b48cf74b16ebb5ec666d91c8c9ee87877b4c7e0da1af378f9c2224b05548589d0f1d69275e536a5871bbad03403e9d1169d36170fed5af883472b094191d74f7951ff7c8f759a61160be217aec9b5b6d5b630a059aa9cec5267bdcac79bdeacfdcb7561a313801d7c9e253096d51766a3d8b4dce94bfcf8e5cb7b5bc5558555fa470c6730156d9f99d9bda8aabfe9f2e078d828332d98c5a24"}, {0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x86dd, [0x8, 0xff, 0x2], "4be23ee1f99f16610e70fb73dfa0580f34d388816d1fecd0a2d2df042804542ad50297887056f0dac0215cf21b93015206dea6555f38880e2f83bac26b0bce49783b1b63a8e905baab4656dc911e594c14c7ca0cb81f908076c1c6b170da99896c81d58e9d3939b8889c8067b2067b8eadeb0d2132e6b250bd404b408227cba16b0384d2b0dfd2bcbda44574745a6b1f55a64aa96b8b48270fb0eb7237fe07fa977930d6b433cb78a953b73917fdca894ada79b56ed1da9b9e60176a"}, {0x8, 0x88be, 0x2, {{0x3, 0x1, 0x7, 0x1, 0x1, 0x2, 0x6, 0x3}}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0xfa, 0x2, 0x1}, 0x2, {0x400, 0x2, 0x0, 0x9, 0x1, 0x0, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x3, "f02d22b2c6ab20a685495325d3453d1cd4c2b30edef316bd1afb5505c6bdd5e49266b6120a"}}}}}}}}, &(0x7f0000000080)={0x1, 0x3, [0xbdf, 0xcf5, 0x2a4, 0xa90]})
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_extract_tcp_res$synack(0x0, 0x1, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
getdents(r1, &(0x7f00000002c0)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
lseek(r0, 0x40e9, 0x1)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

13:48:54 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2d000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2917.133173] FAULT_INJECTION: forcing a failure.
[ 2917.133173] name failslab, interval 1, probability 0, space 0, times 0
[ 2917.135768] CPU: 0 PID: 14935 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2917.137306] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2917.139060] Call Trace:
[ 2917.139620]  dump_stack+0x107/0x167
[ 2917.140411]  should_fail.cold+0x5/0xa
[ 2917.141222]  ? create_object.isra.0+0x3a/0xa20
[ 2917.142184]  should_failslab+0x5/0x20
[ 2917.142991]  kmem_cache_alloc+0x5b/0x310
[ 2917.143848]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 2917.145121]  create_object.isra.0+0x3a/0xa20
[ 2917.146049]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2917.147134]  kmem_cache_alloc_trace+0x151/0x320
[ 2917.148135]  io_rsrc_node_switch_start.part.0+0x43/0x250
[ 2917.149296]  io_uring_setup+0x14f6/0x2980
[ 2917.150179]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2917.151251]  ? wait_for_completion_io+0x270/0x270
[ 2917.152309]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2917.153424]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2917.154510]  do_syscall_64+0x33/0x40
[ 2917.155302]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2917.156380] RIP: 0033:0x7f2ccc8b5b19
[ 2917.157162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2917.161045] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2917.162651] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2917.164151] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2917.165656] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2917.167158] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2917.168658] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2917.275146] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2d000
13:48:54 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x500}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:48:54 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 16)

[ 2917.285512] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2d000
[ 2917.314520] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2917.318988] FAULT_INJECTION: forcing a failure.
[ 2917.318988] name failslab, interval 1, probability 0, space 0, times 0
[ 2917.320379] CPU: 1 PID: 14958 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2917.321158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2917.322094] Call Trace:
[ 2917.322394]  dump_stack+0x107/0x167
[ 2917.322810]  should_fail.cold+0x5/0xa
[ 2917.323246]  ? create_object.isra.0+0x3a/0xa20
[ 2917.323773]  should_failslab+0x5/0x20
[ 2917.324211]  kmem_cache_alloc+0x5b/0x310
[ 2917.324674]  create_object.isra.0+0x3a/0xa20
[ 2917.325182]  kmemleak_alloc_percpu+0xa0/0x100
[ 2917.325697]  pcpu_alloc+0x4e2/0x1240
[ 2917.326130]  ? io_async_queue_proc+0x80/0x80
[ 2917.326742]  percpu_ref_init+0x31/0x3d0
[ 2917.327219]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 2917.328039]  io_uring_setup+0x14f6/0x2980
[ 2917.328612]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2917.329202]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2917.329797]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2917.330382]  do_syscall_64+0x33/0x40
[ 2917.330805]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2917.331386] RIP: 0033:0x7f2ccc8b5b19
[ 2917.331814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2917.333914] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2917.334777] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2917.335589] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2917.336406] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2917.337215] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2917.338027] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2917.358908] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2917.377041] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:48:55 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:48:55 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x75}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:48:55 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 17)

[ 2917.425543] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2917.544095] FAULT_INJECTION: forcing a failure.
[ 2917.544095] name failslab, interval 1, probability 0, space 0, times 0
[ 2917.545800] CPU: 1 PID: 14982 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2917.546673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2917.547655] Call Trace:
[ 2917.548082]  dump_stack+0x107/0x167
[ 2917.548502]  should_fail.cold+0x5/0xa
[ 2917.549029]  ? create_object.isra.0+0x3a/0xa20
[ 2917.549780]  should_failslab+0x5/0x20
[ 2917.550224]  kmem_cache_alloc+0x5b/0x310
[ 2917.550688]  create_object.isra.0+0x3a/0xa20
[ 2917.551196]  kmemleak_alloc_percpu+0xa0/0x100
[ 2917.551709]  pcpu_alloc+0x4e2/0x1240
[ 2917.552147]  ? io_async_queue_proc+0x80/0x80
[ 2917.552646]  percpu_ref_init+0x31/0x3d0
[ 2917.553254]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 2917.553984]  io_uring_setup+0x14f6/0x2980
[ 2917.554652]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2917.555222]  ? wait_for_completion_io+0x270/0x270
[ 2917.555782]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2917.556605]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2917.557290]  do_syscall_64+0x33/0x40
[ 2917.557868]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2917.558539] RIP: 0033:0x7f2ccc8b5b19
[ 2917.558961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2917.561463] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2917.562434] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2917.563248] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2917.564073] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2917.564924] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2917.565917] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2917.569143] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2917.572393] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:49:10 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 18)

13:49:10 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x88a61d00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:10 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x76}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:49:10 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001a80)='/proc/asound/seq/clients\x00', 0x0, 0x0)
fsetxattr$security_capability(r1, &(0x7f0000001ac0), &(0x7f0000001b00)=@v2={0x2000000, [{0x797, 0x9}, {0x1, 0x800}]}, 0x14, 0x0)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
fcntl$setlease(r0, 0x400, 0x1)
unshare(0x28020600)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r2, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r2, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r2, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r2, &(0x7f00000002c0)=ANY=[], 0x10)
openat(r2, &(0x7f0000000080)='./file0\x00', 0x20000, 0x102)
semget$private(0x0, 0x6, 0x0)
r3 = semget(0x1, 0x0, 0x11)
semop(r3, &(0x7f00000000c0)=[{0x0, 0x0, 0x1000}, {0x0, 0x8}], 0x2)
getdents64(r0, &(0x7f0000000040)=""/46, 0x2e)
unshare(0x48020200)

13:49:10 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:10 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:10 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x600}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:49:10 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2932.508025] FAULT_INJECTION: forcing a failure.
[ 2932.508025] name failslab, interval 1, probability 0, space 0, times 0
[ 2932.511831] CPU: 1 PID: 14996 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2932.513738] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2932.515965] Call Trace:
[ 2932.516715]  dump_stack+0x107/0x167
[ 2932.517730]  should_fail.cold+0x5/0xa
[ 2932.518791]  ? percpu_ref_init+0xd8/0x3d0
[ 2932.520092]  should_failslab+0x5/0x20
[ 2932.521152]  kmem_cache_alloc_trace+0x55/0x320
[ 2932.522703]  ? io_async_queue_proc+0x80/0x80
[ 2932.523910]  percpu_ref_init+0xd8/0x3d0
[ 2932.525151]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 2932.526826]  io_uring_setup+0x14f6/0x2980
[ 2932.528051]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2932.529490]  ? wait_for_completion_io+0x270/0x270
[ 2932.531023]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2932.532582]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2932.534121]  do_syscall_64+0x33/0x40
[ 2932.535369]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2932.536725] RIP: 0033:0x7f2ccc8b5b19
[ 2932.537729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2932.543090] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2932.545229] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2932.547189] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2932.549160] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2932.551229] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2932.553379] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2932.599147] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2932.608274] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x4
[ 2932.625184] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2932.635793] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2932.667037] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:49:10 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 19)

[ 2932.682483] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2932.688511] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x4
[ 2932.711308] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:49:10 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:10 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:10 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x8cffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2932.889364] FAULT_INJECTION: forcing a failure.
[ 2932.889364] name failslab, interval 1, probability 0, space 0, times 0
[ 2932.892321] CPU: 1 PID: 15027 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2932.893783] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2932.895530] Call Trace:
[ 2932.896104]  dump_stack+0x107/0x167
[ 2932.896939]  should_fail.cold+0x5/0xa
[ 2932.897936]  ? create_object.isra.0+0x3a/0xa20
[ 2932.898905]  should_failslab+0x5/0x20
[ 2932.899712]  kmem_cache_alloc+0x5b/0x310
[ 2932.900590]  create_object.isra.0+0x3a/0xa20
[ 2932.901518]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2932.902601]  kmem_cache_alloc_trace+0x151/0x320
[ 2932.903591]  ? io_async_queue_proc+0x80/0x80
[ 2932.904534]  percpu_ref_init+0xd8/0x3d0
[ 2932.905382]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 2932.906528]  io_uring_setup+0x14f6/0x2980
[ 2932.907413]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2932.908497]  ? wait_for_completion_io+0x270/0x270
[ 2932.909539]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2932.910653]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2932.911749]  do_syscall_64+0x33/0x40
[ 2932.912552]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2932.913641] RIP: 0033:0x7f2ccc8b5b19
[ 2932.914579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2932.919096] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2932.920899] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2932.922744] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2932.924474] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2932.926245] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2932.928154] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2933.001433] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2933.052245] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2933.236446] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2933.256214] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:49:23 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xd1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:23 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x700}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:49:23 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 20)

13:49:23 executing program 4:
r0 = gettid()
perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x894ac, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x1f012, r2, 0x0)
ioctl$FIDEDUPERANGE(r1, 0xc0189436, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r2, 0xf501, 0x0)

13:49:23 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:23 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x77}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:49:23 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:23 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2946.111522] FAULT_INJECTION: forcing a failure.
[ 2946.111522] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2946.114242] CPU: 0 PID: 15053 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2946.115785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2946.117594] Call Trace:
[ 2946.118158]  dump_stack+0x107/0x167
[ 2946.118939]  should_fail.cold+0x5/0xa
[ 2946.119748]  _copy_to_user+0x2e/0x180
[ 2946.120618]  io_uring_setup+0x11b5/0x2980
[ 2946.121503]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2946.122570]  ? wait_for_completion_io+0x270/0x270
[ 2946.123650]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2946.124772]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2946.125861]  do_syscall_64+0x33/0x40
[ 2946.126648]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2946.127770] RIP: 0033:0x7f2ccc8b5b19
[ 2946.128564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2946.132508] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2946.134113] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2946.135662] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2946.137191] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2946.138694] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2946.140256] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:49:23 executing program 4:
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x6, 0x0, 0x0, 0x0)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@nodevmap}, {@access_uid={'access', 0x3d, 0xee00}}, {@access_user}]}})

[ 2946.192091] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2946.206203] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2946.213457] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2946.225839] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2946.240463] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2946.251390] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:49:23 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x900}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:49:23 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:23 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 21)

13:49:24 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:24 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:24 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:24 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0xb6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x1, @perf_config_ext, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f00000001c0)='memory.pressure\x00', 0x2, 0x0)
dup3(0xffffffffffffffff, r1, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000009c0)=ANY=[@ANYBLOB="98000000200039040000000000000000020000000dc0c23671f1a964651e4d52c3dc9432e6af519d60c901a7ea83dc6adbbf7c23348ed7953cc124f0f2e2f1324bf1187b4e1f5a7bf5116e03f38056144e579e46004fbfb9ae80572129d57aa41a4c792b56978ebd2e72f57ca14145d7bcd879afed4e97abd691d56cf2d815f272170c00110000000000000000007e7bd51e163e9c2394948632056b9357f234b64631cba457c59e6d0eae9098c89e3c7aa8b1cbc03bd674263161cff69945516e14595dfad881c353d7fb9bbdc2fb19f3306b4f29f5ac8dddb9186aa055b9a9547a834f1d619073f3ccf4b3acda5d78a8cff254a2de72f20938d689ca4044e9b0a30200278183e00f05d56ee58c70cc78d1fe11e55c898d61e09dd9cc4bde7d952f33df697d06ffd93de78dd12ff6fabb99fb6b42eb449d317ff0f62c982878d984496c08a7a672102affbb245b18bb390e66298d7220110693dd4d00d4a7b9a75298857b75fa243b23c8cf9643bb00000000005fcbe43f062951cd61eb7fd89947c9213bca5dc0b89a2e850f5d484e58951dd7d1e27236dc52ce2c5ad9c73e0a61402200800000604d7981f0c5d28db9d69e06008070a1c8a29ab4b046f86a311abcd1aedb3726442528292ebb13fb2e320499e3d0ed0f624e2d941077db1120084174ca637e1c74bddecf39ecb482a0e075210ffa8c8a3f5cdf7889058aba7fbf979e986c22e25e82884240d5dc6aaab10fe2ee4df09527c6d9c18ef983eb5ffb44cdf9e7f785eb60881ee6632f2783fc485616db255f9b8730aff47c8629f4bf50f73351c37855a123b500000000000000000000000000000000000002b83d336e55f4c214f56b2b01e10579d60a0122e781fa9821494bb6fb67d674675ebc88acf6bc120de735697551dbdfcd09144cb808e2894ea0c725a8e2df9d4b9240ff8db34666655e188d53287319ff78d97ee2c9d6dd73f02761e7df9d4900000000"], 0x98}}, 0x0)
close_range(r2, r0, 0x0)
perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = add_key$keyring(0x0, &(0x7f0000000400)={'syz', 0x2}, 0x0, 0x0, 0x0)
r4 = syz_open_dev$mouse(&(0x7f0000000140), 0xfff, 0x2a4000)
fchdir(r4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_SEND={0x1a, 0x3, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000540)="e4e2da2e9cce1cfe7f63a934aaceb53ca534e0dff5f89db497096d2174e423cf14891c83d9d7ab36af8d2a4433d771f1d0b755e61c2edaf241d6b75e1750ffabeef6b4b373308482f2fab7d3573c7a3c0205f329e0caf58dce8b39df880f2b8ab8bc8508fb85c17ef50c8c553ef87d2ff05c9ecae5ce5269ee4fb529fab962d420e215a9242e3037fa58d61c20bfee97b1e45c575f8b45a500c5dfbf23b169e54dea5b572056bb473c79c43be0bbeb999c837b6a7013a0898c323dc93f064d4ba03eea2e96ea46acd0231e1195718da4e2f2a5d1b2e42333cdf9d9a70627b27dcb86c5839d29", 0xe6, 0x20008810}, 0x9)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000002140)={{}, 0x0, 0x2, @inherit={0x58, &(0x7f0000000440)=ANY=[@ANYBLOB="010000000000000002000000000000000000000000000000cd00000000000000020100000000800000000000000000006a0000000000f50005000000000000002000000000000000664f00000000000000000000004000002c27f34cf9bf48ed9a485647660eaa1b9413169201a8230b88236dd48225c5ce2445f11e92634cb037369f2dc5fbeefd3da6d31fc302fdea81617b09a12085a452bc530b579416c49fc7d8683656d69e0f984ce8aa50f1"]}, @name="513d788e28b037d24c6242b083c393ba19fb6fdc1d2ea3ce2478a03f13701be1cfebb972470f68f8b99d8db778b7593be4c1c0885a6c232af809b2a62cadf131e0a4dc79f77636a1fb8921a8143053075551aaf8eea78187934829f99c7cbb07f2fdd3119f3a053049c25fc49c0240964982ab31b54acb2558b565a23fe2b3fcc2b6b1550f619fd291256e5d694e312b12db927885bedee4dcabd0da311770c83236dcf39e2190c0b875ced936ec3d8cb40112e4fdada8efb8d1f1d22f8a2145c5710477ea8ee57c7d12d16ad28858624b5fc7433eb46d0e8eff76ff5325d5c430c3df3e542983e2a9ca9cbebb485effe17d896002e4c720b63ddc4ea32c66e8f6f4f95e636960f8044025bfb1e6178aee701fcc37f468b7ee979abaff2e4745e36a95529c43ef89d8bada823b44e27cc1c7e9f77248ec0351ef5efe35bd37af7d4d29fdbd3922214d59bbc6bb2da3f9d0aa79f09ce9f3a7c17bc971fadfd02f5b46fd1da9ee349b6ecf444e4cd8d1c3b14bb70e4083d18d0f0895f09da79a86fe0027f32dddc010e9e074d33fa21745ea0f0d6eb0fb90b23bde6065568aad21f2bc7f4c037db8883356afaf1c81d6397086cb5d0b28adac9f4d8d2273d3ece3cccfaf464b767414607f1b348f8677716f4924ab19998576e6e74beb47f41fa0dd0271654530b479ebba6d8875a8584c9be243ac5bc019288223cc5c6f35d4b228d11b9b0efcfb405aa828c793dd50c866e8d652164603d46cd09572a078c4ffd330814ba34d2517f6e644118a856c1e972cea71a676439fd817d5128c58d0a6153deee61483d63a01cb5f4ca64b9880f8614d41a137830341054fe3c5f420f5374839a1a0d3bc400a032c4c358e99ea2bcb221a4c4dbd59130e0f57bf67baa0ae6abeff1ea97b8a2b9cbf0da8f6e37f47be88825f5108b81a9c86a18030d3f7eac78905e5e69d8b3c5c867595aa9202739cb46df384044cd15c4f4b2bd789c83643976a981058f66ffe112a24b46a366578006490179ccdcac6215a1743833928219f330db86c169c5544b439781f327b707af62323149024bc949f9fe5718b8377d5e2ceec80d19d50fd0249adc189b43bb51849b7ecb3114c7b5851b42315396b60c0e1fbc280e73d3b68faf9db0f5f9a74c000105cb4166ce6973660499de2766a3f9b2958ec6a75d6915aeb58b2249f9ef0cbdba48c78dd1903780d338e74f1bfb0ab012f874467c401cadd7f0e6556147195088aaad7a4be2c7b7cd37d55c11dbe5e3cd69514ee904b9ca1e37c67986231480aadcd7a899bf4cbdfa560cc70bc46bb82735612d5ff01ce242aa4a263b725eed88d5f0605cd815466daed4870ba5e5b281f721b15aa9b24fc9b3a13ee52d8ed699e68ff04efafd1bf3a69368d6b2e41512785ae3e9960fc2e886d4835904f2f9d6ba7f4fcba9b3fe79a12eefabd7e74dcac47e7d46bb121751fe1114ed5e00a7b98201e2b7271d635908e586381018fbecb4d322c800bdfc826925f5e167a5a6672a9683229825c199ab812d000b9f0b489486e84f45c408face57f2522c5ffb451da0f36d245c62f9e81833f3bacedc61bff35a0a5ade0c8d59a774a44d6f7afd69b58dada65798edc533fe7a1b7bfbb1f80911cb648b1e89a6aa93f32c435a1dbaeade9011da36c48f9ba557f76b51e44ae99d9d54240635f9ec21ab25e7d3e86b55b61b92836ee1961ecdb0558f9aa1997633252030fee5005b86b8a06ab188233812b6d6a03df9d49a5d1ed708269f4c905bf1297a5b43e8127bf0fca7f4909422234df1a90d0267235d23a7636cc28a8037b724f46d2e90daea368b00278287da436209788aa3d5625a9b96df16372081f30569725416bf60659c812182b8b95135487974e62024eb4ff912432c67d0efeade763fb7c4c15298dc623dc0545ae0403239442b11a305d5408f0b28085ef2b0d391bf388b952bc39588463da792d4bb1f9f66103de0f05d70b25d1ba2fbed99342d45f549e3beeb3a7a1c81b7035ed78b3eda8fb857ce0137ecded8d8e4624837a5c09fc1e6c9958464a5159abbc8cb3dd4e4f74f1d49082cb5e60acc6ca1c20628305b5fd7fb7014c9b608355f13c215ecd7fe26ba6c6d62ae84381ae96211276090ce75b04e20702357b2f376e52a0b4dd764b140bf2e405ca4df29f1c178476ae3fbb74c8d6edf7294fc32b2faed1fcc6b520bf327d6901c3d921eb44924fd2459423e551447781a7d78fcb710c0fdf27575faaa2837188096340b13ad4adb583c6d6d04b84444fc1c19e6d720ab848274a958e3a10e60b3bff884d2c8370b4440961922b7e3235126b4ba1a41a9e7e1051831712b63e3ae7432f27ac5acbbcd9bf87963e6d1c51658c436397f103169eeef90db10cee6c98565264dfbae2d4f37c55e004a203d97e823e689e7cf6c8418ba77ea2acd50433116d58e15d3160bd17240e681fd558c20d37481ea5f686dc12e2093c6658b90b577f04e70df26a10b51a4c14e6f99a5f8a1f305b8022301a7654e0155a617eb854bfddd04828e2f440d6ead726a4438308d3a8fb7dd0adac9d581c60a4db45f0d3685b8f6100d40cb50626789e0870addc5c556c7000b9d524326d8b2332e80310cb58d0301ea785dc95e1d262933c07536d82d36eb4c84654ed49061dbfba858de94771ed7d088ef934a33ddd78970db32805f163a3083def47b7b7d5389f2675de53c1d47036a351bc7a1d6b7e515313cfc53b00c9630a3bc2d64a3dff40842c0a516145d966111b3a0f363ed311499d9b0168e2de7617a597853e59aaf48bfe072e94abb611bcca45fa3bdc045a680e8a9aa4925728c1c1f53414402afb297d3cf522b2e7cbe531b11ef7ef0efa8127c7b5f25fc0df120b3b972d2865c788ed186554defa7e391795c07a6da1accf11ff7c69832577326832ab7b59f103a330cf9ec41be054b3629ad8d362f176a674285997b0c0ce53ee20adec4fc8f1b32f8bf2767ee609c5bc80374f9326676333473aab70e4fc1ed1f1a1d4b6685d89faf3899a58e5620701c8b51ff315e80949b918f542ea44bdafb96720a6df3c702f9e6d984035e89d61d498fc2f56df76b5414f60d0b4988d03fc5ffe8ef388b593c40999e9b5652ae10c0d5a8f8dc00123997c5c1a8d00b1a7a9751f1c490e11d2ebc784d99622807837c304708ebd60d79fac483329c6623fe157b17a17ec9d983637f46f4e30e7495734a2309190886ce0d4e625c886badf3e622ae55ca650d48ba670d434b45c68ec3f3a3001e349c756b6e24ba73c0ae195376c4f72d5bd3d6ae1da9ae3e38e57779aca50b1b410db79ee43bba2bd66966bd73e2c1bfdce26790f668a1ad0836e3b3593e6ea287bd260e67399ae007f199d9691b111debc23101882d453d93cf4bcc8c779faeb665da2ef076b059200601d295afb3906bb72a4487af617f6f9c4d5310529168d19cc840add98fa0b0dcfce60bb2e175aef420e11807f77397523e4cec291cbfbdc221698784eb2fbb9172b122b194a124eeb6a0b69d9221cfae64ae65397b357c13ad8dc2a28e2d412c730ef983c10b4333e2a6181b96acc181fbafec32fcb6aff6c5d7237d6d3596caa1fa271a27116bc92bd4119bf8cdaa1f5ee75a0fdf6a544ebd5f4894e4b4b5af3ee2a98e4248de251f5eb61985d630650dbd11471a9dbe348d70e7431c3a4a4838b8bdaf54cda314dd09ba02a8787ee17b463c64d269d2595db6b6f27692ddcbe05685df8ad72169437b5c56e18e71815da1804335ee1efbc9f7a9ba84b85426ea03721b87c9d1c35fb670ae8bfb9f59b38f08b4c72df7be4cb3cf83ac46be51a71c281ce1acabca4bffb89c4a2c0c88d061ef3e1967a8d377cba82657b950b66c4b8852aef55f6d0acb0f05db0bafc81cd4a064001545b0804604d541de0cbb34d6b8c33d4248660a7711d60117f35e65f2d1eee1b876a748d8b313552f7d0157fb88db6b880fec475f75bed3bfd3b78b77932ff627339560e195ba7c03e814a6a0d92ea0c08782fb359ce2070cbc492b6f29b27a2856582fd3e1e8b5fbfa3e8a78c4b2b5d4673197fcc7ec362aaeefcb82dbc6c86d4471222b7c169b041662d79df4823f37671b13c4c40a4dcc595c8fe3f995fdcf73a6c4b1a006caa23c8ad4d476777081b1e5a9d7a157e8bd9dcb9096b88d36d8c7895233f23ada5264f6172771da64a4006f4f332c6130b48d9204f04a86bf7969c1d8a339437c522da662398d005bf529d9e50ff8ed63eb88ac72f8b317f1656b299bfb41cf6efb11a1aab27454047bcc600507e56654b17a4a1e55394a3c0edf10b6b8509186c1e4e04471b5b36490bc979860d0aa96fc81bb4e3414a58b295a3145ded450ee9f415668ae3927d11b15ea46178f37ec4ba24cc31bda54641cd42500cde82b0f48293f5814e2fabdcd6c38fe37ef8885878df5de76abc17965db3d18bb7a2521cce550d9f29cf2d82436604533b774d44523655a21add3fc9386146a6c59a8bf036b884f29724beedbe482f57acb25dcfb173a47f61b81152eb64f56911acd8232f5d6844e460d4ad9fd94930c469aa34943e04c438c543436fd5e260635a3041e707de89adfd56de0d2ad4d250a1ad1fdd37b47e27cb2ee6af0f3d18eba7da5c80272bff5144ad1d328cae01ca9cdcafe54c530b3674b820c2a0923d49b91bd0303116636722af6d7d91b106f449acd834ac54233bfcf2b1d74346330872853f7a2edf6d696c3aaea96550c54d4bf6c8e676e2b0912493d26db96204afcc115e906e7237bef0796ac82eeac22a3e932f2969f222a03d4b33464a501a14b34a80288d5f1674217597942228c9e7a5de5057470d87d12932a0bc99741eafe3388cc69ca0623405e947416814a074e60b57b5c86e768ebec6435240456d7638121d739a1b31ca8d1658c605e4c2e8d40e83112c15960151e7a8f4b1fb01f12e1aeb9bc1b8e30c5cb8b9b420122ea10736f5d7af051e230cd94d187a75eed2bc4cd0e88b84fbe69fd34a040aacb82e6a32b3393930968724b23a96c8b0ed24774203fe46becb28ddbef826b694c5035dc463a951801b0bd219450a9a1ce49b2c0fceb39ad0ecf340bc454f759345c1deb13ec9415e6b9fe9839060422404e2443ba7e200220af6d16b50996e0ae15b141728033154c5cc61b1675cd4996fcb42aab17e2db10e7ed78657fdbfd05e25bd22129bdd71a161cdd40a3ba87f160ff58ed365bed2f0194f3ae4ff60fbed122da8f3b092cd5e077a47b78a9274f22225da8eeaaa4abda63a9b9c06e223c365ff908afcd18185eee123730b98909b643af1ddd81fcb3f662ed32a0ef90537793f726c22f063d2c14c25f11bfbc7d8c82cf86dae5ba29d42e2fa979548d222a12f8cfe448c0ae5b4f7f1beaffa73be64068d6211a17e14f75bd15214e0f87456ceacd641020af7906c202ece081788da2e1861b12770df6c6c86484bec056718f8b722276c548d8e7fec9b3b3265f441afb04d07b61d0e43eea1bef320f4360b587eaef12df12bab549a76e548591994bbe87bcf2ef80edb8db9771bdf5ed250ec0b71885d9a43f3d9d1aafc9d417b4adb0d9b7b7d708b6ecd6105be744a476f6314ad21a89e6265aaba238c386123ca8c4f81e510e574549e31b55504f8ddcdebfaf16de1e757fc3777b07fb8185ce7f5a76379b795346178404300"})
r5 = add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, r3)
r6 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
request_key(&(0x7f00000002c0)='id_legacy\x00', &(0x7f0000000340)={'syz', 0x2}, &(0x7f0000000380)='\x00', r5)
add_key(0x0, 0x0, 0x0, 0x11, r6)
add_key$keyring(&(0x7f0000000200), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r6)
unshare(0x48020200)

13:49:24 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x7a}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 2946.497473] FAULT_INJECTION: forcing a failure.
[ 2946.497473] name failslab, interval 1, probability 0, space 0, times 0
[ 2946.499841] CPU: 0 PID: 15086 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2946.501459] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2946.503217] Call Trace:
[ 2946.503782]  dump_stack+0x107/0x167
[ 2946.504563]  should_fail.cold+0x5/0xa
[ 2946.505370]  ? __d_alloc+0x2a/0x990
[ 2946.506142]  should_failslab+0x5/0x20
[ 2946.506943]  kmem_cache_alloc+0x5b/0x310
[ 2946.507808]  __d_alloc+0x2a/0x990
[ 2946.508550]  ? find_held_lock+0x2c/0x110
[ 2946.509408]  d_alloc_pseudo+0x19/0x70
[ 2946.510210]  alloc_file_pseudo+0xce/0x250
[ 2946.511082]  ? trace_hardirqs_on+0x5b/0x180
[ 2946.511987]  ? alloc_file+0x5a0/0x5a0
[ 2946.512813]  anon_inode_getfile+0xc8/0x1f0
[ 2946.513713]  io_uring_setup+0x138b/0x2980
[ 2946.514592]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2946.515659]  ? wait_for_completion_io+0x270/0x270
[ 2946.516700]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2946.517811]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2946.518902]  do_syscall_64+0x33/0x40
[ 2946.519688]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2946.520776] RIP: 0033:0x7f2ccc8b5b19
[ 2946.521556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2946.525472] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2946.527090] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2946.528605] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2946.530110] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2946.531629] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2946.533145] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2946.545950] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x14
[ 2946.556007] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x14
[ 2946.576100] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 2946.626409] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2946.642963] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2946.666105] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2946.676302] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2946.680616] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2946.720413] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2946.878004] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.4'.
13:49:39 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:39 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:39 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xf6ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:39 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:49:39 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 22)

13:49:39 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0xf00}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:49:39 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:39 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2961.600195] FAULT_INJECTION: forcing a failure.
[ 2961.600195] name failslab, interval 1, probability 0, space 0, times 0
[ 2961.602257] CPU: 1 PID: 15124 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2961.603498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2961.605012] Call Trace:
[ 2961.605497]  dump_stack+0x107/0x167
[ 2961.606157]  should_fail.cold+0x5/0xa
[ 2961.606842]  ? create_object.isra.0+0x3a/0xa20
[ 2961.607665]  should_failslab+0x5/0x20
[ 2961.608364]  kmem_cache_alloc+0x5b/0x310
[ 2961.609096]  create_object.isra.0+0x3a/0xa20
[ 2961.609878]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2961.610791]  kmem_cache_alloc+0x159/0x310
[ 2961.611546]  __d_alloc+0x2a/0x990
[ 2961.612177]  ? find_held_lock+0x2c/0x110
[ 2961.613144]  d_alloc_pseudo+0x19/0x70
[ 2961.613884]  alloc_file_pseudo+0xce/0x250
[ 2961.614616]  ? trace_hardirqs_on+0x5b/0x180
[ 2961.615516]  ? alloc_file+0x5a0/0x5a0
[ 2961.616300]  anon_inode_getfile+0xc8/0x1f0
[ 2961.617230]  io_uring_setup+0x138b/0x2980
[ 2961.617969]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2961.618864]  ? wait_for_completion_io+0x270/0x270
[ 2961.619856]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2961.620922]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2961.622014]  do_syscall_64+0x33/0x40
[ 2961.622679]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2961.623761] RIP: 0033:0x7f2ccc8b5b19
[ 2961.624553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2961.628280] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2961.629629] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2961.630877] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2961.632116] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2961.633363] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2961.634610] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2961.644405] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x26
[ 2961.659084] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 2961.667420] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2961.672914] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2961.683984] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2961.687960] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x26
[ 2961.698051] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2961.700731] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2961.713372] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2961.739826] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
13:49:39 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:39 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:39 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xfeffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:39 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0xc201}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:49:39 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x644e2, 0x0)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff})
r1 = timerfd_create(0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r2, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r2, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r2, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r2, &(0x7f00000002c0)=ANY=[], 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x1080440, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@mmap}, {@version_9p2000}], [{@appraise}, {@smackfsfloor={'smackfsfloor', 0x3d, '9p\x00'}}]}})

13:49:39 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:49:39 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:39 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 23)

[ 2961.878281] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2961.882146] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:49:39 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2962.037188] FAULT_INJECTION: forcing a failure.
[ 2962.037188] name failslab, interval 1, probability 0, space 0, times 0
[ 2962.038698] CPU: 1 PID: 15174 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2962.039621] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2962.040848] Call Trace:
[ 2962.041272]  dump_stack+0x107/0x167
[ 2962.041856]  should_fail.cold+0x5/0xa
[ 2962.042508]  ? __alloc_file+0x21/0x320
[ 2962.043028]  should_failslab+0x5/0x20
[ 2962.043529]  kmem_cache_alloc+0x5b/0x310
[ 2962.044074]  __alloc_file+0x21/0x320
[ 2962.044580]  alloc_empty_file+0x6d/0x170
[ 2962.045124]  alloc_file+0x5e/0x5a0
[ 2962.045592]  alloc_file_pseudo+0x16a/0x250
[ 2962.046151]  ? alloc_file+0x5a0/0x5a0
[ 2962.046658]  anon_inode_getfile+0xc8/0x1f0
[ 2962.047238]  io_uring_setup+0x138b/0x2980
[ 2962.047793]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2962.048486]  ? wait_for_completion_io+0x270/0x270
[ 2962.049151]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2962.049847]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2962.050532]  do_syscall_64+0x33/0x40
[ 2962.051035]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2962.051723] RIP: 0033:0x7f2ccc8b5b19
[ 2962.052224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2962.054825] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2962.055818] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2962.056769] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2962.057734] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2962.058894] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2962.059911] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2962.063373] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:49:39 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0xf000}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 2962.094228] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:49:39 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2d000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2962.115993] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2962.121336] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2962.130243] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:49:39 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2962.143317] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:49:39 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xffff8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:39 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x2}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:49:39 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 24)

[ 2962.269066] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2962.274958] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2962.289328] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2d000
[ 2962.299708] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2d000
[ 2962.387930] FAULT_INJECTION: forcing a failure.
[ 2962.387930] name failslab, interval 1, probability 0, space 0, times 0
[ 2962.389585] CPU: 1 PID: 15207 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2962.390379] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2962.391336] Call Trace:
[ 2962.391652]  dump_stack+0x107/0x167
[ 2962.392076]  should_fail.cold+0x5/0xa
[ 2962.392539]  ? create_object.isra.0+0x3a/0xa20
[ 2962.393073]  should_failslab+0x5/0x20
[ 2962.393516]  kmem_cache_alloc+0x5b/0x310
[ 2962.393988]  create_object.isra.0+0x3a/0xa20
[ 2962.394547]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2962.395255]  kmem_cache_alloc+0x159/0x310
[ 2962.395874]  __alloc_file+0x21/0x320
[ 2962.396389]  alloc_empty_file+0x6d/0x170
[ 2962.396858]  alloc_file+0x5e/0x5a0
[ 2962.397368]  alloc_file_pseudo+0x16a/0x250
[ 2962.397956]  ? alloc_file+0x5a0/0x5a0
[ 2962.398515]  anon_inode_getfile+0xc8/0x1f0
[ 2962.399039]  io_uring_setup+0x138b/0x2980
[ 2962.399516]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2962.400210]  ? wait_for_completion_io+0x270/0x270
[ 2962.400958]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2962.401632]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2962.402219]  do_syscall_64+0x33/0x40
[ 2962.402759]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2962.403452] RIP: 0033:0x7f2ccc8b5b19
[ 2962.403984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2962.406260] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2962.407356] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2962.408259] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2962.409090] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2962.409915] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2962.410744] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2962.425769] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2962.429186] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:49:55 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:55 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:55 executing program 4:
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180), 0xc}, 0x12a9, 0x0, 0x0, 0x5, 0x0, 0x800}, 0x0, 0x2, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x3)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/fib_trie\x00')
readv(r0, &(0x7f0000000140)=[{&(0x7f00000004c0)=""/4089, 0xff9}], 0x1)
mlock2(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3e4bed71894973fa)
mlock2(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_triestat\x00')
mlock2(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000ffa000/0x6000)=nil, 0x6000)
munlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="090000000000f3002e2f6682968e0b0c"])
ioctl$BTRFS_IOC_QUOTA_RESCAN(r0, 0x4040942c, &(0x7f0000000040)={0x0, 0x81, [0x2, 0xffffffffffff0b36, 0x0, 0xedc, 0x1, 0x40]})
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffe000/0x2000)=nil)
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0xc005, &(0x7f0000000080)=0x1000, 0x0, 0x2)
fsmount(0xffffffffffffffff, 0x1, 0x71)
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4000, 0x7, &(0x7f0000ffa000/0x4000)=nil)

13:49:55 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 25)

13:49:55 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0xffff}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:49:55 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x3}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:49:55 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xffffff7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:49:55 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2977.760888] FAULT_INJECTION: forcing a failure.
[ 2977.760888] name failslab, interval 1, probability 0, space 0, times 0
[ 2977.763512] CPU: 0 PID: 15227 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2977.765052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2977.766798] Call Trace:
[ 2977.767354]  dump_stack+0x107/0x167
[ 2977.768121]  should_fail.cold+0x5/0xa
[ 2977.768929]  ? create_object.isra.0+0x3a/0xa20
[ 2977.769889]  should_failslab+0x5/0x20
[ 2977.770695]  kmem_cache_alloc+0x5b/0x310
[ 2977.771559]  create_object.isra.0+0x3a/0xa20
[ 2977.772485]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2977.773545]  kmem_cache_alloc+0x159/0x310
[ 2977.774423]  __alloc_file+0x21/0x320
[ 2977.775199]  alloc_empty_file+0x6d/0x170
[ 2977.776048]  alloc_file+0x5e/0x5a0
[ 2977.776801]  alloc_file_pseudo+0x16a/0x250
[ 2977.777685]  ? alloc_file+0x5a0/0x5a0
[ 2977.778494]  anon_inode_getfile+0xc8/0x1f0
[ 2977.779393]  io_uring_setup+0x138b/0x2980
[ 2977.780271]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2977.781342]  ? wait_for_completion_io+0x270/0x270
[ 2977.782379]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2977.783475]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2977.784587]  do_syscall_64+0x33/0x40
[ 2977.785373]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2977.786446] RIP: 0033:0x7f2ccc8b5b19
[ 2977.787227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2977.791074] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2977.792678] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2977.794170] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2977.795659] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2977.797164] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2977.798679] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2977.825351] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2977.848537] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2977.867995] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2977.878227] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2977.884418] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2977.888207] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2977.895022] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2977.897821] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:49:55 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xffffff8c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2978.151314] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2978.167299] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:50:12 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:12 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xfffffff5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:12 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x4}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:50:12 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x3, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:50:12 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:12 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:12 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 26)

[ 2995.031341] FAULT_INJECTION: forcing a failure.
[ 2995.031341] name failslab, interval 1, probability 0, space 0, times 0
[ 2995.034317] CPU: 1 PID: 15272 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2995.035832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2995.037644] Call Trace:
[ 2995.038385]  dump_stack+0x107/0x167
[ 2995.039293]  should_fail.cold+0x5/0xa
[ 2995.040124]  ? create_object.isra.0+0x3a/0xa20
[ 2995.041131]  should_failslab+0x5/0x20
[ 2995.041975]  kmem_cache_alloc+0x5b/0x310
[ 2995.042201] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2995.042861]  ? percpu_ref_put_many.constprop.0+0x4e/0x110
[ 2995.042885]  create_object.isra.0+0x3a/0xa20
[ 2995.042901]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2995.042925]  kmem_cache_alloc+0x159/0x310
[ 2995.042948]  security_file_alloc+0x34/0x170
[ 2995.042968]  __alloc_file+0xb7/0x320
[ 2995.042987]  alloc_empty_file+0x6d/0x170
[ 2995.043007]  alloc_file+0x5e/0x5a0
[ 2995.043028]  alloc_file_pseudo+0x16a/0x250
[ 2995.043044]  ? alloc_file+0x5a0/0x5a0
[ 2995.043077]  anon_inode_getfile+0xc8/0x1f0
[ 2995.043100]  io_uring_setup+0x138b/0x2980
[ 2995.043127]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2995.058057]  ? wait_for_completion_io+0x270/0x270
[ 2995.059401]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2995.060572]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2995.061685]  do_syscall_64+0x33/0x40
[ 2995.062490]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2995.063780] RIP: 0033:0x7f2ccc8b5b19
[ 2995.064722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2995.067713] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2995.068986] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2995.069008] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2995.069020] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2995.069031] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2995.069051] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2995.079624] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2995.094976] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2995.106559] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2995.117365] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2995.129121] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2995.146237] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:50:12 executing program 4:
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_io_uring_setup(0x37d6, &(0x7f00000002c0), &(0x7f0000400000/0xc00000)=nil, &(0x7f00009f1000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x4e0000, 0x0)
setsockopt$inet6_tcp_buf(r3, 0x6, 0x3e, &(0x7f0000000100)="a9d46f3ac9a34d420c3418651ce53e49498dbd6b115d9913", 0x18)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r5 = dup2(0xffffffffffffffff, r4)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r6, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r6, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r4, 0x40086602, &(0x7f0000000000)={0x0, 0x0, 0xfffffffb, 0x0, 0x60})
write$P9_RREADLINK(r6, &(0x7f00000002c0)=ANY=[], 0x10)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
ftruncate(r7, 0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r7, 0x0)
syz_io_uring_setup(0x4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000140))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x4, 0x0, r5, 0x80, &(0x7f0000000340)=@rc={0x1f, @none, 0x3f}}, 0x0)
syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140))
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 2995.165562] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2995.183974] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:50:12 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:12 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2995.245303] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
13:50:12 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xfffffff6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:13 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:13 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 27)

13:50:13 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x68, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:50:13 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x5}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 2995.408018] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2995.424984] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:50:13 executing program 4:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
flock(r0, 0x8)
r1 = syz_open_dev$sg(0x0, 0x0, 0x2001)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RTC_AIE_ON(r2, 0x7002)
request_key(&(0x7f0000000080)='rxrpc\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)='\x00', 0xfffffffffffffffc)
ioctl$BTRFS_IOC_RM_DEV(r1, 0x5000940b, &(0x7f00000004c0)={{r2}, "a91015570c2b1212fef93b65fe385e2d9b770b143a3711ffcc6c3bd6bd0beb2b2e178875fab4997fe62f46291447f18528de2ad12d74630a1ff601c550c74fe958fe1f41841a30a1e27b439db5f907f702c5686bc217e2f050e9f05c291ab7e555bda11f1a85612b892d2880ef5759786a118d3e436a17619c22e38390f7933ca6be7f3123b1af1509c23873c08d12e1a875a74ed37917af4deaca0ce8ee7ac2811ea232df2957c140e004ec648fcf1436890c1d89bb24c00495511dbfb831be5f9ae722d40d8ed5845ce160c7fd28478103ff65e167b8b5b978d519fe9160c194697ee0d92e40d873ffc656bfd9d4da1887cc216868bdbb6a49246f93417f0a3e41b3efdf75fd77e9076dbd9110b53eee892da9b170a097016dc1efa96517bc89094f573be024b7b3779b3e205929eba3b34402a79f3f4854334e9a3176cb5ee22cb90ff72d96d14f2900e8ccefc56d49bffef30c4e848e294d80d8aad90ab0744d9159de80f8e957a7e43cfc6d479324d2e254492f6c6b10a4fd522ce89be179d60131f8b675a81e88ce7395057a88d0aefa37f72df24f7ac1789287b0ada4e6d5554e9417b6592a92f594d6bf12df5b328afa43c69e84feae91d8d674334d6277df5611a2263dff6fcc9e3e91feb86f483ed7d2dd302cec4545dd63f3cb336867396e8fbfb9cc5335c8d5dee5af13a44ce6c7db71f9c5413a1d68736a0e1eb5f67a44c0eecd32ba247658df10d90bcb7ecfa58467d2e73b9bed926ac25ffe65bb4a0a5dc43c9c0decdbe1a6dd79a2c17c2003f4776acb73ba6cda0a5bedf119169a133a5ee2cba81e5a993287e5abb98af71a9cb811977e1134140a43856f7e5f170b1e1e61838765b27e110807a6278062cc90f080c455937ea247e89876abad48dc08e3af539a57ce119a1e6dc3c0a4a72ea55cc1949e204d1e3ae5eed287efef7e5227ced5cbbd5e2e8b8fa7b06a4f411766760707421aee1eae8da5679dfc51a47fa4f228b2262e803030ed9e5ef0b523c12903c360e3f25c95d1cea576ef7a628882f239ee24b8056a76d573a810b60ce7a76f07b71e42b1c459a83132477ec5f133323aa6462781f8427f44a8c2130300e5afd2c80b41351010ce38a6b2a0a4b2133c56441dfcb590930ae10164212c71157af515e305da72079e0e0b405dfa323450ddcb3a112cb4df360679e638027bf81a4d15cc8eeddab19123ec6d7ad7909a30fb9feccec524c08273f8ac08c97cbfb562f049545ce328c590b076d79eacb5a7343cf0d19efc70d33b2aefb0f07c482b0486e8f20087667d4ff07ab39e5b3c2e10be9f08190d0053379285e3fccdd6b6f8224b960908953f1cfefca81f985e5f5faf2756ea8cf621ca3a80509ad4ec0f02cdaf795b68cb1267745f21aeda36d1224b2e5688620f599e537126718f7bd26cfb67b73fb6181bbb49fe5e4a239e009999acb21870d6380364bc41c18b90b831e8371efdf62b8fe1bc871825a52722ae4294a97fc70fc83e81e48a7381e23f299b89fa5fa95cc672483ad3b1eb2be1cd2bddb9e4bf221b425af208386b2bf99118e8a38496c3feebfcf32bf8f1492bd4718b256dfeb3bd5da1bc12fe3e62816b978c7f388884bee72f42b6658eb85cc34fcc2afb395dca870dd17acc1616811aeea9cbdcfae962ed52c402eb4e5e14d323e18125876d1136dae79450576dd3ad21f3b3125d9270d196aa91021b2e5a3e5dd5caa7120f3c669c60c8380f1923b5f22dc99dd3246dcc77835d597e843fa95a9bc0147ad58fd30c1c8ec70b9bcb7042994c916d50e2e08e43ef78995d509d2a599642ce5ec8850a8a15c4c02ba543b487cb60a6153ed600b661c1667eb96a5817b74e2ee4caeed172abd94ea9ea829235f13f5195b43f2dfb4613f6731c2e4e538f65d67ed06f82ff47bb585a3299eb6d8f7d3d67544d89d9b7f96b9e65a0d73f6a9bc61508a6ad0ff62cdda01cf3dfb2c1367dccec640f4260c4127bb9c58993410fcb9365c04c506e277a08ae71a655a69d03d86cd6c76acbac0166f44c55ffd580bc30efdbd38bc77ee368ab29a0b1ce5cd61991fea455bf25ea88687299f0b9d8d3df06687d9f730dc1d1914a87b232aed0d7a0ecdc74ff75eeb74d5fa6c4cbc50ea66097bb2873d9a2a988c6924c9b487af7257f4dc0bae9033aac8a0f4ab35992c1887466723fbd4f4f5573e9c0639ed80d7ac681b2aaae23208b546b0b725756c7df7956505136ad76808619d173201a404c3e4df32085101fcb36b0e8bd534eaa3407b0546dd68ec8df17960593457df139196de1496a5959f4cb469d86ff54766ab80acb9b438a23d04ed7f63d61c756f7c42ec6359c53004f5e8889328945460a6d499ab6e1a651a5544f83f3ea6c9206aefa1f015a535cd5d94e5f3965c01e1bc6c8d0a337d8fbf70c35f8846c44ba1becceff84b8c80e3d1db5c51ecd0f947632bab653fd876cf4ffff1929415c92c735ab340401c51d94e116b2ad6c0c9a5eadbd5740158b6fd13c0871a0c6af7194b35bbd13c238b67caca7137122b68c2e0067e2101256d7e7cd7dc35d11ec02921f1ef7745beca98eb349b36875ad147316274aebbac846d57d8134a9457cc49457fcb3aacfbaec1fdb21dae6edf6aa13595adbba2c20dc900dd0fd7a2ba4318bc34ba0cd0633de6609712c4861a4467643a483a60a96fe9da85311fe2d15934c6a6f6b8c01c1438e28658f456b469144c936d9a083453e82e19379c8831ff98538698fadac54c380f4a8dee8c9683c0189ad42db5ab585f5c147dedd77cd156ca5a080ca0fd63e9bcf4ca0944a814c60c9fcc52b6159e4011dd077fc9c99fbf886751b7b667940317d934029f5d5c25214851a5b7e09748f3b36bc50b144787026188904417b80bc273cdef25df69f4c683e233cf72be4e01d5d766f483c478ad3552707fb9abf4981bd379c31f1f26b10be9105362c7df415657b62384c4d01508a26bfd97115a67b424dfab7ecdd5b4f806f8d4c7843b2b227bd2360e51b2a611915c5be66cc669f5884570dec2da5f1368b5d1c5689524fcad4ca206f1f0cf8f64f32c92a215308b3c56955f5f50ca3bbc0a1397742c9a8fad8af5fac93d092bc575fb0a3117533ca51cd172e5401368dd6653b7534da16fa3c2466bba2556f6af6ac34b3a9513b5fcdde32ed38cd76703bc35433a68c72c689025ca179108e8f31617e62a9428aa6020041e3a46941202bfc22b71f958000862b9587db704d338674afdbdf4dde9b6f2210d05f3f39f6bcc0dc3c738cf21fc04a3617128b1b67c2db0405680196e37c437fdcb27a4589a9258f678ebe499ae679f9c3b8271644c293cb54c15e0ac813e76ed3abfbbfa8cb3b4b494352aeede313a9288090b70d9432c503f5ef59c598e0daec141b92432a281c954d9ae463b595430f7f4cc4e9aae649c6e53d9b0332497835e3353342e109fa10009fd53d5c0be619894d0857668f5b26971deb83e0c6a60ac0ec2a6e7683808c331e4631457c7249b9174cd65add991adb3d4c42429dc8ac32e5faf2100042335152a44d5dfbf3c53aa33de1fc3d8597c1cef1010bf548ede642476830b5a7bde58bd6036f861f3a69ddd2d1cdd851e538133d5fe95094d189641d8f0ee12a34d0a094bc79e7f0253c05dfb9c0cb961ad743d892b40bcc8377dc88e1922435e90785d10ddf18dc7bd539ef60050f9ecf990c518ac3dc4ebb16cdac31a0419d3fe3fd95c718c52ce744d21348ac0db6cb056a8e8ce0400a4975e8ceda498b5da9e4124ccf35e11c2177e771b94b26c2dcdfce581c00e687357a900b56eee112c7bafaa317666b96c63634c05a01bb7a0fb67ce1233714f7c375d8cd78e4b3089fd84945a8a740abc2342205403435e94cf3d377ca8852699feeab4dd7347734236c2b07200d620de7b92adc4924da2b648659066ab7b3f0e9d1de5efd8335b4c7616ac8c9b16ba1dbbe79fe9ec7e059b832195627d187b5743b9f6aa937084d85bf4e0d7983500b3627f8cf133c4395d3860c00629aabd528f3b2751b7d15ff3ca64a09629410ad4594066cba421186df2b912cd40e20fc81e417591b5d27c7bd641a0dd8b558632a2b630033a64f1c7c8cc19804ea28958c277dc8cf0988492a58f78a4fd616571cd5904f90b64e91c5ab7af6c912b5bdce9bbc711adeda8e519a28683f95f9aa405c91d5cee9b936d426c5c2b6ffd53e42c1f6dc8c954c04be62656ac536e13d78542ce561aaa9b6fe8e320fdd88812dc0ddc666306851ca37e7d8372c60cc62e9ecb294f8bd7d3e1960082e3a6a8597f11ded6dbd521eea2b035b9663769ecd7937da35c58ddf5c4ce54ceda88f577562c7e9e77522476d8dd7784a9ba443d06f8c8875c587d12329c20b914f174cfc3d1c21ebe0147f76e6262b5a5e5d8e710fcb3094715802adc10b974b1457ddfe9387db6e9c70eacf6b6a02959b5a2e5b655eb7e827f4ae0cffd1a27af6294a29ed8e48f30f15d084ed1d207d12ecda4ed1910737899ba0a3216d308a3e5ba299cff85d72e2b5ec37994a7c87d5e2ef3093088b1c76297caa285decb22c1be3b4c00d09c3761087f819d1bb8cdb7c2bbc8214d53e89994c180a28f1f14a05412ab26022072fed07539b11db0245bea4a2a4a84f7fb1562b2da90640f43713e701dd79f80983dad045f814031f94a5014cce25de476f79cd2ea1a8e57fce776e62425205531978967e34952af594e93b19a984cd291caa0c9461614e43d3ee0ee2bf1ad960a93cbbf49054ca2c9eb22534b668f86a0fba3fe3fd402c9512114d7842ee2a2e17a70dca0e2bd361fd7ff9b9bc0c867a357dc9a20185c02967230fa29704c960202f4133cc4dde1cfe47358051e55e5c2f53aaa40bfa1e8218bec10241840622b49f9add496b76931f4f08e82ed56418b5f43bcb632b765095f6de7015aa61a7799df03a0f426ac568847f0de0240e3d69c62d0484db6ac0770411b8e3ffdda54811e2767002b240c8615d5dff43b0b3bd7d7ecdfe1507a415fa7c733e6119695d8ce47cc8d16f7f8930bd275e6f4fc6f23c10a56bbdd7ba1e69e3440dc4026adcbc7d8b900612aab5afb4e6b66f3767fec32f940c67a5087d1516fcf76feafe926d75437b3a987aa49f51f7cf72afd21d277bd55498830597244a1652a3d5b6bc2ea56be758d68f0bb0dec7af1d23efbcf70359b05b197cf154f45c81a5f4fc9c7dea57797acf5cceaaf47f2e1f7a8ee8f1536bf6d8df2d344a43739c72d13e71afc990ca36547ce0a62fd1ce7218787bb74c5be8e1b78bebfd4d9b70094400889fc3a73565c012abc35143cfcc93889b28aaef0bb2bd61eeb2ae6c9c29171d523a4b1a22a5597dac5152e349eb376740e8b404e3a18cf19c6bfa2c565db59368a9b518177b9ddd86042b0f7bc97d9092da360ddab4849b9b6de57e356832c5d77a352a77264ab2364a266558e3038b0329d488b481f85caff7da6747d97667540616caa5e869eac722b8bba446ee9c54bd9b1f4abc2fcf8e8ba02e71c77b33adee6c73e957b718aa9970183b30ea452f8a5c4613ccd7a4077a132119b4703d67537538eeda50ae652c6e9de14ecf10a7a9114cb8c7bea24adc8db399087f24cba3e5e3bfc1047ee0597ffadc95dce0f8b092c6d0f6cc668d2d1e72bff8a1302088815b87bc42b40ae5b60aa8f6847a7d5241c52cf68f2736bb66e848982db3b8dd5b763de9cebba82433ff52fb854770fcde56144028713b6d549467500deb06dbc5fe6f5a34ac"})
r3 = socket$inet(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000001780)={{0x2, 0x0, @remote}, {0x308}, 0xac1414fb, {0x2, 0x0, @broadcast}})
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='configfs\x00', 0x0, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
lseek(r4, 0x7, 0x1)
fallocate(r3, 0xd, 0xfffffffffffffffe, 0xb35a)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x5, &(0x7f0000000200)={0x5, &(0x7f0000000180)=[{0x976, 0x8, 0xe9, 0x3}, {0x7590, 0x3f, 0x2, 0x8}, {0x5, 0x1, 0x0, 0xbd}, {0x80, 0x1, 0x4, 0xffffffff}, {0x7, 0x80, 0x3, 0x1}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x5, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0x4e0}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='\a\x00acl,\x00'])

[ 2995.506066] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:50:13 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2995.568702] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2995.593006] FAULT_INJECTION: forcing a failure.
[ 2995.593006] name failslab, interval 1, probability 0, space 0, times 0
[ 2995.595439] CPU: 0 PID: 15307 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2995.596906] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2995.598652] Call Trace:
[ 2995.599211]  dump_stack+0x107/0x167
[ 2995.599989]  should_fail.cold+0x5/0xa
[ 2995.600801]  ? io_uring_alloc_task_context+0x99/0x6a0
[ 2995.601880]  should_failslab+0x5/0x20
[ 2995.602680]  kmem_cache_alloc_trace+0x55/0x320
[ 2995.603649]  io_uring_alloc_task_context+0x99/0x6a0
[ 2995.604702]  ? io_import_iovec+0x1120/0x1120
[ 2995.605614]  ? lock_downgrade+0x6d0/0x6d0
[ 2995.606467]  ? do_raw_spin_lock+0x121/0x260
[ 2995.607355]  ? rwlock_bug.part.0+0x90/0x90
[ 2995.608257]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2995.609283]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2995.610369]  ? alloc_fd+0x2e7/0x670
[ 2995.611131]  io_uring_setup+0x1fbb/0x2980
[ 2995.612001]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2995.613058]  ? wait_for_completion_io+0x270/0x270
[ 2995.614080]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2995.615170]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2995.616236]  do_syscall_64+0x33/0x40
[ 2995.617015]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2995.618077] RIP: 0033:0x7f2ccc8b5b19
[ 2995.618849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2995.622699] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2995.624294] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2995.625792] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2995.627281] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2995.628782] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2995.630261] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2995.657620] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2995.675812] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2995.699336] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2995.703457] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2995.732011] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2995.749878] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 2995.762429] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:50:13 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 28)

[ 2995.883852] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2995.995088] FAULT_INJECTION: forcing a failure.
[ 2995.995088] name failslab, interval 1, probability 0, space 0, times 0
[ 2995.997100] CPU: 0 PID: 15331 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 2995.998323] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2995.999775] Call Trace:
[ 2996.000235]  dump_stack+0x107/0x167
[ 2996.000888]  should_fail.cold+0x5/0xa
[ 2996.001568]  ? create_object.isra.0+0x3a/0xa20
[ 2996.002371]  should_failslab+0x5/0x20
[ 2996.003043]  kmem_cache_alloc+0x5b/0x310
[ 2996.003749]  create_object.isra.0+0x3a/0xa20
[ 2996.004526]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2996.005417]  kmem_cache_alloc_trace+0x151/0x320
[ 2996.006228]  io_uring_alloc_task_context+0x99/0x6a0
[ 2996.007093]  ? io_import_iovec+0x1120/0x1120
[ 2996.007856]  ? lock_downgrade+0x6d0/0x6d0
[ 2996.008584]  ? do_raw_spin_lock+0x121/0x260
[ 2996.009335]  ? rwlock_bug.part.0+0x90/0x90
[ 2996.010073]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2996.010912]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2996.011826]  ? alloc_fd+0x2e7/0x670
[ 2996.012472]  io_uring_setup+0x1fbb/0x2980
[ 2996.013199]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 2996.014076]  ? wait_for_completion_io+0x270/0x270
[ 2996.014927]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2996.015852]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2996.016761]  do_syscall_64+0x33/0x40
[ 2996.017414]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2996.018309] RIP: 0033:0x7f2ccc8b5b19
[ 2996.018953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2996.022115] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2996.023426] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 2996.024660] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 2996.025887] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 2996.027112] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 2996.028320] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 2996.036616] kauditd_printk_skb: 22 callbacks suppressed
[ 2996.036630] audit: type=1326 audit(1742651413.693:75): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15308 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6937860b19 code=0x7ffc0000
[ 2996.044467] audit: type=1326 audit(1742651413.694:76): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15308 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6937860b19 code=0x7ffc0000
[ 2996.057348] audit: type=1326 audit(1742651413.696:77): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15308 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f6937860b19 code=0x7ffc0000
[ 2996.061208] audit: type=1326 audit(1742651413.696:78): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15308 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6937860b19 code=0x7ffc0000
[ 2996.068184] audit: type=1326 audit(1742651413.696:79): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15308 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6937860b19 code=0x7ffc0000
[ 2996.072072] audit: type=1326 audit(1742651413.703:80): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15308 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6937860b19 code=0x7ffc0000
[ 2996.078335] audit: type=1326 audit(1742651413.703:81): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15308 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6937860b19 code=0x7ffc0000
[ 2996.088678] audit: type=1326 audit(1742651413.709:82): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15308 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6937860b19 code=0x7ffc0000
[ 2996.102654] audit: type=1326 audit(1742651413.713:84): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15308 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6937860b19 code=0x7ffc0000
[ 2996.108064] audit: type=1326 audit(1742651413.712:83): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=15308 comm="syz-executor.4" exe="/syz-executor.4" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7f6937860b19 code=0x7ffc0000
13:50:28 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 29)

13:50:28 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:28 executing program 4:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x288982, 0x0)
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
r1 = mq_open(&(0x7f0000000000)='\x00', 0x80, 0x20, &(0x7f0000000040)={0x4, 0x6, 0x6, 0x29})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f00000001c0))

13:50:28 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:28 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:28 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x6}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:50:28 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:28 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x69, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 3010.707345] FAULT_INJECTION: forcing a failure.
[ 3010.707345] name failslab, interval 1, probability 0, space 0, times 0
[ 3010.709789] CPU: 0 PID: 15346 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3010.711252] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3010.713022] Call Trace:
[ 3010.713583]  dump_stack+0x107/0x167
[ 3010.714377]  should_fail.cold+0x5/0xa
[ 3010.715188]  ? create_object.isra.0+0x3a/0xa20
[ 3010.716165]  should_failslab+0x5/0x20
[ 3010.716983]  kmem_cache_alloc+0x5b/0x310
[ 3010.717858]  create_object.isra.0+0x3a/0xa20
[ 3010.718801]  kmemleak_alloc_percpu+0xa0/0x100
[ 3010.719763]  pcpu_alloc+0x4e2/0x1240
[ 3010.720575]  __percpu_counter_init+0x10d/0x2d0
[ 3010.721550]  io_uring_alloc_task_context+0xcc/0x6a0
[ 3010.722613]  ? io_import_iovec+0x1120/0x1120
[ 3010.723562]  ? lock_downgrade+0x6d0/0x6d0
[ 3010.724450]  ? do_raw_spin_lock+0x121/0x260
[ 3010.725366]  ? rwlock_bug.part.0+0x90/0x90
[ 3010.726275]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3010.727297]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3010.728415]  ? alloc_fd+0x2e7/0x670
[ 3010.729206]  io_uring_setup+0x1fbb/0x2980
[ 3010.730100]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3010.731169]  ? wait_for_completion_io+0x270/0x270
[ 3010.732221]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3010.733337]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3010.734435]  do_syscall_64+0x33/0x40
[ 3010.735226]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3010.736315] RIP: 0033:0x7f2ccc8b5b19
[ 3010.737116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3010.741042] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3010.742663] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3010.744176] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3010.745713] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3010.747238] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3010.748765] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3010.761681] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3010.765955] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3010.794255] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3010.801927] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3010.813956] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3010.832719] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3010.839330] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3010.851820] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3010.855220] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3010.858779] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:50:28 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x7}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:50:28 executing program 4:
r0 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8914, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x24508)
mkdirat(r0, &(0x7f0000000080)='./mnt\x00', 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x727a, 0x9, &(0x7f00000007c0)=[{&(0x7f0000000140)="feada20c3645196224a8851d21e773267112f7b539dda76726b637a95eda464de26981756bf2a28023a40c790f4f53c4305a2dc9cf4dbd78ac5ac71a57ac3f89a19b68372765fbcf1676559ac6ee771ab250fc380ef58ad4998b587bde424fcb8817735d07328bcf7f7b47d4718c1dda699a9364dd14955a625f708146a63108a8bfcb5a5aeed4360cd218ef8411f985b9dd6251a677d7aeb73cb53902e8e2462922c67730a45b054f0d86bd7a1665f21eb24c7e93d912d2a26b760ca19e2c74bfd573f208f54726575d7e812f8f356caa88be4a0051b17e89c4a2", 0xdb, 0x1}, {&(0x7f0000000240)="e1b3092fc9cddfae75ba2875609f9bd33356dd0cd6dfc4e81e6e153e98d7a9e3afe680e4969e7f3c2025ec791ae77178974fd723d9a38fc9148ce1a512e4808313b90dc361e7661278cf60efb29fbb16fb8c866a9e074e957d6c213e0f3e32e0d7192582a34fb9ed9e4285f78e23dc6e0793a741f61139cbb1de", 0x7a, 0x4d22}, {&(0x7f00000002c0)="42a34ca9cf3511d903f16836d9a8053fb8593bb987c859c571fd914626c1d2c2384fd7b13276f0527519abbc0a23886d17949d3a7b034b4d8eac847ec371b4b5c483caa88267c6e2545619fb68fa6dd6b9005782ec0e7d4e52c9930c2eedacdabb9a1efeb0becbe318e39c616b33dbfd20d5d98271905357176c2077dfd069f31c6ffd50fefc0b51e53fa628983dbb59c3776ee03527ed0d0517bdbbc828a9d209b8d9593ec949cd53b5eaaf4d0805061fd5a1d221cb488beec78aeb40293807a599a4571cc209fe617ee48fec88b6", 0xcf, 0xc0}, {&(0x7f00000003c0)="28f8af398f19982ad0aec42ea8009921431d1f5fb8c96a779468d68e9cb6e8d28cd17e7b3dd8c0a41bb9bfe9d2c6c5f1ca7902b0309856a9f6f9daf508a97b5fbb6d73dea1cc4a86625c65b4c8d71c1df6cc2a5b15747f4a6f9216f108dfb57af31082e3e3701f58838ee93800697b65ffdea8bc8db9fb884e4fdb4587c5b7916a6bca77029b863d5634472bf4782c57b8ec5df8e94283073d1a0a9f4556efd48cd7aff6bc5907120af3eec807828ad810f4ce721e56a817ab59253652e6de517a07061e593c98c0a9d0fd2c", 0xcc, 0x1ff}, {&(0x7f00000004c0)="a23b7b74752ee6fadcf5be8d2828ddb7434f2b5e7c532302b100b4367685d5ec91dab7906a3b0f0c95954e86db6097991b518444fb4595ee3c090b68fb2c05169cf078eeb9cd3244e69971ca26cd", 0x4e, 0x1}, {&(0x7f0000000540)="89fb7a15d0cf440568cd5361b26434e4ce4bca77d8aa714e8cbbbef3f93e0f0871a956f75b1a1ad169ff640c6a52d4f8dad2d607e65b4fd7a444809717cf045c315976006dd9566218158a256631924e3fc88bcbc2e270fbd4636bcf883e2b9af9aa7a989ebb83d3a1a41f07db3e9691edcff44d3e9d55493284b9bb05bb5714cc3d1535a864ed3794ba1a45c61fa7a72d69cc52cf1885957392e3d20b6c9b7501a79e19c932a894026e18c61352c10053e93ad899dfa9bfc49129fb7df6159373dfa4c6c00ea1298a93109240700137", 0xd0, 0x8}, {&(0x7f0000000640)="57ed64a65585f7278dba3a0b17e67b8d2d04f9d5547514fbb2db7abddb490e23", 0x20, 0x80000000}, {&(0x7f0000000680)="120bfc8db3ec26b4d51a0de4a47edd98a2aac7c2a1be96cef0a8f78c6858fed83cea0dd3763a2956de79437458470eeace3752c2c48313c90af919fd363b00992782d370282a796f365d0eeb0fab37dbebcd0f5ed3faaad5de56ee4bc981ea5137118f51bd8d5b73ac04fbc2787f3705900154f6f75a28f7b143706a8d3e9bfc46b6a6106b346a80a447f83906744e6e06d41ccbaf9c75701a772a399d49ad90e02dd347b8cff72d52014cde5a5abb76bb896c56ab349e720b050a9f046a86092c4762662f51cc07", 0xc8, 0x4}, {&(0x7f0000000780)="2033b836939a4ce6511f46ed18a54a63ef", 0x11, 0x4}], 0x240008, &(0x7f00000008c0)={[{@grpjquota}, {@jqfmt_vfsold}, {@minixdf}, {@data_writeback}, {@nomblk_io_submit}, {@nomblk_io_submit}], [{@mask={'mask', 0x3d, '^MAY_READ'}}, {@appraise_type}, {@dont_measure}, {@pcr={'pcr', 0x3d, 0xb}}, {@subj_role={'subj_role', 0x3d, '@:^\x02'}}, {@obj_role}]})

13:50:46 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x2, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:50:46 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:46 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x9}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:50:46 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x18168941526, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:46 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:46 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 30)

13:50:46 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:46 executing program 4:
perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet(0xa, 0x3, 0xff)
r2 = dup(r1)
setsockopt$inet6_int(r2, 0x29, 0x16, &(0x7f0000000180), 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r3, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r3, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r3, &(0x7f00000002c0)=ANY=[], 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000006a80)=[{{&(0x7f0000001ac0)=@nfc_llcp, 0x80, &(0x7f00000054c0)=[{&(0x7f0000001b40)=""/196, 0xc4}, {&(0x7f0000001c40)=""/200, 0xc8}, {&(0x7f00000041c0)=""/124, 0x7c}, {&(0x7f0000004240)=""/4096, 0x1000}, {&(0x7f0000005240)=""/103, 0x67}, {&(0x7f0000001d40)=""/59, 0x3b}, {&(0x7f00000052c0)=""/205, 0xcd}, {&(0x7f00000053c0)=""/253, 0xfd}], 0x8, &(0x7f0000005540)=""/165, 0xa5}, 0x7}, {{&(0x7f0000005600)=@ll={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @random}, 0x80, &(0x7f0000005840)=[{&(0x7f0000005680)=""/64, 0x40}, {&(0x7f00000056c0)=""/116, 0x74}, {&(0x7f0000005740)=""/250, 0xfa}], 0x3, &(0x7f0000005880)=""/20, 0x14}, 0x7}, {{&(0x7f00000058c0)=@sco={0x1f, @none}, 0x80, &(0x7f0000006a40)=[{&(0x7f0000005940)=""/238, 0xee}, {&(0x7f0000005a40)=""/4096, 0x1000}], 0x2}, 0xaaa}], 0x3, 0x62, &(0x7f0000006b40))
r5 = socket$packet(0x11, 0x2, 0x300)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r7=>0x0})
setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000040)={r7, 0x1, 0x7}, 0x10)
sendmmsg$inet6(r3, &(0x7f0000006dc0)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0x101}, 0x1c, &(0x7f0000000080)=[{&(0x7f0000000040)="872d1d099aee", 0x6}], 0x1, &(0x7f00000000c0)=[@flowinfo={{0x14, 0x29, 0xb, 0x9}}], 0x18}}, {{&(0x7f0000000100)={0xa, 0x4e24, 0x8, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8}, 0x1c, &(0x7f0000000340)=[{&(0x7f00000001c0)="3aeaaa4b2b3844fafc9ac821020fe9740d80b53f86a35d1a70265666f6801a3bb65e510123728178a573db6f320e915dd189160dd7890c1f5a6d49c496da003aa0257d0fb48664fa9cb5e2d54fe6e0fab717a566a862afb08c56e7bcdb245becd304aa504bde6d8f9890cb6f0f4fd16738a669c5b7ad0df8efc35f7bb05c90bde89cf15b44819e1ce00bf6c8718fe9224e5bb6ccd1cb556218fe0ce875b2e11d0a42ac9d9255f13c15a3dba7b1ca7a1d40697531a75441ad70a9419bf7cdffad63b5d4f9f338d1ac05c2067cdc18da0eefad6a", 0xd3}, {&(0x7f0000000140)="bafe1e4785922980cab40329c5bbbf435a29f20962146633779d334d1623504d3b12fc16ccdd32eead20d83f", 0x2c}, {&(0x7f00000004c0)="40df46f25f8bdc6215d95022fa0c6446bd873e19ff37b19dadc4773ce4905ec77d49335481cf97b1a4ecfee0885be9a2881ee47ebddcd9d8ff6ade62133a8b9e0dfa910455c853326fa04c7b6daacc3d1ef1bf805367a86d1bbe1d2ca520f44b120c34bcb6a99365b408e9f81a87fc6cf8a613222b1e0afac7d61448561f3bb08af13652bda2138fcd337b78d5941a1895499d723a79e5aef95d16e40ffa0a74e075ad35fa4d8775a9d3106b908e62c2273b8ad868da3746889559d3c9dbe650669af6ad7616563455b1ff6bea8bdfd9248c32863ab7f25b905b5dbb9ff9dda1e599d6f8894d1bd9051d641670e3bdc7f44f7a45c13bb43ae14622b16bf424c679f2246098351a2101d9a2cb23f9dace858150e179cf4df456c0d01863e4efb1033450900beec11d145e61f8426cbe7bd01837e7aa2f07897ab4cf3c55c7cae40f0500bc5e3c3ba25ba9794fc2e0b75960096e2d7a2a53665e43db3725b8d6048118ed59497569b75690cb9ee1e5a697a92d7d5b131ca01480efbf47491baa6eee704b86fd9b50198c25a79d5f63f6c5bdaa4ba49b8238ee9007d4a0f5e448a17c8fe553540fc9cc8ff3152d8a76a36c249102041cb629abd095a71415e1da4130b7d31ba4d7ea8717f0cd003d8f92945e5f89ba0df2c6b2c4139a9b5c45cf6078416d3e7d03298245b2a9b8726bcba8f647b2d40572c2cebb2327a6c20e7512b830651d2168ed7eb4fe868c269d9b79082763cea2332de821af3d57a01ded13a0318613e8f6ac65cf65b07e8382251c6b025297159e1841e7c8628abefe2b02d6f90b414abe963a0118e81d527818171f210117883c6f2a507b82b88b49cbf738a6fbcdb8578c6940ae66d6438afe948cc032ec90fa13177cceccb02f40ac24e0dc81fe2aaace44007ed048a333be328cd2ef0963d77450836a87bad8eb0204bf4faea06cefb4a88edc83414bc22167933b1039bafc7ce48aac20ba4d7ec1b679584db8adb01bddb4b98ec19b124dd2e843d9ff39aed2b25d2b39231f79401d8595b1475c218193e63f8c6f2f775e65aa15b3a7b763b222df5b97b9b37de0ab1ea47cac228ce76ca2cb8fb83525d19d4e4309cef758ae76140ed250670dee0213fed5d9e4f868829a201a28e37ff612a0d2b8c1cadb523dc12d214f7760230bb542fbdce431781e5f4bdfd36e7bc52052513ecc7dfef8788024c95312763f910a44829a4ca25e7003f246a5b2661850788888759d064be32a10c7c9ba333b02c8dc503edb52182776dec60e1dedbc7c3d18c42c2e323448f9cfba25106e17ce388c8e4d459e79cffafdb9499a8f44630d2e7c29cac05512eb6a14a8fa22c7a37f809459af24b4d374564b019ff3166ae3f6b461d54dc49bcd7401d7dd46803b4334cad79b89c75ed704c99887163efdc7d0394dc9950f119bbae082537819daf5906907b7802f4116f488212f56e9053c20a898624b38b70149e0a5990f660155225eada5e2dfc566e10f0fdff9a14c619cb9e2ccabaa2c9534bb776eb3e06e530d1135c4f35d97ef6be594bb420919526717004ea7ff344186f2a1e1e48e7e50b86e60346a7dad7607b0f0f1adef48b86d1224cd7a8b7f20404ae7c2a07ab882ff9c716c4a6b1a49da8f4a4be04fa6051b7466dcf49400f0d869850d49f09375485a0eeac46c3560e1ed0c9e288537f039a3168ab4c9c94a7cb6459366877c0a09fc3480572a96c051405733f9b65363b26d2554c23b31a240077a424b18f64765f4df0ba392c41a9dbda50b9b790d0e323d2eae0fda4bc95ebea1838a1afe4c7670a63c7d3d9dee1efc2c4475dfac1605c923043465baed36afd69ff00c635d8ad956487e28ed71900b7cb7e7e24e452e21985c78943df19f042e89201627e113e415034d3f916c21a3ebeecc188a8406b5c89976163df2872499119bee27bdcf14398d3514a100d03e27c7b282dcc25a8666b8e3e091bc495817fddfb002478d47f71d36fc259f3a692e67b9b21a8b3bc0664cbe872d476a2a07aa6eeb04e801f859975512f34ccfabd700d36943e4b414d70de33ced592a35ff83deba8f7c72d4f0b9e825ccbc912268acabb7ff05927f9a3bcc3b54a6881afa8a6efc7f2fb4f049786deab10f684f2468fec8550f0b9122113fec8b94d4c2cd132369b1999c8082cd27ded44882a85931c8ed282cc9a03b669290290702c7f64e0b185f2cab5f7947b907d91039384fcab55bf05912ebafa40d19f5627268e8c2372225821005bd2223d76b41ba388c44c71ddef71b60adab125fdb4c4da3f66307a70e1aed0e6d49c8b82d327ba853f0fba12b4866687684c6ed15ebe075d7362db4d7fe21072c4898a94673cb5938119f2b129f007013a3c76292595bb1d7e1472806289d70855aa95577982dffe549b3883e6cff024600978954793e718dbc8f52b9fb521449418b91b3f50a1b26ad732672fd8e97a26a4567450d0778e409266439ffa104ebe4a6e6842f36d266dbd915029ba41acd3d0c6dda8a79ee5d6d59913e9e691a7be77e754d6c81e161f6995a59eb3db30a3796f12851ffc83bc0b844f73228fe20939128517b4759faf0055e7b119ad1b43c83eaa91a17b37b9be2aca2554df1f75336d134921f1873833c443058c03eb3ccfc6fa0ca005cbc165fc56a5568c19d2be9b04dfa4879e86b43b3bd14e41113a1ae82a663e1514844fd5efeb522bcb1f4acb45ea6f65c2cbe187cf90520b964a5dcd59ae678fae25828c60d2583167361e259ceb4fd47a0a3fad1ac0dde650afc71e748febcc7118138db450e80398f7c14398924b86538403e6b141381b8cd2c221d4efc4d2219055d756d004486b4d8676a06807635df9ebc41f074bf0750aa6cd32eef5a3d7cd4c7defd0393fdb2225000b9aa3651ef30d69c76f2b241285f236bcf78a181653fb028d7ccbf2e6cf25c63aeb9736874e777b8498ab1c239eccee5cfd99642e469ec858e3001e349212634f912693c1c796338bcaee67002373fc1660855ec2b96ededdecdd8420bdbabd1b82373598d840487f133f6a3282fbc12b84fc13ec8f384a2e069745d59cca88793df9c301cfe9fedb811a1d160be0ea216d10edf1f64e13eff090bdedb887c4816551e043fa97507be288631c185c0bda51b57f3aba84b08ec9a1c4bafd2b49e19c4a610b80c226323ac76f7bd56692a24699a8f9c66f4156a351bae0165d6699019558533b83170156d7058297c3af9c462324d1726c6c3698de54562faffe36c5bef40872f5c054bfd05d9fd49aca47af71bc30d7e829097c807fc83b4f1d760da93c72ed865232665646298b25aa270b53258719b4cb0b7ea8e9da7e0d3531505abfc1ebe7eee20334acf21568f01bf7200c6a9750ba1d626c9625780ad8d2ee8eab7e2c4f146d91b80e37aa2cdd422b7ecae1946c8fbb91a321636b9580d8d00a9bc2fce5200b37b3a289adcb652a2aa9317cbfeaa4242060299249790423535e981635ba81296bf48bfaad8f71d1316b1da1b9e6fe05d26ea235caa360db7ed95405fee5c091dd0ac2fec5d555a02fa16ef55b56b2119456927ec690ac8d01bc6c64eb4e2ed1b8bef7f53dd3a704f081438dd5b7f3e959983e3b90bd609adc1a9d2f112f873d048f3ef42d3e148e2282300c2bf0aa213cc369555128236c9325d53034bea96a41981d429a5d13fd4adfcaccd8c4ed3236bec193a001c6122e7eb11f62edd3d2577f2de4713b401426f4228d1e59d7cf2b330fdf2725648abf5c3f0f7801181948967f1c17bec7c05cf694ff792edc8139949edd6d7057b8d951f619691ff12856bdc6b03059f27e724428e251b53e130b55f834ac011b0650be6af912f3767f1297604d06458f64b8b221518504987e06f02549a55a9b04186703f5f1f26601453ca125218bdee5d792c5d34e4903d72912d05fb95e5e83a9e2b32edf4a32433bb17cae5fb0b2099dffbe62b30f3e2f72769cb07d02651c56e0d53e153633d671bca456979c97b2505b5547b3c1be40eed93a2c2f671fa0d8839db0de5232e4f8ac4f4ebbf3da7a063c2f9b9f76154ccbfc7823aff0f62582a332f65fefc634093c3159575f9e0c355350238bcf147cb0abd54d947f7205d31afca572eebe879f78d2e469e16d040c6b8d16e7910a84a9c85eaa6b2534d57989798275db5142e77fbe29f30797531c0ed91fce341b6fc1408834bd658b42d9220614da30a73147b8580d9dac2d02366d290249cd00d8dba8bce857ef186de364204d90a9722a260527df6672acb672d358a85271be07a466901ccaa264bee07365b2b86e444b8acbac7e2b2e78793cdb6f7319837e62a35543b61763e415583605e41d3428aa23fe614a3ffee3968774929f15033c064513f27f0a0878169ba451542d74538b4ba1c7fff185173f523788e9178073c74b8b2b05df5870ec3662a10ae9ce57ddfbb3f1a6075705f6a6c62108be43d92fcc4777c216c7ea7a26c2727143030c28fbefaff27ba8fd9498132728962d0ffb5b08ce340c9d4df039d1abc1d5810b4c1cb71af9077f127fb534564247530d97f1a9036e2bc919c5d1cd2e4bfda20672eeff34f97ffd89b246fbbf146ea20fc26447877f230226dc6e756ca10351e6596f5ac4d4972fbf65648853997c7d2aabcec4e2954fbe3b761878ecb1b8539a14b57b16d066bd20d6f31955b777e6814fa17300588f4634d937a7c472668ff2810a13a259fba6c89cc779879af8b5a22faa593806a4caf2fc0d8b6a84917b147132e649140ae8ee4fa961879f9d314b8c9e2bf1814e5008b1221556583359c3af78b8298ab691521edbe4c5540a17edca4498647eb86c636cd78c04463ee22a4aec70ae1f6ebe7a4ac57c1a3632f153eaf2261bcf699b59c62825c3f57ac91208979a477a27e717543c596d4b47eaddd74894dabaea0d94a512e82aa6321d9716d433026abdc9d55f1921f0aa0b121eb72eb44cc968e1f36ccd43a121f31d399f4b473be16090163347eb8c44320de69011ce052009cbf528fede0ad964ddb0121b7cfee59cd7115784e198bae5d3b36b553dbfc435f20ffa09092e3ff82f27d8f7f980adf4ac586b3650ba1e4f7768de39b6fbfa390404bbf0e7c728346aefd834d228ae89418175df5633ccf64f82c8d7d2f303c66f97cec30f14400dd17cc6483aaa2cbfc6c9459c81887fdba1cc76f4cc6e30eeaab6ba54e1d8e29832c211c8a5d2a46d9c02fad16a1b19497ae86f6edeefa827d6c515ef26c037aa968c9f8cca161d4470dabc0da11eeb85ee905d83b29026d2a8d34db6dd6447099fc8d99b4a4ae211eff44b7b43f0d8fa0b3d636e5c052922a843fc119ba343bd173b0aa6ceb6c87266869b7fe46c375f031884a8097b388ebe904004f3bd51d54d5a03472cb71caf2c3baa5d4520522c6265b1cb1eeb2abeb69ce314a33d966cfc46a26a9a373fc1cfa456f5b81d8cd1f7f19c207f68b3a01b88b6d09301bd7035c0c828fe8b8329f8797944547143a56f06aead2767685cc4c799eecc17ec1090643843fea369c0e7469ae818c69c369f212e4958833962e49ff0fd5103ff0fde32c68a972669d7a7477e33ec7cc1a83a626c6af0bc777f609800764beeac946dfc1b55b7e2fa9106267e7776c66d78f6231acb8e5b646d5d31fcc164094235598e1905ad3d56c834b7af328c217e6ef75a1d620fb8f34e754ccbc77f8a3fcb145619d40c7b63d7ace309783bc1d64500f23d20b29e1053cc3caeb133e9e700610ba02eff83932fa602cc99623ef54ca314a2a", 0x1000}, {&(0x7f00000002c0)="11a33c15e9277eb527fc38949e4dd8998f49405b615154d38a87ba36566a753a011c52c61aa96ea10aa1b973cd35c60d943c65ed0a26ce743cb56c5d2962e2e955f1f1168575f2de6116571222b9c1cf44f7e1c4c8b87870dcfd40bb975f3c2e95bc0d14f940658cebb5e782917c9f677d5bb4fd651a77f53666", 0x7a}], 0x4, &(0x7f0000000380)=[@hopopts_2292={{0x50, 0x29, 0x36, {0x8, 0x6, '\x00', [@calipso={0x7, 0x18, {0x2, 0x4, 0x5, 0x3, [0x6, 0x9]}}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x81}, @hao={0xc9, 0x10, @loopback}]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x1}}], 0x68}}, {{&(0x7f0000000400)={0xa, 0x4e24, 0x4, @empty, 0x8}, 0x1c, &(0x7f0000001680)=[{&(0x7f00000014c0)="10b7eb9a1211912c334a4269f51702e35e298d3aaa383c4f8c3b4934a9cb2d23048737c7cc1a08ef746dfe2812e883a5fd02f6fc5a0ce9f62bf26564bf2f3b99a0db93885157cafece303f9810e7f4ca28350d56dad26e795e9f6ac4138902741b8590a5fe3765a341d6fc606a8509c5616de4923b2904f464e94ff87e40653c45fcebc81256a1d0f4d4acdb19ac96ead77a15a5887174c4106c6cbbadc5130efb91de3fa06866643bd2384a8f027d707b1932ac6bcea98a8807da6936e6220695364ef893720d56b0", 0xc9}, {&(0x7f00000015c0)}, {&(0x7f0000001600)="79cd74eba103336bfce95fbfc0a709ac5337e963985505f6ac291c27ca090c3bd024437ed63601405c3e89f1dffdb17a02f9248d3b336b85b1a0bedc5c348ed22e90dcd16f4038d74137fac13872751e66a249f2d3196cee97ce", 0x5a}], 0x3}}, {{&(0x7f00000016c0)={0xa, 0x4e23, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0x4a}, 0x1c, &(0x7f0000001800)=[{&(0x7f0000001e00)="015ee9af3a22645cb7c183fef22deafa5e6527eddda46bc2cb32bf9b3c6faf4015dce4934420853139e9e1b5220a70cc22db392434711d03ffddeba2f62bf3ec9e1b4958aa0afc5f3451b5fa5c8023ee6ee550182e95be698da211dd1c0fc19caafbb6fb09276463cf1c66fad7bed0da75d4549d561c26de1c24d366de9bdf50959b17ce23f149d509730464f19c703999e58da695fbd06bacd501f9165625bdb9a3b6a16bd264cca8c660d8119c56e858b1e4d81e057c35b12f34bdb893bcfca6074d94fa179479ee5bf3c6fa335c1ab6b5bb23681432dfdbef9af16aabc07b2b565146d9eb8a083099b44686abd323895087e7e5a88c60fcae4d23f0b41e1c85df663f291b9a3723e165679c69f582acc276d8a003331c4751d394901e61343cc75a3eefc103955006ddf7d88cfbea894985b0c067250c6801b5fbbe127fdecb4bee21a8d96e1ffafb37f78ced57e55202db789444aad7f3bda20dc45b4e542d07f6370cf9bef476e37de34c956e60076f0e3ffd7d43e9f3751b9d5f7bffa6d6d63ed9a61c7d93c3ae60fd6ad200c8a08d1a58345f3645c0d2855a05c19044e574fe393d80d24a81515d736ddb66912a74517cb57acef6aae766c83e76d72920a341e6558f8095685d9a0367421bc4d6103e34b601accbc7e6ee66d450e3edb56c34317ee1e2a6cb7df3cd5c6794203aecfd5af22c23746bc8eeb93d33d5f04b535a9322b5cdd0dfd3e54f634df2a70e64dc18b92b14bfc45e14d0ec4d0ab35f09f605aacf940fedb7920c6cd1565cf67539d05d56634d88241f49e56f5ab7cfe3e0966365f7906b2f2bb4c27fe7ab919f4721d641bf0045458f7394d0b759443bb2159af8a0629876bb953aaf55adb954f5d4dc78bc8926357fb952fbd6833deb02526083ae7dd3d42a3da8d048218210fa734bc4207c71ae5156295ebf9ee4e9e5c46230bf6b9676cce2db29b0ff2a358c2dcffce960ed922f7a822f77118ce1705aa419dd9e1210e23e870f504dfe754098037b6e9db93cc4789e4693b15feedf612500d6b53ecb4bdf02448a7dd24213c92c4e4d8e7ccc76092382254ec4f18e692d57f9cb3acca10056941b2da1302c79999feb7fff13909de2204999af5bf8d72f4ea5031ab8250e044967c1691a2c5e1addaf70ff88a8fdb72d4d82b247bc12bce75f94e63c6ba6f5b992e40856cac53ff0c6f33eb8521c68e19c6d8bf8de713d7078e2e1aaad2bdd8953641bbb145319cd14e8b36c0b4bb49ce491741492e595e00d0c8f032d57464ee65fcdc29cc3b9858f177f89d0e84f28ae136c7131a24db9e31a77a8a5dd44814311a0c0617a090d08b2283983903d2a7ede07206d99268df05f436a757b10f1907e809a206dd8e703d1132dae42b986b627233c4ee6b4800e314c19392e4b9f0f333f7a4613c15c469787c42651a193896ff2d17c5049ff99cedfda3fe4e48a1350c2156d43e3fb4da4b3a195df762ebe3cd0e31681091a3453dd9916f8dffee420a9ee8fafd8db196cea081ef95fe7361d2d9d4bab40fc847aedf25605654c4d876fb0a2ae3fdf5bca5dd5f6a9dacba9de3763eaed7b0dc0a5c62308b5695a88aad16710989c522f3d41f57b9979e73db26d12c1bf23addd02a04678771d0af8da07ade4f03cf92d9531af4d13c6a005b543ad59ff29b015fa46aa3d936837d440b3b49307e40cb92860071c3aaefcdb884d53d6fc72aa6fa129e4cebe4092d73832fcf44a11e2161795c224c877e675cd6a82ed80f18765d6a53d6b571201a839371eb099abd5fc80df9d70638c0a3df41c253ea84481c7dd0d53a7027b5193b3a57ffe4b4c335f86610f54c2135c9ca0313270115cc1995fb596df1cefc67bbcb1107b19fc77b8ee8fa111b53f73b0440e8850b5b0af91583836e8213ee965095f406777f98d8a004763fc79878a9a1278fd19cf0639ab9596fed54d3df5f94b0e64dc848c668cbfb957c1ebd5b3f43806ca3f3fe641554af566037fe3e0a8a6cc9a70db9cd21ddc8b484430a46a8daa22c3c0a0d79b8d13d29c5643cd59840e0c0d7298f0efa454b399c7a57404a45f389225d0785dee9ad20d33f9c30160f74462a6efca8792230d3430825a24244b4cc5e1892a1fefa61bc3196a175d46428f0646a605819ee45f7626ba80c01514aa68c0fd538ef07429857bb5e5d01cdeb57e9f47b64c33f01691e4e42cf92f9ad4131825d83d92a2f0d78a64b4a3db1c3a51a048f95f92ad8d64d899a2a5ee9ff900f7309a0ba80408c9cf5d544ea6efbe549c1111f646191d5f8789b5c75957dadc91b177935c69da8747e0049ada5d28e640fdca53dd5f362bde4c7bfb32c92f25e5e59ec0b96959d04fa1e9bad39d27957a181b00ae3f53145f62671afdd6431845b0d7204d0bcfe14ea97cf2f2fc5bc47200803265eae8c945300e7637bc71f7faeea6b1956a78bc4f3100fdaf76c7492ac222a89a2f8f4ea6ace000b4cd090521c99da88a336a86ab4d8d53ff2cf930b51d8357b5205568d6e00a1d1389efe9066f571b7ce58f9c098ff15501c8c93e70a5090cb7507b45bf2ab1c1596a318b7b11f126ed5cd4e550257703316297c85e2a08ee552865149f014b2970459f27d291cf5f3637ebf8bbea9b4ade25bda999a206968c88a2792c5c679243c314fcfde193d8d3546dc46103da497bffd7d927dee4d61abd782f4a5b3da13b0c9098f79dbe64b392f61647cd12f7b8e3daab3ee25d57af480b6b858e149afee226774b2ac7ad58e7753b369e4ccc235d17ab903f3e6121956ecb5bd53417046afa749379392cc8fbe9bd16832607c245204e7b865432714ec239a725e4f436b5400688110478f2909593cd8a8d89a781677ae0be9cbb85157caeb64fb71bfd21f0bad18db9106a87bdacaca3398e2b1f976282f75ffb6f307e57427e9395b4395aef0fe902f8a78a5daf3e832b11b89dccd87b4699844afb910468ab499b4f7d2879528849f79570eb7e7eb75f926b004ce6ced8136e4395ae11b33cabb05f898e7ea7ed31f60ab50d1e2e122c8370f841b344b42dc6c9eae552a88dfd09e34f12effeff1c77790a940394fefe18be755d30e1f1fd501141f6ceb0ea730196b1e3d2dcd8ee065bb712dac8daddbb89bc36c3895c210ec67646fdc4ec66a524fe39a85c07d39acbfb1cb6ac5f700f752c513a725ecd168bff27c809927f58d1f26a05341a470d9cca1f12da91dfb7925d4bbb1fa411b2b745a5f5f634a48a5feb99ad2ab7dfe9c654f7ca583341aa1858e663ba51c01efb535003dcba1a714b9c16915028a8f466e8eccd88437c420c7c8284b232929d2737d8045c1f84dfdec2a2eda118ee24b8b4813c52f6fe49c848aede97d5dfff18ebd9c15f89d4721c5be9535526f38f53d332b8a0a591ad7829c8ff23b1f9e84686facc48dfd385eda284bdc536da1b239dcf357720912e6b7b18701a06ee719fde1f3405df276f5e5d9d30c2b1503388fc3ab2b94b345226535b7d75e26f7a8efe303f362f6d217e9eb934a41c35f462333aa8009e35e1a4fbd7608741deed57442b6712e900ab1b05c449d831c380a881166e961c89373cac9da9e89171f656a735a4a0ef2bdd99b9d596e6e7516a9a2d81dc944200c7e876962aec6919007e3520529f8c4b451512cd7adcf37e881ae511678703c2ddb76bea9218a55a1a43292193f26c38b2f84d820b95b6aa842ebdcaa58ee9a92b61463c83ac3dd4733a3463388c0a11fc6ab802806b50e64a86d697856599180091b3bd6b4ab42163bfd12b7536343b46e6d318d7e826a9a172a436394f74f18b22ba7aff035fbb2416b4a237e1c0bbe0ac93f46bf964fe83e18b5d9eeb65729270ab446c08d51f94c9370eedee65fc94dbb5d1026aa7d87a2f9b1c5f5163b3dd1ac052fee8d1e3fedf4886e336fda81931b7ead560a3b857f8ec48bf651102be217935a63ad682d4c29f50c658091e1fe9207f7982d697cdad6882fd7f7eaab59ad07c5ef208f518e0e12a45c8fae725c5211ff332bf03e4fc9becccb2109bc072664d40d8a90a098841ad1bf9065c93cf22711ead5fb2f7e4623bfc25d124cb104308a2b0a76962cad3b3c1d933730816faf3673b8b279ac831febb6bceb42a55501bbdd22b6ee29dd7d9733f7f0a639ca8440e94f3a9884bac9fb3b9b27747c26958ca097ac4d1d84aa89258d354d04ec5a81c18f18373d998f1f52ddf0983295b718b40d963166eba4dbc27c0d78eee5afe9992fb657368fcefaf92801275bda4b4f5b3648f1f012968653e24e8a1809e7d1834c3ed069cae7efd03c72c1494492805dc4f15583617204d9f8d80611cbfa9f8588a090bd1fc5109128d5b4473459df45cf25025ccdea7b92dec9f29535304217a28fd584c1a892be4fddb8c209d82a73410ac5b292702feb6b3bbb7c537af25719c2ab38b9eb04337833e98406dcc59af1f55099e1907dbeb50afbd84e5d9ef890111038f4bb04703dafa5c7fac25e0d0548ba6d0e8839e48b714c93c23caf7b050b488c7af3f6077015dc2ce873b5cb3ee0dedb16d3f911ff1656f944574ee80b4fff28ea3f0377b01feb5168a49545aec65bea73cd07d003fdb743c2cdbdddb2723eaec063fb25640c06941abc6494eb45f2545937226e3cec7f848d57b9c1c5d0502c33862b8d930b00b5bfb9d8177f0e803bb3fe55fbebfa8d9a889b42169dad2f6e393b60cb2111ff10c612bb1ce781fd342e0e9406e0f2137f94547089c356d80c1e93df91ce0cab9e9a651edf35e26dca0d2fdbf298d170c430b73e34bec68a44871e66810b972dc30fbdde9fbf471ec52dc65094c56a328b8bfe74f3047ec03712117875a9605498e0143ccf77f1af1e4ba917841eb00c07d9f9f579fd3398842bdb535aee477862f8a63a3a1bb593cca74ca3967d3952ce440a6e8bc66e6f24fec69656344bd75b29de72595ea16cac64264ca6aef0a15b00af184df81872defa5f83b4cb46931c557e9ad084a09c1c1c67a7f3260a35d1286ba5a3cf83daad1e4462bd85b158962a1a08517e02ede4d6bcabb8c2d00ffd10317b673fb63c19bac34133ec742d2341a15f5faccf141b13050decd8a9f0d4b0afabead34eb87d0318f7cc18184dedbae3bfb6d2b546ea92a4e7c1e05814a5767be86b0e064c28a1ecf008756a1ab566b104f3260449ebc68bf85f5901a8e9bd9f3367405ff42e8a4e57796a89a176d56b34341806db9e219da4473f9bf599d9222bef4f4d7660b6ee675761d77205e0046d3674c2f63af44bb6ce8699b3dbddfb0d53fcb6ee5da7ab702bca56bd599b0995607126f840b57c855b51202415b8c8c7026a6eda615768a67a4644b8ac1d5eac1d96a285716724441f3607ea654904f9afdbdd3d0700027f1818f2372e54de36e494ae5ef171175661d3ecaa9ced78f213917d2bd813da346bd8be216891a5771a2d8b90bfe6b2a34521a3c7efe10f7f01c1eb6de47f1e3a71e8ef3e1b9115349730c59301a4257734a887acdb4574b5759732e18a60ce227accf11dd46f5e8367698e32001707e8dbf2f2f49350a8d7a2a0457283272757296158126efc78ac2ae93d94122d2e45486b8e0945cb55f4f78ae002ea22012f6253eb3a9ffef7f151c1bd07838092d10028d2abb2cd1e392c0cff177d496adcb255a46cb389bc8abc9b0b7c1c13f8404585fce249480ffc99df415e1a523de23ecbb5c90439f5984f04098d261a7efcc52a425c929612c8a9512f36a15cca8f2266ae7ae30b733f05557f99d443b3a8ec416bc07b28b", 0x1000}, {&(0x7f0000001700)="2f3c35db8176d9aadab47d46b6fc240b50e199ffe5070d36c8a092207a9e36f32906a9b1f6a777e9bc4b01d6e7bd003b25e078a4c1701608c1eb0567746b9041b0b72b14616d30ce5f12dc6e54dc623887527c8471c86e54adcee2e05dab5b32da597fcc3684bc55020163634a0087461b460859835142fc3623cd30ea8638f6991ba973b24ea6d50b96bb4398b1cd7bcd1daa58f09c30fca7890b11be7630f581dd5b96080ab466a43980273d2015f2056eaee0941ca25c3fe9e2a52cd13db1c8f3a065a7b71aadf3773b7a48c4414a0aadf8fb", 0xd4}], 0x2, &(0x7f0000002e00)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x1}}, @hopopts={{0x1290, 0x29, 0x36, {0x6, 0x24e, '\x00', [@generic={0x1, 0xc5, "83ca703593d6c575a2afd138915bc1a7a58de08c73bbc43dd418fc3df63430ec56b84be13cb144b3488ca4d72cecac1b0f09d32723cbf9f7f70f8a4dac72825262670b3c77a11b811c1cf5389ad767629f922582bbbd0ef65179ccb3f1a62b33d1524ae2b4da269fcf3d8ac88a6f9809e1b3fd7516790a45d3ba27b886fa37c357fc38cf4e34ebe558eaf76ad7d7928100735b3a1ca6fdfa8ef93c2a6fd1f017dcde8434f9444fc936eccb25992e4fd84a138eef0a41aae5c3b73b1749000d84cf00f9f4ed"}, @generic={0x47, 0x95, "ed6e8bb4b74a1a4a2da0215506b3b7de65d9a930ee7fd18b0a16724afb3dd28d88d3f0da983cef4b394f180d778d91d05514e9a37b7a68493fdfad6e581ff31486f154ad03f563c83c4a395c9c5eeca18de040568c56247385ff139c019556025481d7b8157f31c725596b6bc7c3e7483d5fae6257176463cc589efe56a051974c7cc39495d28a948696e9c5e75e05bf169357c616"}, @generic={0x0, 0x1000, "6233e55c88eab7e3175b7b50b363736423165097b02280675aa345b9c234ee4e9ac9e4d29b6fc3773a95964e926e5493239458e7315b764286759f506a533230bdf67f51491575aafc7bde9859fcf3f8402c469ef0f027929326693580aa6cf7ceef652cac5526c722586e1650d1ebcde5f951b88b3cfd6661528623729803e9daab96c43068e519ec357ec8c0f0d1496949cb6ba1a714090cf6923fb53e73341adb66d35fd371fb46a5d6e7b822bec42c95ad2e75c3f5fad1761cde55fef99dd683330d12943e1f1713eba6cbb7ae88cd3ecfc99bfa6089debf20d9d3bee46ffd4260c40cb0d0df0b070ca0bb64406a171b16edf8286c970037356721564220ad64a473e439d29c508bc537c9aa8ea8f4b9ec313ec59bfb975fe82028e04f2080321f23bfd3ee795e51b3cf066ea671a1fc31f00f1310dff957b18b872d46bcf6c2267e6aec188538d8ef6b035bf95e648e48c934fdf09c4acbb86960e46b8c0221e04413066a32d767e090ed06a4a4ba25ec9dfcfa8a12ad7a43658127a97e4fe56dacf3a8e2fb60ef4cc34ee169f301b78a1bf829ad34e323214aee5a1f2121b35c595bace8bfeed0aecd57ff3e80b9e9dc60c74c9b4a9d2671eb7e820653b29b2162e6c0dd4028729772e508b6d803b02d63fb9165c92a2e8535a2098a3b10a12fa962d8eaabc32dd72e50604fb5c5112b034086191a1eeab57af8db5754f10970c3f0ee8b35d44b7091047f43e4ae8da4faff3a5e45224f9f62395f0091fc7590a447bdf66221f0cb54e8ebc8985ddfe1827ad6375245b6f0b225a7c03dbd1dc0c585e19ea56590407673e53205d2891aec944200cf317364a2c57b635b914aebd1b3ebe107f8c51c6bccd3488fa252b99067946ec5d61c20a2c4dc553e6d9ff8880cbf72c4a743c9d5d4d5bacc12a7cd9e0769ea69710040b616811226e98008d3306ed4a9afc1bb7b47e2525f4d68524c4a833e7ce558062e77c4f60d701e1688b6ed14bea30b3cc1bd6950ec4d0353ad9ee4273e92af950a0be9f291849a755dcce1ab52ffa8f646257352f384db0dd15077e1f7a1556d8d6dc4956a902be48bd6b18260bff5d26d9db69f84ea9e38e586e6e95dabf02ac690fe1d1968e19ab68e3d5975590df66a1ae7e8ced0cb3f2c9fa747d42242ca9e13cd5bc5dabda4ed334ab5425a5256ab166612d759d30bb8edf1799edd9af862cdb605df6976fcfe2567df505af7ab2e4c542358147d7b29974fe77867e1e6444c1cf4c9c2c2757863560ecc178aec27116b4df63b9f8f079b1d9e6b1c59cf50031b91b18e3825378b20ef2341606b441210df76b5324a3cd1210a1e75682b1c5fb36f55812dad6653b5b615e3c6e8f3351c68b1335dbc13834000c139e671bde866e89fd2bab0465581df872edf73e4eb75dcf3480eb66d8779158e7520f3e5a0449573a7e035697d3936d0c75022c58cac454e546c8cacd872fc1f8630e050f0a40a511f0b001ea6642611cf43630fce47d720ca95459648f40783a4df439873a423f96fff74a20489520a02fa711bff638220d706c1e5744d64d42d0fcd4f866eba03e0c997fba679264de94e2cfce1109ab46d0e71fc3884ad01a0f95ae48d4de620cea522c2e78db209683236ce3014b451a9a345f04f9ba85482073c12ced2a90b14fb6515e93ac303fc5ccf43363520633aa924b97a8bef2196a60230c0756b70c0a004fe28b22802e491d3f7f0a84211a73bbd15fac17a8c320369adcf8a5bd6502be6c9d2f505a80502bc4693a332fa469f58b8b040eb50876e968a65fe9cc67351e2e7db5b23c550319c3ac7f3a4e2dcf92d7fecbbb51c28cd7e9a8982b9b66d6bf4429aec31a02bc3f29dba4090575572b99f02cda3b8c1654e6ff8c1d85cbb3ff31177f346062c9b26680cc598a7d47dd0c519e680f45f6f87dedf95ce124cbc929897f6ad24c9007d6a0525f3a5a118af1ee190d6d23d1314bdfbff2a039608c5ff3a92f9060f976474cc761bb6eb0ed1c1692e62d44c33d1499c8cd98f0f4e91793b04de03a7d9b35378e0a902de1fb4530762d8a19ef4bf9cf93c158ada37a74a2059dc4a1842d44f85e3ce80ee3cc99b4d102a90e3cad62014e47204d41db3216b098d92171e2b7a181d819675e03382e671612101d553c0612454c1336bd7e4d89f632cb0f3b3a89a447451f9be8eb308e679982d7b4dfbed3648260f89608034a3d199e211c1b3b7f133ec13297e78829aad6a879d81da04a3df621105b90e21e155d198344939e5d5b4216a71ac7a8b8d82bc272080c6ada1393f880ae64dff4fb647448234148a24e3227fd8686a0b93163454aa516d0f107712b1a237558207a2a616a123e304d220f499db9e0df442169ee65230d719ef6f8bb560b0d64abc3865cfbd4ed1ad1eacb096d03305c6a0d80b12742839c233e38acc761b5bcc2eafc2efcbf1a1ad94f082984b34e0cecd5b7d437227629c6b049c2610feb029001993c219990734c9351ba81a0d02bc145d109a5330f94dc1289691daf61cbcaa755d7ed01889f581888f6a5725516fc8c0fad2b323731e06b535f1fdbcb76631e85d2a01733da42f48f061cd9e5a42af2f039d4bbf913e12c88417f9f2506d8742b26d44e3147d369d25026abe6a4f0c32dd402ebfae38819c28724d5988d5ae53d2eec45a48ba52841539b589d308b56cdf15c31dbe9644da508d741a02563c3442f747480cad9f68cc856a41392326c0630b64111ca4dd2fdb338cec16013b4943390cbb3d9db19743088525cabccab098d4579c2d667b31f96c2869cafc73c4a20c8fdf2e5fb5d885a37c94fceba301edd60488eca0d797868b5d4b6e73c8d46a14a8e7f3d8b722efaaf7d268df8bd566c6946335930d5945693a9349079b1704ea4da7a9daf7c407b6452efd7f944b13513d6d11c60b0c62c612a246ab4c12d93ca702a957ec86a372bb990ac790c1cc280121872216341d0e15ef0a64d0424722c8c6d7aec0a83d654b7cd9c2cea94387c0044539d2f8d091d94e960ab239e2d0f3d759f3add395e60100616e4f46814d3bbf487f0378949f9936be76d94e4ef1d776d4b0ca30ee7a0bec9d9d04a6bbdf79214caf8c0279d23e79621a78f75898549ef6f259fe994de00777a484f87163b9d369ded7f01f4eeed3241a7312f51b096b27514a9eb0d1d592745e12a7194c5dfdee3ed6c78927dbd117038d4a178ff9e88dbfc0cb31612a6b3fb08966babd457f00e24742d84f5acd1c2417f0a4231465115440beef169d3f59e9e0a62a7913876adcbe81907dd1a1fb2b2e573bde43df1aa5b68ea4adfaf2711406ca564c63099e155b88adb4716cc20ae12484e5c10856515831dd371b18ac1ec1e0dc9a53c21399d6563a185b673883372c2714a04afac7c1616228b62bbe5fcbad0b96f467f560a8e2c493a3b8669257ad7183c0796378c7f4da613ef3786da6ddeb9ab068b5e6784f48e86c5c5924e0b713ffc38d9f834db204e490a9c86f4c5538875703d6778e8171e6a668dd26f856e635be018dbb63ed29d5d7c2dcda865228b839c8026b2c9b2b24ebd7e9b093559f60946aab8ea6a24cf46914f53ec4f0557ca0158d6bee9cfebd4e406d7afacd9fc778821db1798b4a5d75258ae7d5b0c5fbc042cb8c85392b177f683bcdad82b2ba5841e71fb443250c12cd8c9e2c1b2d40672f7ff23d3d1902f8696539e971defe3357e256374b32a486d94b4edf47ea1849f79c64aa9d9b17cb651f4735c6cb2a42fc9c0a5ddd0c804759e7cdcf4a7e6582b11005d3242774cbfdd70b72a4e9b3989dbee1e64b54802dad80f75423d572a5489c7aade402ef51485849b0edffb4608816758fb6b49364451e28ce233fd40308c7717b1d43de3326b37ba82f252c5eb1f6834a246872e708d72c6d7aa421f406819133f78dc20b9638b528d444ff2f0d78cc9c1a1537118875ed574e341882e019389020748b6dcc2f6d351d88aa1a9608e66988eadfc5c6e5f1726b30599ae161f5a199d939319a3ffdfacbcccf67e894152b360a00a9f4c74e75c6ce10b74780bde73e6a00de2ad119e944ab2629f5ef40bd6e9f436e381aefa0a32e247e333929980f9b8d72a3fe633f846bff7d5a4bdd2299b43957244effee5f3fdeb2acd85a8ced5bde21428415240b29c1449c57c69378d222673c11ded5c8f04dbd37b21a6994ffc5ecefb8611bd809977bfb9af4ab8a1c1e07fd67192a8c8852767421edccc9cf10fb9cc85555f638df1efdcf88d3dd46fa09f1867e28b4c6199353119f660fb80b2b4e9a2fdadefd659b587e48850e59cbb68404de93136ff467e4f4f01be40381946aad55a46b4ef8a6216366ea94050535363b7bc26ea4e0adf10e9668db6f9048a2ecde4858a0ef5b289cc4e2cb6eb1fb0d74c650238305976953c0b1565bf6d792a55aa31427627a62d527603433d415d368950a3ec14b3cb660dddcbc2ced84dcb314bc406aa7a69ce5b3b5e36d10b3fc8bd41304802b4249e7d0164db033a193f2fb81a119982099cb8d9eb2fa6eabade1b131514c91f1c48e9404ad7acb8ccd76fb4fb4c724a49f8dea659c38869f373d97a906f0538e185f449247a2e78327449ce0f5b7ca4f137f7fcad94a1669e26998a0d35bba902e03a3adfb5211f7e1fcf82312675eb75235f8eabb90e5b9ac45ef53af51a2ae37d22b2d87fdaa130eceb4cb92c8d07d7d5a84a7d07867c6b2937b79e33f51016d93df842e72382ce9b1e4abe89a0391a47559bad04e57981fcf5958ec7a95f5dcb9d0bb6f8d7a4734c39c9a9422b3131036f0dbc68e6c7f4d80fca8d82da943949a6547d5c0a0a044409eb293e8dbe2449dca66c69bf1b46acd267fed9a05890791874d8f1d9eabf2f9859fe0d4e713d65f1207214d5a2868e267c250b1d1e0a056b3cc09b3d8987dc7caf6dc787586e0044c03a3f0e903a6bc179e7ed84658dec926f9002aab299e9a7c1c14066eadd9f582de4680fa0cd12632fc20d46977276e0b6c26b76b58edf88ea4ca94a057e7f5971b7f1eba4d09bfd2c1145f24966a6c9e8cea817cd4710d61c75c46cc9e482c7eb64aa505a87a28f84154e53e449e6b274e76e074048f08e871b1c25e4fd0f666bcca287c29b268da9871022e57a243db6972dc79a5334fa938555116ed74253edf153a44ff4b1256b00a898a98080152d4de4722d62ca22468f6d1d3cba7fa84fa4ddaf5d7dcc0030c577396cdf0db05a5d557e394a148157f1fdcf52d26cb7352bb4019ac1fb849a823e56c5167961069621825edcdc2857ceab32c33b5c7b7e7ffddc8ac0113d108b727b42ce7bee108309175c5b6bb795709267ee33d917e0a6711dda7b473ae819c4048b795aa0ccf8e7a228dfecda8d316b9f40343b50cbe67946319399f29dff05b8565e57cf944964aaa87c3040f86893803c42454d13bc47120b41209b767b8b0d5e5fe8cbec65931282ded1708edf81e3451c41d3500988c49566e28a9bbcd6c538d5374a3620fdc205d26aa8bec00d0b9808c9b2e96f9579625eb22a25889f8ff4ec0a053c6dcbf4e52cd00dee878da0608f28ca8224d450ed56aa81b08a848d2405e867fb36c8506de89c06beba75b053a424a96d6f32cf00363faa002f9b4d2d2e6f787e3e036884d6fbc53decbd6f87c875772d6f7ce97726dca6b5ea993f6c0ce1b0f8da7a07e0cec9fc664f1930af9c9b124a8a42245df93dd3a66f10eaf8674c5df0d2806bcd0a13a128e5584541f16a7b12e1de9a28a6f6690f885e899955af681157240"}, @calipso={0x7, 0x38, {0x2, 0xc, 0x0, 0x7ff, [0x1, 0x2, 0x10000, 0xffffffff, 0x81fc, 0x5]}}, @jumbo={0xc2, 0x4, 0x3}, @jumbo={0xc2, 0x4, 0x9}, @generic={0x6, 0xcc, "73506ec33a82ea8f2280ca292a1cf96c9f4c246724ec2b271918752c08334ceaff9f5697477a3f569d6ce267c97bc54132ceb71fa57319da1e03c1499ede521acdca0698a336c5434adce8afb9476358ddeed5b2a87d1eb309b36dd224520c32f65310a246f725d69c1e2535d45fc56d5d68556e007dda2c501e1aa5c415913262307d5e9ebb53155d679d785accf0ac1dd88761fbd5cf56faff88b6e627a95c5a42e73cd551e8189a4e41b2db89ebe33674c2d6bcb52610144643d66f4df5e27aabb11c4f5c11dd81f33aec"}]}}}, @rthdr={{0xb8, 0x29, 0x39, {0x2e, 0x14, 0x0, 0xad, 0x0, [@private1, @dev={0xfe, 0x80, '\x00', 0x1f}, @rand_addr=' \x01\x00', @loopback, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @local, @mcast1, @remote, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty]}}}, @dstopts_2292={{0x30, 0x29, 0x4, {0x2c, 0x2, '\x00', [@hao={0xc9, 0x10, @local}]}}}], 0x1390}}, {{&(0x7f0000001840)={0xa, 0x4e23, 0x8, @private1, 0x1}, 0x1c, &(0x7f00000019c0)=[{&(0x7f0000001880)="af743b95d43905b0ce940f54e183b33a510308e3c3a91a73ab4c18b8c7870ee7391d93eb17da275326fc46d563d25058ada8563f43acb5ac614a93bd47f565bcef535f63e64aebb35c6d7803d43eaee6386e5d618d25fc7a962def0f6c3099daab02bdbd243a0682e26e7b011b38dc5479dec2a3456ba64927f08b19e1c8ab550f14b922cdd9cbf9d1d68e2198dcc9ae0d6c3e5d1428fd08e2deb64439b9548c0da2", 0xa2}, {&(0x7f0000001940)="6c9e85227147d9cdba17fee138065c7a49f2dfd27389d8e2462324bc63642794521a7ebc9f13b989458c664761d6f49a0b166ee321f451a357f579147b4bbfcf93e200321dfdfe226d7f3323b13c3cdb371964a5bb7b96c8d3b9dfc5693176d7c790cd5c24f879cd38b7", 0x6a}], 0x2, &(0x7f0000006b80)=[@rthdr={{0x28, 0x29, 0x39, {0x3b, 0x2, 0x2, 0x2, 0x0, [@mcast2]}}}, @hoplimit={{0x14}}, @flowinfo={{0x14, 0x29, 0xb, 0x6}}, @pktinfo={{0x24, 0x29, 0x32, {@mcast1, r4}}}, @dstopts_2292={{0x150, 0x29, 0x4, {0x3c, 0x26, '\x00', [@generic={0xe6, 0xf2, "68885ab1813ea1660bf839b50faced68bf6e7b9ca46d7b01281d1d8c1baa1f5cb2ba91424786d1a12b30caa8d1ad14d53b1e4cf1b12ebbad3fb57a608716e8470feac08753fb816dbd7838a5822d7d741074742a77defbc3daa6ff7cfd6638bdb6e54a556068228e2b02c071954140f6ee95ae5be08f50ca3429a5109205cc6ad26f3d578e4fc54bec66a04502d3574f064dcc65b2bfd4a3794d1c6f13a8eeb6eca51818777c50c27fa63ad77a95daef4c54989355706e3782742fbdceaabbaadfb1678b95b5cdc373806bcaec77a6d5a44ab75cd38cd0af52c51542fb3456d15796097f2d95ec72a061ddfae135bb0e4912"}, @enc_lim={0x4, 0x1, 0x2}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x27}}, @jumbo={0xc2, 0x4, 0x7}, @calipso={0x7, 0x20, {0x3, 0x6, 0x3f, 0x6, [0x401, 0x3f, 0x5a57]}}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@empty, r7}}}, @dstopts={{0x28, 0x29, 0x37, {0x0, 0x1, '\x00', [@padn={0x1, 0x1, [0x0]}, @jumbo={0xc2, 0x4, 0x80000000}]}}}], 0x220}}], 0x5, 0x4000000)

[ 3028.536264] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3028.594270] FAULT_INJECTION: forcing a failure.
[ 3028.594270] name failslab, interval 1, probability 0, space 0, times 0
[ 3028.596840] CPU: 1 PID: 15398 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3028.598599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3028.600559] Call Trace:
[ 3028.601206]  dump_stack+0x107/0x167
[ 3028.602086]  should_fail.cold+0x5/0xa
[ 3028.603045]  ? create_object.isra.0+0x3a/0xa20
[ 3028.604127]  should_failslab+0x5/0x20
[ 3028.605085]  kmem_cache_alloc+0x5b/0x310
[ 3028.606141]  create_object.isra.0+0x3a/0xa20
[ 3028.607268]  kmemleak_alloc_percpu+0xa0/0x100
[ 3028.608453]  pcpu_alloc+0x4e2/0x1240
[ 3028.609455]  __percpu_counter_init+0x10d/0x2d0
[ 3028.610660]  io_uring_alloc_task_context+0xcc/0x6a0
[ 3028.611967]  ? io_import_iovec+0x1120/0x1120
[ 3028.613143]  ? lock_downgrade+0x6d0/0x6d0
[ 3028.614165]  ? do_raw_spin_lock+0x121/0x260
[ 3028.615229]  ? rwlock_bug.part.0+0x90/0x90
[ 3028.616175]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3028.617222]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3028.618343]  ? alloc_fd+0x2e7/0x670
[ 3028.619130]  io_uring_setup+0x1fbb/0x2980
[ 3028.620033]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3028.621183]  ? wait_for_completion_io+0x270/0x270
[ 3028.622246]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3028.623376]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3028.624491]  do_syscall_64+0x33/0x40
[ 3028.625305]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3028.626408] RIP: 0033:0x7f2ccc8b5b19
[ 3028.627209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3028.631158] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3028.632807] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3028.634337] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3028.635874] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3028.637413] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3028.638945] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3028.648519] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3028.660893] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3028.691896] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:50:46 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0xf}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3028.724865] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3028.732657] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3028.770258] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3028.776640] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:50:46 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x80000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:46 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 31)

13:50:46 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:46 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xd1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:46 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x5, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:50:46 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:46 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x42, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$EVIOCSABS2F(0xffffffffffffffff, 0x401845ef, &(0x7f0000000100)={0x1ff, 0x6, 0x9ea0, 0x48, 0x859, 0x3})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000480)={'wlan1\x00', <r3=>0x0})
bind$unix(r0, &(0x7f00000017c0)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000540)={&(0x7f00000019c0)=ANY=[@ANYBLOB="04010000", @ANYRES16=0x0, @ANYBLOB="000228bd7000fddbdf250900000008000300", @ANYRES32=r3, @ANYBLOB="0c009900090000000b00000068005080040006000800030005ac0f0008000700020000001100010013b5684c9cb26eabebdfd50000000500010000000000090001004b4144e0e500000008000700000000000800088004000200090001c08afd58129800000014006e800400020004000100040002000400019d6cca04b8f219fd2e0004000b0008003700010000000800090005ac0f0040005080090000009762ee096f00000008000700010000000500020002000000050004000c0000000800030001ac0f0004000600040006000400060004000600080037000200000004000b000000000000000000000000000000f0ec65127e8dbe645424e58a30cfbacd8081971fbf2c813454798696"], 0x104}, 0x1, 0x0, 0x0, 0x80c0}, 0x40)
ftruncate(0xffffffffffffffff, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001880)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, &(0x7f0000001840), 0x0, 0x0, 0x800, 0x1, {0x0, r4}}, 0x6)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_FSSETXATTR(r5, 0x40086602, &(0x7f0000000080)={0x17e, 0x0, 0x0, 0x1})
ftruncate(r5, 0x0)
pipe2(&(0x7f0000000400), 0x100000)
openat(r5, &(0x7f00000001c0)='./file1\x00', 0x428200, 0x20)
socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$unix(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000000)="eb", 0x1}], 0x1, &(0x7f0000000040)=[@rights={{0x14, 0x1, 0x1, [r2]}}], 0x18}, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x401, 0x7, &(0x7f0000001680)=[{&(0x7f0000000600)="2f591ff4875ccfe1f50926847407895c22be4834b0a4409a2097f3507a5a8a4a2869d50253b3d81c969d24e7a551deef6644f70cb533af6aeb18f23a6f9249cf2c1bf14234d4d9edcddf2af301e18962b6f8a75d090a0edf461b0be868d397efd7f45198f48dbd6751f6a64ebbcf2f8527deb7d9075487b1a1e027fa177a8153f5bae6699f8cfbe66415db00a5e0c0799193bfa181bbce5db5244670ffee75153d3a075ed7c03949b01f24d6c88f55035ef484e9e4100239385a2c97e54d73f2c9816f99da5327284015ac576fb1160b9fcb997a4e316550e41965bcac817b66b1c82ad7bc0de16c039408f6cdb5493b062b8b997dec1c5bb015b7366e6ab425dd5d4933a0610c4d3d655e06275928e37d59a37cf7e97a2496d0395b14447b73c77d31a76d30a775c0cd1b18430dbd2340af5cb91bc0297b20f0e422b58b8607155017fc2a7922cc6752c849fa7ccc65176114e230c402e4b671f7d00ef0a42cb8596e84dc4eccea8d42ab4da8460c58734dc44259bbb9c8d423d178af106451466c6b6399c95299a550b1187c70de506154b0823f33f603740cf00a58d9c4f57b8e1a43ee7b855a6ee9a2bc315010b6e89c88baa1e268094072e65735a913f35347b5d2520bb59b0903935de589d974c204a137a4b7289f82227f82e134dac729bf26cc8ec97a0a759e0641f2517d56b6974c509b226173bb7ce3233fd981a2fe296473a1b9853ea196871bc5cb00041fa3ec7bf4266ca531432b184fa761802dfaa0e567b96eefa4e9bf2607e82ef0045ad6f3a4ad37f07a67dcf995d5cef886986b614c64ee71a59174edf9b6ce087ff1b5a2c431fef7b288440b409eeffbbf37569c3fffa5f7eddcf56cd7974dc7ea008e1e281ce9ec81819326a8339035c2484f17f632d85065f80a77c98d00cb953d79219748343db2978a21aac53f0a6c5396e5561821c3e29f00f1ebe23b7bed22eb234dfd5bcc757ad20a8fc940e7ab3a347d475e49b9ffe6c0a127652e3bd20a20bc27dabc577b31fdabd766ddcf2fa96e40c49f9e8cb55e232462a1ad6b5be960a7875c26302fbc0e062f6766ba90bef62410d56c1192e053acb294dde09683124984a3f2be99cd2e6c6838bdc9858f3dc7ce1c4facbbde9b9aca66b2004cc774ee16cc0a520909a56ca8834fe0b82f319201861a3b85825daaaede10d4241131e94e69c09f865cc7e258addbab66c8245603d17e3c5d118e6b6468826c5562b44d86b9243cc827380ab1530b14451ca7fc4fd092a9b99c9ad6336556d0e51f026bd820adf8414a1bbf024f95151bad3aa49aba149c8f7ae1859d772a576c8035c7a959fcd734da6f0ee2900ef3d45ba6c87219e7e80e21c87b509c22b3346f7c8d3801271edcd15e70b28bb674a73d6eb986797461a72d49791bb5b73e23e02bad74bba31399a5687cfe269728f9752c4f230db79519d1784057401d4f561878970778deac8479388955c68830274b556554393efcc22d2a13f541ad80ce26c6e17ff7bbd2cf3a607dcfa42ddbbf729402b791d77ff00f4b97bd25da05780580ccb563fad6b768a69c8330800ffd8885d3a2d3a861350e788cad59b1fb4f5243197c6f76b0808929de12c6e9af66f5481c07f4a9c825884d40f2e0430f6e1b0f4ca986c10c1096952fac015edd6950804fd0c6915289b5371576d1581406d14fffd599b2c724d48621238c73ea8fc21d75c74f51eab42a4647a62f57f9f3627acfe45b066869a14770aee1d2e4fc848672bf10518d17e74828fdb2564cb2215f0602bab726f9324ff43f5bc02391bac582c6957f86b29997545e39a2844ae5997a4c7ed92c0fecdb08099727c9898a96c0f65132dd92451a5fee83015a3b47087d3f1190ba2dbfd80279d211dd293d678a811d847130f35fc21e7c0f89c4201a1c5fdec1063bff157bff24e06ac36e2a90a121758cb70a155831601016920fd209779492412f637ae0c56b22378a8c191135cb1c318f1b23f444c5c63577dbe35ee81147b2d2cbf4f6c341c0fc3f9fae11d3c4c1468f6e40440dbcd582ef9b39ceb8916518af519790c3517cbedc2b2752d054d50fd8b340eb8aa5f9c84c4310a32eeb8b1911ed34f79ab1439c159b5ec99f7704c00503787bd505b1b704feef5f926c0892d733a74b7793c772f9edc5f9c0175647a1dab7ed6b6ab22ca4c7816fdcc36db46022a87ae46c2c76e0f1ad0b933366e74ed8672ca52c4b5b380618cec11d6f0faef1b5cdeba5f8a998aa018ef6b37338e87739f4b8301134bd55eadb4524301d17996f5de9b6a409fef16f3d291673dbd7b4406dbb1d7337833c0631097fcdf906f0946a1fba913862e8752643b691546f5a76702273ecf15d516e9809f19eec6bef98f39872a085a80bde9befbf9137c21d63b21c9d473802bf6b6374cd9b79ae350bc4748ecbd30a756edba260f29b2627de45e9754dcc101f45a3c246055598029253b173555fbd955f1797d8b4b1a15f2d26d7dec1b2b725e70850608315569b33247d33e21a08844ec02524bf92470f491d1ccfa7ce4348ec9b9273de7b1c28fcdb79df5441efc13c48bf2dad22dea76a4ea93b6620d95bc092669a9cd0899648150d771048dfbf79d8de13aa87f6f719b37f41f1aacbf7b00349aeda6c6a386c784f7954a3ee83d7b171c4aae3b7aeeecd968b3befee986bbbbb024383c7b2bc4904e2e6fdc119fcfc823c5d603f214f82ee2115cd806b65b438d371be14475cf0423350152ec4dbefb58d62cedfcab2b76fa8fb65a5c2273e79b1c6cc37d89862d6fc080ba72c500d84ea5a5384c48e3d2584a45ee3dd7ee57035a221fea008a4b00cacd8592a317a6fde789470bcf6d61877a9cc3aa1f34829de8b867d9555f06898da00516537bacd11a7128397df40e153b6d2b6415306518b3c6fe4df9f0c6f988e83fa6b9bbcef6882b72e5c13868073a7a185ff656b344b46be0f139f0400edd77bbb38255f096a5aa1d402111e1bbf2f1447cf1e0c44e7a581bb9e42914647b4ea9790f1711aa0f57c462225d8e202a5f86a70f3b374de780b055f28d33ac3021be09ca3ffef22ea915c2edf6275503e1e04dae8be1af24b0c52f5ee3a27e6caad7781fa5c68ab0b59364d3c142154670e6b19a02113e6ab79684f279b6d14b1fa5615ff5054ed8c9d81774553804a348c47ae5d5a8d52e46043182eaef7b6bd07465804c19b0189117c75102a179cfd0a29c7c23b6b0dcbe38409af8f49b9fd52d7193de308ba164da4e047718eafd0ddc0bdc9ac87698b56488f5b53cead26c047241df66743266397c2248882bd659ea33f0e5d03f5bd1abac0b0c5fad5d26436e417fc43e8fce71d3d3a77e2c1a08fa1a24175c08c80b13c07278e52feda3799958f4431047aed9004bb5e61ee16f732832b84e4f91b11a443fd9fb7364495b9a7b9b2e0220057b270aed20ea0e3db77a12e0a998bf27428a543ecda86991ede7eb2c6d1c47a42046ca86e7c189195a52885430a43177691a2c58b8e75f7569142cb11e6bdc96327561cbe27a904a093c2d0bb52987153503ec14a366647f5a644abe096ebb32381939a1dcf0c843d72ab0d3c950cc09d59d866535e67b22cce05b678c9cedcaaae37c11e37441fa314fe57b794ce874e263d431e6e96ba780910cb4d96e2bc0f1ad7cc80d8730b099ec6098d2b0a6525049f66d5942f95bec8d5ba7e3c7b892ed7b197c93da4a20d06292d40dbce6f7a7d732da20fbdc2f1f5d85d0e87679f04481c4808e208d09078ed9ce0cf6e745ecc2f112bf7ef711062cd401bec66b14a6eb8c97e125ed7c9951e12edfd27e0106a5174aec0e61c9e149c013775f42cc67639c35eab099be0eefd8af7ae774635e046fdefb5300328269699a0e3ffbf5e99b77aa88d346d62c784f63fef5fc8cfc35029578129c5e53c36c1bfdd3d2acd812fa0379b74854cd08e02c5d2e2f8061870cdc2039abafbbf6c0875e7a066f7eb95ed88a7c6751d456e27c95f744744f9d6d32f33e93f76b8144faba4206b08c56c91c368a2220226676a58a07a4200274885c437957b5162a287a58fb51be19b14ca7d719139be858b10258c075f0e388640e0823af67926430c35faf21c145ac5e5bc52e09a82afbe84e57812bde893a46f17b508c917b496e40324f6d10b21f0b894e85c8e1550712b4411aa816c0a1e7ec454e4c30daeac1b55d6fa0ffe4da5c857706076bd415512c1c4f5a569ce9ec8165d854035767d41bbfb2864d73a9ca45fddcb2835ac521a7e9aff1164a1975631ded2c927098037d761f0b77b3f722338f765053c866a415b4acfb15272c41c7abe349363ca8255d48a4d24fc72c1de4adb9530602344b012b9ff17f899b0217bfe9f1c0760107f0e8729d86f9b1695fad83789d23889cfa2441673bc4687b6c72ab098c846d1470044549ec493c26554d1bbd2edfd6fde1db2505375ba016828e524be08c43b04d9f368b20e45f9a57825a1de0b787dfaa103814042519ee353520c58a4937a0c1ac73521d7c06025488ac11267ddbe23100d8a1bd5aa88c54cc37d1a57ea0af067bf9bd9591da1e8bb68f6f2c937dbecf72346748c717b47d71532526b959f64992964f9ee8516a7aa1f2d16b923125e112a6f8630074cc89b4f4fdc8b03ed6e07e54b497f1c6b156890b69b5e461b6d34fe420122ccb421e31f140319d987a2b64f7796288b3623c783591581605579034bd083054270b1947bdebd56f6bde49412785eb0af1459aeaf6c01e48b56506f6d50f89cc0c56d16239d1cc609fa48acdf6ee3f4ebe6be523caffc695749961ae23c5ab734618469ef8cb7915a05e5c6bd18473e0ba78910ee5b420377eb05644e3badace51828d9616418961fc7299fc16e8a06aee3624cf6750f7e0bfdd2ac950a35482045255ddd051274096564b3c6296bb6ea750637defc3c9fe3fa307c6f1fa911e05e826af65f6f180d4410e7e93f5acf52563799b8b0b501291985dcace74d8d93f52d5db3e844ca4f07168307fb7ba821bfe0b0f7dd642cfd2e317fb167b8539e9a2f694d53c34a0a6171442f0e414ec7950c914495d1456feb4967abf4e064c6544d804dc48f8cffa210752cafa8bda2e7cf8e60a4146aa8113b7f9323ddff470546378179930a64c22eb26025cb380ee3fd657b29daa3314a55937c91c056b907617c87d013c7ebac1d21670738cc7913ac60fe1fecdbd60a189ec5d510e1ef2c2388af0b62a214f7f98c8d26aa48c27a130110eb375020ef6a6db5342ad08d65aa8cfc8f3e565053fe170133cec90a869af619b0f310e4e8821603199e26b7529eeb5c9c0400dbe8d423e5212def0b85d7a70cd46ae89608e513682a82ac6d35aa8aa61054487b35344c12cdbf0dedb83db81ec55022897318230d22d12630e60ca32e12344f36ee96f11a8ac0d6f58656985f3f1dfb25f758958aa49bb2c90e6d22c4960166e4d38573cba5e3667a6eff6cae637eb29e5db33be5b2e0af096a821ede3c301758161821cadca3fa6b5d6ed6ed1cd7d926d2f72df5614798ed2fc71d797f42b32ad301a40a12b94c8cddcfe4d69d51741c65b069f2ea0d7a3c2aa8273ebc75e299bb9f2a172385c0f548dbd3f4b0f0eef9656667dd86c36a0e3091379e2db1414a689c49dc992916b74bb8e73cf9f895a0e76de1535beb032b8ff08982d0414d15c9ae402e4a58aacd41638d469ea07bece04c225f93cd1208335f380c246b8aafc0a7a782f331318fcf81a100b58f60464ee2c9574716df5212161abd313a5a", 0x1000, 0x8}, {&(0x7f0000000200)="bb9b361eeaa06bb1184a666a0510c39ca03478f14df7cf582b3f36de42d4e473ed0901a825d27a972a8069b0315a1832765ba8cbb255f32ecebab4e1ba36605b016fea1b7afc42692d468995ca88833042949bc6bc2ab167e23b9716273b36af0e2df9c10bb24ac4b19e743aac99eb7780a0d95e1da9652950172ddbdc199aa8af620cb908cc53271ef4d53a324ef423cdc53b805c4c87bb54b02718c68ca8bed14e0b950d6079d0e28b9ffc18db9cefe21e18c83fb750c0e442be08d5e98b286417d7efefa86fab18582e6773153f2b47d6f1ca1299a840", 0xd8, 0x45c}, {&(0x7f0000000300)="1b346f2443758b79192d5ddcadc3be963a5c7e313e0cdfb34465e3fd26112166ed092fcbb1411e420a032af8ec9f900e3a217a87a46b8c001e8a50263eb3a7260b1ffe2162b7ee33244a466d5791e122b48b4f3627c21260b4b6c2ff19251f2f9960e978a515b841d2d8eedd07878be87b8d498c3192a01bdc7baf55485926c8eb3326fc48ac8cd9942ca0cb", 0x8c, 0x80}, {&(0x7f0000000400), 0x0, 0x400}, {&(0x7f00000004c0)="2b238dec67afdbcbcc399e8820b1a4568c05c5870861437e0e0a15f9783246b31e1bb3009da568b12568b5c322c107652db43e49dc0786e18c73f1e88d9eba382bf65473", 0x44, 0x7}, {&(0x7f0000000540), 0x0, 0xd9}, {&(0x7f0000001600)="54ca70f139ddf2a2158a561e0ba6040659dc0a24ce409568a6687148c8cb82d33c461a0d2aa773ba69c55c100e10467fde476233a0d9f31eddc3f5552bb34c6eb91060f12e3ea7e6e8e293d38ed9e9380e", 0x51}], 0x200a081, &(0x7f0000001740)={[{@uni_xlateno}], [{@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@pcr={'pcr', 0x3d, 0x3a}}]})

[ 3029.036282] FAULT_INJECTION: forcing a failure.
[ 3029.036282] name failslab, interval 1, probability 0, space 0, times 0
[ 3029.039386] CPU: 0 PID: 15428 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3029.040866] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3029.042618] Call Trace:
[ 3029.043188]  dump_stack+0x107/0x167
[ 3029.043966]  should_fail.cold+0x5/0xa
[ 3029.044799]  ? io_uring_alloc_task_context+0x4a3/0x6a0
[ 3029.045926]  should_failslab+0x5/0x20
[ 3029.046742]  kmem_cache_alloc_trace+0x55/0x320
[ 3029.047723]  io_uring_alloc_task_context+0x4a3/0x6a0
[ 3029.048818]  ? io_import_iovec+0x1120/0x1120
[ 3029.049763]  ? lock_downgrade+0x6d0/0x6d0
[ 3029.050649]  ? do_raw_spin_lock+0x121/0x260
[ 3029.051570]  ? rwlock_bug.part.0+0x90/0x90
[ 3029.052481]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3029.053520]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3029.054640]  ? alloc_fd+0x2e7/0x670
[ 3029.055432]  io_uring_setup+0x1fbb/0x2980
[ 3029.056328]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3029.057414]  ? wait_for_completion_io+0x270/0x270
[ 3029.058469]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3029.059597]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3029.060722]  do_syscall_64+0x33/0x40
[ 3029.061525]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3029.062622] RIP: 0033:0x7f2ccc8b5b19
[ 3029.063425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3029.067609] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3029.069252] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3029.070786] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3029.072316] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3029.073849] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3029.075367] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3029.153336] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3029.164885] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3029.170853] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:50:46 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 32)

[ 3029.186027] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3029.215958] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3029.220396] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:50:46 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3029.252012] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3029.281933] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3029.308744] FAULT_INJECTION: forcing a failure.
[ 3029.308744] name failslab, interval 1, probability 0, space 0, times 0
[ 3029.311415] CPU: 1 PID: 15452 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3029.312891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3029.314609] Call Trace:
[ 3029.315163]  dump_stack+0x107/0x167
[ 3029.315892]  should_fail.cold+0x5/0xa
[ 3029.316694]  ? create_object.isra.0+0x3a/0xa20
[ 3029.317811]  should_failslab+0x5/0x20
[ 3029.318821]  kmem_cache_alloc+0x5b/0x310
[ 3029.319699]  create_object.isra.0+0x3a/0xa20
[ 3029.320594]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3029.321696]  kmem_cache_alloc_trace+0x151/0x320
[ 3029.322879]  io_uring_alloc_task_context+0x4a3/0x6a0
[ 3029.324213]  ? io_import_iovec+0x1120/0x1120
[ 3029.325135]  ? lock_downgrade+0x6d0/0x6d0
[ 3029.325983]  ? do_raw_spin_lock+0x121/0x260
[ 3029.326865]  ? rwlock_bug.part.0+0x90/0x90
[ 3029.327741]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3029.328749]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3029.329825]  ? alloc_fd+0x2e7/0x670
[ 3029.330588]  io_uring_setup+0x1fbb/0x2980
[ 3029.331448]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3029.332464]  ? wait_for_completion_io+0x270/0x270
[ 3029.333595]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3029.335352]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3029.336982]  do_syscall_64+0x33/0x40
[ 3029.338048]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3029.339579] RIP: 0033:0x7f2ccc8b5b19
[ 3029.340665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3029.345948] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3029.348091] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3029.350052] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3029.352273] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3029.354351] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3029.356377] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:50:47 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x16f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:47 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:50:47 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3029.530953] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3029.576726] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3029.615153] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3029.626260] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3029.657283] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3029.666071] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:51:03 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x6, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:51:03 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x8000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:03 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:03 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:03 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x2}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:51:03 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 33)

13:51:03 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x1fe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:03 executing program 4:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(r0, &(0x7f0000000080)='./file0/file1\x00', 0x20)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000500)='logfs\x00', 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000180)={<r1=>0x0, <r2=>0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
ftruncate(r3, 0x4)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r3, 0x0)
syz_io_uring_setup(0x4, &(0x7f0000000340)={0x0, 0x0, 0x8, 0x0, 0x4, 0x0, 0x0}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000b0000)=nil, &(0x7f00000003c0)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r4, r6, &(0x7f0000000180)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000300)={0x77359400}, 0x1, 0x1, 0x1}, 0x0)
r7 = syz_io_uring_complete(r5)
r8 = dup3(r7, r7, 0x80000)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x13, r8, 0x8000000)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000800)=@IORING_OP_FALLOCATE={0x11, 0x3, 0x0, @fd_index=0x2, 0x7fffffff, 0x0, 0xffff0002, 0x0, 0x0, {0x0, r9}}, 0x362c)
openat(r7, &(0x7f0000000280)='./file0/file1\x00', 0x200081, 0x20)
syz_io_uring_submit(r4, r6, &(0x7f0000000400)=@IORING_OP_FALLOCATE={0x11, 0x3, 0x0, @fd_index=0x6, 0x7f, 0x0, 0x10000}, 0x6)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={r1, r2+10000000}, 0x1, 0x1, 0x0, {0x0, r9}}, 0x8001)
rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0/file1\x00')
mknod$loop(&(0x7f0000000000)='./file0/file1\x00', 0x6000, 0x0)
chmod(&(0x7f00000002c0)='./file0/file1\x00', 0x0)

[ 3045.926232] FAULT_INJECTION: forcing a failure.
[ 3045.926232] name failslab, interval 1, probability 0, space 0, times 0
[ 3045.929624] CPU: 1 PID: 15487 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3045.931500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3045.933657] Call Trace:
[ 3045.934341]  dump_stack+0x107/0x167
[ 3045.935279]  should_fail.cold+0x5/0xa
[ 3045.936279]  ? io_wq_create+0xeb/0xc00
[ 3045.937309]  should_failslab+0x5/0x20
[ 3045.938285]  __kmalloc+0x72/0x390
[ 3045.939172]  io_wq_create+0xeb/0xc00
[ 3045.940153]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 3045.941466]  ? io_import_iovec+0x1120/0x1120
[ 3045.942609]  ? io_apoll_task_func+0x2d0/0x2d0
[ 3045.943763]  ? __io_req_find_next+0x300/0x300
[ 3045.944732]  ? do_raw_spin_lock+0x121/0x260
[ 3045.945847]  ? rwlock_bug.part.0+0x90/0x90
[ 3045.946949]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3045.948192]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3045.949562]  ? alloc_fd+0x2e7/0x670
[ 3045.949906] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3045.950507]  io_uring_setup+0x1fbb/0x2980
[ 3045.950544]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3045.955107]  ? wait_for_completion_io+0x270/0x270
[ 3045.956381]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3045.957747]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3045.959065]  do_syscall_64+0x33/0x40
[ 3045.960032]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3045.961371] RIP: 0033:0x7f2ccc8b5b19
[ 3045.962325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3045.967046] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3045.969024] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3045.970856] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3045.972697] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3045.974548] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3045.976396] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3045.992203] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3046.017228] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3046.027995] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3046.056191] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3046.066380] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3046.090950] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:51:03 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x3}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3046.137853] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:51:03 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:03 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 34)

13:51:03 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:03 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x40000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:03 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x8, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:51:03 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:03 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000440)={@dev={0xfe, 0x80, '\x00', 0xc}}, 0x20)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_mreq(r1, 0x0, 0x20, 0x0, 0x0)
getsockopt$inet_opts(r1, 0x21, 0x0, 0x0, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x10200, &(0x7f0000000b00)={0x77359400})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x1000, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x2000)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, 0x0, 0xc004)
r2 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0xd649, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x9, &(0x7f0000000380)=""/153, &(0x7f0000000040)=0x99)
mount$9p_unix(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0), 0x1001000, &(0x7f0000000b40)=ANY=[@ANYBLOB="7472616e733d000000000000000068653d6c6f6f736c2c613aecb9d913cebd2aa15069b3f4b73d2b2c2c736d61636465663d706970656673002c705030303435827569643e000000000000a9a8142492812b6628903b3c0b608498c3219da1a2b0d3dc5fc827946b0000f0fceb805d45fa1322c8425193c6b8ec9703a6210d1635b92c729668e9b3b7c62e30dd34c8f87252defb8a2e829f5b2068dfabf4dbd3d9834207fe58016a3c976e71adf6712f0dadd2788fc6c1f3e348acfb2456e188c31c56739409f15084a74b131148f19b2050a448b17a08cfe912042536283bcb0523ec0dbee8fd3b31a31a62404465857946da9a0b4f842d44c4589294ca26ab86b5572c60a48f418dc36fdf392288861e07abf3adc31da5d6d32f8fb1f258575d0000b6ea9abac2ef7b025090da39fe581a73d34e5960f6c12ecfacbe74c25670e58409898cb407000000a083233c4675d03de9db7a18953ab792672e6b0b27abda034419d445fe00186ac0c540b7101f8dbab6823b7fa30db3aafc890de0cbd6287d5bdf9a2fe2af2c89ec04cf482b05422a6d6ce426de452dc46944e9bb12abe1d24e94d8d1a9dccada32aa7094e32d16b3450f9f51a4226edc33c1d426e5b3458d2a56daef38dff2f622f105d1dd515018ebd0d03de9cc105e907fa11ac60da4efcf5408a782a16182c8b3139c0c550d844d8a64d0c0c51009f433eca222bdcd56875d31376f51aa50065810dbe5537f023661497b1d0bb1647e03dc308aacfaeb52baf0ca1201ddc40ef7ffbd82d649c9e41030168efaf7cd4f4604507b399ffeca0d8d5ae31649d567403b5e91427810d041b536a6fdd97477c0477f2381ca3330a2376342e3343c9ac10fbd60db645dbbd5a170d128de796ba6bb448faaaa35078e99619cb246fc770029dda06db90d76a7c8c51a1f558e150ee856e795c4022cea6c2fba6d5dc75e01c8f5ebdee5ee082d24e0605e2a0d7e4a6856d0e89eb88f415268b207ab6cf9f6586b7ac1a1f7fffffffffffffffee07ab03f92a91cc714a9ce1eee608aa68120e6862fe47b24966006e01d6cba78d06b46595a8109a502c6b1cd5afcc92759c513b049d86302180ea69e5f8788bceb33995e63552aadd0f2698cca49b3a11df35b34ddbab8c0fd73f4022673a8be4b5af58cde969916e71d", @ANYRESHEX, @ANYRESDEC])
setsockopt$inet6_tcp_int(r0, 0x6, 0x1, &(0x7f0000000480), 0x4)
r3 = signalfd4(r2, &(0x7f00000000c0)={[0x52]}, 0x8, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r4=>0x0, <r5=>0x0})
setsockopt$sock_timeval(r3, 0x1, 0x63, &(0x7f0000000140)={r4, r5/1000+60000}, 0x10)
ioctl$sock_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000200))
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0\x00', &(0x7f0000000180), 0x20, 0x0)

[ 3046.383164] FAULT_INJECTION: forcing a failure.
[ 3046.383164] name failslab, interval 1, probability 0, space 0, times 0
[ 3046.385695] CPU: 0 PID: 15527 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3046.387157] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3046.388885] Call Trace:
[ 3046.389448]  dump_stack+0x107/0x167
[ 3046.390210]  should_fail.cold+0x5/0xa
[ 3046.391011]  ? create_object.isra.0+0x3a/0xa20
[ 3046.391979]  should_failslab+0x5/0x20
[ 3046.392788]  kmem_cache_alloc+0x5b/0x310
[ 3046.393642]  create_object.isra.0+0x3a/0xa20
[ 3046.394558]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3046.395628]  __kmalloc+0x16e/0x390
[ 3046.396382]  io_wq_create+0xeb/0xc00
[ 3046.397171]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 3046.398228]  ? io_import_iovec+0x1120/0x1120
[ 3046.399155]  ? io_apoll_task_func+0x2d0/0x2d0
[ 3046.400082]  ? __io_req_find_next+0x300/0x300
[ 3046.401032]  ? do_raw_spin_lock+0x121/0x260
[ 3046.401932]  ? rwlock_bug.part.0+0x90/0x90
[ 3046.402820]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3046.403830]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3046.404934]  ? alloc_fd+0x2e7/0x670
[ 3046.405709]  io_uring_setup+0x1fbb/0x2980
[ 3046.406589]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3046.407644]  ? wait_for_completion_io+0x270/0x270
[ 3046.408685]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3046.409788]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3046.410861]  do_syscall_64+0x33/0x40
[ 3046.411638]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3046.412708] RIP: 0033:0x7f2ccc8b5b19
[ 3046.413494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3046.417342] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3046.418926] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3046.420413] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3046.421904] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3046.423390] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3046.424897] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3046.445908] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3046.461514] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3046.518092] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3046.525969] netlink: 'syz-executor.0': attribute type 8 has an invalid length.
[ 3046.541382] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3046.555212] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3046.567334] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3046.573959] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3046.614271] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3046.734675] netlink: 'syz-executor.0': attribute type 8 has an invalid length.
[ 3046.745368] EXT4-fs (sda): re-mounted. Opts: (null)
13:51:20 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:20 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x4}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:51:20 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 35)

13:51:20 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:20 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x80ffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:20 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xd1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:20 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x9, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:51:20 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
syz_io_uring_setup(0x1f8, &(0x7f0000000680), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
ftruncate(r3, 0x4)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x13, r3, 0x0)
syz_io_uring_setup(0x4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000180)=@IORING_OP_SEND={0x1a, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000900)="3fa286e346a28f4339fff5b50d036c97cbe74715ec75c7b013bf6fedfe32a66d1dead89d1c4fdadd45a81bf8426163229085c57e0af4f033ea60a745cb0d3b1a74e0760ac57f4947f3c97b56f9ce92a6a9465517ff1644cd692e2bc6ed1359c1e44107014865c28de4670305981515de31d44c307ffc790e10466b0163064ed06a991c17b8706458566b29e921a45b6c5ee72d12084fce5358bd39a3184e56f5b4964b3dd375f5188547d305dbcea48a3ed1701d02625512eb87666bea94f0537c7e0c70e72ffedde5342c35deb280ecf3ba7ed0880c10f395ebfc980243b610d83ff4d861066503ceb33edd27d12158cd1a13962d0a34bdb421dfbc4788446502bea3882b6df164c24e0900f8b7ccc9fc062882f821d76486a4bf88af9c760e8adfe7030cf35a372ee7567d625257d62dee05a11e33766adacaeb4603c5eac5b6fce91fd5086e588cf2f99838dce8bbe31df3f6a18c96074a692fd4100a4583caf09456c660a101e00d3dd621156531a4276ce0617710162ca5133b04a1e6b0a7c1cdd13d0b5f2c4fe4a86a933cf8b1230c2db5adfb94e90e29e697bfcdbb3284eac7b0b453cb50e6a71fa9d8e4df5b907eb61932ce385acba10c847b5bdf94676079c10ce553905a3d1a35551bf8d196bc8f23d4f40a03cf9fdd5b4399cb3a04fa7c5a61fd00f37186da7602fadbb20e193bbbd5766de05d5f671da2e7342627d774b953c67988ce16b8b7cbcb33a0f7f2e8c5b10d732dda5cd81ab9627c198b14184a702b9f954583616ba0f9bbf5fed5f00a15c349ceee98f58f9e4a86d0a90f603569415b55f9bae1a1898487b23281fed80e7945ddd010ab8a9aa279275d69003a9930cfd006401f3cd87da2116b120681cc8d10b5c04ffb3c08c883831b7cc5882f3c5555bf479e569d67c476366c3fd8c52e3e4a8cf6297478ce576c919916f335f64387b38980e06652746479d902c6c7f820347f126d0cbc32a5c39c977fff7ff55b1cc1cea6a49a903a1068b390f9be86f463d6c63e7e3ca3ec636ab3d44794394c616ef989fe009f062a22320c84aa305159b1ab2af2c558f0904859560e31ca8ef227306542eb477273f797f5771ba8d8640f3481a24bbb1eaf1f0463d0f5afea58620692b6cc394e6fd40ae5a057801e3581421c63ae56099334f3ae52107bc618822d751d60bfa354ebbda68e409eff0f76d976292acde98970d50a2a45ffdd082cd910a442676c762d86ecf95b70955574c6c8ced94f8c2cf05215127427c43e9c17cd5d8f609fb071211ee3bba5a6301faa8ea11b872c7a721f8b15e13387ca3c868f6251608a3b89858fb87fccfe8ef1e25e91ebabd63e550d30c92668fa0142bde98f2222634aeb0878e1778f0c88c1d50aaa458041e1d13684ce041eb243487f31d2bb34540f6f9868824328225a8b559049cbbbd28b15e9e2c1d876813801d05403d7a4b3800eff7389dd6924599333b5e09ecbdbd9d37159025d6f3933a12a69d6bd438cb56cae2837c400b3b9f83f62d5509874536a5165479e587490bc5bb91e5e8a0918ad6fae83c87d5c2378ea4a180595e5ca2b6076f954b927cd262e9042f45d6ee17b599bbc37b92db86504f4ca06bf80f88a45d05c24fb06dad9d53169c894448b02e15c2ad6bef5b3d792a66ca7163148c0d157882417fba0ea014b1726a23a5ffc71f79a8f261157dbe8112a05ca88e7a48abf29e94f9c05ce101f360e8dbd41515b8efc56361ebb513df9f257a5a57fc7b091a81dcce5cbcf5f2ba8120af6774e110e4afd42683f3a71f4a9a013a0e6a8868b9d7986b0d5e40c36f69b3f204b6417afaabaf9ab004a6edd11367d6850188efef27e3985e62839d84f71d8db448c646a178851d310fadfa9a57aaaa6f76940f5bc70116121b2823d627556c2968577d60f78efb2253be64e7e774e1a5172047ee04e566f8354de2c365f7709dd6121d891a22d1d3701a7d1dcfd130d8de5de29906c22128fbef7bbc003542f550270e628dd4330871cf539e0bfd228797eb0336ca69cd778e04daf072b4b6a1c05665f972724277279612a76e5102bab35079b3d9a6d2f3d31eb8c53917141b66d90831b997ea511cc97dff8869bbaad93666d03231b75bad21f9b8952f75616a0e5944d4ec4fc04755e01462f3e846997da27ef7d840da5c5c9d445092b4e2a6c383e0b697714a1b8429d21a2717e755895e0d613b5fbedbd34feff3399c75459917075818ac147bb33e31ed0b2baad7a11326e353b951b902bb264dacfb91690d1c238e5926ced7743cb091d47e1d7806839af85f927b3f690ea26232acf2951e58d5b4972b003b70abecb013b50dd4ebb233501dc61be626b7e8f208ac8793b0d15ee901fdc0bcf20cc0b5978a799a768b7858051d4ece2d613976ac9ead6e92d33fcea02c050622a65b49d1015967d7c5fb4504ef14da10aa31fd453f1a704d1c3d3f7c725944225b69312126acbfc3eeda816a0597ee7fe01a78dca26bc8fef9143c219cf4c4c798b439f834016e8f76eb8644965e706c07528e9699e81da8f74b6168fdce88ed6f4d9109212f3b42b61275a067de3b1d879acae5fb2cfd0e792370c31704d2bb72656a5d8198f04ea398d42665591a7e6dbf628c62a08bf885b2fb19e7ad08c84d453777ab6629c1c6f3cbf966850f9ad3a67493e9246ef3012f3a830fa7222d3a120a38c7be8b750d80b94cf59d93c8f5a30a4dd7fdd41b9d3ab87d4ed5b9e0b11f939c68231ba31ca86fff2418f8d0d8342611b0e2d117d772f74327710d331548ae6841b5dda670d81535985152e8f61c52ba7ee77b7550e02e16e85f3f572e6a132e1e1d7862e6130f50a57e38bfde6bae742676d3be266caeb4727767320dec179b643a46dc35c37e09991af99fc80b78e0aa0467d488f95dd8bbbdf4931375b381415d38875cc0e2345cd0dd41b2a854b514880843747fba6ff17497b90d0ff47690d46363eeab65381ec436dc741794dfbefba74993787523f6bcaefa82d0b34ac2fc1e2e678d9b4bf43409a60cade7ec5a4229bda27d9b3d337219297ceddd8c8b3ebdcd00625a8a41eb7a720d2d5ba6be0d47927c65a965516140c20ad2ae35f8af9ee742809e71cef7d86516febc8f2dd12037d69af196bdfb8d25916a18943f38f954a2cfd299ce56ea0be5778b5b5ad6c4367c256f4045d3d20ed5a62007c843d32da8a0fde422de75e7301062cfa5b1de49c1df24fd115260458083f328fdb0ed5f367e61cc0340a4c87b7488a648c2dd2a0bf4639a1e9f3dafeb01ec8a4a01dc2ddfcdfe3ced85ce9ec500bae29bc1aa44c48c4d549da0f328aae3d97b51d44be71e05e9bff7dfe477c385ec96e259c35c882accf22ce39bcf90ae0fc8e11d7b2e2519cd1b827728b65d01675d32e0950579d8f6890a8d1178e3adb7090b8594efc0282e030b7e9f90b437d3d8b9883d26e07125619f24a6fce7678add4fbe5beb3b508c1ece6bdfbe816d6f00d6849824aa4d9a762ed7c025ba4e7667f55792e73b9284681bbd8660dc060df1c8ae2bfa83dd52e230f084142defb04309e65bc1b7357254ddd99cd7a1dff3f7f59c6f6058612e3cb9eccf2706d3acdae2c164eae221ce59160a333879a6a5b41bdec8c4c23dc1994d0073ba1129ecda5c16694df2213a0bfb717823bc4dcc5b61c5872d0dfde4e69c1cecfd08e83ed90014249067c3ece2d2c660d1945967fff225927253ccba6c375f11f253db1140d12925f91ff634661d267353db099eb9dd48f1f41782e278c9770a4c2c0092b8aa7b67f1d65c1d4369d7cec4213852db9103c9096f8a881f77a337aca0a8be74ad1cec2bd245b94435c5f11b047c4739d8e707ef63b08482cb6d56628f34b8320ce4b30fa245899eba287dccc3922ac0aa1f054554c6dfc7da34e6f35eb9928920766b2c6cde67a4cdab62814179967e505188d82750aac3c62eaba7ba4005eca78483a1e0f6d2ed249241d625b352daac02f94b85e3b88c44a33fc4a2924ae4ed05236b94a4c79ff0271c59319c7547b1105ce57361717fdfdd704dd9ec45849f34f32fce0be217b502041d0d7ba7e48ade5de66f9cc0fe45431be165877265b0ef74d8f0b588cdacdc278d76ec815a03ae4331fd839052f54ac66e65b783d8bba976c1c205bfd00e9815df5cd6f33e7a44b02c8e13b0aaf45d0079b7fab3a4afecfae70f494a7fff6c1afb328d4f90de70796446af47d637c19591c91445285754052d0920cc06f9f423b363f681fb1291fa2ce898de841bcba1517a8aab26564f0ed56d72c9eb4679c59b3b32824c016dad5bad924ff6c974a849e8cc56d62cac3cc428b36f693f95dd2d151940ec714fb92dff8b6d01b4f4b80c149c1b48324eea34de1a4bd449db041bcaa0840393090fa748f786f880743b3a48f1ef8f2e0ce2042af5c64f496ca5122dcde44b110ea55b90fc38abf474390ae0ba568aa5ffc940083de5d708888b95980b4b8e3479b44706c25ec5ce209638a753c6dd706cfc4563278f9bc47d7e82ac2202f59e32c674bfa6fc4beceb851eb78baff3429ed527e07b068371552e94c31feab5da425f4ea3c9a571df115e7ed643ce10c9f469996a8b0554fcab15609b57ce126149481caffba9957df4305fb406af2c667a93c078f5ec386bda9fc299cd564c3a2f486e5ff592418e7e266633f9a72f68fd997f9156d675ccca8facc62ff62fbd249ba074ad363ad695f85c61cd4b4dd1244f5b63791a173a32c18b9e3f6cc56737844efbbdd2260920de62c55d39b489fe256c85b09c44a3f3058cb3df603fd0a6d51964c5c98c6df5145f6233ba8bdf94b0964273d96d3e464a6ece4385029daf3b4f33b0ba2a7a484d2e27d2f0289367e548fbce524efcea79c7d52c9b77fdcd527fa6d4975f6944cb487ef1a6a23a81629480a1bea15df108829a6f603ad1908534b4a1695bd69d36842c45759b955f1b50043c97524df69ec56b57adc1cf1d36671d0addfa9fc3197b282f2079bbd80b1a226fcbb82d93c38d36a735296126a721e429a0d0857c5457bd4d620629351657b7aa7591bda97958f3839a75afd261e01ee93d0e37525c58b10b585d73c25194c130b4203efa496c52e3b85defcb5137f4320d25e2db843c064965c304760cf1c1c59928afdecc199547a93b222749c2fed5b765c94c4cee590ab59cec1d7b0dccd42ef9123b222968b3102bcb88c2a011af759e51f6426efae99bb74187d419597f9504058e5417debbe68331a30f3e3072b6e2c33824c2b9b4abb984dfd17d656d23e0cc0e66f906533cc7a0dfdd0380c94db31596fbf94ce0fa163a9ae08d62aa8871d45222de9f67d3aa1549a6121252f25572d42f362922352e3ecb52a98e9c96a2780e55c59d2b24cebc825ccab11ebbb8a3a2b28b18e6aa77c8464e879cfabd2225b4112767a7f33c488873ba216d1c44a30c185facb1a4547a096bdc6b243e39b95cb2f7a07f2db996cbef01807ad622247f49fd62f2101ed8839bca2de07a790082ae1df96c85aff25cd46ce754171796c64500034c770238bba6eb29d54b742058f9031e5f3a72c177bdefbb031ef59f1a9783e6b400f1501ae436192bc6afc12371e09e67bf02fec5c6dfc73ba5ae24d3e1296508706081571f94fedcc76ad5c8b4d8a229f48c6069f946332ee991d5d06dc92cc0df0c6c51662f776a368bf96ff5ba4cd1e387b565ea144e2cc502ba21805aa19f9077020a9291e064a1ff4fecabf462b4aa22eb814af97e15fbffe74356c4b743dd5f502f2", 0x1000, 0x800}, 0x1)
r7 = syz_io_uring_complete(r5)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000800)=@IORING_OP_FALLOCATE={0x11, 0x3, 0x0, @fd_index=0x2, 0x7fffffff, 0x0, 0xffff0002, 0x0, 0x0, {0x0, r8}}, 0x362c)
syz_io_uring_submit(r4, r6, &(0x7f0000000240)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r7, 0x7f, 0x0, 0x10000, 0x0, 0x0, {0x0, r8}}, 0x6)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_OPENAT={0x12, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)='./file1\x00', 0x40, 0x2002, 0x12345, {0x0, r8}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0)
fallocate(r9, 0x10, 0x0, 0x5)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffff7e9}, 0xacf4ac9b71142229, 0x0, 0x0, 0x7, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x296b, 0xad75, 0x0, 0x0, 0x0)

[ 3062.826362] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:51:20 executing program 4:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x8, 0x9, 0x3f, 0x5}})
writev(r0, &(0x7f0000001500)=[{&(0x7f0000000200)="10de0d78eccdc42d920599b59355fb316fc3a8387f8b04e96b75cef6978da6d0ea7c6cf7141a91248d64f4e96c8f719def45887863317a307341edd20c5604238c0cddb2678a52a14f76f07102cc3cb7b4ff13ccde832a5487eb9ee2691d3914e91099a78d66884aa6edd92ee4ae10f4bf53d259d959bf2eedcca49cf3ab1080a5b89b039a8eee99688a6b2226069d07ee040e728eb063055af85982d94aa6cc99672dca9e21c38811c1b91275ae38c791f6a5b0c5d1046aac9dc07370eccdce8088c678fa1f0cf67c42f0daff9d8e9e663c9b4586181412d6079f30c96af587c30decad027cd62ee5c10bad7898f19f889832678ebe877f5c9ab898acee1bd76d42680443bcd76090b04b74ca9c50ee49999e016d0b0a2e83ccd1cadfa2c828172c3479d9d70d829e47485f9bac8c76a784e8175cd808076a77bfca394934bdd524d8a2db9e62c8a7e747c6a9c47268d866f2276fd421f760a762bf06242b4e403b2faa956766533758f35bd05812a01753b326b1e3aacec2aa3cf99fd3e0a3974c43274ec218e3554589a2cc063448b3e1d87cf3662e254baf85c18733a887b37a39a866c3123927c61d7c52047b319c0b458c2d97c451a5b4e21ee1f5eb6316620a2efafce47506b4ab7107b8136d095902bb8e2fee4990379fdabfc432f91af6b25d83bf294ae614817e9616fd5954fb804896aebc5c7c85064b6ea94f662a9a5157e51da20a0de712ff661d4a5d47bbca381d82319b221b8d138c7c452f3a4f083634727369ccde58dafe589caf848ab5c96253174ce5abd3125b03b28dafa5b36fd8714740bbb79b25c65ba33ffd5613b81863c3a7668f19716425288246e6dedff53401b3fcfa5df51401559a11e974af359a50d1c9064e8be97629fc1d834ac74043083832b793a8891170d0e820c5a758c9f38b24421896f9d02ac15491943f0745077e9b3b", 0x2aa}], 0x1)

[ 3062.843175] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3062.844673] FAULT_INJECTION: forcing a failure.
[ 3062.844673] name failslab, interval 1, probability 0, space 0, times 0
[ 3062.847462] CPU: 1 PID: 15566 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3062.848392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3062.849504] Call Trace:
[ 3062.849866]  dump_stack+0x107/0x167
[ 3062.850355]  should_fail.cold+0x5/0xa
[ 3062.850877]  ? io_wq_create+0x6ef/0xc00
[ 3062.851418]  should_failslab+0x5/0x20
[ 3062.851934]  kmem_cache_alloc_node_trace+0x59/0x340
[ 3062.852610]  io_wq_create+0x6ef/0xc00
[ 3062.853138]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 3062.853819]  ? io_import_iovec+0x1120/0x1120
[ 3062.854410]  ? io_apoll_task_func+0x2d0/0x2d0
[ 3062.855010]  ? __io_req_find_next+0x300/0x300
[ 3062.855653]  ? do_raw_spin_lock+0x121/0x260
[ 3062.856292]  ? rwlock_bug.part.0+0x90/0x90
[ 3062.856944]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3062.857660]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3062.858439]  ? alloc_fd+0x2e7/0x670
[ 3062.858976]  io_uring_setup+0x1fbb/0x2980
[ 3062.859590]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3062.860334]  ? wait_for_completion_io+0x270/0x270
[ 3062.861076]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3062.861895]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3062.862666]  do_syscall_64+0x33/0x40
[ 3062.863226]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3062.863982] RIP: 0033:0x7f2ccc8b5b19
[ 3062.864522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3062.867135] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3062.868105] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3062.869032] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3062.869952] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3062.870866] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3062.871775] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3062.875876] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3062.883688] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3062.886927] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3062.896412] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3062.898276] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3062.911180] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:51:37 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 36)

13:51:37 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = inotify_init1(0x0)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000340)='./file0\x00', 0x84000a0b)
inotify_add_watch(r0, &(0x7f0000000440)='./file0\x00', 0x400)
openat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0x802c0, 0xfc0134ffb72a28e5)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000400)={&(0x7f00000001c0)=ANY=[@ANYBLOB="c0000000", @ANYRES16, @ANYBLOB="00012abd7000fcdbdf2531000017e386ff470000000800230085ac280080000064d0800cc102dd0112a23324716d7f048350134475c99f602598ac18d3e932aae979fff7108ef3880adb45e269713403fbbaa32e23bf1b3ef412a2fa44542c079724392083d953a0ddf0a777d43279abe75391bfb171e0aaaad6454a835f19", @ANYRES32=0x0, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x20004840}, 0x8040)
rmdir(&(0x7f0000000180)='./file0\x00')

13:51:37 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0xa, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:51:37 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:37 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x16f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3079.985397] FAULT_INJECTION: forcing a failure.
[ 3079.985397] name failslab, interval 1, probability 0, space 0, times 0
[ 3079.988424] CPU: 0 PID: 15599 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3079.990125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3079.992135] Call Trace:
[ 3079.992791]  dump_stack+0x107/0x167
[ 3079.993698]  should_fail.cold+0x5/0xa
[ 3079.994631]  ? create_object.isra.0+0x3a/0xa20
[ 3079.995752]  should_failslab+0x5/0x20
[ 3079.996683]  kmem_cache_alloc+0x5b/0x310
[ 3079.997688]  ? io_wq_create+0x114/0xc00
[ 3079.998663]  create_object.isra.0+0x3a/0xa20
[ 3079.999737]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3080.001024]  kmem_cache_alloc_node_trace+0x16d/0x340
13:51:37 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:37 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x600, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:37 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x5}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3080.002477]  io_wq_create+0x6ef/0xc00
[ 3080.003402]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 3080.004626]  ? io_import_iovec+0x1120/0x1120
[ 3080.005702]  ? io_apoll_task_func+0x2d0/0x2d0
[ 3080.006785]  ? __io_req_find_next+0x300/0x300
[ 3080.007858]  ? do_raw_spin_lock+0x121/0x260
[ 3080.008893]  ? rwlock_bug.part.0+0x90/0x90
[ 3080.009926]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3080.011083]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3080.012345]  ? alloc_fd+0x2e7/0x670
[ 3080.013234]  io_uring_setup+0x1fbb/0x2980
[ 3080.014016] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.014228]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3080.014247]  ? wait_for_completion_io+0x270/0x270
[ 3080.014293]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3080.020386]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3080.021051] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.021637]  do_syscall_64+0x33/0x40
[ 3080.021660]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3080.021675] RIP: 0033:0x7f2ccc8b5b19
[ 3080.021703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3080.031486] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3080.033322] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3080.035017] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3080.036693] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3080.038382] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3080.040069] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:51:37 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3080.069535] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.081059] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.099486] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.109337] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.116661] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.136947] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:51:37 executing program 4:
syz_mount_image$nfs4(&(0x7f0000002f40), &(0x7f0000002f80)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6673633d9e99c5dcaa81d3546d77dc0edff92c0577420300000000000066d7ea00d8c5ffce4a6192828d8748c305153bd98c76aa357129902f9ee241eedc3f4f905772af7f0c920a91a7bf2543960b1ee2f7b007aeb7760b0b3da75a88dff3484a35e68cad4006a8c74ddd8f5c5d5c0089dad6793cdae6f9590ff3db086fbab624b2c3b1c33cdfc0239b91a9f882106d7598f7437e1a739646e4dc7f89d16a2bc6a9a071de5e"])
uselib(&(0x7f0000000000)='./file0\x00')

[ 3080.186979] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:51:37 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x29b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:37 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x6}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3080.234529] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:51:37 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:37 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3080.284858] nfs4: Unknown parameter 'wB'
[ 3080.291416] nfs4: Unknown parameter 'wB'
[ 3080.325885] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:51:37 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:38 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 37)

13:51:38 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0xb, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 3080.362184] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.367941] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:51:38 executing program 4:
r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = getpgrp(0x0)
read$ptp(0xffffffffffffffff, &(0x7f0000000380)=""/223, 0xdf)
pidfd_open(r3, 0x0)
fcntl$lock(r2, 0x5, &(0x7f0000000180)={0x0, 0x4, 0x7, 0xff, r3})
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000500)=ANY=[@ANYBLOB="3c000000010059000300709963f56e7a19fa000000040001dee8fc131fc92b57000000010000abaeab8068fb93f20624d998bb2382fbef2e605d20efd13ad8020454fe726d5ec46065bf5b72b14619ff5e6e5c2fd748b7382c"]})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
r4 = dup(0xffffffffffffffff)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/consoles\x00', 0x0, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=<r6=>0x0, &(0x7f00000002c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x0, r8}}, 0x8)
unshare(0x48020200)

[ 3080.384803] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.395204] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.408829] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.440450] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.450883] FAULT_INJECTION: forcing a failure.
[ 3080.450883] name failslab, interval 1, probability 0, space 0, times 0
[ 3080.453267] CPU: 0 PID: 15649 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3080.454728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3080.456435] Call Trace:
[ 3080.456996]  dump_stack+0x107/0x167
[ 3080.457756]  should_fail.cold+0x5/0xa
[ 3080.458555]  ? __io_uring_add_tctx_node+0x15c/0x520
[ 3080.459593]  should_failslab+0x5/0x20
[ 3080.460382]  kmem_cache_alloc_trace+0x55/0x320
[ 3080.461355]  __io_uring_add_tctx_node+0x15c/0x520
[ 3080.462354]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3080.463428]  ? alloc_fd+0x2e7/0x670
[ 3080.464188]  io_uring_setup+0x1fbb/0x2980
13:51:38 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x300000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3080.465062]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3080.466256]  ? wait_for_completion_io+0x270/0x270
[ 3080.467274]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3080.468358]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3080.469439]  do_syscall_64+0x33/0x40
[ 3080.470212]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3080.471277] RIP: 0033:0x7f2ccc8b5b19
[ 3080.472047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3080.472151] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.475854] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3080.475876] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3080.475887] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3080.475898] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3080.475910] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3080.475930] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:51:38 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:38 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x1300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:38 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x7}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3080.602522] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.622315] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:51:38 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3080.653763] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.657099] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.669151] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:51:38 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x10, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 3080.679906] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:51:38 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x3ad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3080.736405] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.759007] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.797505] netlink: 'syz-executor.0': attribute type 16 has an invalid length.
[ 3080.804234] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.840129] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3080.875897] netlink: 'syz-executor.0': attribute type 16 has an invalid length.
13:51:54 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 38)

13:51:54 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x11, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:51:54 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:54 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x8020})
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x100000001)
r3 = syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x4, 0x5, &(0x7f0000000580)=[{&(0x7f0000000180)="59596e1d34eb1b3382953e9cd580d357a6086f0bae59a0669d92230481ea9b98feb149022a12006bf0b95905f0224ab9645e3dfc01b94b13146ab0ab53c6be03de9a14b892774957138b898413f1bc4362cc184cf3544f1a690494e9bb61d353bed0f167277de87328d52647a144f812074abbb35b46434dfccb36b235839491a5736dfaf5069f210970eb6dca799b10d1f30cf5bb116651a0ced30a315ccdf2713363f97e07365fcb4b2bdb58f5e01033a85ceda0ddbc982a0d9539d928374f5fc7b2b447ce61ec165604f2603c57be56ab2949927ca811e0660c7ad755500da46bb3bce9eb3a75f09348ad0dd4b470666a", 0xf2, 0x7}, {&(0x7f0000000280)="db00e8b08e7f3d4e46ce6c3a1fa067fef09764af", 0x14, 0x1f}, {&(0x7f0000000300)="86323d73dfadddce0912c8c4dcd82860353caf94e8deaacc6b20a17a0fd32ccfb3acc070e5b8b4c6f30f78db5b26d11e30749c528a4a6bf27e50fd7287d8b126e4884b9fbc77329c0354cc087587b7384780a345ee30cd57e77d5643e058f5c2c3d4a864a1e4662c6aabe872c81ea0b917e17104cae26fa15b0f9fbaf480bc246cb2dae19c332541bd", 0x89, 0x4}, {&(0x7f00000003c0)="0db54a464bf44669c5f01c8a0b806488eab3bbb570851e5a4412d8adfcd37d07fd86b7dc7b1ad1b753b5b5ec196af1fb7cb8851bde4d4a7f0a69d60e3ac643a5c44be7a12c5e05b57b3330be877dc0bb2eb6f787b039adefdbcdb0054a27111694659d2ab2f97351423a52037c094caac5f6e3fd385afb7775e97088c6cef4f24d71815812c6784ce036cbd7ac9abf066b36d9f2956020beee81d4dd8fd3922b72438388ffef4ff02ed95161895e0f6b3b", 0xb1, 0x6}, {&(0x7f0000000480)="e5d8a96c90bcc4cd5a671d893b92f705f3aa5c3c1323e0589fe412c64a701a68f0e52ea0460b6af62db38d01699106b0e6ce09256ecad7ebcc2b4b21af1ea82da43aa9b37287f8067c7f3d6366b024e1841f2cf54e3ff1c7cb77b9de3006561abd83c10df232fe4dfb1289e1fd12c9166d4c5c9461581ac154fa51ee8eb09e6648f92822e60f71911c85297088a8c7e58fdb5de303f5d8a9f7651abaac5dbad3a7ed6794b70685f61afa022262082f8e000e750df3eb04ceafbf7233638c21aaa1a10105b7c4d7ad97dc4ce8f099975236cc959ad1584b9d032ed88dd3ea1bc85a84a27f9496", 0xe6, 0x6}], 0x80, &(0x7f0000000600)=ANY=[@ANYBLOB='data=journal,data=writeback,noquota,dioread_\b\x00ck,jqfmt=vfsv1,journal_path=./fiLe1/file0,audit,audit,fowner>', @ANYRESDEC=0x0, @ANYBLOB=',subj_user=\x00,euid=', @ANYRESDEC=0xee01, @ANYBLOB=',euid=', @ANYRESDEC=0xee00, @ANYBLOB="2c736d61636b66736465663d29382d2d2c86215c287b5c215b2c636f6e746578743d757365725f752c7375626a5f757365723d002c00"])
openat(r3, &(0x7f0000000700)='./file1\x00', 0x80000, 0x31)
fallocate(r2, 0x16, 0x1f, 0x6)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x5, 0x0, 0x0, 0x3f, 0x0, 0x1, 0x6, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x7, 0x4, @perf_config_ext={0x2, 0x3}, 0x3400, 0x8001, 0x3f, 0x2, 0x6, 0xf2b, 0x9, 0x0, 0x3, 0x0, 0x8}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x9)

13:51:54 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:54 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:54 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:54 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x8}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3096.588104] FAULT_INJECTION: forcing a failure.
[ 3096.588104] name failslab, interval 1, probability 0, space 0, times 0
[ 3096.590396] CPU: 1 PID: 15710 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3096.591735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3096.593338] Call Trace:
[ 3096.593858]  dump_stack+0x107/0x167
[ 3096.594563]  should_fail.cold+0x5/0xa
[ 3096.595303]  ? __io_uring_add_tctx_node+0x15c/0x520
[ 3096.596268]  should_failslab+0x5/0x20
[ 3096.597002]  kmem_cache_alloc_trace+0x55/0x320
[ 3096.597897]  __io_uring_add_tctx_node+0x15c/0x520
[ 3096.598824]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3096.599832]  ? alloc_fd+0x2e7/0x670
[ 3096.600543]  io_uring_setup+0x1fbb/0x2980
[ 3096.601359]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3096.602337]  ? wait_for_completion_io+0x270/0x270
[ 3096.603291]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3096.604315]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3096.605312]  do_syscall_64+0x33/0x40
[ 3096.606033]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3096.607012] RIP: 0033:0x7f2ccc8b5b19
[ 3096.607721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3096.611254] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3096.612708] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3096.614076] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3096.615446] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3096.616813] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3096.618182] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3096.647426] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3096.656274] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3096.660383] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3096.666184] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3096.674293] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3096.679476] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3096.687416] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3096.706678] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:51:54 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 39)

13:51:54 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:51:54 executing program 4:
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0xfdef)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='fdinfo/4\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x806c2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f0000000340)={{0x1, 0x1, 0x18, <r3=>r0, @out_args}, './file1\x00'})
sendfile(r3, r1, &(0x7f0000000380)=0xffffffff00000000, 0x400)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[@ANYBLOB="14000000001f0000000200"/20], 0x14}}, 0x0)
r4 = syz_io_uring_setup(0x29, &(0x7f0000000080)={0x0, 0x5236, 0x10}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000002a40)=<r6=>0x0)
eventfd(0x0)
syz_io_uring_setup(0xabb, &(0x7f0000000200)={0x0, 0xd992, 0x20, 0x1, 0x29d, 0x0, r4}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000140), &(0x7f0000000300))
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_ASYNC_CANCEL={0xe, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x4)
io_uring_enter(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = mq_open(&(0x7f0000005c00)='-@\x00', 0x42, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0xff7f, 0x0, 0x0)
r8 = getpid()
syz_open_procfs(r8, &(0x7f0000000100)='net/vlan/vlan1\x00')
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f00000003c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r7, @ANYBLOB="0000003e33c155be24b300000000002e2f66696c653100c5fe1cd0fd52f975e8b31da3a233de43f667c6a3adea84456cdea8807ba6e55f41ab65aff2"])
fcntl$setstatus(r2, 0x4, 0x6400)
write(r2, &(0x7f0000001200), 0xffffff45)

13:51:54 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x600, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3096.804478] FAULT_INJECTION: forcing a failure.
[ 3096.804478] name failslab, interval 1, probability 0, space 0, times 0
[ 3096.807216] CPU: 1 PID: 15739 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3096.808391] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3096.809811] Call Trace:
[ 3096.810266]  dump_stack+0x107/0x167
[ 3096.810890]  should_fail.cold+0x5/0xa
[ 3096.811541]  ? xas_alloc+0x336/0x440
[ 3096.812183]  should_failslab+0x5/0x20
[ 3096.812829]  kmem_cache_alloc+0x5b/0x310
[ 3096.813538]  ? stack_trace_consume_entry+0x160/0x160
[ 3096.814404]  xas_alloc+0x336/0x440
[ 3096.815021]  xas_create+0x34a/0x10d0
[ 3096.815664]  ? kernel_text_address+0xf2/0x120
[ 3096.816431]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3096.817331]  xas_store+0x8c/0x1c40
[ 3096.817941]  __xa_store+0x164/0x2d0
[ 3096.818568]  ? xa_delete_node+0x280/0x280
[ 3096.819274]  ? trace_hardirqs_on+0x5b/0x180
[ 3096.820020]  xa_store+0x31/0x50
[ 3096.820584]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3096.821415]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3096.822312]  ? alloc_fd+0x2e7/0x670
[ 3096.822939]  io_uring_setup+0x1fbb/0x2980
[ 3096.823644]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3096.824499]  ? wait_for_completion_io+0x270/0x270
[ 3096.825343]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3096.826236]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3096.827107]  do_syscall_64+0x33/0x40
[ 3096.827746]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3096.828613] RIP: 0033:0x7f2ccc8b5b19
[ 3096.829244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3096.832358] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3096.833655] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3096.834861] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3096.836066] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3096.837279] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3096.838475] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3096.871942] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3096.888839] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3096.917935] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3096.942803] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:11 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x9}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:52:11 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3113.465814] FAULT_INJECTION: forcing a failure.
[ 3113.465814] name failslab, interval 1, probability 0, space 0, times 0
[ 3113.468230] CPU: 1 PID: 15758 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3113.469713] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3113.471479] Call Trace:
[ 3113.472045]  dump_stack+0x107/0x167
[ 3113.472827]  should_fail.cold+0x5/0xa
[ 3113.473650]  ? create_object.isra.0+0x3a/0xa20
[ 3113.474628]  should_failslab+0x5/0x20
[ 3113.475441]  kmem_cache_alloc+0x5b/0x310
[ 3113.476309]  create_object.isra.0+0x3a/0xa20
[ 3113.477282]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3113.478362]  kmem_cache_alloc+0x159/0x310
[ 3113.479254]  xas_alloc+0x336/0x440
[ 3113.480015]  xas_create+0x34a/0x10d0
[ 3113.480823]  ? kernel_text_address+0xf2/0x120
[ 3113.481793]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
13:52:11 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x500000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:11 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:11 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x69, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:52:11 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 40)

13:52:11 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:11 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r2 = dup2(r1, r0)
perf_event_open(&(0x7f0000000380)={0x1, 0x80, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4309, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x2}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f}, 0x0, 0x10, 0xffffffffffffffff, 0x0)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000001640), 0x10018c6, &(0x7f0000000200)=ANY=[])
lseek(r2, 0x7, 0x0)
r3 = accept$unix(r0, &(0x7f0000000140), &(0x7f00000000c0)=0x6e)
stat(&(0x7f0000000600)='./file0\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
fsetxattr$security_capability(r3, &(0x7f00000001c0), &(0x7f0000000240)=@v3={0x3000000, [{0xfffffffe, 0x5}, {0x3, 0x5}], r4}, 0x18, 0x1)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xa001, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="2321202e2f66696c6532202073656375726974792e6361706162696c6974790020000a27db10c3d07dd4152db6dc33482706ae599031c57a0000010000000000aed840f0c0bbb0f99d2f3a88d37354da0c8e4161a12cddecb1205bb0183d4a91e337d206810917e3a190a59809344d044490b4a019867ab3a02e9d2899a9179093109706c232edacd0a5131026de86"], 0x8f)
mount$9p_unix(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x10002, &(0x7f0000000540)={'trans=unix,', {[{@uname={'uname', 0x3d, '$#'}}], [{@context={'context', 0x3d, 'user_u'}}, {@euid_lt={'euid<', r4}}, {@fsname={'fsname', 0x3d, 'security.capability\x00'}}]}})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000a, 0x13, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10009ff}], 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
signalfd4(0xffffffffffffffff, &(0x7f0000000340)={[0x7ff]}, 0x8, 0x80000)
sendfile(r5, r2, 0x0, 0x7ffffff9)

[ 3113.483093]  xas_store+0x8c/0x1c40
[ 3113.484034]  __xa_store+0x164/0x2d0
[ 3113.484814]  ? xa_delete_node+0x280/0x280
[ 3113.485717]  ? trace_hardirqs_on+0x5b/0x180
[ 3113.486639]  xa_store+0x31/0x50
[ 3113.487349]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3113.487436] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3113.488371]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3113.488431]  ? alloc_fd+0x2e7/0x670
[ 3113.491995]  io_uring_setup+0x1fbb/0x2980
[ 3113.492885]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3113.493963]  ? wait_for_completion_io+0x270/0x270
[ 3113.495006]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3113.496129]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3113.497243]  do_syscall_64+0x33/0x40
[ 3113.498036]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3113.499121] RIP: 0033:0x7f2ccc8b5b19
[ 3113.499907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3113.501535] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3113.503805] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3113.503826] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3113.503837] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3113.503849] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3113.503860] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3113.503872] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3113.525349] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:11 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
openat(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
open(0x0, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x100000001)
statx(r0, &(0x7f0000000040)='./file1\x00', 0x4000, 0xcfa0e61075b79f92, &(0x7f0000000140))
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

[ 3113.540877] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3113.548844] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3113.554514] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3113.569679] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3113.582316] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:11 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x600000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:11 executing program 4:
open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38)
statx(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r0=>0x0, <r1=>0x0})
lstat(&(0x7f00000002c0)='./file1\x00', 0x0)
r2 = syz_open_dev$vcsn(0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r3=>r2, {0x80000000}}, './file2\x00'})
syz_io_uring_setup(0x6ec1, &(0x7f00000006c0)={0x0, 0xee67, 0x1, 0x2, 0x52, 0x0, r3}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000400), &(0x7f0000000800))
stat(&(0x7f0000000080)='./cgroup/cgroup.procs\x00', &(0x7f0000000540))
fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', r0, r1, 0x100)
r4 = open(&(0x7f00000000c0)='./file1\x00', 0x100, 0x40)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(0xffffffffffffffff, 0x40189429, &(0x7f0000000140)={0x1, 0x8, 0x6})
sendmsg$nl_generic(r4, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x14, 0x1d, 0xd14, 0x70bd29, 0x25dfdbff, {0x1}}, 0x14}}, 0x4040000)
openat$hpet(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000005c0)={{{@in, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, 0x0)
accept4$unix(0xffffffffffffffff, &(0x7f0000000880)=@abs, &(0x7f0000000900)=0x6e, 0x80000)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f00000000c0), 0x12)
ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f0000000940)="dcd124e4e3c61b966ae5297492a96feab43644e28f63071139826120274dca283d245712ea5c6de10234ca02edea86862371c35c83148275a740f3a82749d94a5577773251122ed9fa60e295057af3169c5da5ac076de32c293154946c4f7d1be187de399312cac889aeb18b4135d0da01d4d9a625927539e34d93db26cceccd18181f04e5647c3fa95ea5b5879bc1d31d5c8640c19b33787c37d2368d2e7e2bfe5905e1aff5ddebbaac812ad18d49900216b8ae0a5dd7e522bcb8b74a645c4cf3764b2764149e7c356157ac3a4fec4b78f1a77e0d756f0323446598d9ff51a3c7bd22a5e609c83b9a4c2c91d536550c6e128bafa25250da6b4432151866a2e0")
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c0000001d00210c00000000000000000400020008000c0000000000a0c01075d042bd4ba35bcc1dca2618bce597c156961a28b7956ff984698f7c6e3a2b7698ba04db7b7be61492e74417e73ff173685a2ebe01a8dd4f70a84f199ab89caa578fb92a77e34bc60d7bcfeedb5822b6e05172f41094783fd39b8c012b74a600000000"], 0x1c}}, 0x0)

13:52:11 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:11 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:11 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:11 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0xf}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3113.720556] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:11 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x117, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 3113.741456] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3113.758936] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3113.762266] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3113.767793] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3113.785806] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3113.794129] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3113.812099] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:11 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x700000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:11 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:11 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:11 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 41)

13:52:11 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0xf0}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:52:11 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3114.026869] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3114.042913] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:11 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x129, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 3114.055281] FAULT_INJECTION: forcing a failure.
[ 3114.055281] name failslab, interval 1, probability 0, space 0, times 0
[ 3114.057650] CPU: 0 PID: 15832 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3114.059065] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3114.060742] Call Trace:
[ 3114.061289]  dump_stack+0x107/0x167
[ 3114.062034]  should_fail.cold+0x5/0xa
[ 3114.062824]  ? create_object.isra.0+0x3a/0xa20
[ 3114.063744]  should_failslab+0x5/0x20
[ 3114.064516]  kmem_cache_alloc+0x5b/0x310
[ 3114.065352]  create_object.isra.0+0x3a/0xa20
[ 3114.066243]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3114.067281]  kmem_cache_alloc+0x159/0x310
[ 3114.068130]  xas_alloc+0x336/0x440
[ 3114.068859]  xas_create+0x34a/0x10d0
[ 3114.069664]  ? kernel_text_address+0xf2/0x120
[ 3114.070586]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3114.071649]  xas_store+0x8c/0x1c40
[ 3114.072373]  __xa_store+0x164/0x2d0
[ 3114.073112]  ? xa_delete_node+0x280/0x280
[ 3114.073982]  ? trace_hardirqs_on+0x5b/0x180
[ 3114.074872]  xa_store+0x31/0x50
[ 3114.075547]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3114.076541]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3114.077637]  ? alloc_fd+0x2e7/0x670
[ 3114.078390]  io_uring_setup+0x1fbb/0x2980
[ 3114.079274]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3114.080311]  ? wait_for_completion_io+0x270/0x270
[ 3114.081324]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3114.082375]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3114.083412]  do_syscall_64+0x33/0x40
[ 3114.084180]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3114.085225] RIP: 0033:0x7f2ccc8b5b19
[ 3114.085980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3114.089722] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3114.091257] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3114.092710] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3114.094172] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3114.095615] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3114.097061] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3114.105415] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3114.120186] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3114.127434] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3114.138360] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3114.148190] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3114.172101] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:26 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:26 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1801, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:52:26 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 42)

13:52:26 executing program 4:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./mnt\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setresuid(0xffffffffffffffff, r1, 0x0)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(0xffffffffffffffff, r2, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000001800)=[{&(0x7f0000000140)=""/187, 0xbb}, {&(0x7f0000000240)=""/177, 0xb1}, {&(0x7f0000000300)=""/202, 0xca}, {&(0x7f0000000400)=""/97, 0x61}, {&(0x7f0000000480)=""/104, 0x68}, {&(0x7f0000000500)=""/197, 0xc5}, {&(0x7f0000000600)=""/83, 0x53}, {&(0x7f0000000680)=""/44, 0x2c}, {&(0x7f0000000740)=""/192, 0xc0}, {&(0x7f0000000800)=""/4096, 0x1000}], 0xa, &(0x7f00000018c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, <r3=>0x0}}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb0}, 0x40000001)
mount$9p_fd(0x0, &(0x7f0000000080)='mnt/encrypted_dir\x00', &(0x7f00000000c0), 0x801008, &(0x7f0000001980)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@privport}, {@nodevmap}], [{@smackfshat={'smackfshat', 0x3d, 'vfat\x00'}}, {@pcr={'pcr', 0x3d, 0x35}}, {@subj_user={'subj_user', 0x3d, 'vfat\x00'}}, {@dont_hash}, {@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@euid_gt={'euid>', r1}}, {@uid_eq={'uid', 0x3d, r2}}, {@euid_lt={'euid<', r3}}, {@smackfsdef={'smackfsdef', 0x3d, 'vfat\x00'}}]}})
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000200)='mnt/encrypted_dir\x00', 0x0, 0x0, &(0x7f0000000680), 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
openat(0xffffffffffffff9c, &(0x7f0000000000)='./mnt\x00', 0x420200, 0xbc)

13:52:26 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xb8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:26 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4c00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:26 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x22b}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:52:26 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3128.560329] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3128.580257] FAULT_INJECTION: forcing a failure.
[ 3128.580257] name failslab, interval 1, probability 0, space 0, times 0
[ 3128.582736] CPU: 0 PID: 15871 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3128.584260] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3128.586005] Call Trace:
[ 3128.586556]  dump_stack+0x107/0x167
[ 3128.587315]  should_fail.cold+0x5/0xa
[ 3128.588111]  ? ___slab_alloc+0x155/0x700
[ 3128.588959]  ? create_object.isra.0+0x3a/0xa20
[ 3128.589919]  should_failslab+0x5/0x20
[ 3128.590707]  kmem_cache_alloc+0x5b/0x310
[ 3128.591552]  create_object.isra.0+0x3a/0xa20
[ 3128.592462]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3128.593535]  kmem_cache_alloc+0x159/0x310
[ 3128.594404]  xas_alloc+0x336/0x440
[ 3128.595142]  xas_create+0x34a/0x10d0
[ 3128.595931]  ? kernel_text_address+0xf2/0x120
[ 3128.596862]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3128.597958]  xas_store+0x8c/0x1c40
[ 3128.598709]  __xa_store+0x164/0x2d0
[ 3128.599476]  ? xa_delete_node+0x280/0x280
[ 3128.600337]  ? trace_hardirqs_on+0x5b/0x180
[ 3128.601253]  xa_store+0x31/0x50
[ 3128.601953]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3128.602953]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3128.604041]  ? alloc_fd+0x2e7/0x670
[ 3128.604814]  io_uring_setup+0x1fbb/0x2980
[ 3128.605694]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3128.606746]  ? wait_for_completion_io+0x270/0x270
[ 3128.607770]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3128.608860]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3128.609941]  do_syscall_64+0x33/0x40
[ 3128.610712]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3128.611773] RIP: 0033:0x7f2ccc8b5b19
[ 3128.612547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3128.616371] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3128.617966] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3128.619446] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3128.620923] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3128.622436] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3128.623912] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3128.629333] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3128.637128] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3128.645332] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3128.653112] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3128.669843] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3128.672534] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:26 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2300000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3128.808272] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3128.852386] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:42 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2615946881010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:42 executing program 4:
sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3)
writev(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)='7', 0x1}], 0x1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000002480)={@mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200020})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000340), 0x1000)
bind(0xffffffffffffffff, &(0x7f00000002c0)=@nfc={0x27, 0x0, 0x0, 0x1}, 0x80)
r3 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r1, r3, 0x0, 0x100000001)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

13:52:42 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 43)

13:52:42 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:42 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:42 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xd1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3144.483234] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:42 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x300}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:52:42 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x3, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 3144.497955] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3144.505414] FAULT_INJECTION: forcing a failure.
[ 3144.505414] name failslab, interval 1, probability 0, space 0, times 0
[ 3144.508266] CPU: 1 PID: 15911 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3144.509835] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3144.510021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3144.514232] Call Trace:
[ 3144.514782]  dump_stack+0x107/0x167
[ 3144.515542]  should_fail.cold+0x5/0xa
[ 3144.516337]  ? xas_alloc+0x336/0x440
[ 3144.517122]  should_failslab+0x5/0x20
[ 3144.517261] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3144.517941]  kmem_cache_alloc+0x5b/0x310
[ 3144.517972]  xas_alloc+0x336/0x440
[ 3144.521719]  xas_create+0x34a/0x10d0
[ 3144.522511]  ? kernel_text_address+0xf2/0x120
[ 3144.523445]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3144.524543]  xas_store+0x8c/0x1c40
[ 3144.525306]  __xa_store+0x164/0x2d0
[ 3144.526104]  ? xa_delete_node+0x280/0x280
[ 3144.526987]  ? trace_hardirqs_on+0x5b/0x180
[ 3144.527902]  xa_store+0x31/0x50
[ 3144.528594]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3144.529618]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3144.530711]  ? alloc_fd+0x2e7/0x670
[ 3144.531481]  io_uring_setup+0x1fbb/0x2980
[ 3144.532355]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3144.533430]  ? wait_for_completion_io+0x270/0x270
[ 3144.534462]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3144.535564]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3144.536632]  do_syscall_64+0x33/0x40
[ 3144.537429]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3144.538528] RIP: 0033:0x7f2ccc8b5b19
[ 3144.539324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3144.543266] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3144.544872] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3144.546405] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3144.547916] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3144.548407] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3144.549432] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3144.549444] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3144.556038] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3144.574228] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3144.585051] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3144.605477] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:42 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:42 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6c00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:42 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2700000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3144.682107] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
13:52:42 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3144.719345] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3144.738053] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:42 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x500}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3144.758748] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3144.772792] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:42 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0xd, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 3144.801924] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:42 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 44)

13:52:42 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3144.834306] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3144.861049] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:42 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6f01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3144.898404] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3144.918316] FAULT_INJECTION: forcing a failure.
[ 3144.918316] name failslab, interval 1, probability 0, space 0, times 0
[ 3144.920787] CPU: 1 PID: 15954 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3144.922261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3144.924010] Call Trace:
[ 3144.924573]  dump_stack+0x107/0x167
[ 3144.925356]  should_fail.cold+0x5/0xa
[ 3144.926168]  ? ___slab_alloc+0x155/0x700
[ 3144.927028]  ? create_object.isra.0+0x3a/0xa20
[ 3144.928001]  should_failslab+0x5/0x20
[ 3144.928809]  kmem_cache_alloc+0x5b/0x310
[ 3144.929690]  create_object.isra.0+0x3a/0xa20
[ 3144.930620]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3144.931706]  kmem_cache_alloc+0x159/0x310
[ 3144.932597]  xas_alloc+0x336/0x440
[ 3144.933367]  xas_create+0x34a/0x10d0
[ 3144.934169]  ? kernel_text_address+0xf2/0x120
[ 3144.935128]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3144.936244]  xas_store+0x8c/0x1c40
[ 3144.937016]  __xa_store+0x164/0x2d0
[ 3144.937841]  ? xa_delete_node+0x280/0x280
[ 3144.938729]  ? trace_hardirqs_on+0x5b/0x180
[ 3144.939660]  xa_store+0x31/0x50
[ 3144.940365]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3144.941396]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3144.942508]  ? alloc_fd+0x2e7/0x670
[ 3144.943294]  io_uring_setup+0x1fbb/0x2980
[ 3144.944182]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3144.945260]  ? wait_for_completion_io+0x270/0x270
[ 3144.946313]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3144.947425]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3144.948522]  do_syscall_64+0x33/0x40
[ 3144.949314]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3144.950414] RIP: 0033:0x7f2ccc8b5b19
[ 3144.951214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3144.955236] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3144.956511] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3144.956853] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3144.956867] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3144.956879] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3144.956890] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3144.956901] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3145.007210] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3145.022384] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3145.047765] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:58 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x600}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:52:58 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:58 executing program 4:
r0 = perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x400000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
execveat(r1, &(0x7f0000000000)='./file1\x00', &(0x7f0000000340)=[&(0x7f0000000080)='t\x82ans=?d,', &(0x7f00000000c0)='cwche=loosu', &(0x7f0000000200)='fs\xc11\x1aiext\x84\xba}\xbf\x95\xd6\x10\x04\x00\x00\x01c(tc\xa7\xd6:\xfe\x88\xfe\x96i/', &(0x7f0000000180)='cache=mmap', &(0x7f00000001c0)='$g\x00'], &(0x7f0000000740)=[&(0x7f0000000380)='h\x00', &(0x7f0000000700)='trans=fd,'], 0x400)
fsmount(0xffffffffffffffff, 0x0, 0x7eac96e0e6d0f853)
r2 = syz_open_procfs(0x0, &(0x7f00000005c0)='fdinfo/3\x00')
mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000004, 0x11, r2, 0x10000000)
connect$inet6(0xffffffffffffffff, &(0x7f00000003c0)={0xa, 0x0, 0x0, @dev}, 0x1c)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="31000000000000000000000000000000055834b0a29c777fb260e3209a20a20b04f87d090044a66e84b40ebc8909631b3182a4ec0ce90642c19a020fe6297a6b34b8ff228079780700c067dc891f7c61fa96b075f9b9bcd2d4ceefeca29ae30230318aea9afe8bb00bb72ae83179a7791e917e6fc260b331591386504e6000"])

13:52:58 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 45)

[ 3160.862345] FAULT_INJECTION: forcing a failure.
[ 3160.862345] name failslab, interval 1, probability 0, space 0, times 0
[ 3160.864853] CPU: 1 PID: 15983 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3160.866361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3160.868128] Call Trace:
[ 3160.868694]  dump_stack+0x107/0x167
[ 3160.869480]  should_fail.cold+0x5/0xa
[ 3160.870293]  ? xas_alloc+0x336/0x440
[ 3160.871070]  should_failslab+0x5/0x20
[ 3160.871879]  kmem_cache_alloc+0x5b/0x310
[ 3160.872743]  xas_alloc+0x336/0x440
[ 3160.873509]  xas_create+0x34a/0x10d0
[ 3160.874326]  ? kernel_text_address+0xf2/0x120
[ 3160.875300]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3160.876436]  xas_store+0x8c/0x1c40
[ 3160.877216]  __xa_store+0x164/0x2d0
[ 3160.878015]  ? xa_delete_node+0x280/0x280
[ 3160.878919]  ? trace_hardirqs_on+0x5b/0x180
[ 3160.879861]  xa_store+0x31/0x50
[ 3160.880581]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3160.881637]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3160.882769]  ? alloc_fd+0x2e7/0x670
[ 3160.883569]  io_uring_setup+0x1fbb/0x2980
[ 3160.884474]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3160.885571]  ? wait_for_completion_io+0x270/0x270
[ 3160.886633]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3160.887768]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3160.888876]  do_syscall_64+0x33/0x40
[ 3160.889699]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3160.890804] RIP: 0033:0x7f2ccc8b5b19
[ 3160.891603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3160.895540] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3160.897185] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3160.898734] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3160.900276] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3160.901819] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3160.903359] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:52:58 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x68, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:52:58 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:58 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x16f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:58 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4c00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3161.019545] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3161.039194] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3161.046456] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3161.060780] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3161.071560] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:58 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 46)

[ 3161.082396] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3161.082782] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3161.100376] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3161.112217] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:58 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:58 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3161.169685] FAULT_INJECTION: forcing a failure.
[ 3161.169685] name failslab, interval 1, probability 0, space 0, times 0
[ 3161.172632] CPU: 1 PID: 16005 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3161.174497] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3161.176595] Call Trace:
[ 3161.177256]  dump_stack+0x107/0x167
[ 3161.178198]  should_fail.cold+0x5/0xa
[ 3161.179160]  ? create_object.isra.0+0x3a/0xa20
[ 3161.180362]  should_failslab+0x5/0x20
[ 3161.181358]  kmem_cache_alloc+0x5b/0x310
[ 3161.182440]  ? mark_held_locks+0x9e/0xe0
[ 3161.183481]  create_object.isra.0+0x3a/0xa20
[ 3161.184691]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3161.186079]  kmem_cache_alloc+0x159/0x310
[ 3161.187191]  xas_alloc+0x336/0x440
[ 3161.188116]  xas_create+0x34a/0x10d0
[ 3161.189096]  ? kernel_text_address+0xf2/0x120
[ 3161.190236]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3161.191626]  xas_store+0x8c/0x1c40
[ 3161.192556]  __xa_store+0x164/0x2d0
[ 3161.193512]  ? xa_delete_node+0x280/0x280
[ 3161.194578]  ? trace_hardirqs_on+0x5b/0x180
[ 3161.195683]  xa_store+0x31/0x50
[ 3161.196553]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3161.197877]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3161.199312]  ? alloc_fd+0x2e7/0x670
[ 3161.200297]  io_uring_setup+0x1fbb/0x2980
[ 3161.201456]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3161.202807]  ? wait_for_completion_io+0x270/0x270
[ 3161.204080]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3161.205436]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3161.206839]  do_syscall_64+0x33/0x40
[ 3161.207769]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3161.209068] RIP: 0033:0x7f2ccc8b5b19
[ 3161.210028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3161.214489] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3161.216246] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3161.217868] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3161.219507] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3161.221116] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3161.222603] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:52:58 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:58 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7a00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3161.258108] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3161.299451] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:58 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x700}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3161.315365] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3161.330683] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:52:59 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x69, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 3161.350190] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3161.357196] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3161.361454] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3161.385691] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3161.391250] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3161.432495] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
13:52:59 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xd100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:52:59 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x340, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3161.556333] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3161.567807] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3161.569316] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3161.581523] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3161.595220] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:53:16 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xfe01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:16 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x388, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:16 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6c00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:16 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 47)

13:53:16 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4c00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:16 executing program 4:
r0 = perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x400000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
execveat(r1, &(0x7f0000000000)='./file1\x00', &(0x7f0000000340)=[&(0x7f0000000080)='t\x82ans=?d,', &(0x7f00000000c0)='cwche=loosu', &(0x7f0000000200)='fs\xc11\x1aiext\x84\xba}\xbf\x95\xd6\x10\x04\x00\x00\x01c(tc\xa7\xd6:\xfe\x88\xfe\x96i/', &(0x7f0000000180)='cache=mmap', &(0x7f00000001c0)='$g\x00'], &(0x7f0000000740)=[&(0x7f0000000380)='h\x00', &(0x7f0000000700)='trans=fd,'], 0x400)
fsmount(0xffffffffffffffff, 0x0, 0x7eac96e0e6d0f853)
r2 = syz_open_procfs(0x0, &(0x7f00000005c0)='fdinfo/3\x00')
mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000004, 0x11, r2, 0x10000000)
connect$inet6(0xffffffffffffffff, &(0x7f00000003c0)={0xa, 0x0, 0x0, @dev}, 0x1c)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="31000000000000000000000000000000055834b0a29c777fb260e3209a20a20b04f87d090044a66e84b40ebc8909631b3182a4ec0ce90642c19a020fe6297a6b34b8ff228079780700c067dc891f7c61fa96b075f9b9bcd2d4ceefeca29ae30230318aea9afe8bb00bb72ae83179a7791e917e6fc260b331591386504e6000"])

13:53:16 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x900}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:53:16 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0x117, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 3178.756360] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3178.768335] FAULT_INJECTION: forcing a failure.
[ 3178.768335] name failslab, interval 1, probability 0, space 0, times 0
[ 3178.771214] CPU: 0 PID: 16061 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3178.773093] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3178.775185] Call Trace:
[ 3178.775853]  dump_stack+0x107/0x167
[ 3178.776781]  should_fail.cold+0x5/0xa
[ 3178.777762]  ? xas_alloc+0x336/0x440
[ 3178.778631]  should_failslab+0x5/0x20
[ 3178.779435]  kmem_cache_alloc+0x5b/0x310
[ 3178.780297]  xas_alloc+0x336/0x440
[ 3178.781047]  xas_create+0x34a/0x10d0
[ 3178.781847]  ? kernel_text_address+0xf2/0x120
[ 3178.782787]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3178.783895]  xas_store+0x8c/0x1c40
[ 3178.784658]  __xa_store+0x164/0x2d0
[ 3178.785429]  ? xa_delete_node+0x280/0x280
[ 3178.786309]  ? trace_hardirqs_on+0x5b/0x180
[ 3178.787218]  xa_store+0x31/0x50
[ 3178.787925]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3178.788930]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3178.790031]  ? alloc_fd+0x2e7/0x670
[ 3178.790805]  io_uring_setup+0x1fbb/0x2980
[ 3178.791686]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3178.792743]  ? wait_for_completion_io+0x270/0x270
[ 3178.793786]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3178.794883]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3178.795965]  do_syscall_64+0x33/0x40
[ 3178.796789]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3178.797929] RIP: 0033:0x7f2ccc8b5b19
[ 3178.798708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3178.802668] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3178.804271] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3178.805778] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3178.807282] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3178.808779] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3178.810276] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:53:16 executing program 4:
r0 = perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x400000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
execveat(r1, &(0x7f0000000000)='./file1\x00', &(0x7f0000000340)=[&(0x7f0000000080)='t\x82ans=?d,', &(0x7f00000000c0)='cwche=loosu', &(0x7f0000000200)='fs\xc11\x1aiext\x84\xba}\xbf\x95\xd6\x10\x04\x00\x00\x01c(tc\xa7\xd6:\xfe\x88\xfe\x96i/', &(0x7f0000000180)='cache=mmap', &(0x7f00000001c0)='$g\x00'], &(0x7f0000000740)=[&(0x7f0000000380)='h\x00', &(0x7f0000000700)='trans=fd,'], 0x400)
fsmount(0xffffffffffffffff, 0x0, 0x7eac96e0e6d0f853)
r2 = syz_open_procfs(0x0, &(0x7f00000005c0)='fdinfo/3\x00')
mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000004, 0x11, r2, 0x10000000)
connect$inet6(0xffffffffffffffff, &(0x7f00000003c0)={0xa, 0x0, 0x0, @dev}, 0x1c)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="31000000000000000000000000000000055834b0a29c777fb260e3209a20a20b04f87d090044a66e84b40ebc8909631b3182a4ec0ce90642c19a020fe6297a6b34b8ff228079780700c067dc891f7c61fa96b075f9b9bcd2d4ceefeca29ae30230318aea9afe8bb00bb72ae83179a7791e917e6fc260b331591386504e6000"])

[ 3178.826520] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3178.830227] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3178.835473] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3178.839740] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3178.850629] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3178.855022] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3178.858908] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:53:16 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:16 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:16 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6f01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:16 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0x129, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:53:16 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:16 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0xf00}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3179.029183] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:53:16 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 48)

[ 3179.061041] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3179.073291] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3179.081255] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3179.107730] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3179.119411] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3179.124175] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3179.144173] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3179.155951] FAULT_INJECTION: forcing a failure.
[ 3179.155951] name failslab, interval 1, probability 0, space 0, times 0
[ 3179.158421] CPU: 1 PID: 16107 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3179.159885] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3179.161670] Call Trace:
[ 3179.162231]  dump_stack+0x107/0x167
[ 3179.162999]  should_fail.cold+0x5/0xa
[ 3179.163804]  ? create_object.isra.0+0x3a/0xa20
[ 3179.164766]  should_failslab+0x5/0x20
[ 3179.165583]  kmem_cache_alloc+0x5b/0x310
[ 3179.166441]  ? mark_held_locks+0x9e/0xe0
[ 3179.167298]  create_object.isra.0+0x3a/0xa20
[ 3179.168224]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3179.169299]  kmem_cache_alloc+0x159/0x310
[ 3179.170190]  xas_alloc+0x336/0x440
[ 3179.170941]  xas_create+0x34a/0x10d0
[ 3179.171735]  ? kernel_text_address+0xf2/0x120
[ 3179.172680]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3179.173792]  xas_store+0x8c/0x1c40
[ 3179.174560]  __xa_store+0x164/0x2d0
[ 3179.175320]  ? xa_delete_node+0x280/0x280
[ 3179.176202]  ? trace_hardirqs_on+0x5b/0x180
[ 3179.177113]  xa_store+0x31/0x50
[ 3179.177825]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3179.178837]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3179.179935]  ? alloc_fd+0x2e7/0x670
[ 3179.180710]  io_uring_setup+0x1fbb/0x2980
[ 3179.181602]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3179.182667]  ? wait_for_completion_io+0x270/0x270
[ 3179.183702]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3179.184802]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3179.185901]  do_syscall_64+0x33/0x40
[ 3179.186693]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3179.187776] RIP: 0033:0x7f2ccc8b5b19
[ 3179.188556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3179.192434] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3179.194037] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3179.195549] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3179.197048] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3179.198554] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3179.200055] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:53:36 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 49)

13:53:36 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:36 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0x2b02}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:53:36 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x1da688, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:36 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6c00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:36 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:53:36 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x600, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:36 executing program 4:
r0 = perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x400000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
execveat(r1, &(0x7f0000000000)='./file1\x00', &(0x7f0000000340)=[&(0x7f0000000080)='t\x82ans=?d,', &(0x7f00000000c0)='cwche=loosu', &(0x7f0000000200)='fs\xc11\x1aiext\x84\xba}\xbf\x95\xd6\x10\x04\x00\x00\x01c(tc\xa7\xd6:\xfe\x88\xfe\x96i/', &(0x7f0000000180)='cache=mmap', &(0x7f00000001c0)='$g\x00'], &(0x7f0000000740)=[&(0x7f0000000380)='h\x00', &(0x7f0000000700)='trans=fd,'], 0x400)
fsmount(0xffffffffffffffff, 0x0, 0x7eac96e0e6d0f853)
r2 = syz_open_procfs(0x0, &(0x7f00000005c0)='fdinfo/3\x00')
mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000004, 0x11, r2, 0x10000000)
connect$inet6(0xffffffffffffffff, &(0x7f00000003c0)={0xa, 0x0, 0x0, @dev}, 0x1c)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="31000000000000000000000000000000055834b0a29c777fb260e3209a20a20b04f87d090044a66e84b40ebc8909631b3182a4ec0ce90642c19a020fe6297a6b34b8ff228079780700c067dc891f7c61fa96b075f9b9bcd2d4ceefeca29ae30230318aea9afe8bb00bb72ae83179a7791e917e6fc260b331591386504e6000"])

[ 3199.124198] FAULT_INJECTION: forcing a failure.
[ 3199.124198] name failslab, interval 1, probability 0, space 0, times 0
[ 3199.126614] CPU: 0 PID: 16123 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3199.128075] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3199.129832] Call Trace:
[ 3199.130406]  dump_stack+0x107/0x167
[ 3199.131178]  should_fail.cold+0x5/0xa
[ 3199.131981]  ? xas_alloc+0x336/0x440
[ 3199.132766]  should_failslab+0x5/0x20
[ 3199.133568]  kmem_cache_alloc+0x5b/0x310
[ 3199.134447]  xas_alloc+0x336/0x440
[ 3199.135196]  xas_create+0x34a/0x10d0
[ 3199.135993]  ? kernel_text_address+0xf2/0x120
[ 3199.136938]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3199.138055]  xas_store+0x8c/0x1c40
[ 3199.138823]  __xa_store+0x164/0x2d0
[ 3199.139591]  ? xa_delete_node+0x280/0x280
[ 3199.140472]  ? trace_hardirqs_on+0x5b/0x180
[ 3199.141385]  xa_store+0x31/0x50
[ 3199.142091]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3199.143102]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3199.144205]  ? alloc_fd+0x2e7/0x670
[ 3199.144983]  io_uring_setup+0x1fbb/0x2980
[ 3199.145874]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3199.146935]  ? wait_for_completion_io+0x270/0x270
[ 3199.148177]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3199.149283]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3199.150399]  do_syscall_64+0x33/0x40
[ 3199.151188]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3199.152264] RIP: 0033:0x7f2ccc8b5b19
[ 3199.153051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3199.156917] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3199.158533] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3199.160025] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3199.161518] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3199.163020] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3199.164517] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3199.194311] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3199.202254] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3199.207934] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3199.217291] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3199.229583] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3199.233128] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3199.243739] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3199.257829] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:53:36 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6f01000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:36 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:36 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:37 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0xf000}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:53:37 executing program 4:
r0 = perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x400000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
execveat(r1, &(0x7f0000000000)='./file1\x00', &(0x7f0000000340)=[&(0x7f0000000080)='t\x82ans=?d,', &(0x7f00000000c0)='cwche=loosu', &(0x7f0000000200)='fs\xc11\x1aiext\x84\xba}\xbf\x95\xd6\x10\x04\x00\x00\x01c(tc\xa7\xd6:\xfe\x88\xfe\x96i/', &(0x7f0000000180)='cache=mmap', &(0x7f00000001c0)='$g\x00'], &(0x7f0000000740)=[&(0x7f0000000380)='h\x00', &(0x7f0000000700)='trans=fd,'], 0x400)
fsmount(0xffffffffffffffff, 0x0, 0x7eac96e0e6d0f853)
r2 = syz_open_procfs(0x0, &(0x7f00000005c0)='fdinfo/3\x00')
mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000004, 0x11, r2, 0x10000000)
connect$inet6(0xffffffffffffffff, &(0x7f00000003c0)={0xa, 0x0, 0x0, @dev}, 0x1c)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="31000000000000000000000000000000055834b0a29c777fb260e3209a20a20b04f87d090044a66e84b40ebc8909631b3182a4ec0ce90642c19a020fe6297a6b34b8ff228079780700c067dc891f7c61fa96b075f9b9bcd2d4ceefeca29ae30230318aea9afe8bb00bb72ae83179a7791e917e6fc260b331591386504e6000"])

13:53:37 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 50)

13:53:37 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7a00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3199.414506] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:53:37 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x2}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 3199.437365] FAULT_INJECTION: forcing a failure.
[ 3199.437365] name failslab, interval 1, probability 0, space 0, times 0
[ 3199.439827] CPU: 1 PID: 16164 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3199.441278] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3199.443013] Call Trace:
[ 3199.443564]  dump_stack+0x107/0x167
[ 3199.444332]  should_fail.cold+0x5/0xa
[ 3199.445136]  ? create_object.isra.0+0x3a/0xa20
[ 3199.446108]  should_failslab+0x5/0x20
[ 3199.446902]  kmem_cache_alloc+0x5b/0x310
[ 3199.447746]  ? mark_held_locks+0x9e/0xe0
[ 3199.448598]  create_object.isra.0+0x3a/0xa20
[ 3199.449528]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3199.450590]  kmem_cache_alloc+0x159/0x310
[ 3199.451461]  xas_alloc+0x336/0x440
[ 3199.452212]  xas_create+0x34a/0x10d0
[ 3199.453000]  ? kernel_text_address+0xf2/0x120
[ 3199.453949]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3199.455040]  xas_store+0x8c/0x1c40
[ 3199.455801]  __xa_store+0x164/0x2d0
[ 3199.456557]  ? xa_delete_node+0x280/0x280
[ 3199.457437]  ? trace_hardirqs_on+0x5b/0x180
[ 3199.458350]  xa_store+0x31/0x50
[ 3199.459050]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3199.460052]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3199.461164]  ? alloc_fd+0x2e7/0x670
[ 3199.461952]  io_uring_setup+0x1fbb/0x2980
[ 3199.462843]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3199.463918]  ? wait_for_completion_io+0x270/0x270
[ 3199.464963]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3199.466082]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3199.467183]  do_syscall_64+0x33/0x40
[ 3199.467963]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3199.469045] RIP: 0033:0x7f2ccc8b5b19
[ 3199.469837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3199.473740] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3199.475352] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3199.476859] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3199.478380] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3199.479892] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3199.481398] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3199.485167] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3199.509100] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3199.531133] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3199.539272] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:53:37 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3199.553532] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3199.568965] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3199.574091] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3199.650059] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3199.676226] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:53:53 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 51)

13:53:53 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:53 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:53 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xc00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:53 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{0x68, 0x0, 0xffff}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:53:53 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x9b02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:53 executing program 4:
set_mempolicy(0x2, &(0x7f0000000000)=0x7fffffff, 0x7)
set_mempolicy(0x3, &(0x7f0000000080)=0x8ab2, 0x10000)
r0 = getpgrp(0x0)
pidfd_open(r0, 0x0)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x1f, 0xfe, 0x1, 0x9, 0x0, 0x1, 0x3000, 0x8, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x5, 0x4, @perf_bp={&(0x7f00000000c0), 0xa}, 0x2200, 0x81, 0x200, 0x1, 0x400, 0x3, 0xc9, 0x0, 0x9, 0x0, 0x4}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000040)='./file1\x00', 0x0)

13:53:53 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x3}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 3215.436482] FAULT_INJECTION: forcing a failure.
[ 3215.436482] name failslab, interval 1, probability 0, space 0, times 0
[ 3215.438013] CPU: 1 PID: 16203 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3215.438867] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3215.439878] Call Trace:
[ 3215.440215]  dump_stack+0x107/0x167
[ 3215.440657]  should_fail.cold+0x5/0xa
[ 3215.441122]  ? xas_alloc+0x336/0x440
[ 3215.441578]  should_failslab+0x5/0x20
[ 3215.442050]  kmem_cache_alloc+0x5b/0x310
[ 3215.442549]  xas_alloc+0x336/0x440
[ 3215.442984]  xas_create+0x34a/0x10d0
[ 3215.443447]  ? kernel_text_address+0xf2/0x120
[ 3215.444000]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3215.444645]  xas_store+0x8c/0x1c40
[ 3215.445103]  __xa_store+0x164/0x2d0
[ 3215.445552]  ? xa_delete_node+0x280/0x280
[ 3215.446073]  ? trace_hardirqs_on+0x5b/0x180
[ 3215.446608]  xa_store+0x31/0x50
[ 3215.447018]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3215.447620]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3215.448270]  ? alloc_fd+0x2e7/0x670
[ 3215.448727]  io_uring_setup+0x1fbb/0x2980
[ 3215.449248]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3215.449876]  ? wait_for_completion_io+0x270/0x270
[ 3215.450507]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3215.451154]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3215.451789]  do_syscall_64+0x33/0x40
[ 3215.452251]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3215.452884] RIP: 0033:0x7f2ccc8b5b19
[ 3215.453342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3215.455612] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3215.456550] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3215.457434] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3215.458323] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3215.459203] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3215.460092] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:53:53 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x66, 0x0, 0x0, 0x4080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x0, 0x1, 0x3c4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0)
ftruncate(r0, 0x800)
creat(&(0x7f0000000040)='\x00', 0x1c5)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000fef000/0x2000)=nil, 0x2000, 0xf, 0x12, r0, 0x0)
syz_io_uring_submit(r1, 0x0, 0x0, 0x0)
mbind(&(0x7f0000fec000/0x14000)=nil, 0x14000, 0x0, 0x0, 0x0, 0x2)

[ 3215.475407] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.491382] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.495180] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.498530] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.502368] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.504311] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.507975] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:53:53 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3215.521857] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:53:53 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:53:53 executing program 4:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0)
timer_delete(0x0)
timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_gettime(r0, &(0x7f00000002c0))
timer_delete(r0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000400), 0xa}, 0x0, 0x4000000000, 0x0, 0x0, 0x8}, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x0)
capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000380)=ANY=[@ANYRES32], 0x4, 0x3)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=<r2=>0x0)
capset(&(0x7f0000000240)={0x20080522, r2}, &(0x7f0000000300)={0x800, 0x3, 0x7, 0xd7, 0x8000, 0x6})
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=<r3=>0x0)
timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r3}, &(0x7f0000000340))
setns(0xffffffffffffffff, 0x80)
r4 = fcntl$getown(r1, 0x9)
capset(&(0x7f00000000c0)={0x20071026, r4}, &(0x7f00000003c0)={0x7, 0x9, 0x1000, 0x8, 0xa8, 0x401})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000f81500400d000000d081dcbef400dd23000000000000dd1822f9d4b22259bc2f0766848432f30432c634861790f42d0500000033d5e110d1be9fd02b3da3a7f7a46dbf66d30c25a301c5f1773480453e576ddf1df6b4005134c0ae57c6e98cf76ad17d1c608936cef87fff032b51ccf1c9cc027ad4c2bbe571135bd0d4ed35b6"], 0x14}}, 0x0)
timer_create(0x5, &(0x7f00000005c0)={0x0, 0x0, 0x4}, &(0x7f0000000600))
clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58)

13:53:53 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 52)

[ 3215.608230] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:53:53 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7a00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3215.625349] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.626857] capability: warning: `syz-executor.4' uses deprecated v2 capabilities in a way that may be insecure
13:53:53 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xad03, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3215.636878] FAULT_INJECTION: forcing a failure.
[ 3215.636878] name failslab, interval 1, probability 0, space 0, times 0
[ 3215.638190] CPU: 1 PID: 16237 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3215.638986] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3215.639955] Call Trace:
[ 3215.640268]  dump_stack+0x107/0x167
[ 3215.640415] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.640694]  should_fail.cold+0x5/0xa
[ 3215.640708]  ? create_object.isra.0+0x3a/0xa20
[ 3215.640721]  should_failslab+0x5/0x20
[ 3215.640734]  kmem_cache_alloc+0x5b/0x310
[ 3215.640746]  ? mark_held_locks+0x9e/0xe0
[ 3215.640759]  create_object.isra.0+0x3a/0xa20
[ 3215.640770]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3215.640786]  kmem_cache_alloc+0x159/0x310
[ 3215.640801]  xas_alloc+0x336/0x440
[ 3215.640813]  xas_create+0x34a/0x10d0
[ 3215.640828]  ? kernel_text_address+0xf2/0x120
[ 3215.640840]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3215.640851]  xas_store+0x8c/0x1c40
[ 3215.640869]  __xa_store+0x164/0x2d0
[ 3215.640887]  ? xa_delete_node+0x280/0x280
[ 3215.650065]  ? trace_hardirqs_on+0x5b/0x180
[ 3215.650559]  xa_store+0x31/0x50
[ 3215.650952]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3215.651498]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3215.652116]  ? alloc_fd+0x2e7/0x670
[ 3215.652537]  io_uring_setup+0x1fbb/0x2980
[ 3215.653017]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3215.653590]  ? wait_for_completion_io+0x270/0x270
[ 3215.654160]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3215.654754]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3215.655339]  do_syscall_64+0x33/0x40
[ 3215.655764]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3215.656352] RIP: 0033:0x7f2ccc8b5b19
[ 3215.656776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3215.658864] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.658901] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3215.661995] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3215.662807] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3215.663627] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3215.664433] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3215.665256] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:53:53 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x3, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:53:53 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3215.729232] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.743093] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.749238] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.754464] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.759847] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.7'.
13:53:53 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x5000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3215.776280] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.788450] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 3215.800406] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.858244] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3215.874628] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:54:11 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x4}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:54:11 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xd100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:11 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:11 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7f51010000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:11 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:11 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 53)

13:54:11 executing program 4:
r0 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000fef000/0x11000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, &(0x7f0000000300))
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000340)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r1=>r0, @ANYBLOB="00000000c27f736fbfcfb71384ff750db8835ac600021448f5a5176f3e653000"])
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000680)=@IORING_OP_RECVMSG={0xa, 0x1, 0x0, r1, 0x0, &(0x7f0000000640)={&(0x7f0000000400)=@in={0x2, 0x0, @empty}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000500)=""/1, 0x1}], 0x1, &(0x7f00000005c0)=""/98, 0x62}, 0x0, 0x162, 0x0, {0x1}}, 0x6)
r2 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000001700)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32])
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, &(0x7f00000006c0), &(0x7f0000000240)=@v1={0x2, "d68b"}, 0x3, 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
dup(r4)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000000000)=ANY=[@ANYBLOB="011000000100000018000000", @ANYRES32, @ANYBLOB='\a\x00\x00\x00\x00\x00\x00\x00./file0\x00'])
r5 = socket$netlink(0x10, 0x3, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x80, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(0xffffffffffffffff, 0x10e, 0xa, 0x0, 0x0)
preadv(r5, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f0000000280), 0x8000, 0x0)
socketpair(0x2c, 0x3, 0x10000001, &(0x7f00000002c0))
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f0000000380)=@random="190e892ad5169f52335a688a9982e8f9c7f1f055c13e", 0x16, 0x1)

13:54:11 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x68, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3233.843218] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 3233.844838] FAULT_INJECTION: forcing a failure.
[ 3233.844838] name failslab, interval 1, probability 0, space 0, times 0
[ 3233.847959] CPU: 1 PID: 16273 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3233.849706] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3233.851709] Call Trace:
[ 3233.852257]  dump_stack+0x107/0x167
[ 3233.853031]  should_fail.cold+0x5/0xa
[ 3233.853809]  ? xas_alloc+0x336/0x440
[ 3233.854618]  should_failslab+0x5/0x20
[ 3233.855410]  kmem_cache_alloc+0x5b/0x310
[ 3233.856262]  xas_alloc+0x336/0x440
[ 3233.856990]  xas_create+0x34a/0x10d0
[ 3233.857782]  ? kernel_text_address+0xf2/0x120
[ 3233.858804]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3233.859880]  xas_store+0x8c/0x1c40
[ 3233.860625]  __xa_store+0x164/0x2d0
[ 3233.861374]  ? xa_delete_node+0x280/0x280
[ 3233.862249]  ? trace_hardirqs_on+0x5b/0x180
[ 3233.863142]  xa_store+0x31/0x50
[ 3233.863821]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3233.864821]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3233.865892]  ? alloc_fd+0x2e7/0x670
[ 3233.866656]  io_uring_setup+0x1fbb/0x2980
[ 3233.867530]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3233.868562]  ? wait_for_completion_io+0x270/0x270
[ 3233.869567]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3233.870658]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3233.871710]  do_syscall_64+0x33/0x40
[ 3233.872466]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3233.873508] RIP: 0033:0x7f2ccc8b5b19
[ 3233.874281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3233.878038] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3233.879587] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3233.881053] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3233.882518] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3233.883977] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3233.885428] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3233.892668] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 3233.894871] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3233.910370] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3233.921496] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3233.932229] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 3233.935085] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3233.938428] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3233.941767] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3233.944290] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3233.954291] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3233.987865] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.7'.
13:54:11 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x88a61d0000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:11 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x5}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:54:11 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:11 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2600, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:11 executing program 4:
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f0000000140))
stat(&(0x7f0000000180)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setresuid(0x0, r1, 0x0)
r2 = syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x8, 0x1, &(0x7f0000000100)=[{&(0x7f00000000c0)="02296d11e9593c1a6a22e2c39cf265fe6316a49511fe2ef76cc4e4ab434c7f48e675d6b5027d0afdd8be4ed8f460d31bdd6f7b3f", 0x34}], 0x10, &(0x7f0000000200)={[{@check_strict}, {@unhide}], [{@fsuuid={'fsuuid', 0x3d, {[0x39, 0x35, 0x33, 0x31, 0x33, 0x62, 0x33, 0x62], 0x2d, [0x32, 0x341612abc2df0c3a, 0x32, 0x65], 0x2d, [0x64, 0x0, 0x34, 0x66], 0x2d, [0x63, 0x63, 0x63, 0x64], 0x2d, [0x6, 0x61, 0x36, 0x64, 0x35, 0x33, 0x34, 0x35]}}}, {@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@hash}, {@func={'func', 0x3d, 'FIRMWARE_CHECK'}}]})
openat(r2, &(0x7f0000000280)='./file0\x00', 0x8002, 0x21)
writev(r0, &(0x7f0000000300)=[{&(0x7f00000002c0)='\x00', 0xfffffffffffffe68}, {&(0x7f00000001c0)="99", 0x1}], 0x2)

13:54:11 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x69, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:54:11 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3234.149556] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3234.169385] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3234.182902] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3234.191901] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3234.206845] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3234.225761] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3234.235444] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 3234.323447] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.7'.
13:54:27 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 54)

13:54:27 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0xc0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
flock(r1, 0x1)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r2, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r2, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r2, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r2, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000540)=ANY=[@ANYRES64, @ANYRES64=r0, @ANYRESOCT=r1, @ANYRESHEX, @ANYRESDEC], 0x10)
close(r0)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000100)='./file1\x00', 0x40000, 0x3, &(0x7f0000000200)=[{&(0x7f0000000280)="20000000000100000c000000dc0000000f000000010000000000000000000000002000000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf4655f000000000000000001000000000000000b00000000010000280200000284bec108feee6e2c88db433e36ee85208bcf4193bba8305b58979bed40ef77557bf21bcf61e6692c5a85eb401b2cc0a8110e5ad33b6bb2403962ecf599d362dae22596a54bbd02281172bb5a50958aa65883b86041aded8e7b488d7ec533002213e4e16b0fb06b8aaa4ee041d48fdc8a30f95c0c872d7d6c52b95583649a1c183162e55b534b2139cbb2e91d7b10cc34162734a29b711792fee0b3110f46e7c3fe277b6377db2163bbea4831989a94f330d549dd482b5d9dceec9300"/300, 0x12c, 0x400}, {&(0x7f0000010400)="030000000400000005000000dc000f000300040000000000000000000f004582", 0x20, 0x802}, {&(0x7f0000010e00)="ed41000000040000ddf4655fdef4655fdef4655f000000000000040002", 0x1d, 0x1500}], 0x58400, &(0x7f00000005c0)={[{@usrjquota_path={'usrjquota', 0x3d, './file0'}}, {@acl}, {@test_dummy_encryption}], [{@smackfsroot={'smackfsroot', 0x3d, '\x00'}}, {@uid_eq}, {@fowner_eq={'fowner', 0x3d, 0xee00}}, {@uid_eq={'uid', 0x3d, 0xee01}}, {@uid_eq}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@mask={'mask', 0x3d, '^MAY_EXEC'}}]})

13:54:27 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x1da688, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:27 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x8cffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:27 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:27 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x13000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:27 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x6}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:54:27 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x2, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3250.158072] FAULT_INJECTION: forcing a failure.
[ 3250.158072] name failslab, interval 1, probability 0, space 0, times 0
[ 3250.161055] CPU: 0 PID: 16338 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3250.162884] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3250.164425] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3250.165053] Call Trace:
[ 3250.165087]  dump_stack+0x107/0x167
[ 3250.165112]  should_fail.cold+0x5/0xa
[ 3250.165138]  ? create_object.isra.0+0x3a/0xa20
[ 3250.165164]  should_failslab+0x5/0x20
[ 3250.165187]  kmem_cache_alloc+0x5b/0x310
[ 3250.165210]  ? mark_held_locks+0x9e/0xe0
[ 3250.165237]  create_object.isra.0+0x3a/0xa20
[ 3250.165255]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3250.165285]  kmem_cache_alloc+0x159/0x310
[ 3250.171875] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3250.172210]  xas_alloc+0x336/0x440
[ 3250.172239]  xas_create+0x34a/0x10d0
[ 3250.181501]  ? kernel_text_address+0xf2/0x120
[ 3250.182463]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3250.183574]  xas_store+0x8c/0x1c40
[ 3250.184341]  __xa_store+0x164/0x2d0
[ 3250.185118]  ? xa_delete_node+0x280/0x280
[ 3250.186003]  ? trace_hardirqs_on+0x5b/0x180
[ 3250.186929]  xa_store+0x31/0x50
[ 3250.187630]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3250.188648]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3250.189756]  ? alloc_fd+0x2e7/0x670
[ 3250.190541]  io_uring_setup+0x1fbb/0x2980
[ 3250.191430]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3250.192500]  ? wait_for_completion_io+0x270/0x270
[ 3250.193538]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3250.194662]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3250.195752]  do_syscall_64+0x33/0x40
[ 3250.196545]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3250.197632] RIP: 0033:0x7f2ccc8b5b19
[ 3250.198431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3250.202329] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3250.203940] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3250.205453] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3250.206971] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3250.208478] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3250.209998] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:54:27 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x3500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3250.239307] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3250.263862] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3250.270374] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3250.287779] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:54:27 executing program 4:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x3, &(0x7f00000001c0)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}, {&(0x7f0000000500)="602533f94d6c8889ba3c6cecb1b61047e22a64199f0f3c49c92ef6ac5876951966bc673c2d44b843074ee9f44be3b457627e35f20da044511e2f57f74732c895a3898fd933c4b80a2827a77d597a216c0a97960295adb8d94b23b42aaebf0bd4b4f57b3a40cedf6649d0162deeb999c4d99215d037fe3f4a8ff78d35fcc0a56aba2134d8009d1ead23afd7067ec7331ff601d221bc8fe0d3ac0a2002c22b444ca9bda8ffd014caf005bb229b80a1885c41d41c59ec45d9ef78f968dab9f0fc075a137d1fc7f64bf43565d01e6a8e2d1cc7ad24e6212f2885969932fb7b169238c2fa977bdb2511b07a6112b1b5c7484de9d4413ce05b9a53a38d9b01b55a80ffa51a2c5d03bc2d0fee3921e7ed5b4a5f9950f2211bc1076ccef29a79380c2b242d9868ed8ce8961728ac1ff90b1b381f26a21de9836f9a48002e5353dfcc31b2c2a15faeffbe3f24eade1e567f915b2cdb49f3edfc2db2629f9f7faec7a8c7e7c5e5920f7047bba8eefa5f5b0daff31c39f481a7a13f16d486c0980264c388ce178ad41f39115664daf290f963897bdf6e084160f9420e26e389e8bbed78a55452513a9f1edd7a8ba5bb0d141cbedc0ff628a781fa94750c913d5247ece04173c999b503fae3a1d362f308811f326fc76c5ce47a9b0a66a1fbc95a7f665e01aa923f11bbca4a2f6ae7f8532b880f9f83db30b1681242cda02bf03cb2bf3afaa1662af430a7f8b2bb4944bed0252d31c0710590a300c220bb23d114a2be8297d240298599c8c0594e0b324d89e6a6ae5bd8b451f0eba2ff895967e43426dd67e9f89682fa553f9228ccfabb5710419827058d6bbfe137500d1d8746dbfe93a8bb520e42405a85b66c9e0b8b3065d7efa91229ff311ead9185d7e5a6b7d1a3c959d9a031aeec59831d236fb5e4e5191bea4c4c7ce1c07e62749331e9d82b2c1f1f68fee17525b14d364d8b0642360ee4afece853d04dd7b7c5af5ae6bbd4279390057262e750dafabedca86b410185a51b06de6aed023a2d31caf0290541c59c2ae9a034e417bab88a50d2cfd847997df7ac6461cd4baa1edb7508fa1557cc5c4840832f817cdd33d35c4d8bbc5447973b768383e07680e72ab5b21e77c022358cd3ef24589a4bb65520f3ef7f31ec9e5f7f640fa6c8f145efe73d2dc8a079df71556f2f2c15fc527aea6b189afb6e2a51be39d36256ef9236b668fc70b191403d4131ea6f7b0e463e473f6f343649f2410c44305d0261f1845e3985c33c90fc1c427b178b19b4c4ba31f6deb1d309c2f0fcf689b41d86a2834c77c394b017ccdd8cacfb7ca0ffa24d52b18869698758fa695becdea2d713ecd6cc39cdeafef6aa947ef8c418087fa6c00eb5f36bc743cc858619042766ae817e75aad0058a54bca5dafea4fe589e08235be98c8fbda40b322b002d2725e09c13398ebc51ecedd049e70480abc536c397821d16d433dc5271e7052a16f2e9c511af95789d95bb60d52b867ec318534a1ebd333da930eaa1e8b769c06201edb21f7a7356dd3397309e9120daf1f75b2de73b69b5d83ffcbba106d8426fe39d7e6a261ed8d4f610917bb26a7a5b08aadb7a7539229ee251b242d2d5ea319cca690f5ce12db6ce1b326b91def81e5baffdb6abc26b6aebecd5d0946b022d193d1d21162b048f3af3ba867ef0def3afaf6f7e07ced4d6483fd16af86bddb3f00cc0d4998d86fc1243aa08ab9c46635843b2f862fc9fa5daa708d494af1671aa8d578b67c5879634211c6db634055dab84d1f1335990ea2075a00922bcbe2261cd32390d3315b8aedc0c0a14a026df745c2e27197cc5cb369cdab99db85157628be51d7d3df13e68c4e1c5d3cf550411b0c66d7cf097fd42b1c13f3f1989b8f1491e3a47c37402465ad3411d9c817b1b8b3e85ee53baf05b2a4395005f6c850fd3d036e251c08234883d3ed188551fa3b6faccf6e3731f6c328614fe93e1fa43335f8e99ecfa45d46f25a1672a6f36e8f2eb5dffdb1319552d9b977b38a6ea634a973ae37463e54a5c414500c080ff809428893ab02673b98bb1f459e046ce86e665d77b787f66178680025568e7ecfa2f53ff44cec4cfef534fef39099fa854dda2eb7e26392fa2f7ea83eb1fc9cb3564bf4e6919999059241d12f66b528bff2ed049b4c80aa7b6fd014d049e5cbec4af20e4c2769d9c11a84568f6f243fdf36133fa61e767c3c1e03158b161d15ad6094cf4d371a8b981344a68ded8f7bbb2922f3b174df52151fe569c3ee317e257f96c7924d45231a7518dfe424bc3a75bb79f7713aba4a7dd2b742b99800a32bbd26b5253f925f45e87f92544fb9f470868c8a9616e8109dacc07b29a7d56f94d8d511dc1d7962a2f7558dc0b278d70239a1166d155b946b086cc2cb855299e459132d3a4994ca3e105fe481d4230639cfeff4fa812841c844a07645fd33b4e796260da119e1762b8c9c853d7409983b7643fafe1718592ea22bfe1cd3227fa5751944eaeea91251c77c87eeeed4ce3095386d5796ea8d48414aa9c03d55f023b6fadd817899e53e68868fab9e2524dca8583b9714873afdfbbb1f1053c559b41a55a96f7008d416bcab4c508c7d27be82e94b4ba5a08dcda9ea1019de335a23f84836394a7371596f2087858fc0579af893379ac3a8d010eb35ca19f682b380489dfb9f4d976da44b8e511e3ebd76dbda1f0e89044378db9404ccdf499ffb0f8ced54599f96cc3ba9c0c46cb233548426cc899e135dadd8503b775788ca2a9fc611fffba8c451571f41bcc8c24da387216c71424651b812b1e44cfd17261d31a97caf5331b31f14e0b5f05f740cd7e81d8f0f9c70be3ebd1dd6b307e47768175a3c13e8bf48bdac086b93a1a731c8b45ef8c78c211cfdc815dbcc83f6feccd7731ddc0859fe262603608047c49a3e5e8a147285196efb5d9678abd62a1cf4c7c1e85c788351762032faaebfba4e5aa78e390d8bd31302f39564d9fe4d19208e0a77cfecd53eb6100f8b1986cef6f35d010cd382b9e4fee1398400c16b5baca28cf6ef5f049d69eaa541c5293e2661e99388440a05b9c38bb75109672b545ae760995c35a38feb9c203a82ba5ec55b242270aed928e1bbec210384a29e3068d42aee5ed6d3367812f1202f9c13c34fe619bd933ab5e342341e51fb44d9756960bdd681b0e4a597a08244488cb70ba6a3ce2402c63b4250cbd56bef9824e391b0cd3f6b1d15e36136129b976570cb89a1c870a9394443b3b618cb372904312611d77c230110eb4b0e17fa6da0b6fd289cb768085d20abc67ad679b68d7b8981c47487c58c768f8a77fa2bb62fdfc2587b0bcce66390dc80284c211781d229e3dfc0c313fc24e564ca701d43c8d31b59b5b667df56d76277075ab94b46dcbf1aba47ee9e4c1caf236767b93faef69038550ac89df3e63f9b65a5b45218fe97ea7c4f4ce7b412d9d0802703a185d45312ddc0bbd4f1e6215d8586405450edb8e9536c68b9e95caa4b1b1ca8991462f5cb51775289227fa3476358bb3a262ec7439884054cd0c213978dc26f6039f25041438fbc6f96045d813ba55f23922ca20b2391227da26d078dfa9ca9c8a1db8967b88d46cd7e7ab3bbb17189f3103fab5b4fc3b87c41fda5aac307c593f976b7c8478e58ce7962d90dfcf264f774d6d43ed20966cb3a104fb0b720c6c92a8a5371af537424364aa54ca84ead239aa747e9b2a72fb595bc4e888883efd2bec39aee42c8885f450912bd8aa63ca14ab79fe2ccd392602954fd887a67eaf11fe11b1d94ceba63a7bb180cb9e0139f59bbfb580a3d574121556c6fce6054640c57493f78b55cd8cad715dd65e50101feaf04d11d5590a8ba309c316d109fc71357e105fa604feb73de5b8b74af1d7a04701fa8485856b18dcfd99deca51dd4784c80a0e", 0xad5, 0x7da}], 0x0, &(0x7f0000000240)=ANY=[])
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$BTRFS_IOC_SCRUB_CANCEL(r1, 0x941c, 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000280), 0x2}, 0xc00}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat(r0, &(0x7f0000000180)='./file0\x00', 0xc1)
r3 = getpgrp(0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x6, 0xe5, 0x5, 0xef, 0x0, 0x5, 0x420, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x80000001, 0x2, @perf_bp={&(0x7f0000000100), 0x5}, 0x2144, 0x6, 0x0, 0x0, 0x7, 0x0, 0x800, 0x0, 0x4, 0x0, 0x81}, r3, 0x4, r2, 0xa)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
r6 = fcntl$dupfd(r5, 0x0, r4)
sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001200210c0000000000000000a7e012dbd3fcfc34000000000000000014002f0000000000000000000000ffff00000000"], 0x34}}, 0x0)
ioprio_get$pid(0x2, 0x0)

13:54:27 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xd100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3250.322203] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3250.351506] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:54:44 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xf5ffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:44 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x22000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:44 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xba, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x0)
open$dir(0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x20)
write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[], 0xfdef)
fallocate(r0, 0x3, 0x0, 0x8000)

13:54:44 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:44 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x7}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:54:44 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x5, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:54:44 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x3f00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:44 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 55)

[ 3267.020542] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3267.039336] FAULT_INJECTION: forcing a failure.
[ 3267.039336] name failslab, interval 1, probability 0, space 0, times 0
[ 3267.041849] CPU: 1 PID: 16400 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3267.043337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3267.045112] Call Trace:
[ 3267.045697]  dump_stack+0x107/0x167
[ 3267.046501]  should_fail.cold+0x5/0xa
[ 3267.047329]  ? xas_alloc+0x336/0x440
[ 3267.048139]  should_failslab+0x5/0x20
[ 3267.048961]  kmem_cache_alloc+0x5b/0x310
[ 3267.049841]  xas_alloc+0x336/0x440
[ 3267.050629]  xas_create+0x34a/0x10d0
[ 3267.051442]  ? kernel_text_address+0xf2/0x120
[ 3267.052409]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3267.053531]  xas_store+0x8c/0x1c40
[ 3267.054322]  __xa_store+0x164/0x2d0
[ 3267.055104]  ? xa_delete_node+0x280/0x280
[ 3267.056002]  ? trace_hardirqs_on+0x5b/0x180
[ 3267.056930]  xa_store+0x31/0x50
[ 3267.057640]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3267.058681]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3267.059932]  ? alloc_fd+0x2e7/0x670
[ 3267.060732]  io_uring_setup+0x1fbb/0x2980
[ 3267.061631]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3267.062720]  ? wait_for_completion_io+0x270/0x270
[ 3267.063781]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3267.064898]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3267.066005]  do_syscall_64+0x33/0x40
[ 3267.066819]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3267.067911] RIP: 0033:0x7f2ccc8b5b19
[ 3267.068706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3267.072552] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3267.074389] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3267.076273] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3267.078190] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3267.079813] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3267.081330] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3267.091367] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3267.105391] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:54:44 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xf6ffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3267.149868] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:54:44 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x23000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3267.162155] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3267.183509] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:54:44 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x6, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:54:44 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x9}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:54:44 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x80ffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:44 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3267.312338] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:54:44 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 56)

13:54:44 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pkey_mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0xffffffffffffffff)
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000004, 0x4000010, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r4 = syz_mount_image$tmpfs(&(0x7f0000000280), &(0x7f0000000400)='./file0\x00', 0x7, 0x4, &(0x7f00000006c0)=[{&(0x7f0000000440)="f14d3b64b3ec3e1071f7cb8d9b56e02a55a3be6c1b88fa2d8f061998b60dc6346aee028d5e75846c718070", 0x2b, 0xffffffff}, {&(0x7f0000000480)="552b53d1ac4f0423b9b72a5d0f05ebb426d78e6e23076bceb0128a23d70155137becb36d6dd3bb95f6f2f702ade39711eb374294a1a8dd2b7b5efaee17d846f2d73181aee50eedc21d29e1b47276c034b673d294b6aeec59124bd4d84a0fafe3393ffb4437c74dba2bdbfc21d208433775c78aef17ce7e5d81506f97939e070a69b8bec1fd6658d166b9519b9b9731fb40945fa85851f88fb22ff299931ee92088cf10cc5e44db3028b9a86ec66d1a2aea618d2c002001b8539eef07dea467af", 0xc0, 0x1ff}, {&(0x7f0000000540)="1adfd1e7b4cc5ccba2331c17a2b072d2100a7f58c29d373e9754bad5afa925c41e5dc2fc3b1f31849039bd855a5f33313402aef5a2d385a0f5edb10544eb011080035ea9f053e4f824f6a5f0aae15371624c07f0b223f0cb5bb5037c502ee9eaa3cc0240bd0f9897c803a2ee8d92f7e03823b48d3b6daa3885852685c34e39f62881c6008164c9dff9aad82854863656b77f43dbd80c4ba05d7911babd9078939d77021a235390d525490d3a", 0xac, 0x5}, {&(0x7f0000000600)="b4d356d96ebb4e2f9fa775de70e5145cdd07c4d0bdf84aa6d49c7c6536e5480ab40ba7d3528bb9a24572d4e7ba49abb9dc899935a4531e6744dd4d27dd67742297d9b533c1cafa9cfb3aa2a826b7b67e2498fcdb017091182e02093cf836366fc9bc634169b922ea31504d1b610ec866ef85c5893125cf79182174373608191147e86849736d69dfb948b098241de34292e72c3132768172d9b00bd4551f6a8bcfc022b84ca39fadb8a5b5a6bea48e3e542c16d6dc0a6b26", 0xb8, 0x5}], 0x100000, &(0x7f0000000740)={[{@size={'size', 0x3d, [0x32, 0x28, 0x70, 0x38]}}, {@nr_blocks={'nr_blocks', 0x3d, [0x25, 0x31, 0x67, 0x6b, 0x2d]}}, {@gid}, {@mode={'mode', 0x3d, 0x3e}}, {@huge_within_size}], [{@smackfstransmute={'smackfstransmute', 0x3d, '\x00'}}]})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
ftruncate(r5, 0x4)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r5, 0x0)
syz_io_uring_setup(0x4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r6, r8, &(0x7f0000000180)=@IORING_OP_SEND={0x1a, 0x2, 0x0, r5, 0x0, &(0x7f0000000300), 0x0, 0x8080, 0x1}, 0x0)
r9 = syz_io_uring_complete(r7)
r10 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000800)=@IORING_OP_FALLOCATE={0x11, 0x3, 0x0, @fd_index=0x2, 0x7fffffff, 0x0, 0xffff0002, 0x0, 0x0, {0x0, r10}}, 0x362c)
syz_io_uring_submit(r6, r8, &(0x7f0000000240)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r9, 0x7f, 0x0, 0x10000, 0x0, 0x0, {0x0, r10}}, 0x6)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000007c0)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r4, 0x8e, 0x0, 0x1, 0x0, 0x0, {0x0, r10}}, 0x9)
r11 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
syz_io_uring_submit(r11, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_submit(r0, r3, &(0x7f0000000080)=@IORING_OP_POLL_REMOVE={0x7, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x800)
futex(&(0x7f0000000000), 0x0, 0x0, 0x0, 0x0, 0x0)

[ 3267.354452] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:54:45 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xfeffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3267.422265] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3267.427843] FAULT_INJECTION: forcing a failure.
[ 3267.427843] name failslab, interval 1, probability 0, space 0, times 0
[ 3267.430419] CPU: 1 PID: 16440 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3267.431899] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3267.433673] Call Trace:
[ 3267.434270]  dump_stack+0x107/0x167
[ 3267.435068]  should_fail.cold+0x5/0xa
[ 3267.435885]  ? ___slab_alloc+0x360/0x700
[ 3267.436783]  ? create_object.isra.0+0x3a/0xa20
[ 3267.437767]  should_failslab+0x5/0x20
[ 3267.438617]  kmem_cache_alloc+0x5b/0x310
[ 3267.439506]  create_object.isra.0+0x3a/0xa20
[ 3267.440453]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3267.441559]  kmem_cache_alloc+0x159/0x310
[ 3267.442472]  xas_alloc+0x336/0x440
[ 3267.443240]  xas_create+0x34a/0x10d0
[ 3267.444052]  ? kernel_text_address+0xf2/0x120
[ 3267.445022]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3267.446158]  xas_store+0x8c/0x1c40
[ 3267.446554] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3267.446967]  __xa_store+0x164/0x2d0
[ 3267.450297]  ? xa_delete_node+0x280/0x280
[ 3267.451200]  ? trace_hardirqs_on+0x5b/0x180
[ 3267.452144]  xa_store+0x31/0x50
[ 3267.452873]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3267.453908]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3267.455078]  ? alloc_fd+0x2e7/0x670
[ 3267.455874]  io_uring_setup+0x1fbb/0x2980
[ 3267.456910]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3267.458076]  ? wait_for_completion_io+0x270/0x270
[ 3267.459387]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3267.460638]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3267.461841]  do_syscall_64+0x33/0x40
[ 3267.462740]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3267.463983] RIP: 0033:0x7f2ccc8b5b19
[ 3267.464779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3267.468783] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3267.470443] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3267.471997] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3267.473550] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3267.475110] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3267.476652] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3267.481864] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:54:45 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x27000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3267.522958] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:54:45 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x2d, &(0x7f0000000040)=0x10be, 0x4)
ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000180)={0xe93, 0x1, 0x1})
sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10, 0x0}, 0x404c008)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @empty}, 0x1}, 0x1c)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$inet6(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000bc0)='+', 0x1fc0}], 0x1}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r2, &(0x7f0000000440)=""/200, 0xc8)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x0, 0xbd, 0x7, 0x80, 0x0, 0x9, 0x80, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x4, @perf_config_ext={0x9, 0x1}, 0x0, 0x100000000, 0x2f, 0x0, 0x800, 0xee58, 0x0, 0x0, 0x64d8, 0x0, 0x8}, 0xffffffffffffffff, 0x3, r2, 0xc)
ftruncate(r2, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r2, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r2, &(0x7f00000002c0)=ANY=[], 0x10)
ioctl$SIOCGSTAMP(r2, 0x8906, &(0x7f0000000080))
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x1c, 0x4a, 0xc21, 0x0, 0x0, {0xa, 0x0, 0x2}, [@generic="65eed358f4"]}, 0x1c}}, 0x0)

13:54:45 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x8, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:54:45 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xffffff7f00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:54:45 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3267.628545] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3267.663280] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3267.683071] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3267.697318] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3267.701242] netlink: 'syz-executor.7': attribute type 8 has an invalid length.
[ 3267.743108] netlink: 'syz-executor.7': attribute type 8 has an invalid length.
13:55:02 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:02 executing program 4:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x2d, &(0x7f0000000040)=0x10be, 0x4)
ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000180)={0xe93, 0x1, 0x1})
sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10, 0x0}, 0x404c008)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @empty}, 0x1}, 0x1c)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$inet6(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000bc0)='+', 0x1fc0}], 0x1}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r2, &(0x7f0000000440)=""/200, 0xc8)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x0, 0xbd, 0x7, 0x80, 0x0, 0x9, 0x80, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x4, @perf_config_ext={0x9, 0x1}, 0x0, 0x100000000, 0x2f, 0x0, 0x800, 0xee58, 0x0, 0x0, 0x64d8, 0x0, 0x8}, 0xffffffffffffffff, 0x3, r2, 0xc)
ftruncate(r2, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r2, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r2, &(0x7f00000002c0)=ANY=[], 0x10)
ioctl$SIOCGSTAMP(r2, 0x8906, &(0x7f0000000080))
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x1c, 0x4a, 0xc21, 0x0, 0x0, {0xa, 0x0, 0x2}, [@generic="65eed358f4"]}, 0x1c}}, 0x0)

13:55:02 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x9, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:55:02 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:02 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 57)

13:55:02 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:02 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:02 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0xf}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 3284.408406] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3284.414466] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3284.436082] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3284.445529] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3284.460117] FAULT_INJECTION: forcing a failure.
[ 3284.460117] name failslab, interval 1, probability 0, space 0, times 0
[ 3284.462657] CPU: 0 PID: 16493 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3284.464149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3284.465946] Call Trace:
13:55:02 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3284.466550]  dump_stack+0x107/0x167
[ 3284.467508]  should_fail.cold+0x5/0xa
[ 3284.468343]  ? xas_alloc+0x336/0x440
[ 3284.469154]  should_failslab+0x5/0x20
[ 3284.469976]  kmem_cache_alloc+0x5b/0x310
[ 3284.470877]  xas_alloc+0x336/0x440
[ 3284.471663]  xas_create+0x34a/0x10d0
[ 3284.472475]  ? kernel_text_address+0xf2/0x120
[ 3284.473445]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3284.474613]  xas_store+0x8c/0x1c40
[ 3284.475387]  __xa_store+0x164/0x2d0
[ 3284.476202]  ? xa_delete_node+0x280/0x280
[ 3284.477110]  ? trace_hardirqs_on+0x5b/0x180
[ 3284.478067]  xa_store+0x31/0x50
[ 3284.478805]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3284.479872]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3284.480998]  ? alloc_fd+0x2e7/0x670
[ 3284.481816]  io_uring_setup+0x1fbb/0x2980
[ 3284.482756]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3284.483873]  ? wait_for_completion_io+0x270/0x270
[ 3284.484940]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3284.486090]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3284.487229]  do_syscall_64+0x33/0x40
[ 3284.488070]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3284.489162] RIP: 0033:0x7f2ccc8b5b19
[ 3284.489986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3284.494084] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3284.495787] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3284.497569] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3284.499142] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3284.500677] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3284.502196] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:55:02 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x48000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3284.525298] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3284.558175] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3284.566272] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3284.591353] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:55:02 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3284.635066] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3284.679525] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:55:18 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:18 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:18 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4c000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:18 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:55:18 executing program 4:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0)
lseek(r1, 0x0, 0x2)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x4001, 0x3c)
copy_file_range(r2, 0x0, r1, 0x0, 0x200f5ef, 0x0)
read(r1, &(0x7f0000000280)=""/208, 0xd0)
write$binfmt_script(r1, &(0x7f0000000380)={'#! ', './file0', [{0x20, '@@\'--(!{[}'}], 0xa, "f81955624b74a55b3da8d4d20a69d8ea182d5b82a4e31b9d00acad1a6f3d76dcf6dd62a4824619d1773576896698dc0762b9ccd59f1d67bbdcc90f8f4c300b83c1ad6dbdb15f958970d060b2cd89432f3da0"}, 0x68)
write$binfmt_elf64(r0, &(0x7f0000001480)={{0x7f, 0x45, 0x4c, 0x46, 0x8, 0xe0, 0x75, 0x8, 0xfffffffffffffff9, 0x3, 0x6, 0x80000001, 0xfc, 0x40, 0x17a, 0x80000001, 0x9, 0x38, 0x2, 0x0, 0x4, 0xde}, [{0x4, 0x7, 0xfe, 0xffffffffffffffe1, 0x80000000, 0x800, 0x1, 0x1}], "3b3b184911413a771546c4b9443c73657a1fef21c754fd4460b585fa3c9cbc212b491162701d551f8e33f0cbdf065b420b07c80d0d50870eadb9ec0ba1f3990b8dab36fd160104941175a4", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x8c3)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000440)={'#! ', './file0', [{0x20, '@Zj\f8\x98\x82\xfb%\xb9\x10\x896\xc2 5\xed\x1c\x00\xe5\xfay\"\xbd'}, {0x20, '\xa3\xdb\x02\xfc;*\xd7\xaa\xa0\xda-.>\xee\xcc\x16\xf3\x89\xf6'}, {0x20, '\x00'}, {0x20, '\x00'}, {0x20, '--'}], 0xa, "94e9d27d75ad0cd2f6eb03e07fc61b826f8ff565eb5ba733a327fbcbb533e30f263f66478b1c7c810e6533438317033615cf3247c899332f345b36ac092128b13facd33299c2eb84e56cfd18a81f96ef14fb9064e436075eb02bfe6ed3cca3adb86afba558032b31989e250feeaf203864a5abcc5d61d30baa195e9700ef1e32e49ee317c9bbfced655f0a8b1a3e04d549effb7f9d23a5aa74c4d945f6d6601e6b78b0c6f6ee952285f82a4c7f679f018bcacec86ec9852fa330a563e12186f6af8bc21d49c7b0e6a8a8f8b41061946cdf11fbc09256c45f1f7525f8f4a3e68d80d085bd345dfd6cf029e630c6e0fb16ebce67bc5a8974c896c8396c14bb0c9cf30f31b0e76c933f8231107f4f861811d4074b23acde45fd88b12cb9bae231647b9869ff0c142614a31cb2fd8554d2772673311511915d43a653629a27b47f01c67920884ad19b97f1c44b61138494c6d42381c633359c627ec9b799628028c6ed2de64d6a2e5058c7a9e3d91ba7ec8a3eb2a91a53d7f93d1f2a5bb3feda2c21b5c36fd7e317ea9ea5d5110375e08d358843de5480b9faf57af1e2ea054529a22e403ef6b8d4d0ade6ba421f4da67a7e915c57d0f021605180e283b0e244e519750369d3e42dba638c64450443bb98597115162fce26d351c8c7d64e8933513634c40f6291223e0f0b8f79bbfa82d2d1dd1ae6375c831ad371e3c8b87ec441f1a5d520afab8fe27efd17cc3f77b219956d718243301557e911923fc06d65988fa5abc5c5872d8c0be90dd0825c16688d9ee76ae7ebbaa90382a803e2dc3896a761b193a370d69a9e1a69bc4e129d03d77fc3e9485300f2baadbd351eefce8329b0a6a0f7743f07924e81a9375f7e029756e292d2a81262f380c375980cfeb613caa4fa3536cf5808a2536edeca021042f0e70a387116461efadc811a259e91cde25b7578166c3edf6178098b0a9c343d9ebea5222cc03281d8e52916ecf15433e98c01afd31b53f8f0a5f2725f027d49bf21d0c635b739657cebfb45f461ee7df8552cdfebca1338b1d252f18c8e099a262f43ac8637ccb2d3e4d46f925ba13e498ee1dc26f1a6a0cb9c2f471f1dc6cdbb739e8e7930be86aea37bae60fea9c821308fcc0be1fcff920a464f2102d177a0a06c581c4b8cac800f06c42643a3e85e24a49f45e9269a2c69d9c9c2d74e8176c96eed2de49f316654d5d1091f39f6e7b074d1b5e74075ecbe3d85a507e05830fcca4dd5b93d8f447a3a631990e27d2fbfe19fe7ce26061033c1faecde76dc86fbba0cc69413ff5c05ed95924a03d7bb1170550a0cae38e3453d949eba6465f06322a9adb2cebca919116c0b3263216b840c0f517d19f92abbbe45bdd87b93e693a65487cd5972234b58f04c8c23320d2ff8b3dd1f55df3a8eee7125819776c0d6a9ac99e5bf8e2a94bd5836b63037da6526fc8057e4b36d160322160dda329aa05ed2fe864326824f4c128c04373bd0244782bc33934beaf4a8be69f8581add37605df3df32c4c76959d0827239053cb003fd7a5a5a973bf9cb0146f8148102445b012360bc987df521578e04c8f4579679197d0f639c4833934c8322b4a7686af4a4e70cd151072b7eabea3d978504f5c1527a62c5279d14fc977a811e81659aa7cc5990d2a9ae13159d338286d78e199f2ae261322d68195400329622839ba55ac356fcc75bf519632c6322e3140c905a96e9b5451d3e525070ea0ec9b904fe56b421b37099bca054cb4373ec4538e0c8dd24dfd6fcc6912923f25dce141a17676ac9243e50bbbca8140fb64e79d2354ebf18d8c52106341fc7f56bf4cef67f8753bcb3d8bd99972cef136b40c3bf9b5032ee517f33cb74c2ac14094ef75ca0ea7d39f6991036e5399c205775507009174b280717e4971a5ae65f8c0d60357f5c8934470d2e7b10695d5de7375d0fe42182f3c9008834ad3d407554d18368f524f24a3c961240c4e2f34b2cead5d7f8370086e30c645c4e7a9fadbbb53725704dde9d060e4537a4d923da1d6a7ca6093aecb57f2bfe1387ddd8758204fca1fc07cc0f819299813dea5d206c8d09340f760fab9672b319339e0834447b1310d7dd304f2744899778b66a01cd8cf979e59d3e8348b981cc7d9a40a9b9507241f2ed8f7237de3202b327bc6df63589258b6d7177775c2195f95147ce741c3fdcf4dffb72e7956e3a18a02bf9588c5f53028fd8d0d5ad037958dce9c88ffe265766f0d70047c4a37f23650f39383c5b265553c89c8fd5d49e25565f1eb7ce362719b6b131e89542785472919c8fc4e8c55b7cdde119fb7b447f33806a371ad1fe6eb6200936ef83d881bfca45ad8fa2a7af78e126de878006e8824beca347c80d37552adfb8a8d4ceb51ffd12e6c1f1e7296dc838f89e4a3f02a5201bef9f6dc1020b5d4c7217a9f434de6cdc3d765c931a1584dc721edacd15896e80d413f67429b45e1c7ce87adf97de8846ccca7f09d2295792154fe29d941031ec1f4ff19420b2f6cf55f26795e21bcdc33091df8ce01dcff1a565464b56b359529079d02e7f4ec36e3ed3523bf926b56ab18929cf378ac8b1b704d3c18b898b3ac312915eaab7b18c416f6aa3ce23205db4d436071f4314b6d6448a34a847586c074c57738ebf1decdbdf9190473966166c31a16b76d9cf89f7099c76971c68fc905eba674dae3890b9d79412716f47ebaafbda6d4ea1a471886abaf89a2dd4d494a4eb43922db1d7bfeebd664084a3a362f3b7d124837e31f79c40ee289c7e8a1f47f67144b3a20f46271a5ba95f0208534daf51e284fe264cfb4b56327553c0adc1de51b70d60c072845e9eaf09d59b6baaebeeab293a4128e044c95a378b44fc04f0ef57b1c75ea15b868677b7eb4e569cf6fbce0c6876fa5405ee73ba9050c82d32db94ad2c51833ee78436b4d3c5e09aaddfa58ff959e1f2ec85da025bfae5c59a01ad67daeff5409c4c78f68a59c7bc8b76fbe83bfa45c23ce83e0fcdd9ae271529f4afb54c9509473e5c65b54ea29171e2e000379549fd758ae28f07da33ac0e954a724bb61f6544b516c315c089f0b1bdf7257e0e3dbd51edee5b38d6e9d152405e25a2ec362ce9de5daa670c10efcb41975ac941ad938ce2bd9fa25b72981bd188d6b566c739149561ba380e4e070c51ed2194bc0ac16c998e29ca3a22244c1e07028d3516cfd4cd16fcba005050698eca99333e48f38b4721fbf578e233b72344d509f3eafcaefae858497205edec195d1feac0fcec9b882c97d3daeec45df8062c58db8da3493acddf97cec624c04df118899f705e0cfc0ea435a8d9d60ed69403ab76415bd28464624927c465ce6c2a05faf03ed8de315da9e2aaa8b951ac29f2b791edad571e030cd2fd6b8db4f646c3a05bb1dc559df1b5b745c772c0f131a46e76689c386fb198f9b8645d7b4520132303bbf326d03ea2fed8d31a4e5c75a9b2bf7da7601f100eb8ecab20d8728472dc7930c1609225b5176f5968625900b447a5213e24d41b24b60f8c130491aa5760ac7063b0acb1c9b6c96c096f590026b24e949fd3dd09d6157535fc929abfac74169fd1c86ffbebd04ea53c93fbbb7b70f32c0559cbcbc59e586c9a05dca6c207008f2aebd79667e269b9fb5f30cc002f30e7164744e82e9f26289d153f7d0553a5d6d9fa7baf219f4590a576785a51d9fb24cffdbb05e33fa053c4c4b9ffce45d35686242cbbefa7452bb454261ef1639c4bc45f55e948f839469eb41fb89168b2e6f39bcad9945c9b2b9e6848a37315239999608b52c57b97df755265802afd4f68542212710c92df7dfe5e29adfb02194358409ec6c9fbc5955f914944b1a3f782b98f9f2edde86714c149cc213abf728277ffbdf7da04b900cb4a4359374991a296c9076323fee9bb9aa94f03f60e7f11b518c770c68a3fb91ec6677f7f34ef0be58cc13841acff46873df0c06298ab4289af251962f8e13e707d2b5685bd1e87b9e8176b6e2011f0876c8db25c29ce3aa4c04c91cf753171c64d4d5261bc39f153b0d66eb269c24b74bb1d420b3a6975aba611786921f095f93340118d9021eeaf161fb6fb5b22d40be7098f08c22fd005810d850562ac3317ceb14508b16088e64d8bedbd23e6fda497bb4c116df656302d69aa706222bfebeb5a602d128682a5956e2f876e546dee4be7692ba13fab3bd98675ba3356444c6b882ea7eb41f1228a9d48a873a47ee60bba3cfc4391a4d9d893ab01db53f4c8b79090c295714fd715f172ae20cb2bc0bc7be7c8aeb22edb057a9f5ddb634637dfc96226f9c973388557696e9f5d59077b3c10313eb2976c059ccff12e581f1ef9c1639ddbc96ca31bd5db30d15149a1c97ddf9e2ade5cab8d033b217eac24f41816e512089a32ea5171164898e23ae01f4e7304af51d9c430b9ac83289ebfdd0f7bc9b621da3a3d1aa2fc48b8c62c29f5efbc8281bd26487ae2e45553c7bcdae78dcc96095259bcdd1874686e1ca892489ab275389977cf2a35ba8ce44b8313e414c09fb743cf50acdc8a49b5f2c7366445ac3a2837557f619b526f28c11832a84bb5aefff8c6d06894761cff5f0b9972897a92433605517873e540e2ba423206c44ca4af298440a4b127079c07f15d105b03a5e62f0aaf6368b6ee46ff407e263da6e518170750ee7787313d5961a5608dc564403d22b3d74c20643434bcea51bfedb428c06b260b337ab858421969ea1bfb22105d416b6012afdfe9d21c94e423b5292fcd7426b2f1263a0b3947cd431c0df3921a4f4bb1c238a087510100489ecda8f4bb36658668fb58826e25fcced0dd62626463ea633304f42af637a9544b7579a008760f5fe6510466434e29679aeaf56543f71a096fe7e999e0e2f5df9afb6fae2aec27a599e8234f2fbf3f302720fb082cee76622446ac394aebfb7675d33c5b17e66c9e1796ad91fdccff3b375478ddd0fd48dded9ad8c93377d94bb8912cf2cb1d52dd66300827e05fdaee52d5b99a0559b1aa4e21892a5cf2ddb77188162c68d4a01e92f02542b4ee8c658f684825c452e0d76331ba8881a6cc2d8f34b1a5325fac5120f59308b21bc7a58dbc3045cd9a43bab735560b4c0bd1f97add91935f35565cd3c1cfab1593d910ccec64dc5da87aa1524e029d52712697a54306bd0553d5a21a31d7fde1597c3d58d00c5a8b273b02565929b0a28c1fbd316db82bce077fbf3e64d6467397012734e9a057fcb404129b07cfb18a3867404cacf290972e488b1fb780ccd3c00144529fabc088ee1de1511d10c20e0dcfbafade41d6426909185e6dfe736674e1eb33f754f98260614f826ce9754ed7b48d07ce5dca378cda60515509f571c5bf74fd2dcac56a9b488898f21454abf343efaff18dfd6a56068d3498d77cf292562263abb14d82e7353b700119e65be796d81b3e6840eb94ba754d80311a941b1955a82178e8ab83d8203760d74e4be5228bf1326b5ac90e3ef5e1bed25dfdaa1b2cfd20c4c09d0f98bf13c107cfec94b916b7b2047be3ae96f128848b5cfef7d1b35c0a8343dfb92a21c27f650cb9ccab3c2a0df8ccc5b2336f7d0eb26cca0c773ab9537e166c3968916f1e4ea862087c24dd5e196dcc2367f639d51208f8587b844d403f0de0e2df0bc4bf3fd1cdd409a011fb9366f7ed7585ddaaa07fe70adb9f975c40a53a2dcd3d1d5397f5aa0fc82d61ad975d7091c047a087d32cc4773f4e77fd34a1c1519649483beee9d767a45a706cdcf4b19240e170bc424414ea236a0fabfab9ece1b82ad3e0d22268ee09cc"}, 0x103f)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x40001, 0x0)
dup2(0xffffffffffffffff, r4)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYRESDEC])
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x100, 0xb91, 0x0, 0x9})
ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)

13:55:18 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0xa, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:55:18 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4c00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:18 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 58)

[ 3300.740975] FAULT_INJECTION: forcing a failure.
[ 3300.740975] name failslab, interval 1, probability 0, space 0, times 0
[ 3300.743525] CPU: 0 PID: 16535 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3300.745073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3300.746926] Call Trace:
[ 3300.747509]  dump_stack+0x107/0x167
[ 3300.748315]  should_fail.cold+0x5/0xa
[ 3300.749173]  ? create_object.isra.0+0x3a/0xa20
[ 3300.750196]  should_failslab+0x5/0x20
[ 3300.751058]  kmem_cache_alloc+0x5b/0x310
[ 3300.751956]  ? mark_held_locks+0x9e/0xe0
[ 3300.752852]  create_object.isra.0+0x3a/0xa20
[ 3300.753831]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3300.754970]  kmem_cache_alloc+0x159/0x310
[ 3300.755930]  xas_alloc+0x336/0x440
[ 3300.756727]  xas_create+0x34a/0x10d0
[ 3300.757561]  ? kernel_text_address+0xf2/0x120
[ 3300.758028] blktrace: Concurrent blktraces are not allowed on loop8
[ 3300.758590]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3300.758615]  xas_store+0x8c/0x1c40
[ 3300.758652]  __xa_store+0x164/0x2d0
[ 3300.758673]  ? xa_delete_node+0x280/0x280
[ 3300.758699]  ? trace_hardirqs_on+0x5b/0x180
[ 3300.758725]  xa_store+0x31/0x50
[ 3300.758753]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3300.758773]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3300.768021]  ? alloc_fd+0x2e7/0x670
[ 3300.768840]  io_uring_setup+0x1fbb/0x2980
[ 3300.769791]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3300.770922]  ? wait_for_completion_io+0x270/0x270
[ 3300.771998]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3300.773128]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3300.774299]  do_syscall_64+0x33/0x40
[ 3300.775147]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3300.776274] RIP: 0033:0x7f2ccc8b5b19
[ 3300.777083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3300.777859] blktrace: Concurrent blktraces are not allowed on loop8
[ 3300.781122] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3300.781144] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3300.781159] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3300.781172] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3300.781183] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3300.781204] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3300.801839] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3300.811017] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3300.820370] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3300.831923] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3300.838318] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3300.844072] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3300.847282] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3300.850845] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:55:18 executing program 4:
perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x280800, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000180)={0xffffffff, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)

13:55:18 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:18 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:18 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0xb, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:55:18 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x68000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:18 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3300.994517] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3301.025537] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3301.045913] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:55:18 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x0, 0x2}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 3301.068230] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:55:18 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 59)

13:55:18 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0x90, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x1c)
r1 = dup2(r0, r0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendmsg$inet6(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000240)="9d4e269902481f60179842c1e847008f6b6d9e0feee1adf3ed7568df53882123015b264a1a1ccb29bacde86d78c88f4421251f531e4676ed396d4d7576183dda9dfb35d8a01e9cc1e31991c5e7b44d818467d78c64c58ef84dd1c9ff750a7111231e8a", 0x63}, {&(0x7f0000000a00)="e6ae84ecdb57ebc131e55a835141c694c37e90838f25eee0bfa759ccf4f5c078d306d011adb4bfe6ee1ce0e405e11cb26add7065657e45ff3f1e90c602f4060bf4ca299013a065b66c988ccb4b9d5bcfeba41b4ee731d1628300638d20f5edd10b1a6bacfbdd44f3c548e496554623375b0270dde8fed0e2415075e3f7fdcc570861c53d11d5a63ce237ada2f97939a147171b7a63b5034fbe6443c45601bdae3adaff3229bd9e0bca9f203593695ef24e770dfa7734e0d13dd92e2308d4c6df0ce1eec4fecd1641a6ff585fcdbd7dbb0b4e00910be5acf6332b045a1f2c2bba257194281f97706b08741d786a44127d1c44ca38095b13eab2723a913be046a0d76229debfbfb8d69e02cc6250760c53f2ff1484b688edf9879a0f8ded363e98f8bb8a39215f95ad692821048065f5943490e28ada60555f432f4a87208049baef9a89be2047c8d09d273e90b92a162d52d4e3d03faa2e02ebcbb0ccdb01620e984def5adc4b63db8acc6591b919b498c5a3e1d91757917c2d3ea88cb1937ea44380dbee9c1ffad8e67125bbacf0dbdeb3ce72b4d5c47e0762162ff5de7cd9d7596e3052e65808ce5a735156db0d4cdfdf3129761ffebc7fb9de54e6722376227efa2c274c067b6c341ad6c726e043f3197ebee89708ac0b04553143cea068091817b92210566b3fb06ee0d1cc3611ed0e153ab9b314a94bcea5c244126c8d31dd34dd0df9f1a3147a1edfd8a02ac2f394c4d792be1347daf9a05ef3ac6a92d87dacccfcf22e517d3ea9c02ee00c7db4863229d7af9777d287072356dc2183925517a9734fc215a3e0c79621138546d8b23c6b52be965239e1c146c8effcd9fcdbd6c0be272a6b60e7464e020ea195268c29d07e7fcb2b2382e39859877992879f95b48e8dd73d80980d22ad6dcd46e881b4e6416de21e39f6763727afb3fbcfa8dc5e85543b7beb9fefe27a933a4bc47b74bc1784b8ba8bcfbe01714bc8df58fa4bde255364f182c79d74aa2c955ad225eed814261de9bdbdaafdcdc4f3374b55debbcfbe3e458f43b1f82abd0841b02133921dd714a529a3f43337d38ae54cc80e476476522074eaeedb56ad715fdba8eb2e5441d9c3e0eda841e7ad6709ced48388d660d454eeda51ff2bb029269e267e3ed8e29e2584a84304df5b0bc6a2261b5b486f20028046a57f8d9aee9ea0d6204fb3cf63adc7151b59d20259261e3adc1b2b12776cf13bae23973efb50ccfbf05b77471524f3faf6d33c384d3a8ee21763f2de1578944ba4e718bf7c0ec61781208eefe33781afe395432eb78735830b72078935b3bc613407f052c6e04ea48bad9e30823d66b64fbbbe7cf648e3116ace9963e79445573550ba8bff60a4fbdb24f57ce5e01ec1702a253eab3a9e5200dd743320f5cf2ee266aabd9fd1ea1ac89391943d45a8a672a7d6a696df9a1e51857875e0e3009df44b0e451f6ac47df284676233d2da523fd54d792493ddd5d4127b5bbd46f7fbc37068c8f05a234c936c20df0de058440b95cdcb19323eb6e0a04f2e4eddd6f28915d1166cf9d5b760d50f5c196bd12609e991fa28207bd4b32d49a5737727e5f4f3f9fcc44cbbe2126ed93e5a5165919aa1d001d1d4cd79c8ec4da59892639dbb25b448b602c1c10bee128a55e7009c6ffac43a430e64dec1f57051058618494504a8c9748f3a71ee5e319ddb6e957da8fdf6ed2bc3bc25654ad4c89be225ad0451ca60111cd50de2e94e648e0b1729f08ed7341d87003aaf6ab2cdb965792ce41e98f38494bb5238424a57525aec46660a165db96f7ac7794de7cc0f28e49788ed3b11f25b5a0fda690931306bb3be9f6596d62478640f5b17d8cb53b59a78c6ea01e2d4f6b9ccaee93998457a03a2f891345cff3cb00108622a5e259c240a3c3652d50dc9537248fd7764d37880ca25c1e85bfbb8c2e3ffc54b627c8d56bf015f97025903c96603086e23685465d027dca1600593213e6be9cfae93492cb791c552f9286ffa4bb8a0cfebca1d3aa6a29a80c00f5828dc1c535d328dd62ea51bfc95b3d8e3e5842e74c5d3fecd9b33a2180702f092ca168d1a71a809ccaa43a13f3cf23df8beac80dc91e9ed8fdd1b81418a179aa0feec70d5c764dd2357bb11094e5443e49e815a3e5996053b155cc1274c4f7bba17c7c540cb7f0a0ebc214e575cdc3d07130574177d6a0a76de3453466a315ad66cc4dd74ccf1c575c3e80f59f19637c97340345193bdac71760aa2ec28ad1d7348b9a9221d598e15a8e608a24ed32eea57789599f768a4cd4297b213dde8b5", 0x65e}, {0x0}], 0x3}, 0x0)

[ 3301.090876] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3301.095379] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3301.109228] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3301.114010] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:55:18 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3301.178258] FAULT_INJECTION: forcing a failure.
[ 3301.178258] name failslab, interval 1, probability 0, space 0, times 0
[ 3301.180758] CPU: 1 PID: 16585 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3301.182211] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3301.183984] Call Trace:
[ 3301.184537]  dump_stack+0x107/0x167
[ 3301.185307]  should_fail.cold+0x5/0xa
[ 3301.186107]  ? xas_alloc+0x336/0x440
[ 3301.186901]  should_failslab+0x5/0x20
[ 3301.187713]  kmem_cache_alloc+0x5b/0x310
[ 3301.188562]  xas_alloc+0x336/0x440
[ 3301.189305]  xas_create+0x34a/0x10d0
[ 3301.190083]  ? kernel_text_address+0xf2/0x120
[ 3301.191031]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3301.192120]  xas_store+0x8c/0x1c40
[ 3301.192884]  __xa_store+0x164/0x2d0
[ 3301.193653]  ? xa_delete_node+0x280/0x280
[ 3301.194541]  ? trace_hardirqs_on+0x5b/0x180
[ 3301.195452]  xa_store+0x31/0x50
[ 3301.196145]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3301.197176]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3301.198266]  ? alloc_fd+0x2e7/0x670
[ 3301.199066]  io_uring_setup+0x1fbb/0x2980
[ 3301.199956]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3301.201034]  ? wait_for_completion_io+0x270/0x270
[ 3301.202065]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3301.203183]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3301.204253]  do_syscall_64+0x33/0x40
[ 3301.205039]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3301.206272] RIP: 0033:0x7f2ccc8b5b19
[ 3301.207206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3301.211453] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3301.213036] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3301.214648] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3301.216471] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3301.218200] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3301.219953] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3301.313495] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3301.348482] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3319.720899] FAULT_INJECTION: forcing a failure.
13:55:37 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:37 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x5000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:37 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x0, 0x3}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:55:37 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6c00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:37 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6c000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:37 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x10, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:55:37 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 60)

13:55:37 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000200)="af", 0x1}], 0x1)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
fallocate(r2, 0x0, 0x0, 0x8000)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
dup2(r3, r2)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4000006})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(0xffffffffffffffff, 0xc0105303, &(0x7f0000000140)={0x1, 0x40})
getdents(0xffffffffffffffff, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(0xffffffffffffffff, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
r4 = socket$inet6(0xa, 0x80800, 0x3)
r5 = socket$packet(0x11, 0x2, 0x300)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f0000000180)=@proc={0x10, 0x0, 0x25dfdbfb, 0x20}, 0xc, &(0x7f0000000b00)=[{&(0x7f0000000c40)=ANY=[@ANYBLOB="2c0400003d00000425bd7000fddbdf2504009100cf00398004001b00d79d4bf7afe04e1be89927396705fb8c05bfb2813cb61a963a2ab1f39e10eb7eafed8b8a0d7cdb196421ed38609a505ac0bf6c4a5aad46302c9cef435a011774d20b4ec9f697b50f49fdc065bce4bcc47c9bd16a9b7ea5c58a0efec22cf1fe3eafa42559c278904ca56e0ad10467056a3b17fe449cd40d819e35b97c392ce35ef2127d68261b9e82d9ff139958d845bd14a51506f057055911aa58739fb3fd18dcd95b2e192ea8782142a98316d16279f5d5e1411595f74e5a064fbc1a65732dc74c0bcd479bd40047164ae0ba855e78cc40d8c28c91fa74f8d9dcc323a6d9e5e6485f7928c3bb46d1a5e98106e711f6963fed205b800d74c330f2650e80e7d7883a52c47934298e35111c41e4fc08a3e8605bee390f87f39af6f2873ffb6bd0e4c60303acb70f9a6d2a4238d2b3ea040797b37b43f5ec5f9fba3501e4621022fb164ac6418c606c66fae2e48b45c156a666c374bac0dabc0c176ace49c0e0780981e39bf305f1cdf7bcc0980a386f92b91919d1bda4ee7025e45a55c0d565528e285a889a9a5a1f39905faaca8250be85192cd8944a875697fd6e438565248ce57787c24ac8eb78bf63f037756611980930f8b88e80d40935535ca9020b3145256007a02d08004100e8fa7be2c5c6ae21337a013bc616d0501f4e466ff5e9121164f05e15402dccaad30f29e2163af2f12cf917e1e79349517d1cbf304a9b89d58e02f95c304030a6d6cb8ce3faae9016e64f", @ANYRES32=0x0, @ANYBLOB="e901878092792aeef848a9ac19fb47ba9d3e352c150250f812e06b08bbc859293e2f633b9e91db134bc0ca5d88dca4c2918f3ebf744d019bf074249317356b95a4b7d9e4d6981a34ceab816290b4d8def4b49f6481f3bd31a6487bd1623aace7afd547550710ce6670682639bc7d102ef1b9d7ab53380ab2f191c4da60aaefcd9f2a79b54cdf7bbe98a78464577582abde83a0ba8346cd15e551d4b3a651796c0dffae30922fb502060592ee7e6cb58ab20e2c2a87595642809199bc457ee9bd510f03f168680ac22a2bae9ae439b3b348069b1de4bcb3af06b2b7061401fd2093ea10213398f87e0f8dd07adfdd40cc111a0049ab0c8bae367946eccbfbd72ba2205810948365360c5b5e3cc18c545369a26e52861c117651243a3df13db41097a60ad832392876635715cea8e55994d76965dde7e1935c9f5a7f8b800cd9d75409540787f96840060026002f0000003b86454e02faa5429ddfbbbf83962df5239878476d1f4f4d48f1608c80f6455880efe8c8941c07ba2bf87b7d490a4bbcd83a01a8e6d66e46d7a3ef343be0a7be223abb78f1cbfcbc1980ffea586b6721956f596c9e6965941317132801a93845ad41eb1f74260d6ce59b03d637007fba39aa970d1c1b5c36b1caa2a334307d7f2cb8a415fe58dd7dc6eb1f986bd01fe5bfa10e0410f57c89580000005400478047000a00bd927788ea2e6a35aacb34e5a1dc5e35dc3b33a8a87d76d6481314a20e9609427a798ac98d12e20ad4693c1bbe89d17c65006a8df7d4f2769cfca2412bea87b409b75f000800850000080000000000"], 0x42c}, {&(0x7f0000000880)={0x64, 0x39, 0x100, 0x70bd2c, 0x25dfdbfb, "", [@typed={0x7, 0x7e, 0x0, 0x0, @str='&^\x00'}, @nested={0x43, 0x32, 0x0, 0x1, [@generic="04d9ceba4dd39138309af21c5895232927189e31bffcadc5059faa34eef67689dbb404bb1621bc47efa6002b0b3c45cf829eaa93ac3cf34c122199", @typed={0x4, 0x42}]}, @typed={0x8, 0x6, 0x0, 0x0, @uid}]}, 0x64}, {&(0x7f0000000900)={0x1c, 0x33, 0x800, 0x70bd2d, 0x25dfdbfe, "", [@typed={0xc, 0x6a, 0x0, 0x0, @u64=0x8}]}, 0x1c}, {&(0x7f0000000540)=ANY=[@ANYBLOB="940100001600000228bd7000fddbdf25810188800c008700060000000000000025003f00626c6b696f2e6266712e696f5f776169745f74696d655f7265637572736976650000000008006c0002000000ad91fb3d81a8b410e1a3d5bea9db660f23f3aa66d0c4363fd5e031e4898a5121bf1bda53877e881be105212a4030e14397ac3d46b811c178e43597dd4cf8218ca8aa4a5d9defaec83ae6842d10cc3eb82b9397955fb43304005e004a5e796847cf9a9b2dd89831ff18adf9ef4ed347566f533dd72b3ab0a43c2fdb342232ddc455e18b31961010282bd4d86330eb3f994ffb3faddd71f9c4cbf13b5482320098eedb27a6047093836f04b30514ca4df65eadf6a505c2f71954e82e48a681c02e373e09f3b25038a5cd63cf07ea0455986f69a4ba7a262809a542933e5fa72985db89354413dcd285b99dc7a9d28abab62ae0493cfedbe9816b6af47368320a8e17db906f1bc51ee1b758560501fb8382787deb74b8b76114b5be77c212a5208f9f0cea5465f49a6ac73a580a960f531e5b453aea5a4dabc101a75c262568135708003b00a37c0aec9fb04479ecaf162256a7eaeba546689e28c03c3d43109b63266678c3626e078f031986e7d22f6ef3acb2d3c6e517ee596448103db1e8f797da5cf1903ccae2f61f6d83a15b8cf65f303b318678db1315d3c52458dbb4e9b2601a6cfed2d4226ec0f8224315186d31f0efee24c7882349b407eb73757d6a6f7f777a2b71ef15cc5f9c4edc525cef19862098", @ANYRES32=0xee01, @ANYBLOB='\x00\x00\x00'], 0x194}], 0x4, &(0x7f0000000b40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32, @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYRES32=r2, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000100"/20, @ANYRES32=r3, @ANYRES32, @ANYRES32=r0, @ANYRES32=r3, @ANYRES32=r4, @ANYRES32=r5], 0x90, 0x20004044}, 0x1)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0x0, r1, 0x2})
openat$cgroup_ro(r2, &(0x7f0000000080)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0)
poll(&(0x7f00000001c0), 0x0, 0x1)

[ 3319.720899] name failslab, interval 1, probability 0, space 0, times 0
[ 3319.723576] CPU: 1 PID: 16612 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3319.725059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3319.726823] Call Trace:
[ 3319.727388]  dump_stack+0x107/0x167
[ 3319.728165]  should_fail.cold+0x5/0xa
[ 3319.728975]  ? create_object.isra.0+0x3a/0xa20
[ 3319.729953]  should_failslab+0x5/0x20
[ 3319.730763]  kmem_cache_alloc+0x5b/0x310
[ 3319.731626]  ? mark_held_locks+0x9e/0xe0
[ 3319.732490]  create_object.isra.0+0x3a/0xa20
[ 3319.733419]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3319.734505]  kmem_cache_alloc+0x159/0x310
[ 3319.735397]  xas_alloc+0x336/0x440
[ 3319.736158]  xas_create+0x34a/0x10d0
[ 3319.736963]  ? kernel_text_address+0xf2/0x120
[ 3319.737924]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3319.738455] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3319.739042]  xas_store+0x8c/0x1c40
[ 3319.739076]  __xa_store+0x164/0x2d0
[ 3319.739097]  ? xa_delete_node+0x280/0x280
[ 3319.739122]  ? trace_hardirqs_on+0x5b/0x180
[ 3319.739148]  xa_store+0x31/0x50
[ 3319.739168]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3319.739188]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3319.739204]  ? alloc_fd+0x2e7/0x670
[ 3319.739242]  io_uring_setup+0x1fbb/0x2980
[ 3319.749470]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3319.749774] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3319.750538]  ? wait_for_completion_io+0x270/0x270
[ 3319.750590]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3319.750615]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3319.755208]  do_syscall_64+0x33/0x40
[ 3319.755997]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3319.757081] RIP: 0033:0x7f2ccc8b5b19
[ 3319.757863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3319.761742] RSP: 002b:00007f2cc9e2b108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3319.763357] RAX: ffffffffffffffda RBX: 00007f2ccc9c8f60 RCX: 00007f2ccc8b5b19
[ 3319.764859] RDX: 0000000020ffd000 RSI: 0000000020000000 RDI: 00000000000022af
[ 3319.766362] RBP: 0000000020000000 R08: 0000000020000100 R09: 0000000020000100
[ 3319.767866] R10: 0000000020000080 R11: 0000000000000202 R12: 0000000020000100
[ 3319.769365] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:55:37 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6f010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3319.781263] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3319.785282] netlink: 'syz-executor.7': attribute type 16 has an invalid length.
[ 3319.793087] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3319.797403] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3319.803436] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3319.813424] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3319.815348] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:55:37 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x0, 0x4}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:55:37 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:37 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6f01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3319.906759] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:55:37 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x6000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3319.937973] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3319.947947] netlink: 'syz-executor.7': attribute type 16 has an invalid length.
[ 3319.954349] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3319.972449] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3319.982753] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3320.001281] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3320.006180] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3320.029458] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:55:54 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x0, 0x5}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:55:54 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:54 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x74000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:54 executing program 4:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000dcf4655fdcf4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="646174613d6a6f75723047bfeda6940aa76e616c2c00"])
openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x4)

13:55:54 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 61)

13:55:54 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x11, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:55:54 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:54 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3336.623136] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3336.633868] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3336.642892] FAULT_INJECTION: forcing a failure.
[ 3336.642892] name failslab, interval 1, probability 0, space 0, times 0
[ 3336.646235] CPU: 1 PID: 16680 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3336.647781] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3336.649587] Call Trace:
[ 3336.650163]  dump_stack+0x107/0x167
[ 3336.650978]  should_fail.cold+0x5/0xa
[ 3336.651806]  ? vm_area_alloc+0x1c/0x110
[ 3336.652652]  should_failslab+0x5/0x20
[ 3336.653455]  kmem_cache_alloc+0x5b/0x310
[ 3336.654324]  vm_area_alloc+0x1c/0x110
[ 3336.655127]  mmap_region+0x97e/0x1500
[ 3336.655947]  do_mmap+0xcdb/0x11e0
[ 3336.656679]  vm_mmap_pgoff+0x198/0x1f0
[ 3336.657502]  ? randomize_page+0xb0/0xb0
[ 3336.658340]  ksys_mmap_pgoff+0x41c/0x560
[ 3336.659240]  ? find_mergeable_anon_vma+0x250/0x250
[ 3336.660282]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3336.661383]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3336.662475]  do_syscall_64+0x33/0x40
[ 3336.663279]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3336.664364] RIP: 0033:0x7f2ccc8b5b62
[ 3336.665153] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3336.669072] RSP: 002b:00007f2cc9e2b0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3336.670690] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2ccc8b5b62
[ 3336.672203] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020ffc000
[ 3336.673711] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3336.675229] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100
[ 3336.676742] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:55:54 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
getsockopt$inet_opts(r0, 0x0, 0x0, &(0x7f0000000040)=""/49, &(0x7f0000000100)=0x31)
syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@mpol={'mpol', 0x3d, {'interleave', '=relative', @val={0x3a, [0x30, 0x2d, 0x30, 0x3a, 0x31, 0x2f, 0x31]}}}}]})

[ 3336.698404] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3336.713222] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3336.725314] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3336.732697] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3336.743014] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3336.749876] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:55:54 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x0, 0x6}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:55:54 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x22000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:54 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7a00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:54 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:54 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x7a000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:54 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
ftruncate(r0, 0x1000004)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
writev(r0, &(0x7f0000000340)=[{0x0}, {0x0}, {&(0x7f0000000280)='\n', 0x1}], 0x3)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x8, 0x100010, r0, 0x0)
r3 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0)
syz_io_uring_submit(r6, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_submit(r2, r5, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0x4, 0x0, @fd_index=0x1, 0x4, {0x0, r0}, 0x2, 0x7, 0x1, {0x0, 0x0, r1}}, 0xfffffffb)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
write(r1, &(0x7f0000000080)="739efad4d64155b64dd41e7c3a2174542de26a6db7c3bd8b0a77ee96311968bbf2513a8fb9d087c170e6c5a2fc83fec93fda352b3898f9ffa55779046efa5cb6a5ff8c4c9be18a56b9228304be661c9d10716fc2d9138b0910511bf9f6d54fb68af10511adc935e59df92ce366ff2816fec3f3b887bb51268c945235e1aebb5b14d36090942484dadf3beee822b96a333e18d93b9146f123c9b6d87a9b435392f99f5f55b4a60b73911e87e08a6163032f31b8e1f44731a4bb3ec026dee0b047a6e2", 0xc2)

[ 3336.893129] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:55:54 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x69, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3336.927794] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3336.950629] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3336.959378] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3336.965109] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3336.968204] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3336.981187] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3336.989754] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:55:54 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x23000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:55:54 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x0, 0x7}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:55:54 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x88a61d00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 3337.119188] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3337.134318] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3337.142373] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3337.152227] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.126841] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
13:56:09 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x8803, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:56:09 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x8cffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:56:09 executing program 4:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000700)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r1=>0xffffffffffffffff, @ANYRES32=0xee00, @ANYRES32=<r2=>0xee00, @ANYBLOB="2e2f66696c6530005481f2f01edfa2f51763206dc3ff54dc5964f031e57a6cb85e2f707356d219ce7971b9cf"])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000005c0)=ANY=[@ANYRES64, @ANYRESHEX=r2, @ANYRESDEC, @ANYRESOCT, @ANYRESHEX, @ANYRES16])
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = dup(r4)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, &(0x7f0000000400), &(0x7f0000000440)=0x10)
preadv(r5, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(r5, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
ioctl$CDROM_LAST_WRITTEN(r5, 0x5395, &(0x7f0000000000))
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x80202, 0x100)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
openat(r6, &(0x7f0000000380)='./file0\x00', 0x24000, 0x20)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000003c0)={'wlan1\x00'})
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

13:56:09 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x0, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:56:09 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x0, 0x9}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

13:56:09 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 62)

[ 3352.149212] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:56:09 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x27000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:56:09 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x117, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3352.172992] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.176450] FAULT_INJECTION: forcing a failure.
[ 3352.176450] name failslab, interval 1, probability 0, space 0, times 0
[ 3352.179022] CPU: 0 PID: 16760 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3352.180510] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3352.182288] Call Trace:
[ 3352.182884]  dump_stack+0x107/0x167
[ 3352.183681]  should_fail.cold+0x5/0xa
[ 3352.184522]  ? create_object.isra.0+0x3a/0xa20
[ 3352.185522]  should_failslab+0x5/0x20
[ 3352.186355]  kmem_cache_alloc+0x5b/0x310
[ 3352.187267]  create_object.isra.0+0x3a/0xa20
[ 3352.188222]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3352.189339]  kmem_cache_alloc+0x159/0x310
[ 3352.190254]  vm_area_alloc+0x1c/0x110
[ 3352.191101]  mmap_region+0x97e/0x1500
[ 3352.191944]  do_mmap+0xcdb/0x11e0
[ 3352.192715]  vm_mmap_pgoff+0x198/0x1f0
[ 3352.193566]  ? randomize_page+0xb0/0xb0
[ 3352.194456]  ksys_mmap_pgoff+0x41c/0x560
[ 3352.195357]  ? find_mergeable_anon_vma+0x250/0x250
[ 3352.195649] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3352.196436]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3352.196589]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3352.196611]  do_syscall_64+0x33/0x40
[ 3352.196630]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3352.196643] RIP: 0033:0x7f2ccc8b5b62
[ 3352.196660] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3352.196671] RSP: 002b:00007f2cc9e2b0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3352.196691] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2ccc8b5b62
[ 3352.196702] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020ffc000
[ 3352.196713] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3352.196724] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100
[ 3352.196735] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3352.205603] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.206108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3352.213065] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.216216] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.222009] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.230973] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.245138] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 3352.248877] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:56:09 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x22af, &(0x7f0000000000), &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000100)) (fail_nth: 63)

13:56:09 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xd1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:56:09 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xb800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:56:09 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x0, 0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:56:09 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:56:09 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x129, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

13:56:10 executing program 4:
r0 = syz_io_uring_setup(0x0, 0x0, &(0x7f0000fef000/0x11000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, &(0x7f0000000300))
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="5289292ec5fc200887150192f9a89f8ff3bcd3661faf9bb9127ac16c12945a2065eff5eb38ec9e9856018a8012d34dca98007b44c0443e147e2ed75269af267330a7262bfc0d5b46a8fc8ea12aa9fe137d4b4ecaa77617a5c491031a114001f38bba9f6119109f8635b93d4fbc01a3621cceaeea1df016d434dc9428f52d234f31914049aad3e2d9afe7cff29f8023ed79d7cdeeae68ea0e1800"/166, @ANYRES32, @ANYRES32])
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
preadv(r0, &(0x7f0000000500)=[{&(0x7f0000000340)=""/175, 0xaf}, {&(0x7f00000005c0)=""/163, 0xa3}, {&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/250, 0xfa}, {&(0x7f0000001780)=""/130, 0x82}, {&(0x7f0000001840)=""/246, 0xf6}, {&(0x7f0000000400)=""/78, 0x4e}, {&(0x7f0000000000)=""/43, 0x2b}], 0x8, 0xffffffff, 0x8)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = dup(r3)
r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180), 0x101000, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r1, &(0x7f00000001c0)={0x10000000})
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000001940)=0x400)
preadv(r4, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x0)

[ 3352.368225] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.379839] FAULT_INJECTION: forcing a failure.
[ 3352.379839] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3352.382376] CPU: 0 PID: 16789 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3352.383846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3352.385597] Call Trace:
[ 3352.386008] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.386163]  dump_stack+0x107/0x167
[ 3352.388136]  should_fail.cold+0x5/0xa
[ 3352.388954]  __alloc_pages_nodemask+0x182/0x600
[ 3352.389943]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 3352.391237]  ? walk_mem_res+0x170/0x170
[ 3352.392092]  alloc_pages_current+0x187/0x280
[ 3352.393025]  pte_alloc_one+0x16/0x1a0
[ 3352.393835]  __pte_alloc+0x1d/0x330
[ 3352.394619]  remap_pfn_range_internal+0x9a3/0xf60
[ 3352.395654]  ? lookup_memtype+0x5b/0x200
[ 3352.396526]  ? apply_to_existing_page_range+0x40/0x40
[ 3352.397626]  remap_pfn_range+0xcd/0x160
[ 3352.398473]  ? remap_pfn_range_notrack+0x70/0x70
[ 3352.399474]  ? memcg_slab_post_alloc_hook+0x17a/0x430
[ 3352.400568]  io_uring_mmap+0x398/0x530
[ 3352.401390]  mmap_file+0x5e/0xe0
[ 3352.402101]  mmap_region+0xc49/0x1500
[ 3352.402936]  do_mmap+0xcdb/0x11e0
[ 3352.403675]  vm_mmap_pgoff+0x198/0x1f0
[ 3352.404495]  ? randomize_page+0xb0/0xb0
[ 3352.405348]  ksys_mmap_pgoff+0x41c/0x560
[ 3352.406211]  ? find_mergeable_anon_vma+0x250/0x250
[ 3352.407269]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3352.408380]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3352.409472]  do_syscall_64+0x33/0x40
[ 3352.410331]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3352.411657] RIP: 0033:0x7f2ccc8b5b62
[ 3352.412571] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3352.413211] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 3352.416949] RSP: 002b:00007f2cc9e2b0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3352.416975] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2ccc8b5b62
[ 3352.416989] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020ffc000
[ 3352.417002] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3352.417015] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100
[ 3352.417028] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
13:56:10 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xd100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:56:10 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x0, 0xf}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 3352.449548] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.473423] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.476939] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.479374] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.484449] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.487770] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.505901] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.509704] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.540609] ------------[ cut here ]------------
[ 3352.541226] WARNING: CPU: 1 PID: 16789 at arch/x86/mm/pat/memtype.c:1019 get_pat_info+0x216/0x270
[ 3352.542368] Modules linked in:
[ 3352.542767] CPU: 1 PID: 16789 Comm: syz-executor.3 Not tainted 5.10.235 #1
[ 3352.543582] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3352.544554] RIP: 0010:get_pat_info+0x216/0x270
[ 3352.545082] Code: c1 ea 03 80 3c 02 00 75 71 49 89 1e eb 8e e8 e1 88 2e 00 0f 0b e9 97 fe ff ff 41 bc ea ff ff ff e9 77 ff ff ff e8 ca 88 2e 00 <0f> 0b 41 bc ea ff ff ff e9 65 ff ff ff 4c 89 ff e8 15 8d 5a 00 e9
[ 3352.547202] RSP: 0018:ffff888047b57898 EFLAGS: 00010216
[ 3352.547829] RAX: 0000000000014a56 RBX: ffff888047c92800 RCX: ffffc90011ab7000
[ 3352.548665] RDX: 0000000000040000 RSI: ffffffff81123696 RDI: 0000000000000007
[ 3352.549482] RBP: ffff888047b57950 R08: 0000000000000000 R09: ffff888047b57820
[ 3352.550314] R10: 0000000000000020 R11: 0000000000000001 R12: 0000000000000028
[ 3352.551159] R13: 1ffff11008f6af13 R14: 0000000000000000 R15: ffff888047c92850
[ 3352.551997] FS:  00007f2cc9e2b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[ 3352.553963] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3352.555342] CR2: 00007fb85accc620 CR3: 000000003c770000 CR4: 0000000000350ee0
[ 3352.557102] Call Trace:
[ 3352.557751]  ? __warn+0xe2/0x1f0
[ 3352.559158]  ? get_pat_info+0x216/0x270
[ 3352.559990]  ? report_bug+0x1c1/0x210
[ 3352.560874]  ? handle_bug+0x41/0x90
[ 3352.561652]  ? exc_invalid_op+0x14/0x50
[ 3352.562483]  ? asm_exc_invalid_op+0x12/0x20
[ 3352.563374]  ? get_pat_info+0x216/0x270
[ 3352.564680]  ? get_pat_info+0x216/0x270
[ 3352.565136]  ? get_pat_info+0x216/0x270
[ 3352.565613]  ? pgprot_writethrough+0xc0/0xc0
[ 3352.566116]  ? finish_task_switch+0x1a4/0x5d0
[ 3352.566653]  untrack_pfn+0xdc/0x240
[ 3352.567081]  ? track_pfn_insert+0x150/0x150
[ 3352.567601]  ? lock_downgrade+0x6d0/0x6d0
[ 3352.568074]  ? uprobe_munmap+0x95/0x560
[ 3352.568533]  unmap_single_vma+0x1bc/0x300
[ 3352.569031]  zap_page_range_single+0x2ce/0x450
[ 3352.569571]  ? unmap_single_vma+0x300/0x300
[ 3352.570063]  ? remap_pfn_range_internal+0xc56/0xf60
[ 3352.570652]  ? lookup_memtype+0x5b/0x200
[ 3352.571130]  ? apply_to_existing_page_range+0x40/0x40
[ 3352.571745]  remap_pfn_range+0x139/0x160
[ 3352.572210]  ? remap_pfn_range_notrack+0x70/0x70
[ 3352.572770]  ? memcg_slab_post_alloc_hook+0x17a/0x430
[ 3352.573363]  io_uring_mmap+0x398/0x530
[ 3352.573830]  mmap_file+0x5e/0xe0
[ 3352.574221]  mmap_region+0xc49/0x1500
[ 3352.574684]  do_mmap+0xcdb/0x11e0
[ 3352.575096]  vm_mmap_pgoff+0x198/0x1f0
[ 3352.575564]  ? randomize_page+0xb0/0xb0
[ 3352.576024]  ksys_mmap_pgoff+0x41c/0x560
[ 3352.576492]  ? find_mergeable_anon_vma+0x250/0x250
[ 3352.577083]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3352.577701]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3352.578294]  do_syscall_64+0x33/0x40
[ 3352.578740]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3352.579339] RIP: 0033:0x7f2ccc8b5b62
[ 3352.579786] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3352.581913] RSP: 002b:00007f2cc9e2b0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3352.582821] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2ccc8b5b62
[ 3352.583657] RDX: 0000000000000003 RSI: 0000000000090140 RDI: 0000000020ffc000
[ 3352.584474] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3352.585310] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000100
[ 3352.586428] R13: 0000000020ffd000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3352.587281] irq event stamp: 2093
[ 3352.587699] hardirqs last  enabled at (2103): [<ffffffff8129a7ad>] console_unlock+0x92d/0xb40
13:56:10 executing program 4:
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
[ 3352.588966] hardirqs last disabled at (2112): [<ffffffff8129a6b9>] console_unlock+0x839/0xb40
[ 3352.590274] softirqs last  enabled at (1516): [<ffffffff84001092>] asm_call_irq_on_stack+0x12/0x20
[ 3352.591334] softirqs last disabled at (1327): [<ffffffff84001092>] asm_call_irq_on_stack+0x12/0x20
[ 3352.592374] ---[ end trace 0a9b1df46cb2c6e5 ]---
syz_mount_image$nfs4(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x6, 0x7, &(0x7f0000002680)=[{&(0x7f0000000100)="b1d90071f5e619ffa9c727a32019cb559deaebda95b7f09ab1bb0728bbf2d8fc202fa0e571520c7fc999c8fb2addfe9071a864934ee32399549ec7f0a41ca90f1f3e981bfbcf807886d4925eb743df7e5522c8e8d36534fbc3fa58fb541492789cc1129ba4b2631f4f0f2bebe541934f0bcad001a11a6fb1ed241979c9983c88388b4fe04d7594c2cc6248159fcae500daa2327ff4340dd75fbb0c91b5e74a3c238da3941b03d6862b4adbf388e374eaf7c8665505ab594d8cbbecf4c17514bbf7c449efb0b2b0bd70c61bde9c2f46964cbe34a25f1bec55c7def6dab73ae3f682376ce3a049d9dce1652d79288bef13f19d4e0f2d774823d65b54", 0xfb}, {&(0x7f0000000280)="dd017fea2a4658feacd0205368613e1670df2637dc1d5739c8114f12129360f0cd2a1dfe9e504304eafb0d81faccf7f18db6c4d2d267dbabfee446b65a061fa858e7672f73c8f6abf4acdaacadd695a3c3d2fd3142c4006853831d870f07581ddab9fb1fc3811db6b7a588d1614a2a3158874dd04ea023c19e4700d312f752883e14b8acaee34be0236c444509c4d316b10c9d2add9d0a0a3716d689632ae5888bc6f821b35e1c387421310b4ca3e1a441c3e7527b1685cd1d82e59033996bc7307862fa075a42884aed912098b0d244a556c27aae6d", 0xd6, 0x4}, {&(0x7f0000000400)="78a7c8e87e2439208baa9314c8efa06edb25852a43294b93e5381d77dec3ececf6bbc5fb09df8a9f6815e1a00f2ac2b485cccdb5eca8f333696022aba3132ab7a4c9967c981517dd21dc3a881ffabe3d769e7160b155b9", 0x57}, {&(0x7f0000000480)="27c84c30c8fff159411848ffc874ead135ef8fb04978ad2ce71d5e0302eb15a88b86ae478b89ddd2a7f9696821821fd9bb72fae1eed4cb53acdacaaad8a98fa1a900012f9b8364061669179c4d9e9dd8717c768ba06c", 0x56, 0x5bca}, {&(0x7f0000000680)="83a1e0cfe5318423ff6ffcc14d17942cab2c13b8edbfc2bc1b0c5a704d0799cecd5e3f8556a4e23661a7016b0fb1d2f15b039a0ce19f2a501e20d30b208675c9abe8901fba3a188fddf6830644e853616689f79cfdf65683f52d1c607b5f05122d1270418901ca54956fd8c101ebc8bbb5534bc07154566c458b5dd656b4cb2287fe757d7f65a918b94e47fd52f23960e8eb4729b268eeddf6d4fb94746b157cf5aa593fbb398d361e2774249434f947c4165c5e3f4714309d6db7b23d2ecb7e0f18658d4bf897562d765dafd20c6810ecc4c4b86aaf15aec450a33032d132eb4fd2ebaf19f2c9f1fd1dcf94d3b6119c75f7f2bd524836d87e44c29a32e45332789b1fe387d39120d54221c79cd779293a1945a3a1e362c6e8ffd850446b9fa4330449ed72e9de853e38c21116d5d8fb18f78f970da37531d78468a0b20f84e5e8ad8cd8209a4cd8336900f77764cc7e8d7ffe422c5764f62de701bb1c1b71b68b4c128363f51709e211659181ac6b51b60eb7b1047053466a1b3cf644e77cfc54201a7b38d34f5dc68713a7c3e8d564d25a431bd342e0588620c94b50d8b691d88fb42fa8d6a20f68a068105c630b84581b308483e485211c5745eb025821e63e80db58671ed2b398b24e58c268f18003dce51b7af4ebcbc08e980853e5361fb5b65b415080c7f3d0a18b2b4f2d906f62ee444b616fabc3ecf92715792aded9e9a5bff2aeac8a4f217e0d3784041a42c229e59890b4baae7fd9440cdc446300d782a5ce81738a5c3050205b6f1d27119e15f31eb8c695b950e8116ba1b77ed9fc479313fc13badf4973d2073d8b81015c734ef83acea7984e0759fec4f3c850206e4ee473b07b636629a84fd2b1471de29e05ff4225b233153c82b2991b7a38aff5940d56e7a6b5ee6c864ca816d8d700ef2dfc1b63246d7e9a92332e39b1814c6379fe55ecd1bd4f0a260e33a33a1d1bd02cb126fe5a973c8500e36f61763997c85cb9864e391b91f51946d7cb13d63a89414cacbd8a173ff688a40d8d8a797f79596580230da51a078cebfa8c461e0bfce00ea93f5dbdc7cb35ff9765aa861abc2e0085efa5caeb601dbc497372a3ef4603ff39c2dc27bcd9314b664f822a5b27b73091280be825dc891618455450c59c3a0f7d97224facd481532da20977e389c50c1082b893d7207ce522b253f3d0ef04e55c33ec38240c0e05eb90bdfa9c7b56d5cbcbef7cda6fcef5d53e1c03696511f0c8d67764633e79edba71557b212c8c77e821aaf06cd84e9888711692303f8da1b0cb197e3a560c395b2dfbc0848cc84e96673b57d77e910a98fbb73f004ba5a555bae2ffa450c54329a55ac56a2d538fa73d083ca8a216818fdab32c484e796029d994a436ceec5d2d53c767f754057a20fc1b519e529e4c8ce2f25cd3c2942da7617c93c5e353dcc3b11e1eaebf2c89e44c4fc55d2fdb9263a3e902a14a41b1e50a11c122304c20146a59b023cb9e6b1d0b7675d90a31f3b357d08607414231257df3cc76bee4dcfc4e65090720dd8b8f448af2f03700d180bd126b6528d5267bbc46a48cff35f610008b3d9990e1b292e6820eb73243920906d380238114e78a867a6e551f7cab39393ef4850f3393645332a8b5849ae90ae282f491154a453e7edbfbd87e44ef4f064a12dac4538ab56aab62f10c5e49c4dd2e5733d285021d3dff8a5f307c55fd614cd7ad4f2f1956d01d48284d9f97f571c23d646f2c96b459711e782b55af9c0a136222dd5bd048d08f8311bc1a9473052bc857255120dd446999eb3186cd853e633ec04dc1e919791ecb9eecf2867ffece39efda7152873fe38b4a5e124bf4dadd81cbfd04c7001e25a2b63b7623eb2741933a64184b28a823b56b62af3e813ed14fff60a6c35532220dd303a9df69436d7106e72e87caed0251be263798372b432c2893285a1521873204aabb7e6a82a37b839d8f1a756e0e3ee7e87da9e28c302fa7dbb2a50f966e9f4bde3595f18d890391bf1eb12b87a2df7d36d7c78b1359667e56225ac8f611b21b556467a2a3f91b01dfaaafbda2a3cf6eff1149da82d7cbd38aa851ce0cb9d9fa2e2552931a64b63dbf40f7f0ce358187a13a5a094bede469f1e715b85f4adef7c6c3dd21b39d44a2b07e0c9b614fc9d91df675c26fc5b0541f74e788189c41187c3b1ec83c7e648965f316a3fb78c31c63301c2cd9c33967426a1890907b8c2d61e0a226a70725cf455e2ea095c35c70a298a477b38f39e840de394744f9c20809ae3c21739ba512938d4e25d1c6e8f126df6d9087611c31327013d319b2608199b99b3b202de57769450d6427e3a96250cad0e9c332c7462208ad26ece3e74918db3101b2123870ea0cd7220262e55e30bb32e4579791246f4aaef6b57993177e0858849d7fbf8e537c9e170e9a9eb2504c74672ee193abe3923c963fb05b01b2921b50ae02fb4ce77133d7497b0ff876da5e8cd20feac57153a44a2377ea05218a453c8b3f7efab3362593935b235c3bb613e36cc57708f53a347746c341d63767ba52f0c6f983da22912487a2fc7195d2398014142bb3b97f49e7c143a111bbfb258def1728a994d91e7201aef4b782117dac390a29022b15a6fe3018d4198a370ca9a27be65f3960bb7eb1dde5f38ed6337a84b15bf2d37da6c7439d64d4e3ad5f6b5fc151f6a284f853b7a5fdbe94e4ae7618a1f9e37b30452c8ac99ae5d974b5f82b576c2b5e6d30564aa14f49f8575d70d202129816ae6209441036e8070f247551c89e7853f7159bf80737ba4f163f83c8c9a852b7ad92bf9e409e486dcfb6f60ba964303bfe08aba47e97437f5b75a781ddaad6ff8c81c945e9c6ee2e0bcbec16d5a0a9e3237e2ced02f521dce8165996f2bed41c0eff1ba5467678c1a258b7dd87c757b2a4f7d61a163240e781413c2abc99842b2bf09dde609c2a97e86654e4ca52ebf3b16f181c42cb424c1604707ad3801990a9917ebce0a5bb7a6032304a7dacda8137b1084df9f1f10f00f97b6f52d006d321e8d41af2f5622fad9f70f8e83bc1e5ea20a24007b9c704ffd9392e98289361ba1489ce43d25e9f370a557d3e713e41a9d1daefe6393d7d7deb6988643fac0a98b5754f0caa59f83478d00b7814a62665d334cf2d015dc7749fabd76ef9d0e967cb2e4e5888d173eb5260b0ad411198c512b9a348a3ef133eb97a29d3f08738e824f48f8cc7b01fb15c28b9b94d94e3d6af832b2a47f6a961f02284a7fa10f4921933a6801a7329346cb3d955801150ba250eb644f8c7c5350a87987133aae9ee3a37867518e4d303d2f03f250881f65f023a19ee591304f6743863ce8fc33e98fb938f0647eccd915390b0f8ce3350b63d25d9df3de1718e439ef6c185a114b5aef7cc8ecf2959c953ea4269d5aa286445707717648b34692db485249cf4412fd1e2e6e11975c32a8cc9505741bc6c7f2c1638c3fb556f1ce44460a7419c53e8a801f3c300c4758a268ee46fc4790dc516675235ff38302caffd82676ae823cd2c17d13401e40a27dfff6d28659b55e2ba82d34b171cb621616b02aa90bc42def19c833d2d7d64c837e4d195fe4ff5693e6f96ded5c0087c212f2acc52644345e0f49461134e06cdd742eb22204d07092d123add3b698a69b7357d81a838bfe37ac44e558c66967c2c1631fda16fa8f199dfb51eb9974048aa53cde9fc080e77284723dfdc881fd0e28a0e047873e7bdc5e995852824d5e4eae9826ecdea4250d2e36b5058fe84ca452126be1938460c8bc90effcfb7ab9a067da6dced01d6190224d11441fb739abd127ed80f90a5b047ee25b124658bc89a079dd071d265fefee8f7de7e76b6a24c2ec20c81c2d304f1f6fbe4b50fc46e0696e0b575979af699315948972fe6d09da7e6be2950d2446f6d1f8bfc06e3e4600e9895bcc6566a6c88c6a6a9b654c177dea973e8d26614b9e183bd7babfa4f31bf49114208e7aade8e7b4038cef5804d2da83e7278c91779b02195bfdac2a579aeb0e4f20ab5d2377b6bc3afae54ddc968e3be9340fdd19d1d0cf2449fa54ff655e92184da58cde6286b7dcfd8489d70640c1b7ee0debdfb54726bd686e90ff2673109146c0500f06b6aaff851594197c43e03801da5675e882764171d348e52dd92596802278043123f26e3a3ba7d8b45a3af5de360d8531b122a2746f2e7d321e10e9c4d29a144d7f56d9ef2f7de594b006b04c289a323d7c834bff004f94142f048ad967782fcbd85cb0e0ed9185948ffb65f9efbe0661148bed4cb98148422cb83b26a80a426554f3800bf3070adb065d95129458380a44cc2fc19d23805d786ea103cbb0f16aca58381f03621de162f0d8b50cefd1131c47b7968faa47ecf9412269545f62e4be42379c902a2a5e6d7158048ec6f550bc782e065d0b548cc12747bd61fef6e205b3a6fa968dc34c8ebe8717943973d7c07413dd7556acc9b305e80c125bfb28fb685badc54c052de8952571b7633132b49a51983bb11771545e63c3f011f2bacdeb3cbad9a60a583db34c811f4c060f931f8be24ec65d1582ea0b76c5a892077faefb34716d472e2255a82830aee8ad95c1d9173d6e2c7dcbacd5546125b868f27203343bb4a1b67000980f3a2034b0bbc5582baa9df960024ecb835b7fd0437258aba4766562603fada13581bc8924b07739d8c88cb774a80d7acb727436c7782ca38b2bb1e66c8e307ade440ac0511915a93465f3cb7becba4a42546682e6b7a5baa6038974b658ebe63f9d9b5644ed6e0295cae62b03d7b93dbd6b259f81cb2713934274894f240fb46e2ead8d1f2ddd6e56af89a9c7dd92df158242225b8bd3f0f3258a29775d9a2d749d99f6fd32475607c82cd6f02c37c5c0ceeaeaf7eeff8546d60847a5ad4d9273a109e3d389f225370fd90b58ea55f0e20dfdae9cb7600d107c15dcade74ac80962a55dd92e2d0759c57093ba4eb39c68783fb59f589556febb56ea606df3aebfbad70e4adf33f3e67d20d28aec0690ba774e6168a32a0f93d38342539b082d0180e0b1816624dd0ac2e3a77081196283cfa5fa088b8a566956ae11678b68599355b4b1b34ac42ba3dacfc615610919e25663d6a8bdca0696c5eb885b7752b42a005ad79762a4e274374bcba17e84028e39d000bb386d79f5acd5c121617cdbd215932fd44deae8a0c6c2d1f1adc503702f1018476755ec71b8bd6b1cb8b647dbf563654ea3336a80ad6d6722c8700381d4007eb53f69d3f621f27b4461743c4497b44b97601cf5e2423a8518dce50af46297fbe99720eccbc4c3159a07716d952b71c56f10cb3d726718ef8fa3df46ea555dce594189cadc95da9e7c5f642553dbb9727a29aa2d82afc2c83ebed1c79ec1bd91cc261beecd8c7789003e2897b0068d4df4782f0c4e5a2098d54d967ee2ba22e8213061594e781a11c9c62931a332a8539fda64a183c7732bdd1450ccbab90e1db4354df867588c864615f90854128b14827e05f5a134cf4b8aaa32d61fa9e0ae59f01e4958d999bc0b5f1fb9944ac304c12272463272544a793edc385e465c5aa800e1760462bd2f503228a3478aef61216d108a5265843957c702f8ac42884a2ce45de96e1a1223c00eaebf912d2a456c2331ffaeec4cf6530daf31a76a273606ce73b04856cb79a918815329a1efb719b705879c556e9af32ce686efd74ddd513301ce62fc90903d29d143e4745c5af090979192f97ccabaa41524e44eb6a16169bee1039af768658c514568a8b5812bce5b52fea697c073562f1aa", 0x1000, 0x5}, {&(0x7f0000000500)="f886426de7010159fe18807fc165e47bb2ebf1bd4508d6291b9d2f837ac2521535cdaa1d399d0b3107791b758fcf8293465983b07625cb6b38fa273e3c7ac7d99c9247712e692c74466f05b72147ecd190c4c8", 0x53, 0x400}, {&(0x7f0000001680)="b805b78db9ce093cbd5d1886f8e03080fa57c2c9550d438c290595c0af9ab51882efb63b7504deddfb0ba8b3d09071a2fbcc1c6c210b9d5b39244113cf9712dd58dc99d379c84ad7e67cfd971474a99fb83f1a724770b38cd277e1c017239ba372e7fa3774059c08b43a974b28c533c8c7084ad926bd063c358bd3d6317e4f3118a5a748db39574b13c3ee069bca88a5e117e6f91333e1000355a8745b800949f184cbb1717c1cc21d7e4b3b4362773043ad091f7a6a143b6724f670ff54f56613d90291440f94d8823b4a2c66d735562615652b4032f92e0926b9851e22533837f18e6f6b0ed113b359af466ba0cf0786be6b8cbf3f9bd5c608d11b9fe89d88ca275d80b91265e5ad0666664d6319dd495f4fcfc93101c60d036ae33189c20bc44f37493fddd5a7ee88961b01d84cfe3f624f104ec1f997879f3809ad6e9a5641fdb0b2fabba65e112b20db577bc75ff07f01fdfb9f0df26ad340837c793a5420c6567bb97243a88ff4011638c51aadb943f0a05dcc493184246a22105049d6960de7e1bac8df423c1f77cce80423a5f34cc5a236a009bc7bedb6087c3d3de911c952ea7f80eb7c918c6ada0e797b7ae561dd4476c865cbf5ebe6ba39b7404d4473c9f04f4373180d053834b74519a46f1d521cc1dcdc4083c48e997052424b6dc1047665f0a88086ce3b0f0fa97b65f41da6bd59d58bd849154a59a145f26f5cce12641302ac83d7c762cf3420685eedafa20f6caacfaaed833081037ce794a09c75859c744e3a631834715d4cff51da46e27ea2c28d4bcdb9f4ce1529168879073ceba396332700b4137f78b325bc9e2dce4177c2cc4a305d46586ffbc88064a70dbbcc04dbca50825a3963acfa34abe290ac88fcfe6cae25b5b1b0eede9c9d6f7f65a43ca9443d2cd73ab281f345a2b37909ec582419677e324663fbe27b828d1f3f6a8177ef387984cb7d25ddf5282c3b995b320cbdf4734c81fda91ded62e099514912d019068d370e7f6d8007558f4cf0ad557fa8a3e0db6ab30776314a17652e551827ef0372ca2a63f9f7236254bb17a947f0acd52e43968f18f36de9bfce18397698a85695518dbc1976351d66ee8dce273d14a7cd37612429867c38f041e71f018351e638b0965939d30da906c8b5b796a258611d9d5394b084374368b54e8c73d640a57c00606fe5309d47e594fc2b3f6bfa30d1cfb267163bf0e3fbae8853dca7795096c393bc89d911dfb377d7eccdcbe9cdba668bc326b8bf83e22bcf895ea4edf54440b789fded1effec80cd279ed331e3763685a94dd83442536674c493b63545875a8ac22b5ad2fb838b1bdf7773e2c278fc0145b77afdbc7fa7f50c9edb9cb2f68984471857d7315280f61d9244553e70af475fc94316153d7006b88d98bcc81aadc46fd7ad697e10b99cce5ed4a3dcba7b4668a1e208ecb53e3a9895c38239400951100b93d9cfc60445e19e418d943d4f8b45fc66bba9e6573dd0423f4b1ae002efa73dcef5998b0c02c3fb41071675d121e89b8441cead7c2da5601629279c2cadfd0f157954ea260f23174c1f56efd5a2a562548d6c5a49a7fed8c243c192a104d2cf7528a0860b1b32228795fd8018c710a31d79ae5438144b3a082f02022cc3d8c27793056661ce9217aa71a7e91355e0a08566263cd824645ac6d4e5f6f5ae38ce0a76621194dd3690dde6928be0c9858aabbe7a093e571fbb42c4641db260ae40eb25e04d2b30f10b0a89c167a73a7326b5f547b0b82532c7d7818216ab62c9520fe6ca8e465c5fdda7ff3bfb6111c051532ff79d50241d464e0d1c6186f86c45970b34284f996da552b7f685c207fb2df9f6b968184d58b2b8471acc4ccff8c504bc4af6d7049350ebe32bf64bb6f71d6f180cfeb9621bebeb4579e09f351ae0bee79589c52674960cec576a32bcc6f07cff3823035f85bbc0a2b4a87d92bc1c9871f45ae717cf3bed6a10f9f3c52e594cad19e16e2b1cb6746ecdae177100e4b0c77f760af0aaee93694ca055c0745df9bbfcbbb4ed4168584feea849833a113ecd4cba380463cf55f6a6b4a95dc573bfee72119ae8bade0a2d7c551e9c535e9c8b72f1e02a25eba40f7ecba8758666ff6f080c1db58f96f8ffce011f31376045b4e1c87edfc406f8baf7b89b54b0a187523931020aef1512ec879585233c1a244fb382b82f9b912810861962cbafe643548adc1e5b37484205ad7f0a0a1f52052a483a5e35e09c07f7b8ca14ac993bdc19f9bbfd90922c0cb3fdd9baba8da487ed29c69b87c1ef8ec8fff42707d6fde8ab9cd4c45ebb3819452d60bc42c85aca4bc63c69e4fec74955e00433c28e22d842584b98b75a0f86074a13e99b03fc4ee53826e432275dbd8ae39ecf000c84267f75fca4b050c117ba05794d52cf89d64ea522cad8058d87af3fc44aefe58f9faa27956236dc2612168847b97c2d3a9c5f747d2ccc0b427308ae941c2f3f70d84be0ab052c652d1aa612aa8f8137fefa04d569daafcc3908a0e9e15700d1bdc76bf0baece23a8adbddb1ed67d323ba17ea63ce0e399bcdfba577685e0baee8d99e58f1d9d8eade558d2e387a100b9b0c24a2b60c0f6742d2036c55ba7d30d4484cdb006091fdb71e8a0d632cddfea821a6a840175c6d3a2b48ae5fea7b0ce0d47e8b79eab8ce0ffdab2985ec934d6e091dd4ec6e32030eef0fcbef67b770c15084b4de8ac197b70e64222cd32b8792df223930502c0845f2b2fe96cae1b872155be4f288001d12a3366a82d4e9e0ca6bbb093a2218475dae6f24383513434b880e72a8825094c6303c57bc56060c7e0193040ead3172ca9023107c0de7d579e8b541e3a948837fb041b6c6051c14f03758c1ea9bb01af8976646676a03de31baf6c08a571c182488f648326592110f8a132629bf4fb28f8081925a4a2c47e2a889fbfdb6c818a6fb78fa9604b16a4b734b90381cfec48fedd458d6ad01770b0b1530bf6b9ca65f41a0058b86f1dd7689291459df2498f5711642a9b7dc7e86fb5bd7aa4a07727f26b3dd34822795312f870044a98649f62083c48c519c7a90c293f9f248a67b45139d8ed5f9870a75ec98be13136a5d9fafc62e36d86d6763acd9dd37c0e35815f8f08cb951578640603f227f7a49efacdaa22b928aaae7c8760890ce99de5060a3dbd0e07bfe6d0d974e4bdb8d8117dd1c10408b7ee429e4c15ade9dc60740f9d1db37fa1710e4245e21db2615d0a6400a93e086c612a13a6fad55659beb7132b39ddf93ba3a8cb4805f198b635caaa0d3c7ba92214b22b1bab2a888609b75c5a609c94cd67766e3421c0727cac10a8cafa90c17c64422429653f69664822cde35ff7fe758e5007110e17f0b6f37d5afff2a825d8b58afa4e17ae4003c1aae73d32303aa7dda9696705e29e6e4e6d56d249d1b3c3f310f6ed08879da1c94649f834ebb3f9d5d3787b564490602afe84d4980f348522a5b52c2c8991fa411227b29bd2a5b13d716890a5419f5932d1d845da74f77345d385abfecb90d374859ed5704281726d719f0e54bf5fe009cec406f6ecb3898ebc0be914b2cd59c243826423e3d14b706770807fa8a2fc9ce4c33abcf7101dbd083f97f4213642633e349777416b470a6dd0df679e7777ee2491fa1d7d515a7fd8615c3f3079cdbf723dadc2b8410992ec92344bec056bad26606e8b685d733acf04f998300b1704d40bbcd66701233da355a9b583e92467f7bc3457c67e9ea3617ba68d06bd627875c5ea6475de7f09d6839b708a3a350eea92ff5657d4ed6c4bd3e206c5cdfaffc8dd0e61f3420eea97d83ba60c096d9e0235273db2569401468429ce524b5a2a90f2aee4f0b793a30a0e47cd72179433d0694926c66e137925e11e5e2ff63fd06ad43373adbd29ec98f68e2c0306293813e79701b917ab3a068db84df3d3da47be200defe43c4bfa261ac56505e4040fac3e7ed707416811e6a23e1e4314a1221e445243888c2596111e439a2c28dad16dfbdeca207a05f576f531686478156cf43ecfb71b85014150b1d640ece951df3d53feb1cb603f5c2128a7e235b875dfbcb37e120b19de718d04f7075a91681178e4a4faeec3624d515a507f0beda7db7b12e602510212477eb9719825bce33d127302660da7f32124e22eb6091033fc6b34f38bfb254c53da8ff5b289427a0b9893c7af336fa6510eb14d6b0f6251805bf5952f2c37d4e418678241bf193ec77580e5570ad97d2e9d4825f61d85d93f2b0dab79516e4bcce28ce700ec9e34ad273d2e152761a04ae385ff05b9a4df7f820c2c72b5b2ed7eb281d40cee540ed8dc92c80d14796ee1bf52475f06f03516376eca418cc87ed97a87577fadac5772fa541ed73afbc2091bcd0d0f2aff9d6060336c215ba2d777848559f0b84471e420fb25ac6aa513cd4d39d6991e46bb9551a177d29316d096cca198408522556aa2e770753228d6d6b12509284d9d049646105bf65625cdd02e20b1eef683dbcc6d75206363bb71faa8cae8a211e37c656ac035baa7173adfb3593e1acb64bd5a5cc9c06bd96e500b68d42835cd90475e17556a3ea056ad59a6b876c15423ca494c904d5b9dcadb465fbef488ff2181b49d5fe56b3579d353a238c8a0204284c3d21a64035e3eda9790d493acced78e0d8a359f1157364c38131f2c0b1f2732e1b4b939eec959b433f2ec503648387e9fcb7b77b8b4b82c68f0072fb9669b34058f708590bf9041a4ba98d58765ed8cb2573dd7bc8464d86b0fa9e900054437b15807352538f6ecee054cc34dc4928c30042eeb19e8b69f49e812aedc8d124667c3d0888f23fb28c738facfeb65364463aef52af90167bee7e504bf2541287e629224da8c606c2b44c55f8916570be0c00b3d3c4bf864fcd2bc8f0bc59b63b2b9c96982011ad6735c086b4b63c341447a1ddaebcb75a7efdd006fdb72c725b1c032cc4048f212a3fea3f72772befc0f455c32929e5db00259ffd1572a45e25ea4379fb5f313289af835d0fed1c0644efff8c5a65f289a92b51796971cef48e3269141d4c2810d875af9608a3b7d60b78ed749d86616ae3ddc9b752e1f4f86fff420b0d2729231d6b9b115fd3d3f4fda6f132af9e70efb6d3421a199c215aa9ab3ff75430f2e34bfbbe0feafa2a4d4c3b9bd7479fad826659f6fd949a191d36b58c2dc2bff8357a85e9c2f61a5dcb2388dc69e12055792d4a35e907a6d87bca94ec7bddc65e4d370cab4f203da14ee88ee960e56362f47e3afca1f40415ad8e011cb20d996e10c323a0c83181a1c56f9145b314c1517fb6d300d90bbc09628abe7519e502de44c8e91020988290fdbcbf7d09ec2a67ecfe2c21f55d61df68ac87cca8ca5f649dfbaab14d883790db257c9647d4a6d1a4e085e5163ebca367dce9bc9b9318fbd78a60b893fcc54ad36970a7c0b8085292e572e036031de6f47a9f42f24a57620f1e49d8b900e2d30d13b8d54061c07fc658588f289c62d7fc403ac89872e4825d9830e08b55e68a993b814e99e96aa357a7cd2db1d09bec9e7c67872f75343449c5a688bb01f91da107336d44a94e0a7afc09855bbe8d84110c7c80e5c2ed1a599379f4c3417e05b147f007caf7a50dacd4e70749df2192e4c9fd0e5db238f2d0c25e8fc9d6d14d3e718f430a63ac24d80561a5cab6f953c62becce4e3c0600040b2a63acd7c10f6da8c5aec8c87518593347395b12ec9417e3e5e2cbb1b33029a04b821a86c3d29d75ac3a9f6c89e6b46a2672a20ae2edcc07c1122e67e65338daa00c99cd7bf0", 0x1000, 0x80000000}], 0x42020, &(0x7f0000000580)={[{'loose'}, {'.'}, {'rfdno'}, {'loose'}, {'&'}, {'rfdno'}, {'(/\\'}], [{@uid_gt}, {@smackfsroot={'smackfsroot', 0x3d, '^^'}}]})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@loose}]}})

13:56:10 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
write$P9_RREADLINK(r1, 0x0, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:56:10 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0xdd00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:56:10 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1801, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {0x0, 0x81}, {}, {}, {}, {}], "53d73340422943df"}}]}, 0x34}}, 0x0)

[ 3352.684409] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.691017] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.697832] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.702010] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.714935] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.730368] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
[ 3352.765102] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2
13:56:10 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:56:10 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r0, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[], 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
getdents(r1, &(0x7f0000000440)=""/200, 0xc8)
ftruncate(r1, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r1, 0x40086602, &(0x7f0000000000))
write$P9_RREADLINK(r1, &(0x7f00000002c0)=ANY=[], 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x7, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x2, 0x48000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x76}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

13:56:10 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000380)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "f3d44414f1d40100"}}]}, 0x34}}, 0x0)

[ 3352.775869] ref_ctr_offset mismatch. inode: 0x3e3f offset: 0x0 ref_ctr_offset(old): 0x2dc00 ref_ctr_offset(new): 0x2

VM DIAGNOSIS:
13:56:10  Registers:
info registers vcpu 0
RAX=ffffffff861fb408 RBX=0000000000001d45 RCX=ffffffff8126f477 RDX=1ffffffff0d05e0d
RSI=0000000000000008 RDI=ffffffff8686c6f0 RBP=ffffffff8682f068 RSP=ffff88806ce09ae0
R8 =0000000000000000 R9 =ffffffff8686c6f7 R10=fffffbfff0d0d8de R11=0000000000000001
R12=ffff888009281a40 R13=ffff8880092823d8 R14=0000000000000002 R15=0000000000000001
RIP=ffffffff8126f4c9 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00005555605d4400 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe5a00000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00005555605ddc58 CR3=0000000037968000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822df351 RDI=ffffffff879f3180 RBP=ffffffff879f3140 RSP=ffff888047b57238
R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000001
R12=0000000000000031 R13=0000000000000031 R14=ffffffff879f3140 R15=dffffc0000000000
RIP=ffffffff822df3a8 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f2cc9e2b700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe6b00000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb85accc620 CR3=000000003c770000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000