0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCMIWAIT(r2, 0x545c, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

[ 2643.062697] FAULT_INJECTION: forcing a failure.
[ 2643.062697] name failslab, interval 1, probability 0, space 0, times 0
[ 2643.065552] CPU: 1 PID: 13076 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2643.067029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2643.068799] Call Trace:
[ 2643.069370]  dump_stack+0x107/0x167
[ 2643.070167]  should_fail.cold+0x5/0xa
[ 2643.070990]  ? create_object.isra.0+0x3a/0xa20
[ 2643.071976]  should_failslab+0x5/0x20
[ 2643.072797]  kmem_cache_alloc+0x5b/0x310
[ 2643.073681]  ? mark_held_locks+0x9e/0xe0
[ 2643.074561]  create_object.isra.0+0x3a/0xa20
[ 2643.075505]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2643.076604]  kmem_cache_alloc_bulk+0x168/0x320
[ 2643.077604]  io_submit_sqes+0x6fe6/0x8610
[ 2643.078543]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2643.079618]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2643.080659]  ? find_held_lock+0x2c/0x110
[ 2643.081542]  ? io_submit_sqes+0x8610/0x8610
[ 2643.082486]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2643.083528]  ? wait_for_completion_io+0x270/0x270
[ 2643.084566]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2643.085562]  ? vfs_write+0x354/0xb10
[ 2643.086370]  ? fput_many+0x2f/0x1a0
[ 2643.087156]  ? ksys_write+0x1a9/0x260
[ 2643.087976]  ? __ia32_sys_read+0xb0/0xb0
[ 2643.088855]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2643.089991]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2643.091104]  do_syscall_64+0x33/0x40
[ 2643.091903]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2643.093020] RIP: 0033:0x7f7cc70bcb19
[ 2643.093836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2643.097808] RSP: 002b:00007f7cc4632188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2643.099443] RAX: ffffffffffffffda RBX: 00007f7cc71cff60 RCX: 00007f7cc70bcb19
[ 2643.100975] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2643.102517] RBP: 00007f7cc46321d0 R08: 0000000000000000 R09: 0000000000000000
[ 2643.104050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2643.105583] R13: 00007ffd5bd2096f R14: 00007f7cc4632300 R15: 0000000000022000
[ 2643.112793] FAULT_INJECTION: forcing a failure.
[ 2643.112793] name failslab, interval 1, probability 0, space 0, times 0
[ 2643.114307] CPU: 0 PID: 13086 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2643.115149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2643.116155] Call Trace:
[ 2643.116482]  dump_stack+0x107/0x167
[ 2643.116926]  should_fail.cold+0x5/0xa
[ 2643.117408]  ? create_object.isra.0+0x3a/0xa20
[ 2643.117976]  should_failslab+0x5/0x20
[ 2643.118437]  kmem_cache_alloc+0x5b/0x310
[ 2643.118943]  create_object.isra.0+0x3a/0xa20
[ 2643.119493]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2643.120118]  __kmalloc+0x16e/0x390
[ 2643.120559]  io_setup_async_rw+0x180/0x580
[ 2643.121081]  io_read+0xe98/0x11e0
[ 2643.121520]  ? __lock_acquire+0x1657/0x5b00
[ 2643.122061]  ? kiocb_done+0xc90/0xc90
[ 2643.122521]  ? mark_lock+0xf5/0x2df0
[ 2643.122982]  ? lock_chain_count+0x20/0x20
[ 2643.123515]  ? __lock_acquire+0xbb1/0x5b00
[ 2643.124034]  io_issue_sqe+0x2e8a/0x77b0
[ 2643.124539]  ? find_held_lock+0x2c/0x110
[ 2643.125031]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2643.125671]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2643.126244]  ? lock_downgrade+0x6d0/0x6d0
[ 2643.126746]  ? io_connect+0x610/0x610
[ 2643.127218]  ? lock_acquire+0x197/0x470
[ 2643.127701]  ? find_held_lock+0x2c/0x110
[ 2643.128192]  ? __fget_files+0x2cf/0x520
[ 2643.128673]  ? lock_downgrade+0x6d0/0x6d0
[ 2643.129171]  __io_queue_sqe+0x90/0x9d0
[ 2643.129647]  ? io_issue_sqe+0x77b0/0x77b0
[ 2643.130144]  ? __fget_files+0x2f8/0x520
[ 2643.130624]  ? io_prep_rw+0x7f5/0x1050
[ 2643.131112]  io_submit_sqes+0x44aa/0x8610
[ 2643.131622]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2643.132213]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2643.132789]  ? find_held_lock+0x2c/0x110
[ 2643.133277]  ? io_submit_sqes+0x8610/0x8610
[ 2643.133810]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2643.134388]  ? wait_for_completion_io+0x270/0x270
[ 2643.134967]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2643.135526]  ? vfs_write+0x354/0xb10
[ 2643.135966]  ? fput_many+0x2f/0x1a0
[ 2643.136400]  ? ksys_write+0x1a9/0x260
[ 2643.136868]  ? __ia32_sys_read+0xb0/0xb0
[ 2643.137352]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2643.137985]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2643.138602]  do_syscall_64+0x33/0x40
[ 2643.139048]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2643.139661] RIP: 0033:0x7f9d2ce7eb19
[ 2643.140110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2643.142326] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2643.143239] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2643.144088] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2643.144943] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2643.145806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2643.146657] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2643.173356] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2643.174299] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2643.175237] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:42:54 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x100000, 0x0, "afbc0000000000003afeedeb91401d0457d614"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCGPTPEER(r1, 0x5441, 0x1f39)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl(r2, 0x3, &(0x7f0000000140)="53d6c19e6937e672c3ae6ec364e8988f3bc45be7335d40f8147b444eea60e3a9d53a268501c90b88f0cf5a6f55d716a7749f234e7b9180a6042f3757d2daa756750ace71763e5233438334292a12ec4330")
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCSLCKTRMIOS(r1, 0x5457, &(0x7f00000000c0))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:42:54 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x3, 0xd000, 0x2, 0x4, 0x12, "8f4745c65ebde586"})

20:42:54 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x16f042, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000040))
ioctl$TCXONC(r1, 0x540a, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCMIWAIT(r2, 0x545c, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)

20:42:54 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x24401, 0x0)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

20:42:54 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x16f042, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000040))
ioctl$TCXONC(r1, 0x540a, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCMIWAIT(r2, 0x545c, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

20:43:09 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 92)

20:43:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

20:43:09 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61)

20:43:09 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x16f042, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000040))
ioctl$TCXONC(r1, 0x540a, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCMIWAIT(r2, 0x545c, 0x0)

20:43:09 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x10400, 0x0)

20:43:09 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x0, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:43:09 executing program 7:
sendmsg$NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x58, 0x0, 0x300, 0x70bd26, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x2}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x1}, @NL802154_ATTR_CCA_MODE={0x8, 0xc, 0x6}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000811}, 0xa004080)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

20:43:09 executing program 6:
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x4, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000080)=0x3ff)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfff, 0x6, 0x6, 0x2b, 0x1c, "cca3460eb7563c41ad52fc177b8ec682321e12", 0x6, 0x3})
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2658.233025] FAULT_INJECTION: forcing a failure.
[ 2658.233025] name failslab, interval 1, probability 0, space 0, times 0
[ 2658.236644] CPU: 1 PID: 13121 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2658.238095] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2658.239842] Call Trace:
[ 2658.240399]  dump_stack+0x107/0x167
[ 2658.241157]  should_fail.cold+0x5/0xa
[ 2658.241955]  ? create_object.isra.0+0x3a/0xa20
[ 2658.242939]  should_failslab+0x5/0x20
[ 2658.243744]  kmem_cache_alloc+0x5b/0x310
[ 2658.244596]  ? mark_held_locks+0x9e/0xe0
[ 2658.245445]  create_object.isra.0+0x3a/0xa20
[ 2658.246372]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2658.247444]  kmem_cache_alloc_bulk+0x168/0x320
[ 2658.248413]  io_submit_sqes+0x6fe6/0x8610
[ 2658.249300]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2658.250361]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2658.251376]  ? find_held_lock+0x2c/0x110
[ 2658.252232]  ? io_submit_sqes+0x8610/0x8610
[ 2658.253145]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2658.254168]  ? wait_for_completion_io+0x270/0x270
[ 2658.255175]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2658.256161]  ? vfs_write+0x354/0xb10
[ 2658.256936]  ? fput_many+0x2f/0x1a0
[ 2658.257704]  ? ksys_write+0x1a9/0x260
[ 2658.258511]  ? __ia32_sys_read+0xb0/0xb0
[ 2658.259375]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2658.260473]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2658.261545]  do_syscall_64+0x33/0x40
[ 2658.262335]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2658.263400] RIP: 0033:0x7f7cc70bcb19
[ 2658.264173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2658.268043] RSP: 002b:00007f7cc4632188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2658.269638] RAX: ffffffffffffffda RBX: 00007f7cc71cff60 RCX: 00007f7cc70bcb19
[ 2658.271163] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2658.272668] RBP: 00007f7cc46321d0 R08: 0000000000000000 R09: 0000000000000000
[ 2658.274151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2658.275658] R13: 00007ffd5bd2096f R14: 00007f7cc4632300 R15: 0000000000022000
[ 2658.298216] FAULT_INJECTION: forcing a failure.
[ 2658.298216] name failslab, interval 1, probability 0, space 0, times 0
[ 2658.300670] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2658.303032] CPU: 0 PID: 13126 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2658.304494] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2658.306227] Call Trace:
[ 2658.306789]  dump_stack+0x107/0x167
[ 2658.307556]  should_fail.cold+0x5/0xa
[ 2658.308358]  ? create_object.isra.0+0x3a/0xa20
[ 2658.309323]  should_failslab+0x5/0x20
[ 2658.310134]  kmem_cache_alloc+0x5b/0x310
[ 2658.311022]  create_object.isra.0+0x3a/0xa20
[ 2658.311954]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2658.313025]  __kmalloc+0x16e/0x390
[ 2658.313792]  ? lock_downgrade+0x6d0/0x6d0
[ 2658.314686]  io_setup_async_rw+0x180/0x580
[ 2658.315596]  io_read+0xe98/0x11e0
[ 2658.316341]  ? __lock_acquire+0x1657/0x5b00
[ 2658.317265]  ? kiocb_done+0xc90/0xc90
[ 2658.318077]  ? mark_lock+0xf5/0x2df0
[ 2658.318889]  ? lock_chain_count+0x20/0x20
[ 2658.319809]  ? __lock_acquire+0xbb1/0x5b00
[ 2658.320708]  io_issue_sqe+0x2e8a/0x77b0
[ 2658.321555]  ? find_held_lock+0x2c/0x110
[ 2658.322420]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2658.323533]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2658.324538]  ? lock_downgrade+0x6d0/0x6d0
[ 2658.325415]  ? io_connect+0x610/0x610
[ 2658.326237]  ? lock_acquire+0x197/0x470
[ 2658.327081]  ? find_held_lock+0x2c/0x110
[ 2658.327944]  ? __fget_files+0x2cf/0x520
[ 2658.328782]  ? lock_downgrade+0x6d0/0x6d0
[ 2658.329659]  __io_queue_sqe+0x90/0x9d0
[ 2658.330488]  ? io_issue_sqe+0x77b0/0x77b0
[ 2658.331372]  ? __fget_files+0x2f8/0x520
[ 2658.332224]  ? io_prep_rw+0x7f5/0x1050
[ 2658.333062]  io_submit_sqes+0x44aa/0x8610
[ 2658.333962]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2658.335041]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2658.336070]  ? find_held_lock+0x2c/0x110
[ 2658.336935]  ? io_submit_sqes+0x8610/0x8610
[ 2658.337859]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2658.338902]  ? wait_for_completion_io+0x270/0x270
[ 2658.339920]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2658.340892]  ? vfs_write+0x354/0xb10
[ 2658.341668]  ? fput_many+0x2f/0x1a0
[ 2658.342436]  ? ksys_write+0x1a9/0x260
[ 2658.343227]  ? __ia32_sys_read+0xb0/0xb0
[ 2658.344075]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2658.345172]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2658.346258]  do_syscall_64+0x33/0x40
[ 2658.347038]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2658.348103] RIP: 0033:0x7f9d2ce7eb19
[ 2658.348882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2658.352823] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2658.354435] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2658.355944] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2658.357431] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2658.358920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2658.360404] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:43:09 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000100)={0x20b, 0x1f, 0xfffc})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000140)={0x2, 0x1})

20:43:09 executing program 4:
ioctl$TCSETAW(0xffffffffffffffff, 0x40045431, 0xffffffffffffffff)

20:43:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/ipc\x00')
write$binfmt_elf64(r1, &(0x7f0000000080)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x2, 0x9, 0x7, 0x0, 0x3, 0x3e, 0x1ff, 0x283, 0x40, 0x2e6, 0x200, 0x3, 0x38, 0x2, 0x5b, 0x8273, 0x2}, [{0x70000000, 0x40, 0x8000, 0x9, 0x2, 0x669, 0x0, 0x1bc0000000000}, {0x5, 0x3f, 0x1, 0x5, 0x9, 0xace, 0x6, 0x1}], "eee71b568938c6622a6f0871bf413998093a44091af1ec9df4785e9f9a62376bd6af021639056c7b5aa5b44bba6ecfc2a02a73cd08449c51b341052e9c7e9d6a9b3b0445324eaa5e20dd273878efd7ab365769129de2ef975525b9d2b35dc477dbac88092e4e014956da", ['\x00', '\x00']}, 0x31a)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

[ 2658.421896] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2658.423487] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2658.425134] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:43:09 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, 0xffffffffffffffff)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
syz_open_pts(r1, 0x40000)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$VT_GETMODE(r2, 0x5601, &(0x7f0000000080))

20:43:09 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x16f042, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000040))
ioctl$TCXONC(r1, 0x540a, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:43:09 executing program 4:
r0 = semget$private(0x0, 0x1, 0x403)
semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000040)=""/46)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x2000000000000000}, 0x11010, 0x84b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = pkey_alloc(0x0, 0x2)
r2 = pkey_alloc(0x0, 0x5)
pkey_mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, r2)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0)
pkey_mprotect(&(0x7f0000fed000/0x13000)=nil, 0x13000, 0x0, r1)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x8001, 0x3)
pkey_mprotect(&(0x7f0000ff1000/0x1000)=nil, 0x1000, 0x9, r1)
pkey_mprotect(&(0x7f0000ff1000/0x1000)=nil, 0x1000, 0x9, 0xffffffffffffffff)
pkey_free(0xffffffffffffffff)
ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611)
pkey_mprotect(&(0x7f0000ff0000/0x4000)=nil, 0x4000, 0x3, r1)
pkey_mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000006, 0xffffffffffffffff)
gettid()
pkey_mprotect(&(0x7f0000ff3000/0x4000)=nil, 0x4000, 0x3000008, r2)
getpid()
munlock(&(0x7f0000ff2000/0x3000)=nil, 0x3000)

20:43:09 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 93)

20:43:09 executing program 0:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x904c0, 0x0)
ioctl(r0, 0x2, &(0x7f0000000080)="36bcef33a85047a5b92c7eb180ff8962ca9c3e72df55161088ff5dc8ce1898985bec6e97057ebf5d788042b777796c192be08895cb4203ac10e0589445a5962f86050a94804c556685359f668d660ec201c80820b34bd947c1c687c7c79982e7023d4b25eca730a9b7c6873d9abb304a6514fe09d9d9b0507ec5cc612616683854906e08861fed217f1393e21deb2aec416fe021f932c79ef54a20c7fb46f618f61526929d3ee5bc37f9d7cb983860bad09f2d33")
ioctl$BTRFS_IOC_LOGICAL_INO(r0, 0xc0389424, &(0x7f0000000180)={0x2, 0x40, '\x00', 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x86, 0x0, 0x0, 0x50, 0xd, "e6400200"})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000200)={0x0, 0x9, 0x0, 0x5, 0xa, "1cad68a6fe2a948f"})
ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f00000001c0))
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
fsetxattr(r2, &(0x7f0000000240)=@known='trusted.overlay.opaque\x00', &(0x7f0000000280)='/dev/ptmx\x00', 0xa, 0x1)
ioctl$TCSETAW(r2, 0x541a, 0xffffffffffffffff)

20:43:09 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x0, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:43:09 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x7ff, 0x1, 0x5, 0x1000, 0x1, "ec9cc432481fdf393cfcb14ee6cf41d55d9309", 0x6, 0x1})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2658.614011] FAULT_INJECTION: forcing a failure.
[ 2658.614011] name failslab, interval 1, probability 0, space 0, times 0
[ 2658.616723] CPU: 1 PID: 13158 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2658.618162] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2658.619924] Call Trace:
[ 2658.620487]  dump_stack+0x107/0x167
[ 2658.621259]  should_fail.cold+0x5/0xa
[ 2658.622058]  ? create_object.isra.0+0x3a/0xa20
[ 2658.623040]  should_failslab+0x5/0x20
[ 2658.623858]  kmem_cache_alloc+0x5b/0x310
[ 2658.624726]  ? mark_held_locks+0x9e/0xe0
[ 2658.625577]  create_object.isra.0+0x3a/0xa20
[ 2658.626514]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2658.627599]  kmem_cache_alloc_bulk+0x168/0x320
[ 2658.628606]  io_submit_sqes+0x6fe6/0x8610
[ 2658.629505]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2658.630589]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2658.631623]  ? find_held_lock+0x2c/0x110
[ 2658.632495]  ? io_submit_sqes+0x8610/0x8610
[ 2658.633420]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2658.633597] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2658.634442]  ? wait_for_completion_io+0x270/0x270
[ 2658.634465]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2658.634482]  ? vfs_write+0x354/0xb10
[ 2658.634501]  ? fput_many+0x2f/0x1a0
[ 2658.634521]  ? ksys_write+0x1a9/0x260
[ 2658.634548]  ? __ia32_sys_read+0xb0/0xb0
[ 2658.641438]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2658.642552]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2658.643642]  do_syscall_64+0x33/0x40
[ 2658.644425]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2658.645502] RIP: 0033:0x7f7cc70bcb19
[ 2658.646304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2658.650193] RSP: 002b:00007f7cc4632188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2658.651834] RAX: ffffffffffffffda RBX: 00007f7cc71cff60 RCX: 00007f7cc70bcb19
[ 2658.653332] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2658.654868] RBP: 00007f7cc46321d0 R08: 0000000000000000 R09: 0000000000000000
[ 2658.656376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2658.657889] R13: 00007ffd5bd2096f R14: 00007f7cc4632300 R15: 0000000000022000
[ 2658.701768] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2658.703553] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2658.705171] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:43:10 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62)

20:43:10 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x81, 0x0)
ioctl$TCSETAW(r0, 0x5407, 0xffffffffffffffff)

20:43:10 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0, {0x8}}, './file0\x00'})
ioctl$VT_RESIZE(r1, 0x5609, &(0x7f00000000c0)={0x7, 0x1, 0x3f})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000040)=0x40)

20:43:10 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x16f042, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000040))
ioctl$TCXONC(r1, 0x540a, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)

20:43:10 executing program 4:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$VT_OPENQRY(r1, 0x5600, &(0x7f00000000c0))
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r2, 0x40045431, 0xffffffffffffffff)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
r3 = socket$inet6_icmp(0xa, 0x2, 0x3a)
sendfile(r3, r0, 0x0, 0x8)

20:43:10 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f00000000c0)={0x4, 0xfff7, 0x101, 0x20, 0x0, "b58784d1b64731b3"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:43:10 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x0, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 2658.853173] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2658.889800] FAULT_INJECTION: forcing a failure.
[ 2658.889800] name failslab, interval 1, probability 0, space 0, times 0
[ 2658.892587] CPU: 1 PID: 13182 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2658.894023] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2658.895774] Call Trace:
[ 2658.896337]  dump_stack+0x107/0x167
[ 2658.897109]  should_fail.cold+0x5/0xa
[ 2658.897912]  ? io_setup_async_rw+0x180/0x580
[ 2658.898869]  should_failslab+0x5/0x20
[ 2658.899676]  __kmalloc+0x72/0x390
[ 2658.900399]  ? lock_downgrade+0x6d0/0x6d0
[ 2658.901269]  io_setup_async_rw+0x180/0x580
[ 2658.902149]  io_read+0xe98/0x11e0
[ 2658.902882]  ? __lock_acquire+0x1657/0x5b00
[ 2658.903791]  ? kiocb_done+0xc90/0xc90
[ 2658.904584]  ? mark_lock+0xf5/0x2df0
[ 2658.905363]  ? lock_chain_count+0x20/0x20
[ 2658.906275]  ? __lock_acquire+0xbb1/0x5b00
[ 2658.907168]  io_issue_sqe+0x2e8a/0x77b0
[ 2658.908018]  ? find_held_lock+0x2c/0x110
[ 2658.908892]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2658.910003]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2658.911019]  ? lock_downgrade+0x6d0/0x6d0
[ 2658.911888]  ? io_connect+0x610/0x610
[ 2658.912685]  ? lock_acquire+0x197/0x470
[ 2658.913508]  ? find_held_lock+0x2c/0x110
[ 2658.914368]  ? __fget_files+0x2cf/0x520
[ 2658.915195]  ? lock_downgrade+0x6d0/0x6d0
[ 2658.916053]  __io_queue_sqe+0x90/0x9d0
[ 2658.916870]  ? io_issue_sqe+0x77b0/0x77b0
[ 2658.917719]  ? __fget_files+0x2f8/0x520
[ 2658.918553]  ? io_prep_rw+0x7f5/0x1050
[ 2658.919355]  io_submit_sqes+0x44aa/0x8610
[ 2658.920232]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2658.921249]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2658.922249]  ? find_held_lock+0x2c/0x110
[ 2658.923089]  ? io_submit_sqes+0x8610/0x8610
[ 2658.923989]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2658.924991]  ? wait_for_completion_io+0x270/0x270
[ 2658.925982]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2658.926948]  ? vfs_write+0x354/0xb10
[ 2658.927728]  ? fput_many+0x2f/0x1a0
[ 2658.928495]  ? ksys_write+0x1a9/0x260
[ 2658.929297]  ? __ia32_sys_read+0xb0/0xb0
[ 2658.930159]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2658.931272]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2658.932332]  do_syscall_64+0x33/0x40
[ 2658.933100]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2658.934157] RIP: 0033:0x7f9d2ce7eb19
[ 2658.934928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2658.938775] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2658.940360] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2658.941860] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2658.943360] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2658.944827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2658.946299] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2658.950173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2658.952389] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2658.956648] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:43:10 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r0, 0x2, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x1}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "eb2b4d44492a7c1848c7fd7723"}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DEFAULT={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x20040021}, 0x4040040)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r2, 0x40045431, 0xffffffffffffffff)

20:43:10 executing program 0:
move_mount(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xa7)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000180)=0x2)
pivot_root(&(0x7f0000000140)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00')
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000100)={0x8000, 0x4, 0x0, 0xedb, 0x401, 0x400})

20:43:10 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000100)={0x20b, 0x1f, 0xfffc})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000140)={0x2, 0x1})

20:43:10 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x16f042, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000040))
ioctl$TCXONC(r1, 0x540a, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

20:43:10 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f00000000c0)=0x5)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000140)={0x3ff, 0x5, 0x7, 0x70, 0x4, "cdd8cc7bb1768cee"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:43:25 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63)

20:43:25 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000100)={0x20b, 0x1f, 0xfffc})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000140)={0x2, 0x1})

20:43:25 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 94)

20:43:25 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000080)={{0x7f, 0x45, 0x4c, 0x46, 0xe4, 0x3f, 0x4, 0xff, 0x0, 0x3, 0x6, 0x6, 0x25d, 0x40, 0x37f, 0x4, 0x0, 0x38, 0x2, 0x101, 0x1, 0xffff}, [{0x4, 0x6, 0x800, 0xffffffffffffff81, 0x7fffffff, 0xe2, 0x4, 0x8}], "2e9500bc78c35a0ff10eda1b1f3435b3cd163af11ffeda2f83c7c59aca609ed13a53f7678ea527690130e3b158654cffa4b4", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9aa)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)=ANY=[@ANYBLOB="010000020900a589e6000018000000", @ANYRES16=r0, @ANYBLOB="ff0f0000000000002e2f66696e653000"])
ioctl$TCSETAW(0xffffffffffffffff, 0x40045431, 0xffffffffffffffff)

20:43:25 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x0, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:43:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
dup3(r0, r1, 0x80000)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

20:43:25 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x16f042, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000040))
ioctl$TCXONC(r1, 0x540a, 0x0)

20:43:25 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x8000, 0x401, 0x9, 0x3, 0xfe, "e640020000004000"})

[ 2674.148149] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2674.158234] FAULT_INJECTION: forcing a failure.
[ 2674.158234] name failslab, interval 1, probability 0, space 0, times 0
[ 2674.160779] CPU: 0 PID: 13215 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2674.162231] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2674.163987] Call Trace:
[ 2674.164554]  dump_stack+0x107/0x167
[ 2674.165350]  should_fail.cold+0x5/0xa
[ 2674.166158]  ? __io_queue_sqe+0x666/0x9d0
[ 2674.167054]  should_failslab+0x5/0x20
[ 2674.167861]  kmem_cache_alloc_trace+0x55/0x320
[ 2674.168824]  ? lock_downgrade+0x6d0/0x6d0
[ 2674.169700]  __io_queue_sqe+0x666/0x9d0
[ 2674.170544]  ? io_issue_sqe+0x77b0/0x77b0
20:43:25 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000100)={0x20b, 0x1f, 0xfffc})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000140)={0x2, 0x1})

[ 2674.171427]  ? __fget_files+0x2f8/0x520
[ 2674.172394]  ? io_prep_rw+0x7f5/0x1050
[ 2674.173226]  io_submit_sqes+0x44aa/0x8610
[ 2674.174134]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2674.175195]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2674.176208]  ? find_held_lock+0x2c/0x110
[ 2674.177064]  ? io_submit_sqes+0x8610/0x8610
[ 2674.177976]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2674.179000]  ? wait_for_completion_io+0x270/0x270
[ 2674.180011]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2674.180995]  ? vfs_write+0x354/0xb10
[ 2674.181772]  ? fput_many+0x2f/0x1a0
[ 2674.182535]  ? ksys_write+0x1a9/0x260
[ 2674.183347]  ? __ia32_sys_read+0xb0/0xb0
[ 2674.184207]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2674.185304]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2674.186389]  do_syscall_64+0x33/0x40
[ 2674.187190]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2674.188263] RIP: 0033:0x7f7cc70bcb19
20:43:25 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x16f042, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCXONC(r1, 0x540a, 0x0)

20:43:25 executing program 6:
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x1, 0x0, "4204af5078dc8f613afeedeb91401d0457d614", 0x0, 0x2})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = signalfd4(0xffffffffffffffff, &(0x7f00000000c0)={[0x2000001f]}, 0x8, 0x80800)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000140)=0x4)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000180)={0x0, 0x1e6, 0x0, 0x0, 0x0, "e6400200"})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x100003ff)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2674.189042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2674.192998] RSP: 002b:00007f7cc4632188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2674.194597] RAX: ffffffffffffffda RBX: 00007f7cc71cff60 RCX: 00007f7cc70bcb19
[ 2674.196111] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2674.197607] RBP: 00007f7cc46321d0 R08: 0000000000000000 R09: 0000000000000000
[ 2674.199108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2674.200606] R13: 00007ffd5bd2096f R14: 00007f7cc4632300 R15: 0000000000022000
[ 2674.207179] FAULT_INJECTION: forcing a failure.
[ 2674.207179] name failslab, interval 1, probability 0, space 0, times 0
[ 2674.211303] CPU: 0 PID: 13205 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2674.212769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2674.214526] Call Trace:
[ 2674.215090]  dump_stack+0x107/0x167
[ 2674.215859]  should_fail.cold+0x5/0xa
[ 2674.216664]  ? io_setup_async_rw+0x180/0x580
[ 2674.217591]  should_failslab+0x5/0x20
[ 2674.218391]  __kmalloc+0x72/0x390
[ 2674.219128]  ? lock_downgrade+0x6d0/0x6d0
[ 2674.220003]  io_setup_async_rw+0x180/0x580
[ 2674.220894]  io_read+0xe98/0x11e0
[ 2674.221631]  ? __lock_acquire+0x1657/0x5b00
[ 2674.222543]  ? kiocb_done+0xc90/0xc90
[ 2674.223345]  ? mark_lock+0xf5/0x2df0
[ 2674.224136]  ? lock_chain_count+0x20/0x20
[ 2674.225037]  ? __lock_acquire+0xbb1/0x5b00
[ 2674.225929]  io_issue_sqe+0x2e8a/0x77b0
[ 2674.226774]  ? find_held_lock+0x2c/0x110
[ 2674.227629]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2674.228728]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2674.229722]  ? lock_downgrade+0x6d0/0x6d0
[ 2674.230593]  ? io_connect+0x610/0x610
[ 2674.231404]  ? lock_acquire+0x197/0x470
[ 2674.232237]  ? find_held_lock+0x2c/0x110
[ 2674.233096]  ? __fget_files+0x2cf/0x520
[ 2674.233931]  ? lock_downgrade+0x6d0/0x6d0
[ 2674.234812]  __io_queue_sqe+0x90/0x9d0
[ 2674.235634]  ? io_issue_sqe+0x77b0/0x77b0
[ 2674.236501]  ? __fget_files+0x2f8/0x520
[ 2674.237345]  ? io_prep_rw+0x7f5/0x1050
[ 2674.238168]  io_submit_sqes+0x44aa/0x8610
[ 2674.239077]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2674.240127]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2674.241149]  ? find_held_lock+0x2c/0x110
[ 2674.242009]  ? io_submit_sqes+0x8610/0x8610
[ 2674.242933]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2674.243954]  ? wait_for_completion_io+0x270/0x270
[ 2674.244970]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2674.245947]  ? vfs_write+0x354/0xb10
[ 2674.246744]  ? fput_many+0x2f/0x1a0
[ 2674.247513]  ? ksys_write+0x1a9/0x260
[ 2674.248315]  ? __ia32_sys_read+0xb0/0xb0
[ 2674.249173]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2674.250281]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2674.251375]  do_syscall_64+0x33/0x40
[ 2674.252158]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2674.253245] RIP: 0033:0x7f9d2ce7eb19
[ 2674.254028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2674.257925] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2674.259553] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2674.261066] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2674.262568] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2674.264091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2674.265594] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2674.310837] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2674.313515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2674.316686] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:43:25 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000040)={0x400, 0x9, 0x1, 0x101, 0x0, 0x1})
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

20:43:25 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x16f042, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCXONC(r1, 0x540a, 0x0)

20:43:25 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = syz_open_pts(r0, 0x101000)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x5, 0x9, 0xcc, 0x6e0, 0x18, "50c167ef7690a3ba"})

20:43:25 executing program 0:
ioctl$SG_SCSI_RESET(0xffffffffffffffff, 0x2284, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

20:43:25 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x0, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 2674.448260] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2674.530939] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2674.532511] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2674.534134] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:43:38 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x16f042, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x0)

20:43:38 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000100)={0x20b, 0x1f, 0xfffc})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:43:38 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfffffffd, 0x0, 0x0, 0xfffffff8, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:43:38 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

20:43:38 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64)

20:43:38 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x0, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:43:38 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 95)

20:43:38 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r1, 0x80286722, &(0x7f0000000100)={&(0x7f0000000080)=""/96, 0x60, 0x2, 0x1f})
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

[ 2687.592810] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2687.604662] FAULT_INJECTION: forcing a failure.
[ 2687.604662] name failslab, interval 1, probability 0, space 0, times 0
[ 2687.606182] CPU: 1 PID: 13262 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2687.607042] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2687.608101] Call Trace:
[ 2687.608445]  dump_stack+0x107/0x167
[ 2687.608906]  should_fail.cold+0x5/0xa
[ 2687.609392]  ? create_object.isra.0+0x3a/0xa20
[ 2687.609973]  should_failslab+0x5/0x20
[ 2687.610443]  kmem_cache_alloc+0x5b/0x310
[ 2687.610943]  create_object.isra.0+0x3a/0xa20
[ 2687.611480]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2687.612096]  kmem_cache_alloc_trace+0x151/0x320
[ 2687.612671]  __io_queue_sqe+0x666/0x9d0
[ 2687.613151]  ? io_issue_sqe+0x77b0/0x77b0
[ 2687.613651]  ? __fget_files+0x2f8/0x520
[ 2687.614142]  ? io_prep_rw+0x7f5/0x1050
[ 2687.614637]  io_submit_sqes+0x44aa/0x8610
[ 2687.615157]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2687.615756]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2687.616329]  ? find_held_lock+0x2c/0x110
[ 2687.616817]  ? io_submit_sqes+0x8610/0x8610
[ 2687.617339]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2687.617918]  ? wait_for_completion_io+0x270/0x270
[ 2687.618490]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2687.619041]  ? vfs_write+0x354/0xb10
[ 2687.619493]  ? fput_many+0x2f/0x1a0
[ 2687.619927]  ? ksys_write+0x1a9/0x260
[ 2687.620378]  ? __ia32_sys_read+0xb0/0xb0
[ 2687.620867]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2687.621487]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2687.622105]  do_syscall_64+0x33/0x40
[ 2687.622546]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2687.623157] RIP: 0033:0x7f7cc70bcb19
[ 2687.623611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2687.625776] RSP: 002b:00007f7cc4632188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2687.626685] RAX: ffffffffffffffda RBX: 00007f7cc71cff60 RCX: 00007f7cc70bcb19
[ 2687.627532] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2687.628374] RBP: 00007f7cc46321d0 R08: 0000000000000000 R09: 0000000000000000
[ 2687.629210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2687.630049] R13: 00007ffd5bd2096f R14: 00007f7cc4632300 R15: 0000000000022000
[ 2687.645153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2687.646070] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2687.646975] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 2687.652039] FAULT_INJECTION: forcing a failure.
[ 2687.652039] name failslab, interval 1, probability 0, space 0, times 0
[ 2687.654743] CPU: 0 PID: 13264 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2687.656273] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2687.658037] Call Trace:
[ 2687.658621]  dump_stack+0x107/0x167
[ 2687.659413]  should_fail.cold+0x5/0xa
[ 2687.660234]  ? create_object.isra.0+0x3a/0xa20
[ 2687.661232]  should_failslab+0x5/0x20
[ 2687.662062]  kmem_cache_alloc+0x5b/0x310
[ 2687.662941]  create_object.isra.0+0x3a/0xa20
[ 2687.663901]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2687.665000]  __kmalloc+0x16e/0x390
[ 2687.665769]  ? lock_downgrade+0x6d0/0x6d0
[ 2687.666672]  io_setup_async_rw+0x180/0x580
[ 2687.667600]  io_read+0xe98/0x11e0
[ 2687.668351]  ? __lock_acquire+0x1657/0x5b00
[ 2687.669286]  ? kiocb_done+0xc90/0xc90
[ 2687.670106]  ? mark_lock+0xf5/0x2df0
[ 2687.670914]  ? lock_chain_count+0x20/0x20
[ 2687.671850]  ? __lock_acquire+0xbb1/0x5b00
[ 2687.672769]  io_issue_sqe+0x2e8a/0x77b0
[ 2687.673631]  ? find_held_lock+0x2c/0x110
[ 2687.674513]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2687.675655]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2687.676679]  ? lock_downgrade+0x6d0/0x6d0
[ 2687.677574]  ? io_connect+0x610/0x610
[ 2687.678403]  ? lock_acquire+0x197/0x470
[ 2687.679271]  ? find_held_lock+0x2c/0x110
[ 2687.680153]  ? __fget_files+0x2cf/0x520
[ 2687.681010]  ? lock_downgrade+0x6d0/0x6d0
[ 2687.681911]  __io_queue_sqe+0x90/0x9d0
[ 2687.682760]  ? io_issue_sqe+0x77b0/0x77b0
[ 2687.683661]  ? __fget_files+0x2f8/0x520
[ 2687.684524]  ? io_prep_rw+0x7f5/0x1050
[ 2687.685372]  io_submit_sqes+0x44aa/0x8610
[ 2687.686298]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2687.687377]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2687.688412]  ? find_held_lock+0x2c/0x110
[ 2687.689291]  ? io_submit_sqes+0x8610/0x8610
[ 2687.690228]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2687.691279]  ? wait_for_completion_io+0x270/0x270
[ 2687.692320]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2687.693318]  ? vfs_write+0x354/0xb10
[ 2687.694119]  ? fput_many+0x2f/0x1a0
[ 2687.694904]  ? ksys_write+0x1a9/0x260
[ 2687.695732]  ? __ia32_sys_read+0xb0/0xb0
[ 2687.696609]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2687.697733]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2687.698841]  do_syscall_64+0x33/0x40
[ 2687.699648]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2687.700746] RIP: 0033:0x7f9d2ce7eb19
[ 2687.701546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2687.705511] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2687.707144] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2687.708685] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2687.710221] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2687.711759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2687.713291] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:43:38 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000100)={0x20b, 0x1f, 0xfffc})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)

[ 2699.914808] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:43:51 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 65)

20:43:51 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x16f042, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)

20:43:51 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x0, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:43:51 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x319043, 0x0)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

20:43:51 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000000080)="858e7e1ed9308ac9e5f76128579104bdcb9da436161b96df713dd05b5f8d561528a2ce848bcbf0eafa6846d1d1b9bdba")

20:43:51 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0), 0x94a00, 0x0)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x8, 0x0, 0x101, 0x0, 0x10, "93d5125fe2470ae9"})
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000100)={0x2, 0x0, 0x0, 0x5, 0x0, "4204af5078dc8f613afeedeb91401d0457d614", 0x0, 0x20000000})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$GIO_CMAP(r3, 0x4b70, &(0x7f0000000140))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:43:51 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000100)={0x20b, 0x1f, 0xfffc})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

20:43:51 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 96)

[ 2699.942834] FAULT_INJECTION: forcing a failure.
[ 2699.942834] name failslab, interval 1, probability 0, space 0, times 0
[ 2699.945631] CPU: 0 PID: 13283 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2699.947136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2699.947718] FAULT_INJECTION: forcing a failure.
[ 2699.947718] name failslab, interval 1, probability 0, space 0, times 0
[ 2699.948998] Call Trace:
[ 2699.949029]  dump_stack+0x107/0x167
[ 2699.949052]  should_fail.cold+0x5/0xa
[ 2699.949078]  ? __io_queue_sqe+0x666/0x9d0
[ 2699.953436]  should_failslab+0x5/0x20
[ 2699.954274]  kmem_cache_alloc_trace+0x55/0x320
[ 2699.955331]  ? lock_downgrade+0x6d0/0x6d0
[ 2699.956259]  __io_queue_sqe+0x666/0x9d0
[ 2699.957162]  ? io_issue_sqe+0x77b0/0x77b0
[ 2699.958100]  ? __fget_files+0x2f8/0x520
[ 2699.959000]  ? io_prep_rw+0x7f5/0x1050
[ 2699.959885]  io_submit_sqes+0x44aa/0x8610
[ 2699.960845]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2699.961944]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2699.963019]  ? find_held_lock+0x2c/0x110
[ 2699.963943]  ? io_submit_sqes+0x8610/0x8610
[ 2699.964901]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2699.965971]  ? wait_for_completion_io+0x270/0x270
[ 2699.967029]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2699.968076]  ? vfs_write+0x354/0xb10
[ 2699.968898]  ? fput_many+0x2f/0x1a0
[ 2699.969714]  ? ksys_write+0x1a9/0x260
[ 2699.970561]  ? __ia32_sys_read+0xb0/0xb0
[ 2699.971466]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2699.972636]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2699.973787]  do_syscall_64+0x33/0x40
[ 2699.974610]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2699.975773] RIP: 0033:0x7f9d2ce7eb19
[ 2699.976580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2699.980678] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2699.982368] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2699.983951] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2699.985538] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2699.987133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2699.988732] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2699.990349] CPU: 1 PID: 13294 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2699.991141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2699.992070] Call Trace:
[ 2699.992372]  dump_stack+0x107/0x167
[ 2699.992779]  should_fail.cold+0x5/0xa
[ 2699.993208]  ? io_setup_async_rw+0x180/0x580
[ 2699.993701]  should_failslab+0x5/0x20
[ 2699.994125]  __kmalloc+0x72/0x390
[ 2699.994514]  ? lock_downgrade+0x6d0/0x6d0
[ 2699.994983]  io_setup_async_rw+0x180/0x580
[ 2699.995461]  io_read+0xe98/0x11e0
[ 2699.995855]  ? __lock_acquire+0x1657/0x5b00
[ 2699.996342]  ? kiocb_done+0xc90/0xc90
[ 2699.996767]  ? mark_lock+0xf5/0x2df0
[ 2699.997190]  ? lock_chain_count+0x20/0x20
[ 2699.997670]  ? __lock_acquire+0xbb1/0x5b00
[ 2699.998148]  io_issue_sqe+0x2e8a/0x77b0
[ 2699.998595]  ? find_held_lock+0x2c/0x110
[ 2699.999055]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2699.999659]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2700.000211]  ? lock_downgrade+0x6d0/0x6d0
[ 2700.000700]  ? io_connect+0x610/0x610
[ 2700.001128]  ? lock_acquire+0x197/0x470
[ 2700.001573]  ? find_held_lock+0x2c/0x110
[ 2700.002038]  ? __fget_files+0x2cf/0x520
[ 2700.002486]  ? lock_downgrade+0x6d0/0x6d0
[ 2700.002956]  __io_queue_sqe+0x90/0x9d0
[ 2700.003395]  ? io_issue_sqe+0x77b0/0x77b0
[ 2700.003859]  ? __fget_files+0x2f8/0x520
[ 2700.004302]  ? io_prep_rw+0x7f5/0x1050
[ 2700.004744]  io_submit_sqes+0x44aa/0x8610
[ 2700.005218]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2700.005772]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2700.006308]  ? find_held_lock+0x2c/0x110
[ 2700.006765]  ? io_submit_sqes+0x8610/0x8610
[ 2700.007250]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2700.007813]  ? wait_for_completion_io+0x270/0x270
[ 2700.008378]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2700.008894]  ? vfs_write+0x354/0xb10
[ 2700.009308]  ? fput_many+0x2f/0x1a0
[ 2700.009720]  ? ksys_write+0x1a9/0x260
[ 2700.010151]  ? __ia32_sys_read+0xb0/0xb0
[ 2700.010614]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2700.011204]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2700.011784]  do_syscall_64+0x33/0x40
[ 2700.012200]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2700.012772] RIP: 0033:0x7f7cc70bcb19
[ 2700.013195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2700.015255] RSP: 002b:00007f7cc4632188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2700.016123] RAX: ffffffffffffffda RBX: 00007f7cc71cff60 RCX: 00007f7cc70bcb19
[ 2700.016912] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2700.017703] RBP: 00007f7cc46321d0 R08: 0000000000000000 R09: 0000000000000000
[ 2700.018494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2700.019300] R13: 00007ffd5bd2096f R14: 00007f7cc4632300 R15: 0000000000022000
20:43:51 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x212980, 0x0)
r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x3)
r2 = dup3(0xffffffffffffffff, r1, 0x80000)
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f00000000c0)=0x1)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCL_GETKMSGREDIRECT(r3, 0x541c, &(0x7f0000000100))
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x3e4a81, 0x0)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000080)=0x1)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
dup3(r2, r4, 0x0)

20:43:51 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000100)={0x20b, 0x1f, 0xfffc})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:43:51 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x16f042, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)

[ 2700.078969] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2700.079832] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2700.080727] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:43:51 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040))
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x8040942d, &(0x7f00000000c0))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r1, 0x541a, 0xffffffffffffffff)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x101)

20:43:51 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x19db00, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
syz_open_pts(r1, 0x400)

20:43:51 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 66)

20:43:51 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.kill\x00', 0x0, 0x0)
ioctl$KDSETKEYCODE(r2, 0x4b4d, &(0x7f0000000200)={0xcf1, 0x100})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KDGKBDIACR(r1, 0x4b4a, &(0x7f0000000140)=""/186)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:43:51 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x16f042, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)

[ 2700.149916] FAULT_INJECTION: forcing a failure.
[ 2700.149916] name failslab, interval 1, probability 0, space 0, times 0
[ 2700.151306] CPU: 1 PID: 13309 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2700.152110] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2700.153058] Call Trace:
[ 2700.153363]  dump_stack+0x107/0x167
[ 2700.153772]  should_fail.cold+0x5/0xa
[ 2700.154208]  ? io_setup_async_rw+0x180/0x580
[ 2700.154704]  should_failslab+0x5/0x20
[ 2700.155132]  __kmalloc+0x72/0x390
[ 2700.155522]  ? lock_downgrade+0x6d0/0x6d0
[ 2700.155995]  io_setup_async_rw+0x180/0x580
[ 2700.156487]  io_read+0xe98/0x11e0
[ 2700.156883]  ? __lock_acquire+0x1657/0x5b00
[ 2700.157387]  ? kiocb_done+0xc90/0xc90
[ 2700.157815]  ? mark_lock+0xf5/0x2df0
[ 2700.158247]  ? lock_chain_count+0x20/0x20
[ 2700.158738]  ? __lock_acquire+0xbb1/0x5b00
[ 2700.159226]  io_issue_sqe+0x2e8a/0x77b0
[ 2700.159681]  ? find_held_lock+0x2c/0x110
[ 2700.160138]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2700.160743]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2700.161276]  ? lock_downgrade+0x6d0/0x6d0
[ 2700.161753]  ? io_connect+0x610/0x610
[ 2700.162185]  ? lock_acquire+0x197/0x470
[ 2700.162631]  ? find_held_lock+0x2c/0x110
[ 2700.163105]  ? __fget_files+0x2cf/0x520
[ 2700.163555]  ? lock_downgrade+0x6d0/0x6d0
[ 2700.164044]  __io_queue_sqe+0x90/0x9d0
[ 2700.164488]  ? io_issue_sqe+0x77b0/0x77b0
[ 2700.164952]  ? __fget_files+0x2f8/0x520
[ 2700.165408]  ? io_prep_rw+0x7f5/0x1050
[ 2700.165853]  io_submit_sqes+0x44aa/0x8610
[ 2700.166342]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2700.166899]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2700.167462]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2700.168077]  ? io_submit_sqes+0x8610/0x8610
[ 2700.168580]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2700.169122]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2700.169724]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2700.170329]  ? trace_hardirqs_on+0x5b/0x180
[ 2700.170818]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2700.171434]  ? __x64_sys_io_uring_enter+0xd/0x1b0
[ 2700.172003]  ? __x64_sys_io_uring_enter+0x26/0x1b0
[ 2700.172565]  do_syscall_64+0x33/0x40
[ 2700.172989]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2700.173587] RIP: 0033:0x7f9d2ce7eb19
[ 2700.174019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2700.176132] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2700.176998] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2700.177827] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2700.178671] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2700.179473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2700.180282] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:43:51 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:43:51 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x0, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:43:51 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:43:51 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f00000000c0)={0xe4, 0x15, &(0x7f0000000140)})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:43:51 executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x1, &(0x7f0000000080)=""/156, 0x9c}, &(0x7f0000000180)=0x40)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000780)={@local, 0x0, 0x3}, 0x20)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r1, 0x541a, 0xffffffffffffffff)

20:43:51 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x4bf2a0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

20:43:51 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

[ 2700.293822] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2700.363915] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2700.365093] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2700.366408] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 2715.043645] FAULT_INJECTION: forcing a failure.
[ 2715.043645] name failslab, interval 1, probability 0, space 0, times 0
[ 2715.045255] CPU: 1 PID: 13346 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2715.046070] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2715.047066] Call Trace:
[ 2715.047391]  dump_stack+0x107/0x167
[ 2715.047832]  should_fail.cold+0x5/0xa
[ 2715.048300]  ? io_setup_async_rw+0x180/0x580
[ 2715.048830]  ? io_setup_async_rw+0x180/0x580
[ 2715.049364]  should_failslab+0x5/0x20
[ 2715.049824]  __kmalloc+0x72/0x390
[ 2715.050245]  ? lock_downgrade+0x6d0/0x6d0
[ 2715.050752]  io_setup_async_rw+0x180/0x580
[ 2715.051261]  io_read+0xe98/0x11e0
[ 2715.051686]  ? __lock_acquire+0x1657/0x5b00
[ 2715.052216]  ? kiocb_done+0xc90/0xc90
[ 2715.052676]  ? mark_lock+0xf5/0x2df0
[ 2715.053128]  ? lock_chain_count+0x20/0x20
[ 2715.053655]  ? __lock_acquire+0xbb1/0x5b00
[ 2715.054166]  io_issue_sqe+0x2e8a/0x77b0
[ 2715.054643]  ? find_held_lock+0x2c/0x110
[ 2715.055134]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2715.055768]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2715.056344]  ? lock_downgrade+0x6d0/0x6d0
[ 2715.056843]  ? io_connect+0x610/0x610
[ 2715.057304]  ? lock_acquire+0x197/0x470
[ 2715.057798]  ? find_held_lock+0x2c/0x110
[ 2715.058290]  ? __fget_files+0x2cf/0x520
[ 2715.058772]  ? lock_downgrade+0x6d0/0x6d0
[ 2715.059265]  __io_queue_sqe+0x90/0x9d0
[ 2715.059733]  ? io_issue_sqe+0x77b0/0x77b0
[ 2715.060236]  ? __fget_files+0x2f8/0x520
[ 2715.060728]  ? io_prep_rw+0x7f5/0x1050
[ 2715.061194]  io_submit_sqes+0x44aa/0x8610
[ 2715.061709]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2715.062304]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2715.063044]  ? find_held_lock+0x2c/0x110
[ 2715.063705]  ? io_submit_sqes+0x8610/0x8610
20:44:06 executing program 5:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x16f042, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)

20:44:06 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 97)

20:44:06 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x0, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:44:06 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:44:06 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 67)

20:44:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{}]})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r1=>r0, {0x3}}, './file0/file0\x00'})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f00000000c0)=0x5)
ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f00000002c0)={0xb, 0x2, {0xffffffffffff0992, @struct={0x7, 0x7fffffff}, <r2=>0x0, 0x0, 0x8000, 0xffff, 0xfffffffffffffff9, 0x0, 0x125, @struct={0x4, 0x401}, 0x10000, 0x1, [0x2, 0x1, 0x1000, 0x1, 0x3f, 0xfffffffffffffffa]}, {0x6, @usage=0x1ff, 0x0, 0x80000001, 0x8, 0x7a18d371, 0x4, 0x6, 0x0, @usage=0x8, 0x8, 0x0, [0x81, 0xb5d4, 0x80, 0x9, 0x6, 0x4]}, {0x95fc, @struct={0x11dcda79, 0x80000000}, 0x0, 0xffffffffffffff70, 0x100000000, 0x6, 0x26, 0x5, 0x40a, @struct={0x80000000}, 0xf474, 0x9, [0x2, 0x9, 0x0, 0x6b, 0x0, 0x337a]}, {0x80000000, 0x4, 0x5}})
ioctl$BTRFS_IOC_DEV_INFO(r1, 0xd000941e, &(0x7f00000006c0)={r2, "d263a6a692604c645a835b7d881793d0"})
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000006, 0x2010, r1, 0x8000000)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000240)=@IORING_OP_WRITE_FIXED={0x5, 0x3, 0x0, @fd_index, 0x4, 0x7a7c, 0x9, 0x15, 0x1, {0x2, r5}}, 0x8)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
pread64(r3, &(0x7f0000000140)=""/252, 0xfc, 0x5)

20:44:06 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000180)="39ff47219f3c716917ea16f8683a742a88fb5a3eba225dd2a879ca416a6f5165d3b280bfc31ec34795a5b1ba10697f81ae4c0c51096407dfa5bdc9331bea663d3c98d66027cbbe4a92efba9d02c8b8f01935d993dd51dc7fdaaa67512b02ba3e6223ecf327e44ee658ba3f5e7cb415554c15190384e64ea63f0266b726ece794d62babda524526b79477484a10bd197e4dc9a7996b18d680b08c82f426e2df6b6c9ba384215885677635c0ee606e5a11c7b16a40fa1ab54e1e43b82883799cafadfc597bd8668146b8de8f1a7eda3ef25aaa6271be738e607229d89ecbe59b8f6862931ac39bd21252758e2c80")
r1 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x801)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000140)={0x5, 0x9, 0x4, 0x2, 0x11, "df25bcbf197c41cd"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:44:06 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$GIO_FONTX(r0, 0x4b6b, &(0x7f0000000480)={0x102, 0x19, &(0x7f0000000080)})
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000040))

[ 2715.064287]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2715.064991]  ? wait_for_completion_io+0x270/0x270
[ 2715.065584]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2715.066143]  ? vfs_write+0x354/0xb10
[ 2715.066595]  ? fput_many+0x2f/0x1a0
[ 2715.067032]  ? ksys_write+0x1a9/0x260
[ 2715.067498]  ? __ia32_sys_read+0xb0/0xb0
[ 2715.067987]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2715.068622]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2715.069249]  do_syscall_64+0x33/0x40
[ 2715.069714]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2715.070330] RIP: 0033:0x7f9d2ce7eb19
[ 2715.070777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2715.073027] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2715.073944] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2715.074802] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2715.075658] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2715.076525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2715.077396] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2715.080970] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2715.092823] FAULT_INJECTION: forcing a failure.
[ 2715.092823] name failslab, interval 1, probability 0, space 0, times 0
[ 2715.094345] CPU: 1 PID: 13358 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2715.095161] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2715.096146] Call Trace:
[ 2715.096473]  dump_stack+0x107/0x167
[ 2715.096907]  should_fail.cold+0x5/0xa
[ 2715.097363]  ? create_object.isra.0+0x3a/0xa20
[ 2715.097932]  should_failslab+0x5/0x20
[ 2715.098390]  kmem_cache_alloc+0x5b/0x310
[ 2715.098882]  create_object.isra.0+0x3a/0xa20
[ 2715.099403]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2715.100018]  __kmalloc+0x16e/0x390
[ 2715.100449]  ? lock_downgrade+0x6d0/0x6d0
[ 2715.100955]  io_setup_async_rw+0x180/0x580
[ 2715.101460]  io_read+0xe98/0x11e0
[ 2715.101877]  ? __lock_acquire+0x1657/0x5b00
[ 2715.102397]  ? kiocb_done+0xc90/0xc90
[ 2715.102847]  ? mark_lock+0xf5/0x2df0
[ 2715.103295]  ? lock_chain_count+0x20/0x20
[ 2715.103810]  ? __lock_acquire+0xbb1/0x5b00
[ 2715.104325]  io_issue_sqe+0x2e8a/0x77b0
[ 2715.104797]  ? find_held_lock+0x2c/0x110
[ 2715.105283]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2715.105907]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2715.106471]  ? lock_downgrade+0x6d0/0x6d0
[ 2715.106964]  ? io_connect+0x610/0x610
[ 2715.107421]  ? lock_acquire+0x197/0x470
[ 2715.107897]  ? find_held_lock+0x2c/0x110
[ 2715.108392]  ? __fget_files+0x2cf/0x520
[ 2715.108863]  ? lock_downgrade+0x6d0/0x6d0
[ 2715.109361]  __io_queue_sqe+0x90/0x9d0
[ 2715.109831]  ? io_issue_sqe+0x77b0/0x77b0
[ 2715.110320]  ? __fget_files+0x2f8/0x520
[ 2715.110795]  ? io_prep_rw+0x7f5/0x1050
[ 2715.111260]  io_submit_sqes+0x44aa/0x8610
[ 2715.111774]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2715.112372]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2715.112946]  ? find_held_lock+0x2c/0x110
[ 2715.113431]  ? io_submit_sqes+0x8610/0x8610
[ 2715.113948]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2715.114523]  ? wait_for_completion_io+0x270/0x270
[ 2715.115102]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2715.115651]  ? vfs_write+0x354/0xb10
[ 2715.116092]  ? fput_many+0x2f/0x1a0
[ 2715.116530]  ? ksys_write+0x1a9/0x260
[ 2715.116979]  ? __ia32_sys_read+0xb0/0xb0
[ 2715.117461]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2715.118075]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2715.118683]  do_syscall_64+0x33/0x40
[ 2715.119120]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2715.119720] RIP: 0033:0x7f7cc70bcb19
[ 2715.120159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2715.122319] RSP: 002b:00007f7cc4632188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2715.123215] RAX: ffffffffffffffda RBX: 00007f7cc71cff60 RCX: 00007f7cc70bcb19
[ 2715.124056] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2715.124905] RBP: 00007f7cc46321d0 R08: 0000000000000000 R09: 0000000000000000
[ 2715.125748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2715.126591] R13: 00007ffd5bd2096f R14: 00007f7cc4632300 R15: 0000000000022000
20:44:06 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:44:06 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x42480, 0x0)
ioctl$KDFONTOP_COPY(r0, 0x4b72, &(0x7f0000000440)={0x3, 0x1, 0x9, 0x20, 0x1f7})
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

20:44:06 executing program 0:
ioctl$TCSETAW(0xffffffffffffffff, 0x541a, 0xffffffffffffffff)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000000)={0x7, 0x7ff, 0xfff9, 0x1, 0x3, "63ef8450228fef93"})

[ 2715.184893] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2715.185761] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2715.186682] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:44:19 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 68)

20:44:19 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)

20:44:19 executing program 4:
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000240)=[{&(0x7f00000000c0)="f2c571c40ceee59a4e1776c33e2b633a37f219bc33643648458db8e4156301da5051ac5bfd7b16e4fb808a59e6ce77f882ef6d4951d8edc66e89e9cac7d10b36f91a982e6fc5d6baf45faaea82bec2e0c5a5680ade3eec6e751ec268", 0x5c}, {&(0x7f0000000140)="7ccca7d50c7fa7eb907fbc340ea6792bb97a2e4c1bc6c289972a0baa502cc4c0af3ea1f52a92e655e51caaef4ed4cce04a21dd8871d9a622e605adca9e4e4491e3e2ec412a0de947e78147457c0f1378bc2c9001be54e0be311cfd2e650aae932ba872ed56a2a94702ace23fc31672cc343baed05b73d61ad260ad581ef0e8acb3dbb896e7e23bc120ebd2ecdbe03b74d89080a33ef7fd6f0f10f7aac9988683d093a927ada0f9e5093ed6fc6270739f787b2108e0aa1ab2f2a669bc3a9f481b231df1f9604fda173351720e3a3fd4923540d4283e1ec56a298421efbb263b8a62", 0xe1}], 0x2, 0x0, 0x0, 0x4040804}, 0x400c0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pipe2$9p(&(0x7f0000000340)={<r1=>0xffffffffffffffff}, 0x4000)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
statx(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x100, 0x3ff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0, <r4=>0x0})
fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', r3, r4, 0x100)
pipe(&(0x7f0000000380)={<r5=>0xffffffffffffffff})
ioctl$TIOCSPTLCK(r5, 0x40045431, &(0x7f0000000400))
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x800, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@aname={'aname', 0x3d, '/dev/ptmx\x00'}}, {@dfltgid={'dfltgid', 0x3d, r4}}, {@fscache}, {@cache_none}], [{@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@subj_role={'subj_role', 0x3d, '^%:'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}]}})
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

20:44:19 executing program 0:
fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000000)=0x4)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setstatus(r0, 0x4, 0x42800)
splice(r1, 0x0, r0, 0x0, 0x5, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x1000, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@noextend}, {@version_9p2000}, {@afid}, {@version_9p2000}], [{@appraise_type}, {@smackfsfloor={'smackfsfloor', 0x3d, '/dev/ptmx\x00'}}]}})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x471443, 0x0)
ioctl$TCSETAW(r2, 0x541a, 0xffffffffffffffff)

20:44:19 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
io_setup(0x3, &(0x7f0000000200)=<r1=>0x0)
r2 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0)
io_submit(r1, 0x2, &(0x7f0000000380)=[&(0x7f0000001080)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x3000000}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r0, {0xee00}}, './file0\x00'})
io_cancel(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x8, 0xa1b, r3, &(0x7f0000000140)="9cb4b50737f29f98e58ebf35af82431392734b88dc0bb2f80a0b9c46ee95d0dfcdbf9ea4a4b4122e2da00c766a3b5d13327404135afceae450e601c575aeca491d25b3afd4836125a87cdcfe10f406c255388a734ae953ba6f0f8c67c247335e2fb105", 0x63, 0xfffffffffffffff9, 0x0, 0x3}, &(0x7f0000000200))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:44:19 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:44:19 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 98)

20:44:19 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x48, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 2727.903099] FAULT_INJECTION: forcing a failure.
[ 2727.903099] name failslab, interval 1, probability 0, space 0, times 0
[ 2727.904699] CPU: 1 PID: 13383 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2727.905541] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2727.906546] Call Trace:
[ 2727.906872]  dump_stack+0x107/0x167
[ 2727.907315]  should_fail.cold+0x5/0xa
[ 2727.907780]  ? create_object.isra.0+0x3a/0xa20
[ 2727.908335]  should_failslab+0x5/0x20
[ 2727.908805]  kmem_cache_alloc+0x5b/0x310
[ 2727.909298]  create_object.isra.0+0x3a/0xa20
[ 2727.909830]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2727.910451]  kmem_cache_alloc_trace+0x151/0x320
[ 2727.911022]  ? lock_downgrade+0x6d0/0x6d0
[ 2727.911533]  __io_queue_sqe+0x666/0x9d0
[ 2727.912032]  ? io_issue_sqe+0x77b0/0x77b0
[ 2727.912537]  ? __fget_files+0x2f8/0x520
[ 2727.913031]  ? io_prep_rw+0x7f5/0x1050
[ 2727.913517]  io_submit_sqes+0x44aa/0x8610
[ 2727.914038]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2727.914645]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2727.915251]  ? find_held_lock+0x2c/0x110
[ 2727.915749]  ? io_submit_sqes+0x8610/0x8610
[ 2727.916281]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2727.916879]  ? wait_for_completion_io+0x270/0x270
[ 2727.917464]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2727.918028]  ? vfs_write+0x354/0xb10
[ 2727.918494]  ? fput_many+0x2f/0x1a0
[ 2727.918939]  ? ksys_write+0x1a9/0x260
[ 2727.919403]  ? __ia32_sys_read+0xb0/0xb0
[ 2727.919899]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2727.920537]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2727.921173]  do_syscall_64+0x33/0x40
[ 2727.921626]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2727.922251] RIP: 0033:0x7f9d2ce7eb19
[ 2727.922703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2727.924974] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2727.925897] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2727.926778] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2727.927675] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2727.928546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2727.929418] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2727.936009] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2727.955199] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s
[ 2727.956366] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[ 2727.957163] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[ 2727.957956] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00
[ 2727.958883] print_req_error: 370 callbacks suppressed
[ 2727.958895] blk_update_request: I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 12 prio class 0
[ 2727.961012] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 2727.961707] blk_update_request: I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2727.962944] buffer_io_error: 374 callbacks suppressed
[ 2727.962950] Buffer I/O error on dev sr0, logical block 0, async page read
[ 2727.964481] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 2727.965131] blk_update_request: I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2727.966366] Buffer I/O error on dev sr0, logical block 1, async page read
[ 2727.967272] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 2727.968037] blk_update_request: I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2727.969732] Buffer I/O error on dev sr0, logical block 2, async page read
[ 2727.970643] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 2727.971279] blk_update_request: I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2727.972476] Buffer I/O error on dev sr0, logical block 3, async page read
[ 2727.973422] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 2727.974063] blk_update_request: I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2727.975250] Buffer I/O error on dev sr0, logical block 4, async page read
[ 2727.976140] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 2727.976802] blk_update_request: I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2727.977974] Buffer I/O error on dev sr0, logical block 5, async page read
[ 2727.978863] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 2727.979530] blk_update_request: I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2727.980708] Buffer I/O error on dev sr0, logical block 6, async page read
20:44:19 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)

[ 2727.982377] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 2727.983086] blk_update_request: I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2727.984346] Buffer I/O error on dev sr0, logical block 7, async page read
[ 2728.013796] FAULT_INJECTION: forcing a failure.
[ 2728.013796] name failslab, interval 1, probability 0, space 0, times 0
[ 2728.016670] CPU: 0 PID: 13390 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2728.018130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2728.019878] Call Trace:
[ 2728.020444]  dump_stack+0x107/0x167
[ 2728.021219]  should_fail.cold+0x5/0xa
[ 2728.022028]  ? create_object.isra.0+0x3a/0xa20
[ 2728.023004]  should_failslab+0x5/0x20
[ 2728.023802]  kmem_cache_alloc+0x5b/0x310
[ 2728.024678]  create_object.isra.0+0x3a/0xa20
[ 2728.025604]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2728.026675]  __kmalloc+0x16e/0x390
[ 2728.027421]  ? lock_downgrade+0x6d0/0x6d0
[ 2728.028294]  io_setup_async_rw+0x180/0x580
[ 2728.029185]  io_read+0xe98/0x11e0
[ 2728.029919]  ? __lock_acquire+0x1657/0x5b00
[ 2728.030830]  ? kiocb_done+0xc90/0xc90
[ 2728.031600]  ? mark_lock+0xf5/0x2df0
[ 2728.032388]  ? lock_chain_count+0x20/0x20
[ 2728.033262]  ? __lock_acquire+0xbb1/0x5b00
[ 2728.034156]  io_issue_sqe+0x2e8a/0x77b0
[ 2728.034993]  ? find_held_lock+0x2c/0x110
[ 2728.035851]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2728.036952]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2728.037946]  ? lock_downgrade+0x6d0/0x6d0
[ 2728.038815]  ? io_connect+0x610/0x610
[ 2728.039621]  ? lock_acquire+0x197/0x470
[ 2728.040449]  ? find_held_lock+0x2c/0x110
[ 2728.041312]  ? __fget_files+0x2cf/0x520
[ 2728.042148]  ? lock_downgrade+0x6d0/0x6d0
[ 2728.043014]  __io_queue_sqe+0x90/0x9d0
[ 2728.043837]  ? io_issue_sqe+0x77b0/0x77b0
[ 2728.044714]  ? __fget_files+0x2f8/0x520
[ 2728.045554]  ? io_prep_rw+0x7f5/0x1050
[ 2728.046378]  io_submit_sqes+0x44aa/0x8610
[ 2728.047273]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2728.048318]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2728.049339]  ? find_held_lock+0x2c/0x110
[ 2728.050195]  ? io_submit_sqes+0x8610/0x8610
[ 2728.051109]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2728.052123]  ? wait_for_completion_io+0x270/0x270
[ 2728.053150]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2728.054128]  ? vfs_write+0x354/0xb10
[ 2728.054902]  ? fput_many+0x2f/0x1a0
[ 2728.055666]  ? ksys_write+0x1a9/0x260
[ 2728.056467]  ? __ia32_sys_read+0xb0/0xb0
[ 2728.057342]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2728.058444]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2728.059528]  do_syscall_64+0x33/0x40
[ 2728.060308]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2728.061389] RIP: 0033:0x7f7cc70bcb19
[ 2728.062172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2728.066043] RSP: 002b:00007f7cc4632188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2728.067649] RAX: ffffffffffffffda RBX: 00007f7cc71cff60 RCX: 00007f7cc70bcb19
[ 2728.069149] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2728.070653] RBP: 00007f7cc46321d0 R08: 0000000000000000 R09: 0000000000000000
[ 2728.072148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2728.073648] R13: 00007ffd5bd2096f R14: 00007f7cc4632300 R15: 0000000000022000
[ 2728.104105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2728.105827] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2728.107637] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:44:32 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 99)

20:44:32 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000040)=""/201)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

20:44:32 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:44:32 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)

20:44:32 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 69)

20:44:32 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x503041, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

20:44:32 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x403)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:44:32 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x48, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:44:32 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x80400, 0x0)
ioctl$TIOCGPTPEER(r1, 0x5441, 0x9)
ioctl$TCSETAW(r0, 0x5407, &(0x7f00000000c0)={0x1, 0xb71, 0xf32, 0x2, 0x17, "26aeab00286df4cf"})

[ 2741.292320] FAULT_INJECTION: forcing a failure.
[ 2741.292320] name failslab, interval 1, probability 0, space 0, times 0
[ 2741.295177] CPU: 1 PID: 13406 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2741.296662] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2741.298446] Call Trace:
[ 2741.299017]  dump_stack+0x107/0x167
[ 2741.299805]  should_fail.cold+0x5/0xa
[ 2741.300626]  ? __io_queue_sqe+0x666/0x9d0
[ 2741.301525]  should_failslab+0x5/0x20
[ 2741.302337]  kmem_cache_alloc_trace+0x55/0x320
[ 2741.303306]  ? lock_downgrade+0x6d0/0x6d0
[ 2741.304193]  __io_queue_sqe+0x666/0x9d0
[ 2741.305046]  ? io_issue_sqe+0x77b0/0x77b0
[ 2741.305937]  ? __fget_files+0x2f8/0x520
[ 2741.306794]  ? io_prep_rw+0x7f5/0x1050
[ 2741.307630]  io_submit_sqes+0x44aa/0x8610
[ 2741.308550]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2741.309624]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2741.310653]  ? find_held_lock+0x2c/0x110
[ 2741.311527]  ? io_submit_sqes+0x8610/0x8610
[ 2741.312456]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2741.313497]  ? wait_for_completion_io+0x270/0x270
[ 2741.314526]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2741.315513]  ? vfs_write+0x354/0xb10
[ 2741.316308]  ? fput_many+0x2f/0x1a0
[ 2741.317084]  ? ksys_write+0x1a9/0x260
[ 2741.317908]  ? __ia32_sys_read+0xb0/0xb0
[ 2741.318776]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2741.319890]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2741.320985]  do_syscall_64+0x33/0x40
[ 2741.321780]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2741.322878] RIP: 0033:0x7f9d2ce7eb19
[ 2741.322896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
20:44:32 executing program 0:
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xe, 0x10, 0xffffffffffffffff, 0xc5a16000)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TCSETAW(r1, 0x541a, 0xffffffffffffffff)

[ 2741.322907] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
20:44:32 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x9, 0x3, 0xfffa, 0x81, 0xd, "4cce5e288c30c8c9"})

20:44:32 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)

20:44:32 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

[ 2741.322927] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2741.322938] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2741.322949] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2741.322959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2741.322971] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2741.334608] FAULT_INJECTION: forcing a failure.
[ 2741.334608] name failslab, interval 1, probability 0, space 0, times 0
[ 2741.334629] CPU: 1 PID: 13411 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2741.334639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2741.334645] Call Trace:
[ 2741.334665]  dump_stack+0x107/0x167
[ 2741.334685]  should_fail.cold+0x5/0xa
[ 2741.334704]  ? create_object.isra.0+0x3a/0xa20
[ 2741.334725]  should_failslab+0x5/0x20
[ 2741.334743]  kmem_cache_alloc+0x5b/0x310
[ 2741.334767]  create_object.isra.0+0x3a/0xa20
[ 2741.334783]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2741.334808]  kmem_cache_alloc_trace+0x151/0x320
[ 2741.334825]  ? lock_downgrade+0x6d0/0x6d0
[ 2741.334853]  __io_queue_sqe+0x666/0x9d0
[ 2741.334878]  ? io_issue_sqe+0x77b0/0x77b0
[ 2741.334894]  ? __fget_files+0x2f8/0x520
[ 2741.334917]  ? io_prep_rw+0x7f5/0x1050
[ 2741.334947]  io_submit_sqes+0x44aa/0x8610
[ 2741.334994]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2741.335011]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2741.335032]  ? find_held_lock+0x2c/0x110
[ 2741.335056]  ? io_submit_sqes+0x8610/0x8610
[ 2741.335083]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2741.335108]  ? wait_for_completion_io+0x270/0x270
[ 2741.335129]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2741.335146]  ? vfs_write+0x354/0xb10
[ 2741.335164]  ? fput_many+0x2f/0x1a0
[ 2741.335183]  ? ksys_write+0x1a9/0x260
[ 2741.335202]  ? __ia32_sys_read+0xb0/0xb0
[ 2741.335225]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2741.335244]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2741.335264]  do_syscall_64+0x33/0x40
[ 2741.335282]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2741.335295] RIP: 0033:0x7f7cc70bcb19
[ 2741.335312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2741.335322] RSP: 002b:00007f7cc4632188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2741.335341] RAX: ffffffffffffffda RBX: 00007f7cc71cff60 RCX: 00007f7cc70bcb19
[ 2741.335352] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2741.335363] RBP: 00007f7cc46321d0 R08: 0000000000000000 R09: 0000000000000000
[ 2741.335374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2741.335385] R13: 00007ffd5bd2096f R14: 00007f7cc4632300 R15: 0000000000022000
[ 2741.341980] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2741.412889] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2741.412904] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2741.413123] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:44:46 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 100)

20:44:46 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:44:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
readahead(r0, 0x8, 0x8000)
statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r1=>0x0, <r2=>0x0})
fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', r1, r2, 0x100)
r3 = getpgid(0xffffffffffffffff)
statx(0xffffffffffffffff, &(0x7f00000005c0)='./file0\x00', 0x800, 0x4, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000700)={0x0, <r5=>0x0, <r6=>0x0}, &(0x7f0000000740)=0xc)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r7, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r7, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r8 = accept$packet(0xffffffffffffffff, &(0x7f0000000780), &(0x7f00000007c0)=0x14)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r9, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r9, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r10 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000800), 0x400)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000140)="445ac5bd7e6872a12fa38414982845e051843edfb6c15ae3f38d65ee8e21932fdaeccb5255a2e263ff282d3742735235f5b3fa9b0a6b0447552a96157028835f31271d01f8a40fd249f3eca182f95e358a", 0x51}, {&(0x7f00000001c0)="2a9546e81fc311b9fc0235e0d4097f0a2aa8614d4936412aa43346def2681489ec45e30d31c07e1cec5089e50acc904607fc300ec2c63ed70f48c7e386aa9b8e55df485a756a2230e19c021a6e2ea660080e8c0bd67a603d0e8cfc22b33470b11a68d1d0017fd9b8af2cd4fc3ef5bac6541f59be8383b0755c55486a5d8d5e60", 0x80}], 0x2, &(0x7f00000009c0)=ANY=[@ANYBLOB="000000000000000100000000000000", @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRESDEC=r5, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYBLOB="0000000034000000000000000100000001000000", @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c00001b91000000000000000284efa5", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32=r2, @ANYBLOB="000000001c00b5000000000001000000020000009ed847bdf3124ce4643cca3ee6ffff3d21da0571e5cc1370f116306bfc5801ff1efc3601833e63edcdba24934eb942e3fe759247a301630d0e2b5d7c8293e493e68256f24aaf7d3dbc59e6dc6163a7170b95e8449906bc793439867b52b5b015e589feffffffffffffffafd4f899855ad6fee18560532bcf3fd049bf59ac5632ee1aad5b56ea4f878b9ca0b2d37e5820de", @ANYRES32=r3, @ANYRES32=r4, @ANYRES32=r6, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="1c000000000000000100000001000000", @ANYRES32=r9, @ANYRES32=r0, @ANYRES32=r10, @ANYBLOB='\x00\x00\x00\x00'], 0x128, 0x90}, 0x7979bebebf3a2ed7)
r11 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r11, 0x541a, 0xffffffffffffffff)

20:44:46 executing program 5:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)

20:44:46 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2100, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000180)={0x4c, 0xfc000000, 0xfffffffd, 0xb9, 0xab, "e4daa58fb3a30f4425b42ae35154cd4fb91918", 0xb859, 0x20200})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0xb0402, 0x0)
ioctl$TIOCOUTQ(r2, 0x5411, &(0x7f0000000140))
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r1, 0x8040942d, &(0x7f0000000080))
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

20:44:46 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 70)

20:44:46 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x48, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:44:46 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$GIO_UNISCRNMAP(0xffffffffffffffff, 0x4b69, &(0x7f0000000140)=""/131)
fallocate(r1, 0x50, 0x80, 0x5)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2754.859961] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2754.883701] FAULT_INJECTION: forcing a failure.
[ 2754.883701] name failslab, interval 1, probability 0, space 0, times 0
[ 2754.886456] CPU: 1 PID: 13454 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2754.887899] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2754.889678] Call Trace:
[ 2754.890246]  dump_stack+0x107/0x167
[ 2754.891028]  should_fail.cold+0x5/0xa
[ 2754.891832]  ? create_object.isra.0+0x3a/0xa20
[ 2754.892800]  should_failslab+0x5/0x20
[ 2754.893614]  kmem_cache_alloc+0x5b/0x310
[ 2754.894495]  create_object.isra.0+0x3a/0xa20
[ 2754.895417]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2754.896490]  kmem_cache_alloc_trace+0x151/0x320
[ 2754.897475]  __io_queue_sqe+0x666/0x9d0
[ 2754.898326]  ? io_issue_sqe+0x77b0/0x77b0
[ 2754.899123] FAULT_INJECTION: forcing a failure.
[ 2754.899123] name failslab, interval 1, probability 0, space 0, times 0
[ 2754.899197]  ? __fget_files+0x2f8/0x520
[ 2754.899222]  ? io_prep_rw+0x7f5/0x1050
[ 2754.903186]  io_submit_sqes+0x44aa/0x8610
[ 2754.904097]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2754.905158]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2754.906187]  ? find_held_lock+0x2c/0x110
[ 2754.907051]  ? io_submit_sqes+0x8610/0x8610
[ 2754.907981]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2754.909005]  ? wait_for_completion_io+0x270/0x270
[ 2754.910035]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2754.911017]  ? vfs_write+0x354/0xb10
[ 2754.911804]  ? fput_many+0x2f/0x1a0
[ 2754.912579]  ? ksys_write+0x1a9/0x260
[ 2754.913378]  ? __ia32_sys_read+0xb0/0xb0
[ 2754.914249]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2754.915352]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2754.916446]  do_syscall_64+0x33/0x40
[ 2754.917229]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2754.918318] RIP: 0033:0x7f9d2ce7eb19
[ 2754.919106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2754.922996] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2754.924617] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2754.926132] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2754.927640] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2754.929140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2754.930663] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2754.932203] CPU: 0 PID: 13456 Comm: syz-executor.2 Not tainted 5.10.234 #1
[ 2754.933714] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2754.935449] Call Trace:
[ 2754.936016]  dump_stack+0x107/0x167
[ 2754.936779]  should_fail.cold+0x5/0xa
[ 2754.937601]  ? io_setup_async_rw+0x180/0x580
[ 2754.938550]  should_failslab+0x5/0x20
[ 2754.939346]  __kmalloc+0x72/0x390
[ 2754.940093]  ? lock_downgrade+0x6d0/0x6d0
[ 2754.940974]  io_setup_async_rw+0x180/0x580
[ 2754.941894]  io_read+0xe98/0x11e0
[ 2754.942645]  ? __lock_acquire+0x1657/0x5b00
[ 2754.943554]  ? kiocb_done+0xc90/0xc90
[ 2754.944354]  ? mark_lock+0xf5/0x2df0
[ 2754.945143]  ? lock_chain_count+0x20/0x20
[ 2754.946093]  ? __lock_acquire+0xbb1/0x5b00
[ 2754.946976]  io_issue_sqe+0x2e8a/0x77b0
[ 2754.947806]  ? find_held_lock+0x2c/0x110
[ 2754.948666]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2754.949783]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2754.950782]  ? lock_downgrade+0x6d0/0x6d0
[ 2754.951643]  ? io_connect+0x610/0x610
[ 2754.952440]  ? lock_acquire+0x197/0x470
[ 2754.953285]  ? find_held_lock+0x2c/0x110
[ 2754.954188]  ? __fget_files+0x2cf/0x520
[ 2754.955039]  ? lock_downgrade+0x6d0/0x6d0
[ 2754.955936]  __io_queue_sqe+0x90/0x9d0
[ 2754.956773]  ? io_issue_sqe+0x77b0/0x77b0
[ 2754.957700]  ? __fget_files+0x2f8/0x520
[ 2754.958551]  ? io_prep_rw+0x7f5/0x1050
[ 2754.959396]  io_submit_sqes+0x44aa/0x8610
[ 2754.960305]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2754.961366]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2754.962419]  ? find_held_lock+0x2c/0x110
[ 2754.963291]  ? io_submit_sqes+0x8610/0x8610
[ 2754.964220]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2754.965247]  ? wait_for_completion_io+0x270/0x270
[ 2754.966306]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2754.967302]  ? vfs_write+0x354/0xb10
[ 2754.968096]  ? fput_many+0x2f/0x1a0
[ 2754.968875]  ? ksys_write+0x1a9/0x260
[ 2754.969727]  ? __ia32_sys_read+0xb0/0xb0
[ 2754.970609]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2754.971725]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2754.972826]  do_syscall_64+0x33/0x40
[ 2754.973641]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2754.974744] RIP: 0033:0x7f7cc70bcb19
[ 2754.975545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2754.979496] RSP: 002b:00007f7cc4632188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2754.981114] RAX: ffffffffffffffda RBX: 00007f7cc71cff60 RCX: 00007f7cc70bcb19
[ 2754.982651] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2754.984173] RBP: 00007f7cc46321d0 R08: 0000000000000000 R09: 0000000000000000
[ 2754.985724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 2754.987249] R13: 00007ffd5bd2096f R14: 00007f7cc4632300 R15: 0000000000022000
20:44:46 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSIG(r0, 0x40045436, 0x38)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KIOCSOUND(r1, 0x4b2f, 0x8)

[ 2755.045797] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2755.047383] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2755.048999] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:44:46 executing program 5:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)

20:44:46 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:44:46 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:44:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000100))
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$GIO_FONT(r1, 0x4b60, &(0x7f0000000040)=""/176)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

20:44:46 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x488802, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$BTRFS_IOC_SNAP_DESTROY(r0, 0x5000940f, &(0x7f0000000040)={{r1}, "2b9b223dc4bdbd4837273f56519dc1d26237bea2aee6b1da1cf6ea4d28d5881fc043282e6f219d0c8e944acfdac5525419968dbeab476632f813ee8a0b286a0a85b40958460ce5421c90d3e0a3c38a961c7e9c20c6c94b516e4a1e1f65a6c0281c072aec9b11e9d4b39bb74d8348d55051d56a3c8a7b33efaca90eded78768c1bb9df83331d6d5bd2475f62e4e95c6d6c46d332d89e791287447afd07abf68bf4f1dffee7ca1f8dda207f89dca39d076465ba4028a1cea149ff5304d2bc47467385e36d16a87e9815e2a062c4189f8b5b977ae7c9630833f1d9d8e651f04bf1f4762c4ef8b35a506881136e6d09079d65d1d771eb39aacf7d86cada42d282408decd6c2aa5981640286c28c2227702d6cfb26eb77d5a0cbddacab5cc1f1cf07f0f813b9c85d1667743bdbd47c5f32b95a499b33ff520dc79e7d92fb4257812edda71dbf1c071cb2eac77a4d34659019510261d77f52c09e313379ae90e57084a9a2961d0bdeb80f9bc2476d9c0e469e98c5eb3154fb1e32b3d1e8a563f6b507ddf2164c274e49c2eb59bb3236186387bcacf34c460b36f36aac31c4119d7949920e58c5c2587c818fea5371b87e770a3ba4aaaa15f8196c97d1b55c4d4c1649b3d35588f3c390f6176ed1751d156aa2b103ca0c03046c5add9216e83578f0e67b6e97e0b1d6ff112ec4488e6a4421244d6974435d3b9d3ab884f84138f43f78fc129b267ab9ae070b8b8fe5372ea465ed64c71da4931d67f31e76f13a49e18e4255ebf5d6265db82e7af0837139b9fd5c169bf31dae9e541afe7511754476aceb8a20c3c823d267f23030e25dea14e9d562d79318d7e57cbce530ef9e5ec0f2c303264e235b374400a538deb87d02a6b8258cb10b76fc69df0a6729eaf48032a2db48d2236edbe72bf88ed651b92bf69146ddf0f09da179442a326bf4ccb91bd2fd4287bd145f68cc67da4bf04a36eb018bd06532571d936631dc59dc148108dabe43645b3495649643469d80ca911b570a871e30a7028bc0b84cbefd8391866c9086fd1970504e922d04fbd181e65d3d5ea1707f3ae9765599c1503a50c026261d586c0d6cb9775b381ed4f4d5fb93deb652b3d8396ae8066e9052918e7517ebd0d1edb6132b335aa3713b09c9c53d25cd4da558de5a4f91f7515273bd2bbe73886584b677ff06d52e6cd21a7ce1dc7eb2fc1bfd62e35feecd1a73b4d02a92d6bc2581ecaa4bf7f38f6153170e7c2dfdf9feae13c42704f0bc020ad0777503aedbef550e11de70a5aadee3892dadea7c3e0f382421266a54bef3c13dd2e7f9adbef5e9f81d409c30be7776d184d60a2e34d4c1da7da280ac36067b2160dee08da7a8dc43fa66a955bd9f785812a329cec5ef986f797759368ef8ba8445c27f0d7d56ae5c8a79fde57bfa82c7611b5e235fdccd085063baeac3e116894adb885b862463c8ebcc6960b91b79dea16b0bcac0b77e6426c9414910845c210b1faf77244f4687793f8256d7d3ad77fc21362ba5dcd4e2126df8c5719ba6b3fab0409bbdadff7c47ff8913ea85bb96a4e16927e7cbb2b043a2a79bcd7f95d649f5ddff19e966d5ab79eeeb7ea241a269461807add9ca14fa124f067a709b9d089cce83d9efd4d4618c457ff13f73349a74d11a3acefcf3ac75e96f1abc5427ffca8964acf1d75c069928aa859151ab42bccd5c85421ec1ed8a0d7161ae05c59287a91d5473082d01b1b335e514bee8340797061a58b443306445b3cce77a6ce84545f5079813073b509351b5654a63a03c63b5eb6e474c0df3be1817d7ef5f807cee4b75d789e157b93022b50fd160c025ed042bfb66cad67f32ab4d02e78e5faa45ca0e3512b2f98b6f949fae1526b22676b9fe427ffd89f4f03aa396d13119829dc6b2a2f65542510025ca7d6d389a57edaf4d2e2d3a65ce5512e53ab01c66cb17868053d91f69cb0defaaa2646bd1edc49441cdb1a03093705d7bd133c0278121e8d98b8fed303d6ce277a58a656235b28bc18f48b32eb11e4cd143b3306058e8697fbf7564e2a34b17cbfcd6d109dc494c60c8ff4a3f5677e5b5095631d5d5838972072eb90dd58d8ce2b4c51441c075a31bf286dc4416a27f47eff5266d37a662e56f66c611a109e082b060a81ac2c184043fbc343da5a5424586932d5b99ea22bbc566648c9a247c8f9eb974359aab232037b1f783e86566292031424fa0b384bd083f51318fd4f03ab55b0a3179690bb9a6948c2a52c1ee8d4a325af93123e400acaf0a6777da7c35366e324c67b5ed938fbb46c8fd4bd416e106a80422a373d3a0f718f6cf3f0e3e5f1951876285d83dfeb7ffe8ab141e6406c37f8b7154f8d398552adfb2ea583129493ff15dacd7b5be7da24b38f2ee7e2e697515b2d16039c0fb80a2a7c4f8c29cea5811c970d035326fc9079a3f188761c320c6e7cb5325c79e9ab42e41f687f6bbbf77eded21534c1c28cb4cebf80d8e51cda100444f92e0c6f858999693bebb248fab3e51e121e253033c0b1014ace6d8606294376e85db8bc2cd66503ae3a731d5da18f66f64ca8753fe9a1b862a95644bfbeea7ff962854b3b9472e4a7ae8087559d6b6cddd614b6fb57733a1d7b512435f877e6093ccbddfdcbda48743d7bde2976cf70f5257e8acfe259ff2542495eebf3ab32bc52d61030ff92ff0d3f851c6ddf126df6f3a7bdd98297a7c0125ed690bcd2c940d50a1a18b583fb3cc893d8595f23b434b5395df2fdffd9def026a62c28f245f8aac03b0035b6ecd5bdb5703cd03521e9e66fb614ef7caaa3372a94123294ff1240e41d9941579d9bafbdd950e9b8c1d10e767df3e347bbdc7cbc6d340a9d6c6bce3295c56382f63ad87e3c403539c15cedb93f5a976e667e761eb84d893a7c190a75735a68722ec1173b7e24cabd0a8377515bb29454c054449d907bb6d926866937385398c26fe3affa9a61c6181c3f22d04a8da6bb6662a701e65ad0039ac2d44376d10cf67c652485d2d16110b72a05ff0fb85820ffa1de6f5097c719fa2d4b8cc754712a22f910da8cb795a5dd3637724f4fb655f4921153a91678175e3d79e8bbd6d7d19a5216c201ee264c8d64aa1dcdbf45d46cd0dfee436b6b9d64befea5dfd570a4c32c44d34a6ca787cc7ef35f2ccbd4f2f75be52836b26707725cf857ff2207df5f9094cd420a3a9018dffdc0e3a84b823ede07e6b591653845fb576024792188cace7110bb820ed818c752a95748559169d82170d0976e4c3d5d6ca6c36ad6e7fa8f4c1ca0d5e5963dd0400706ecfe59fba5dd4947eda080f067fc61fc9e96b3bd40bf00950f5989ef5b472cc4ec21584248c9ccd5aa650b124a4c9155d42610f65215effb9a3fee16b8e8047637830e404ad3ab8cfc14d7f814e2c22be51d5cce3914fbcdf2272d0f46d5c1cbb0f52a8dcb4f55994aa2149e40bc83ade3c29afda21398a94782e4f5345230e4134a11ef15a43af7f9650d56c930881b989a8d49aa4cbd17b93adc93893d8875c22e70ca0676a3bf3d17d9431e5404902b5dd40036e0029515c5d4fd6604b63082baafa072ee6b5dfedd04d1eeea18d8982c47be0671e03f15b41a6cfb34b4532179fb67bbf4173ce37454d1c3888da98cfe4267278e91aca0cd8f3623cd22bbb3e6818a32bae02ed26ae5a97eb45ea147449cf5aa62b69a30a56252fede7a54e0e652903afc2c349facc5f4bd8dddf2276f17931bc6050d0ae3276700038bebec428c8e6d71cd3d84d5bc08212e5c5fdea9b1cf588552cf57ba1f5b70663e74bf3adeb013d7a57683cc4eb4797e0e146473650e3cc5e9b66063be54c1100610539e29fda4a3faf3794a1ca7c978c901f009c677149b760b580a1c385cc93f4074b8992e271a9d55dfd2350ade1604dce6ec5069dbe0025a54e2f50f7b90a35446815167118a89180e2c2312774ebf8c08545401b634f059844b6b687b0bb7d81d6d98179ef4b44babb318d96ba1148ac3c63c28ab8f3f84e36a40d2c423b5597e7ef69d4c4fc44414a740ec2f7bcc45c39346121ffffceb696283c4a73f9806ecca827afc911847ff69eb5da95f02f47668b120024bb8af4377c58d4666e52547b9d8f0b48b979d7b572084d4a6c7f6c2d33d1cdb8a11a3221b138c492935485e38a457aca2cd3f70d7aa8657d263dd0a73f81e6f136cb4d00dbba9fca543fb35bcb6add7099a941c6b7608a05266db3764957c12949e94336761d58fceee0084fe4a114bc02773203003311a1ef4255ed187d34322e78f7c0ce27bdf9fe2b5d210791cb930794dfd698136cbff3e8617e17ef47aaa33d19af2225864a732d2d61a446aa5f12ceabf92a2359903275072abb643635b0c6e868846a216f316d6b93491439e4f4e7d9bbdae5f27c9b3e0b6537f2c7d4ee4d909e8a5a6f0e5ab4eff7233b8018b5dfbc96d3471aec0183132338888ecdcd02dfc19d6e6925db2246d72cf6c151a879b2498488915d41071248920007e4638376a0a8d4452f7627bdc435e6fd6bcb8e40d07c49241a7ca7d8dfa2d4fb9623cfde5d329a964d22743c35d04331a9c480b6196017837d9976b6a4d4fd174dc16a57843d3760c2b3e531dc3f302ede0d1236af0708303eb2dcda936cda3979d907e2d3f8b74975993b4603c819baae8986b5bcac15bfaeeb44628371fb6e1a3e7d9b1bbbd4247d210922540de2398749eac1cb79aebd02ea823dc9d9158061cfc84f4dbcafefed9449c090bdadd5d01b1eb41bb9225b91ad0fdc3099e6c23a1aaa35f91cd2aefca1ef96208ba91b70767f2062dfb1cf5b072b4a25473eaedf1e5e14734d6af7d6698369ecb4b277da0287ce015f34188a6e876eaaa9a7bfb559e6b06656a0dacca2d8ff01a276d4f428a4cdfabf7bdbf1f3c250e23567e6fd3a7224790cc6bd1daadb6470f752ae0d2aa3c67d030d20866c69eab747e067ed34b8b83272348df1cfede24433d045d0b7a91fd99c8a81dd42100265adfce8cfe83f43e7d7db9ac39348c064e8d7a4564dd0156d8c5e346fa369d28595af1af169c69781774bd003ee9e903dee5f6bf7c37034527c45d95adad47f6babdf1b73609d1147d8c2ababf2e2d2226aedd192e8f1db5f80ce51cf3fea26d91de1dff45902ef8233772c59bd0a20e3c25579c9deea70ce1c8982a2e5136dbe1fc343bead802e5298560c3288248cee7be19db19dba474e96a6fb3a4b60ae1540eaf82890faf0426b809359e7da1aa7bed38ca49d23a28b5c491d75fabe4e26f47a4bc341c94358551e7a26b6d3c9741dc570acdce71907b017a2ce90bdfead0976107b000a7563db7c330ba8a34107be09420066f6f23cbb0391cef8e23684543bb4a9543e49c8bdd1b9f804ffe4485cab68a45e291fb020fbe6076b6c186339d47dd8262c2d47f8129b66e3df9fb2c8d758ef722feff798fab9698a9533752b059d3d622b047189ed189d301cb0be9bdaad1895973c184018f16e88dd863f0c9467aaaacbd5c416ca43eafa85fdeef2c890598b0ecf8b97f326079e2f8da2df207fa8376a063ca240f6b3ac07676b90494a9da97f4b98015568e6c4b5ee55f40c535d79ed0803ee76848f841bf16bb316bb03474506a964c7124059b40aa49e810d974ed32cbf6e0b45cf6590dec9d01feac242723c131a14697141f10900b2bc948f0af15a6662a7ee1c41faaab35f71401302ce1bc497f3f6a183075deaaf7dce9be7275d48ed95d044a7e7f3d90b392fed4e2238f93489c3adca55d229a043a8932672a21c76ee1990e2dfdd1fb5e7d"})

20:44:46 executing program 5:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)

20:44:46 executing program 7:
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000080)=0x3ff)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:45:00 executing program 7:
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000080)=0x3ff)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:45:00 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:45:00 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x16f042, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000040))
ioctl$TCXONC(r1, 0x540a, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCMIWAIT(r2, 0x545c, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r4, 0x80089419, &(0x7f00000003c0))
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:45:00 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:45:00 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r1=>r0, {0x4}}, './file0\x00'})
readv(r1, &(0x7f00000003c0)=[{&(0x7f0000000140)=""/148, 0x94}, {&(0x7f0000000200)=""/81, 0x51}, {&(0x7f0000000280)=""/119, 0x77}, {&(0x7f0000000300)=""/2, 0x2}, {&(0x7f0000000340)=""/114, 0x72}], 0x5)

20:45:00 executing program 4:
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setstatus(r0, 0x4, 0x4000)
splice(r1, 0x0, r0, 0x0, 0x5, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
lseek(r2, 0x0, 0x1)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="3ca500002622f637dc8194c4e0092faa6af5c810d989020dc6a65c6f069b840be0cf5630a81236fbf410167ce3f301e82c82d0bb40834a20fb2f96bdcb37a8fe5f3803d4ee9c66098c069b0e05027b1df2eae18acfdca687b3775c09a1966f84f1bdf826b114aa", @ANYRES16=r3, @ANYBLOB="04002abd7000fbdbdf25270000000c009900040000002300000006003600060000000a00340001010101010100000600360001000000"], 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x6000881)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r4, 0x40045431, 0xffffffffffffffff)

20:45:00 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r2=>r0, @ANYBLOB="000800013000"])
r3 = gettid()
kcmp$KCMP_EPOLL_TFD(r3, r3, 0x7, 0xffffffffffffffff, 0x0)
ptrace$getregset(0x4204, r3, 0x0, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000500)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="baf4ff090075d9d5df46", @ANYRES32=r3, @ANYBLOB="aa002780314b03987248021bf152a897b3161a3ed5177a2afc14dc365fee0c522b8e6fb5daa10a53b78a50c06eff3102a08278c471f50a44577a225cd2a047abf38d56e94769287c31ec25ab8e9d85040223b99585e49ec1d4bc66fcaf023df376676d25039967e237b2c968232d30c48367ed8e3c6dd67dd01e820dea41dd1bcb056d242ddc8bb9a110af2c8d279548fe1359240627e0ffb8bd047795a886cfa3e062144fec6fbd756c00001a0119805bea93721492a18fbc992b68ff82dfc95045b072e734ac8ff0f0b6f75d88d1455227249f7ca745577c3d0b29592ffe30bd64bb1fb387d6ec51bcffe7141028cb6faf45dbd40d1c10c5aab21300d25ed8341bb2b8d5ef1a108ad9ff601c683788fc8351ef28f619365bebf9008ed1e2fa372e90ad24d89bddf4aeaf5b3504c508b4b84fd0af1e0034ed33d33ec11a7872829de11591994c64ffc02b2b884424b6bba7fc0f0c2906695b522d268d31277cd83309928f1dc5142330f8c148fc7ded65e1ac0525ddd8cd68ec4a7005b361aaccdd4a77e9ee86b7bb369796ad4de1ccada88f123cd58660c225a69ccb8f4c4a7f306fa0d4ecee5a87042ee84df81b10daacc5a2607aa36c429176adcf4a08002000ac1e01010000a93f1d766af2aea7474e1dabe4b6ed71caf6d0b53ba13931dff57b3e75d6b832afa75198ce45105b16e2cfc4b316e724a696fd786c885fa3d3aaa3ec995a5395a7605d0c16306d249e23e95840806edeec3af0525b58b3be7c261b07680a8bb5585448c3c737931bcfbdf5568f260b71cdc8f9ed906110499affc789675c778cdc97ffbdc2ee61b5c1ba807690033e085c2391b56a69819b70f0a292e5d263524f3577b5a11a0457e0794fe0b0bb6610f8b91dfb9b7c6c25f66a764470fe245f13c799728d5b4a2d9315608e1be5a7c4687188f6"], 0x2b8}, 0x1, 0x0, 0x0, 0x4040000}, 0x24)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000580)={{0x401, 0x5}, 0x100, './file0\x00'})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r4=>0xffffffffffffffff, @ANYBLOB="000000000000009e46a4f8696c653000"])
ioctl$FIONREAD(r4, 0x541b, &(0x7f0000000100))
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r5, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r5, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCSPTLCK(r5, 0x40045431, &(0x7f0000000140)=0x1)
ioctl$TCSETSF2(r1, 0x402c542d, &(0x7f0000000040)={0x10000, 0x2, 0x0, 0xef70, 0x20, "dedf6df64535630102b24e020000ed00", 0x3, 0x1999})
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000540))
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

20:45:00 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 71)

[ 2768.738988] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2768.761592] FAULT_INJECTION: forcing a failure.
[ 2768.761592] name failslab, interval 1, probability 0, space 0, times 0
[ 2768.764223] CPU: 0 PID: 13498 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2768.765665] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2768.767397] Call Trace:
[ 2768.767949]  dump_stack+0x107/0x167
[ 2768.768722]  should_fail.cold+0x5/0xa
[ 2768.769518]  ? io_setup_async_rw+0x180/0x580
[ 2768.770446]  should_failslab+0x5/0x20
[ 2768.771242]  __kmalloc+0x72/0x390
[ 2768.771984]  ? lock_downgrade+0x6d0/0x6d0
[ 2768.772861]  io_setup_async_rw+0x180/0x580
[ 2768.773767]  io_read+0xe98/0x11e0
[ 2768.774519]  ? __lock_acquire+0x1657/0x5b00
[ 2768.775438]  ? kiocb_done+0xc90/0xc90
[ 2768.776237]  ? mark_lock+0xf5/0x2df0
[ 2768.777019]  ? lock_chain_count+0x20/0x20
[ 2768.777918]  ? __lock_acquire+0xbb1/0x5b00
[ 2768.778818]  io_issue_sqe+0x2e8a/0x77b0
[ 2768.779653]  ? find_held_lock+0x2c/0x110
[ 2768.780502]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2768.781593]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2768.782585]  ? lock_downgrade+0x6d0/0x6d0
[ 2768.783448]  ? io_connect+0x610/0x610
[ 2768.784253]  ? lock_acquire+0x197/0x470
[ 2768.785085]  ? find_held_lock+0x2c/0x110
[ 2768.785949]  ? __fget_files+0x2cf/0x520
[ 2768.786793]  ? lock_downgrade+0x6d0/0x6d0
[ 2768.787668]  __io_queue_sqe+0x90/0x9d0
[ 2768.788499]  ? io_issue_sqe+0x77b0/0x77b0
[ 2768.789362]  ? __fget_files+0x2f8/0x520
[ 2768.790200]  ? io_prep_rw+0x7f5/0x1050
[ 2768.791020]  io_submit_sqes+0x44aa/0x8610
[ 2768.791916]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2768.792954]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2768.793963]  ? find_held_lock+0x2c/0x110
[ 2768.794829]  ? io_submit_sqes+0x8610/0x8610
[ 2768.795754]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2768.796769]  ? wait_for_completion_io+0x270/0x270
[ 2768.797775]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2768.798749]  ? vfs_write+0x354/0xb10
[ 2768.799525]  ? fput_many+0x2f/0x1a0
[ 2768.800289]  ? ksys_write+0x1a9/0x260
[ 2768.801093]  ? __ia32_sys_read+0xb0/0xb0
[ 2768.801947]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2768.803045]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2768.804118]  do_syscall_64+0x33/0x40
[ 2768.804906]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2768.805978] RIP: 0033:0x7f9d2ce7eb19
[ 2768.806759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2768.810673] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2768.812265] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2768.813754] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2768.815253] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2768.816753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2768.818261] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:45:00 executing program 6:
bind(0xffffffffffffffff, &(0x7f0000000140)=@nfc_llcp={0x27, 0x0, 0x0, 0x7, 0x9, 0x80, "295fde3bbfb378283e978edd2644e087344cb9855f63e7a0f7b0786d9299bb9f320ce69f35f44e6a9a0e371772e493ec1e3f39502e3be6ac94563133de3d5c", 0x1e}, 0x80)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x256441, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000200)={'macvlan1\x00', {0x2, 0x0, @multicast2}})
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000280)={{0x1, 0x1, 0x18, r2, {0x20}}, './file0\x00'})
socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f00000000c0))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:45:00 executing program 7:
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000080)=0x3ff)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:45:00 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x40, 0x2, &(0x7f0000001180)=[{&(0x7f0000000100)="7bf3a932892f6baf153beb503afebfd4acd5f65948bd46a14d915fa855729172d8a8a5e1751bba6cb7c7d8aa6a653f621a4c14425d0666f02c8a62015a1015db0e41dae9df1469757a12e2ae037a62cdb46a4d07371a8ea82408758098612af2fd863c57bbd4683cff308bf47715c4723a2c3c9f", 0x74}, {&(0x7f0000000180)="9658b0fe61186c47c8fad9ef9c8629d224eb7f13b4a0dad70cb169ac5f4ad25e2c2f831389952b9218e5a2e79aeb71728372497e8d251e1b410497424a25a85c2c1835c6483ce73e428abd68ef5be13cc69ca2074d3e80b0f06f3c2b863a1be5cb991d99bdfffc842089fedb1ef63fa6e3f4f81984178d608370ba8403dcf9e0edea7769cb2f751b70ebe0b51001aef5b9d31eec2cb4964f24d0879694358c09bdd7f124204dd6cf4a8a8582fb5dcd64efd965a6886ada77a68bde326d9f4fc75df03cc83c5daed0ad2aff2671c5951eec0b5726bc2868f63e90ac2e081e704bf7ef7446f6939bdbbe80fbdf8ba166ce2f55d99e6a39e04e1ac17d1e454661cfcb5d551a5ae3f8cab9f51bf6ce656c1d81d4c235fdee4c12ac23c71f25f651af6ba49d342a313984559ccb2e28cec45391bc28a4847bc415f572f332a5d14324eb6a33f8ecb2d775a38cfc68c461d7805d05f6f855ad91d96edbce9c3c6f7fd33d0efbcbf1a3a374815f070af8d4bc4b2a720955886394ed4eac4242ed1bb6704151628304973198d97c3bba3aa5f268ccd681628ab8111b483f62f7db103e47c182a03752d8df039f97b38a4d9dbaffdc34c6ac82ff9e85017a828ca9b21c40a787188ac30649b0975fea59a09427c5f57008d0390a8399a22d2f16c3daeb46bad1d0cca2afd29b806efc5b44440ac186f5af49f3cb89f4247bc69c2d1d000f23a2e64c7713dec1c3357be9d50d1e0c3a319db734a6f73a27bf5b0b2358c86d7892ea9e443ec835f2c18d3d9a37d9ffb2e6066ae8947e40bc702a7352304344ecf2e61aa10ab71bd0c9da3032d55c389b002ea63219ee76783ce51ed740946ed80d035711c2f459d448ca6b226541a3bebc21af6ccc7bb025ea0b6754cb32e97aad8593eab4f6add3f194dc2d5f8d3ae38acfefa922b2739d70bf85e0e3021e81029cca9e71f654a506a85153bd4d04e3638aed75d289cf72dbc33ac468838598facd83ac7f83be0fff56a183e958ff359fa09da15167cc2052e4ed359a7514af6ddad300ae26f38482e33f1872cfa51ad8befd8138fef66b08059191d14dc799771acf97c99ad47fa9fec2fafa82f0e889486eb6518a844da167e88825d57bfc76f9d915e277a56427e6cdd0b877b579d0b8a6c6ac3507c69eef965b0b83d0ef262dfdfd83703dc0b74fb615b9fe739ac59151538258d1dd4de81f7694a52895f01a888a2be4a86b9332b383435d15429b4301455dd4a07d9b67f0627314ad485bf14be0a551d14cf1183336191ec3a5a3520a0eaec9eb1fc72439ae718479a41783bca1809856ff99d983e7b7635f2477fbf277304b653074a2e4c1d3908a12df2f7c9119470a2f7ae5bc0e80b3adf8a24f56e6416dd26b524244bc39599a509823a534d3ea40495b0d1f93280242eb31d0648c12ca6e33e67abf4f57b99028ba1010d6603b9e8e1f92522e4bd02afb5f239dcf354f9c4e0236a774163b297700130c75ff0222e438fb087dafebcbeb054733e4987b19d3933ea9a7bcff31874a9d5a569848b675c2f934da66cc09c69e7021c8877894b887537cd415c822158011086432441b075836be2d94a0df5933a84f2f82660b68c79e550b4bb1d6a72c3987400e93c6610ad802273b73c7934fc6d9e05fe60d4177656b64795d0ab68cbef314c5ca99b4f9f7560e0aa91f79d3bdb6d590f71092e4b7b1c47b253c6d28ce0cb46c8a1fadfbdfc54a03774f47348e9c490cc96df53ae13a8740692e5b7e35390adcee40c3ff2e6fa34a733d252087cdc7e74687b108e1ed029646844588fb6fd583667074db38cd7c9c5b9cf4b2a785e35f30ae79515956bab1d16824c9e3d01d53f45f9ca5a3b991cd1671c9189db55dddcc2274c82631a2f2c49b38c5d848e20a8c009bb6d3561b7661190a45471e93548fb4be7b538a05282e6580e06d07eb635bf73eb7494d775705b0ab5eefc85aefb691bd6e41bfe402109d56530cbd32a728cb324e946f0e82012aa660d300347615596451a0340dab0b62eec14cc35d509ca7c5902d7a2462edf8d047dd12756d97a8e79d196eeab3333f10945c48e1b93862a4c4983bf4229168d8b129146a880d07bb15eb42395fb0bfaa38806f419bdd155e0d6e1753a6040fd1ad8843e8d3c80e07e839dde127c31854a8dc294e603d46218a8cc9a466f56bfb407a73a020e897e517c0f9a10c266e7b242f399f2b6a5f285f0e67d66e5fc90b731fc9118a2560b1dee95ff3eb676609ecbdd288471d157e81e8b959a535b0cc092a655bad78bfe7167522add4078ad31a561d7fcff21dd350cd82d6d65329c5a47d3c3d3a00aaf9745fbe64b2817db1bf6a65c75c129bcab976be6fcfcefba29d86f156aec0fb5f70f83c2c0eb4887443bb29987c2c8b1c5e867b9bdab4d1005ee2154bd6e5552f190d028fed850379e14f4244b9899e011e5c47038b938c72b8e48cca48c5a12a421aa387a5f8389511396922fd4f6e129318137dac26440f711261ce28a91e8cc479d291b1b1bb9b8fa09d09b36d7d08ff3e48e88a473deb125eb1b94571cf2bd93b5045caa36393ca4d2edf2a3f9692c5dc0afc185b6da30ac0794568985f9a0a9a96a8409cba4840ad2aa600cae960e04e8da967288c8790b985b9cfcfcf1e606eea509f297a38c878ffe8c11ded9b20e4f2bf0971fc3d7ba03a7daf7d6c6f2ca68834a83f77f3a8749a8f329a9c4f9c2ef08b7a234a954f75c842947f8664f0ea19b1346b07c17be669fbe2ae5cb232c714b28e27bfcebc614e7e2730ea066fe98ba3c94034b16e66cd79a6cd230c79668459959d316168a9aa32fb4b460d42dd404a1328e9e07e761633f213f8efbeb2292688d09e9968116edf3857b4c0b2c825be890e14055b346fb16bcf6eafba3e9e357faa810379a1160aa05b541a226d29fb1bc957d2475b406bf2a81594c3153072d6327b15bcdeb7b7ec32faab7d071569add806a623790214237ef76d0821ee3cad4f6d67d08496fd6e0ed2d199bd2fb56d807d3563ba07e5f716f05aaa2a1351450b24bbb33b1920d15903045b1a85ffe678ed216cb44065e70ea6cc7d937df693724aeb13728624b5924b7a39fc22dbf2e02c375221fd0f60aafe084caa43bee6e43710ebe0411674a29672275475e8ba18fbd924d9e11e7145043bd4f2bf61f6f306d92faba3087951c6986b37ca36db124ef0cbce7106449615ff84014d10180fcb876670ccc4f3ee7269e8fade37db1145e15492aaea0bc37313462d6300725a0f73e8717f4696c0fe87bcbdce8bba82236353bbe6d0933f5c72766971b48fa83b10b6d326883193d258ae679cd66a0fc88d4e2601b5075b448ec49084c18ff1e878b884482abe410bbbe7dbb39fed68eafd086e8d496beb17d210e1a6b9fcaa6b909315744d57c641ca96fa6fdef5a99eee08e21a436067ebc8e065169e5a541bf8e1e6faa8fe47a9b066143cbd924eba8a983d1986ef9ff22cc8c6a689047f68bdf1d7dbcddf2fc85f7737fae3e7611d0089ebc80334613db6561a147f5ab755777a5e57909cdeb430e25c2667a06ee6ae4dc93ad5a215a163c65bc2445a26a79d6594110685cbfa06ea9db2827b1fd0466dd06baf7350a0a431fcad6d5e9adf0143a310d21bf6cae3fcd2d12d40a70c7dd9b6ea2613b9cc78ee41176328ebe38c0dfdede11cda4c9f50b7b384dd7888ba86cc06189b2983900ad88d25a709a8309ebc05390dbc1cf757ea4f0dd0a4f743ac2736b3fa2cf0c6f9851132496f6c649f1e782ea5bf0639403addc182547cb3ebd38166f56c5b04dfc66d461070be5bcdc09a07765a1368cff6cec47661fa3f71e4fa1d27f5b5b2d25450e90d00b58a0e2e3b8895c2718ceaf77b130982b4cc77f9bdd2e3d08a72898b8840ee0c1cd13ba20b995c376699d0dc19faf748d8c22bbac43e9f42aa32c46053badaeb5af921d3eef067ee90da5fe937b525865dfabf63a471b084d346b02d5c9967b32fbc26aee6df5209c2c8f9a6e568865a7403db24c182171f329ed5bc34c82046803c287dbe6378da5237afb977f27677dcaf5a7f03327732dad0a09dc7cc94a8ffef2a5390fa070d926b8be90f6836ecebfdc349a711fc80cf6325bbeac168df18e0b52c6dcd73f9b3ad83c810cbb46dd2bf1f85ef0c6d02317da3b1ef6c6abd643287125cb2fac7c40a6c7c9dd855d9fe0d82ce76a162bbe9d7f953b75eb65ed9b2c4b90fb85f32b09c8d85f43e52f8febdf89c78a674ac94816e90b077bd751248e2eb461498259a206df8697de98dfb25b356e66b0147ff46fee77a744f1340b9a82663c28648f31046001ee5089475f2373b5ade8f5a1a58a105723c358e444fd29a3183a178e34b7daa1043fa84b3b9a7efb11b4190bf19e20d263f1fdbd1ef6232b55d60cc5015fbfc24d53606f5ce05635261791a3d199372fed2181e1542436b8589fd7238c56e522043eb65ef6cbf9503044aa8b1c46739576e0215ee2fa0d31bc308c763cb35f6e82b68745cf1969f5381873f71a2ee9b2b38b798f9e0bd0d670ce7baa181345736cce5f278ebff8e2af7db7e58cfe2f9a144e2fe099dc98807835d7eb240c148618803ada286dafb6d09e550f9aa219eb83eaebe5c9ddc71ca1e657be6d4bb4b5233cc3928fe1b63523c80f32a79e6db3e7aeea8e8c8e54d5d5cc614b0ce3dcdabf0d64953b29ea3438ab73bfac56497e92be6be1f842172c4efa001e6054f1c187cbeea5abc488f6c14532beb6cd706eaff501755ef5bb3890e52a72990f5fb081d88f89efda9267154a00afe14754fb7fec0900017a2f453ba4f09f59d02cb2824587618d4a6e7dd360ed0b9e8f2caec87f61a22151ba675550d0d70ab6a4ca2ddc87719c954615533e33b6639876abe0871e9b1856f5403cc5bd977215b668ea1b09447545fc13fde3ec28a421ffb23ca75e4e2a23e908832056eeae4b9f162d830cdfbcde6719904032de1d8fcab0ac9671c8d57b348c8e00399fd7d72316a6dab817e7c23cc7e372097f88986abb8bcf1306cb01077164d0445fd96f583b39453ecb56b975befc018afebaa22f42c614faffb176cad5ca3bd68d7884b59d63c23e47c17209a19389b358254950094d6f1d1323ca88fa30539ee4b59654084d48c4b3d0946411f8a5552ee28776f6f5731c9b246230de8f79d931b44159335c09236833753fcd2e3156a6196a374075db29dc5ea6ed76b7eaff11c3693030ee70caad3c905cdc2b6e6cc2753b9908cc1b99a667cfc09beb6ff33506136ab40f50f67b7b6e8c1b57de699f20b935938a7bfc5d68abfe54a3c517687f9953f3e0e306451a2384294d3dab732521e105f65ee1efc9ca00235a2cb67f917cee4d7733ec40e24f706c94f20743beb189e6a2205a5613b898ad866f2c2192ce0bc779eaf691b6b3e3b6ff2cc5d15df8f97c795935d8a7ff39fdf4d3fcbf0adf3837c300ff236d512d9b742f3b613f926049784fa7f825989ebb87eb3820a3ea0e833600f1ad04ea0facc24f863673234a3bb737c75142257a39ee59e06212bf6226045a0847b50ea6798a033975980dcffbf1b7eb1bba5aa17ec73e5fb6fb1b2bcf1c6470c590e7adbecbeaa9b5df43d7d025eff62992f7d8edb145e105d1c4ec1ae15ba579710a26e5e5ec0fe48c5b1eda901850f7f5aab3c7c0586db37f4d7bc7d911dd89a7d729d1c580d0a5f7ac481c73529527a6c48ad98a1e14a629d9fc0ed28dc07e851fdf63518dd32a180828cec485cef497d78fbd3252898959751a7401ab64cf9", 0x1000, 0x9}], 0x1041, &(0x7f0000001300)=ANY=[@ANYBLOB='nr_inodes=p6\\g65g-\x002,mode=00000000000000000000011,gid=', @ANYRESHEX=0xee00, @ANYBLOB=',huge=never,audit,subj_user=/dev/ptmx\x00,smackfsfloor=+*})[%:@,smackfstransmute=,obj_role=/dev/ptmx\x00,uid<', @ANYRESDEC=0x0, @ANYBLOB="8e5c0eb25562feafd4ca743647f13d", @ANYRESDEC=0xee01, @ANYBLOB="2c66733066666666666666662c657569643d00000000000000000000041269d200", @ANYRESDEC, @ANYBLOB=',\x00'])
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff})
fcntl$setstatus(r2, 0x4, 0x42800)
splice(r3, 0x0, r2, 0x0, 0x5, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0xf})
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

20:45:00 executing program 5:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{0x0}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 2768.900572] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2768.902141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2768.903803] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 2768.924714] loop0: detected capacity change from 0 to 4096
20:45:00 executing program 6:
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
setsockopt$inet_opts(r0, 0x0, 0xb, &(0x7f0000000200)="9c6d48607864e38ae5a80ff9823e510c0656b1427e417077dac0da3741279c22a686aceded566fd19bc01171a230262946345808c3f88d3ce062831e78bcf2cee7c1100a590f0b989545458eea98dd84b2a453d98f27b22d4abd881fa873548e2982e2cb086c5ab4e85b9e5cb16b67916463452cd2de7167dd31e41b11bd9cd5303c1974093fcea85b0f0ce9355811a4b5b7cbd82103a25fa62059c2b78bae542badcafe0d4ae29c8eef52957197a11f7ea4f6abe7c3ca", 0xb7)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x100, 0x20)
ioctl$TCSETSW2(r2, 0x402c542c, &(0x7f0000000140)={0x3, 0x100, 0x5, 0x3ff, 0x83, "2551bd80ec4f0acaa1b6bb024e1715b178f95f", 0xe6f, 0x2})
r3 = syz_open_dev$vcsu(&(0x7f0000000180), 0x7, 0x40002)
ioctl$GIO_CMAP(r3, 0x4b70, &(0x7f00000001c0))
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2768.956872] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 2768.963552] loop0: detected capacity change from 0 to 4096
20:45:00 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:45:00 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:45:00 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 2769.049575] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2769.075528] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2769.077245] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2769.078941] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:45:00 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
pipe(&(0x7f00000000c0)={<r1=>0xffffffffffffffff})
ioctl$TIOCCONS(r1, 0x541d)

20:45:00 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xa0a00, 0x0)
syz_io_uring_setup(0x5009, &(0x7f0000000180)={0x0, 0xdd1d, 0x2, 0x0, 0x3d2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000240))
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000140)={0xff, 0x0, 0x0, 0x1, 0xe, "669b2544db785e72"})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000080)=0x6)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCGPTLCK(r3, 0x80045439, &(0x7f0000000340))
ioctl$KDSETKEYCODE(r2, 0x4b4d, &(0x7f00000002c0)={0x8, 0xfff})
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r4=>r0, {0x7fff}}, './file0\x00'})
ioctl$EXT4_IOC_GETSTATE(r0, 0x40046629, &(0x7f0000000280))
ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000300)={0x4, 0x6, 0x400, 0x5, 0x20, "d74553256f6e26c1cb5f54857262cb6922cebe", 0x2b, 0x3})
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000100)=0x9)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0xc355, 0xffe0, 0x81, 0x4, 0xe, "d7409b14181da58d"})

[ 2769.131731] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2769.134259] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2769.136192] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:45:00 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:45:00 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:45:00 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 72)

[ 2769.297139] FAULT_INJECTION: forcing a failure.
[ 2769.297139] name failslab, interval 1, probability 0, space 0, times 0
[ 2769.299539] CPU: 0 PID: 13547 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2769.300857] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2769.302488] Call Trace:
[ 2769.303006]  dump_stack+0x107/0x167
[ 2769.303717]  should_fail.cold+0x5/0xa
[ 2769.304455]  ? __io_queue_sqe+0x666/0x9d0
[ 2769.305258]  should_failslab+0x5/0x20
[ 2769.305994]  kmem_cache_alloc_trace+0x55/0x320
[ 2769.306886]  ? lock_downgrade+0x6d0/0x6d0
[ 2769.307704]  __io_queue_sqe+0x666/0x9d0
[ 2769.308474]  ? io_issue_sqe+0x77b0/0x77b0
[ 2769.309278]  ? __fget_files+0x2f8/0x520
[ 2769.310051]  ? io_prep_rw+0x7f5/0x1050
[ 2769.310884]  io_submit_sqes+0x44aa/0x8610
[ 2769.311777]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2769.312747]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2769.313688]  ? find_held_lock+0x2c/0x110
[ 2769.314497]  ? io_submit_sqes+0x8610/0x8610
[ 2769.315352]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2769.316293]  ? wait_for_completion_io+0x270/0x270
[ 2769.317219]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2769.318123]  ? vfs_write+0x354/0xb10
[ 2769.318836]  ? fput_many+0x2f/0x1a0
[ 2769.319546]  ? ksys_write+0x1a9/0x260
[ 2769.320276]  ? __ia32_sys_read+0xb0/0xb0
[ 2769.321057]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2769.322062]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2769.323058]  do_syscall_64+0x33/0x40
[ 2769.323771]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2769.324753] RIP: 0033:0x7f9d2ce7eb19
[ 2769.325461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2769.328978] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2769.330439] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2769.331801] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2769.333165] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2769.334544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2769.335897] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:45:13 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:45:13 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

20:45:13 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 73)

20:45:14 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff})
fcntl$setstatus(r1, 0x4, 0x42800)
splice(r2, 0x0, r1, 0x0, 0x5, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r4 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000140)='cpu.pressure\x00', 0x2, 0x0)
r5 = pidfd_getfd(0xffffffffffffffff, r4, 0x0)
ioctl$TCSETAF(r5, 0x5408, &(0x7f00000000c0)={0x7, 0x9, 0x100, 0xfffb, 0x7, "feb7ae31c7b0feff"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:45:14 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0)

20:45:14 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:45:14 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:45:14 executing program 0:
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
close_range(r0, 0xffffffffffffffff, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x2}, 0x1c)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x8100, 0x90)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, &(0x7f0000000080)={0x2, 0x7f, 0x1, 0x6, 0xff, "89c9624363587272439fc7fafb322f7c0e08d9", 0xff, 0x80000001})
ioctl$TCSETAW(r1, 0x541a, 0xffffffffffffffff)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000140)={0x9c6, 0x7, 0xff, 0x87, 0xc, "d74a75bcb152490e"})
ioctl$TIOCGRS485(r1, 0x542e, &(0x7f0000000040))

[ 2782.697049] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2782.714191] FAULT_INJECTION: forcing a failure.
[ 2782.714191] name failslab, interval 1, probability 0, space 0, times 0
[ 2782.716885] CPU: 0 PID: 13562 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2782.718359] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2782.720114] Call Trace:
[ 2782.720655]  dump_stack+0x107/0x167
[ 2782.721410]  should_fail.cold+0x5/0xa
[ 2782.722223]  ? __io_queue_sqe+0x666/0x9d0
[ 2782.723112]  should_failslab+0x5/0x20
[ 2782.723914]  kmem_cache_alloc_trace+0x55/0x320
[ 2782.724863]  ? lock_downgrade+0x6d0/0x6d0
[ 2782.725727]  __io_queue_sqe+0x666/0x9d0
[ 2782.726589]  ? io_issue_sqe+0x77b0/0x77b0
[ 2782.727458]  ? __fget_files+0x2f8/0x520
[ 2782.728293]  ? io_prep_rw+0x7f5/0x1050
[ 2782.729117]  io_submit_sqes+0x44aa/0x8610
[ 2782.730020]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2782.731094]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2782.732090]  ? find_held_lock+0x2c/0x110
[ 2782.732926]  ? io_submit_sqes+0x8610/0x8610
[ 2782.733862]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2782.734899]  ? wait_for_completion_io+0x270/0x270
[ 2782.735902]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2782.736883]  ? vfs_write+0x354/0xb10
[ 2782.737673]  ? fput_many+0x2f/0x1a0
[ 2782.738450]  ? ksys_write+0x1a9/0x260
[ 2782.739295]  ? __ia32_sys_read+0xb0/0xb0
[ 2782.740178]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2782.741307]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2782.742389]  do_syscall_64+0x33/0x40
[ 2782.743200]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2782.744302] RIP: 0033:0x7f9d2ce7eb19
[ 2782.745097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2782.749053] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2782.750700] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2782.752214] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2782.753724] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2782.755244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2782.756734] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:45:14 executing program 4:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_io_uring_complete(0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x10400, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r1, 0x40045431, 0xffffffffffffffff)

[ 2782.782949] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2782.784539] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2782.786199] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:45:14 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x82041, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f00000000c0)=0x7fffffff)

20:45:14 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:45:14 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:45:14 executing program 0:
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setstatus(r0, 0x4, 0x42800)
splice(r1, 0x0, r0, 0x0, 0x5, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)=""/89, 0x59}, {&(0x7f0000000100)=""/211, 0xd3}, {&(0x7f0000000200)=""/62, 0x3e}, {&(0x7f0000000240)=""/155, 0x9b}, {&(0x7f0000000300)=""/3, 0x3}], 0x5, &(0x7f00000003c0)=""/153, 0x99}, 0xffff}, {{&(0x7f0000000480)=@l2tp6={0xa, 0x0, 0x0, @private0}, 0x80, &(0x7f0000000880)=[{&(0x7f0000000500)=""/214, 0xd6}, {&(0x7f0000000600)=""/49, 0x31}, {&(0x7f0000000640)=""/132, 0x84}, {&(0x7f0000000700)=""/255, 0xff}, {&(0x7f0000000800)=""/78, 0x4e}], 0x5, &(0x7f0000000900)=""/204, 0xcc}, 0x4}, {{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000a00)=""/56, 0x38}, {&(0x7f0000000a40)=""/133, 0x85}, {&(0x7f0000000b00)=""/187, 0xbb}, {&(0x7f0000000bc0)=""/75, 0x4b}, {&(0x7f0000000c40)=""/177, 0xb1}], 0x5, &(0x7f0000000d80)=""/57, 0x39}, 0x8}, {{&(0x7f0000000dc0)=@can={0x1d, <r2=>0x0}, 0x80, &(0x7f0000002240)=[{&(0x7f0000000e40)=""/60, 0x3c}, {&(0x7f0000000e80)=""/98, 0x62}, {&(0x7f0000000f00)=""/4096, 0x1000}, {&(0x7f0000001f00)=""/104, 0x68}, {&(0x7f0000001f80)=""/39, 0x27}, {&(0x7f0000001fc0)=""/127, 0x7f}, {&(0x7f0000002040)=""/142, 0x8e}, {&(0x7f0000002100)=""/123, 0x7b}, {&(0x7f0000002180)=""/71, 0x47}, {&(0x7f0000002200)=""/3, 0x3}], 0xa, &(0x7f0000002300)}, 0xfffffffc}, {{&(0x7f0000002340)=@ethernet={0x0, @dev}, 0x80, &(0x7f0000002600)=[{&(0x7f00000023c0)=""/87, 0x57}, {&(0x7f0000002440)=""/250, 0xfa}, {&(0x7f0000002540)=""/119, 0x77}, {&(0x7f00000025c0)=""/7, 0x7}], 0x4, &(0x7f0000002640)=""/191, 0xbf}, 0x7}, {{&(0x7f0000002700)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, &(0x7f00000028c0)=[{&(0x7f0000002780)=""/196, 0xc4}, {&(0x7f0000002880)=""/53, 0x35}], 0x2, &(0x7f0000002900)=""/190, 0xbe}, 0x9}], 0x6, 0x40012001, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000003000)={&(0x7f0000000040), 0xc, &(0x7f0000002fc0)={&(0x7f0000002b40)={0x448, 0x0, 0x200, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x24c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x2}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0x60, 0x4, "b66c6be70bbdcd9c48af5cb7e16317b25754852bf2acd4d0fab5ef662dd4b399809292882148629574da69b737e729451422649d0c3fcff60bebda8e870fed1b4be1dbfdfa66e527d9e4634097b9146d85627f7bbc9995af662be700"}, @ETHTOOL_A_BITSET_MASK={0xc5, 0x5, "79e914f346d04a685de0f25c3ab7a212d6e92c12669409ea2a41b7faad2f6a61c2e5b159c5c16c22227e9f571920e512b16eb3577514a1eaa33b41991e0ee2ea1b2e308563f711228dcd9742c99a70abc324d41cbc06c5e64d2a643bf75095a7f60ea88a9a9bf0fa1b3dbafbf0424c190d8605a065dbbe1e97756265f2b1aafdd85b2d76a6e5460d481690b2b66900fd5b4b90999dd54a3be5574217e3cf15d15b8966206fcc8558789b4b6b6b37f976c4af72ce6c6f8a9a0a5eef5a568e20488a"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0xfd, 0x4, "9890cd9d2ccce04d4adf0f46e1d53ed13f479738b578be38ceaec2b6fd66b7dcbbaea6b21f7316d4592c3c15891ad0870a705e94f2132a9861f7d07c8dacb963ee07eac2bd186b7070c501415236c66fac699be2ac731962651ef4a68b1c29527914355e11543eef58317760e4e8915602c3dc0962efad8f57f27d799e59b0df8b939d2691779201a91bfac7c1bf23f7e10c0be57f4decf0841c436751f84560531c02ee563997d70b6affe7906ef3267b9be7ba365a19584cabb78f95609e64c9c10ee48f1f2e525261501133921a09352a46368a673488be63789af2616aaa02bb2b7d32ddabdd7e72806af1838350b2f04547ee614db11a"}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x178, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x62, 0x5, "19dcec94fb0068256f398e9ade4d05295a5e5ae7f436e4dd2fd0cee42ef6b40320c0358cd5175d1f6ddfcace8e13032bdd1120eba454e22b7cb6ee84218b03f11d145c8c2dd5d23934c593e2a902294e5fc9573a677bb0dcd0da45b48af8"}, @ETHTOOL_A_BITSET_MASK={0x103, 0x5, "8a3e0257e723d63dc0ff77b5d9ceedd49fbe5d5e60722b2ab8c78455f276e2f360a25adb5990b6ea962da6740fbd89f895b306250979b9d1274c6dcecb30a6b2b1f13f66e6f1505e80382eb35c09910decad54a223d10811345d8603e867df7c4f5ece445c2da368fe396cd209643ceb5918479d3b97cd1259cbd23c4432f1ce23ae5d94d8ad5d5aed4fd43903377d11b93d9117e054e875025dee1da21bd8f49760dceb4c82d5fffb4cbf7ba9aa768969463b4d7db250726af41e61b3c07ecab37a8f5d797a3b3a1b286c79b2928fa1fc60b2677e5d3a205daf5b8df3716e719c8112cf290f4f1f58bffaa616c9cb6364a3e0ceb8f4be2c73769f561b3f16"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x448}, 0x1, 0x0, 0x0, 0x24008050}, 0x3)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r3, 0x541a, 0xffffffffffffffff)

20:45:14 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x48, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 2782.974250] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2783.054302] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2783.055942] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2783.057529] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:45:28 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x84100, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfff, 0x0, 0x10, 0x0, 0xfd, "4204af5078dc8f613afeedeb91401d0457d614", 0x2000})
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f00000000c0)=0x8)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x27a)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x8, 0x0, 0x0, 0x0, 0x6, "f413a03e00006100"})

20:45:28 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x48, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:45:28 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 74)

20:45:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='net/ip6_mr_cache\x00')
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000240)={0x80, 0xfff, 0x3, 0x0, 0x1, "cdfca0dc7c8fe9a4"})
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x410000, 0x0)
ioctl$TCSETAW(r2, 0x5407, &(0x7f00000001c0)={0x1, 0xfe00, 0x8, 0x7ff, 0x5, "c9ea6b710df56f98"})
pwritev2(r0, &(0x7f0000000140)=[{&(0x7f0000000040)="e8663ac22e1a41e4920cd1a697ca830f44ca73b6973f079bf9e93e630d388ab4280ad51166e8f295f7376fccd76c9d0d0c2efc9b5ffe499c65e60753e0095c5f8faf1e64b05189312376ea6716af8c1d0eb076ef3d2b729a0e887bb8252185d37a6311ea172578bb73259f4eef714bebe69ec009314f9bd8fcc8eab9576fe098bb869db02aa8c9e7483d2d2b1481bee3243ef547a59e565e6f0d147ccaa4eb01aeed11a2f64aee4123884040b704f172a19be1781d1383035dc763ccc95008478f9d7978a0f9b576260ad8ff53f062", 0xcf}], 0x1, 0xffff7fff, 0x8, 0xa)

20:45:28 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:45:28 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0)

20:45:28 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2ec841, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCGPTPEER(r1, 0x5441, 0xd4)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>r0, @in_args={0x4}}, './file0\x00'})
ioctl$TIOCGPTPEER(r2, 0x5441, 0x29bd)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000097f2c79dd18c4c6eb3afe1f3fbb401000000b9cc80c4867b491ca68221eb3161f002d9dec09fde18000000", @ANYRES32=<r3=>r2, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00'])
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)={0x1b8, 0x2f, 0x4, 0x70bd27, 0x25dfdbfb, {0x1d}, [@nested={0xb9, 0x1, 0x0, 0x1, [@typed={0x5, 0x64, 0x0, 0x0, @str='\x00'}, @generic="fd75b4e1163653a23d28fd28778cae221cfb20bce30d1803a672e93de47f83eeb36fc53525ad45ce849a1dcc03d4064378e06349a6f1d2cb4b884c709fad165c553677cc5d1e22518598ee3ecf458fa6fdfb25ddd0105e70164c9712818191b87923c60ea539031035f897f08ec29d31df91c2bc42fd38c981d879fe7493b010adea78b41075438ac3cc50712eba9c0be3df2d43191c88c8fa4fbf035f6a15dbe8ba162ca3", @typed={0x8, 0x5, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}]}, @generic="f20a46ecfa32b141c713a8fe49bae7072c", @nested={0x18, 0x43, 0x0, 0x1, [@typed={0xc, 0x89, 0x0, 0x0, @u64=0x5}, @typed={0x8, 0x6f, 0x0, 0x0, @fd=r0}]}, @generic="9b6b5688f3fe3a61a08d3926c930bd0adc25bd0692176e388724bf3939c39d4c088a9b1794ebb771cd0067ce39b5486947dcaee2226d2f579cc2695add2fafe0432e06ef9e059297b8f9b16cdd56bf274293192eb35307a43c7484921d4084ae15d9e68b227184818745dc375132538acc555ab87259df5ff56d55622de4d95c032d", @generic="9eb4e936a89c6e4ee94227ace0fd868737886bcb532a105691a3a22999dcc4f0e77b5585b3ff66caa8a9947747d9a353b7c4f54d7e1e62a76ca0"]}, 0x1b8}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$EXT4_IOC_SWAP_BOOT(r4, 0x6611)
ioctl$KDGKBLED(r0, 0x4b64, &(0x7f0000000040))
ioctl$KDSKBMETA(r3, 0x4b63, &(0x7f0000000140)=0x4)

20:45:28 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:45:28 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2797.003741] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2797.013147] FAULT_INJECTION: forcing a failure.
[ 2797.013147] name failslab, interval 1, probability 0, space 0, times 0
[ 2797.014702] CPU: 1 PID: 13606 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2797.015535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2797.016507] Call Trace:
[ 2797.016833]  dump_stack+0x107/0x167
[ 2797.017273]  should_fail.cold+0x5/0xa
[ 2797.017740]  ? create_object.isra.0+0x3a/0xa20
[ 2797.018288]  should_failslab+0x5/0x20
[ 2797.018758]  kmem_cache_alloc+0x5b/0x310
[ 2797.019239]  create_object.isra.0+0x3a/0xa20
[ 2797.019746]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2797.020302]  kmem_cache_alloc_trace+0x151/0x320
[ 2797.020841]  ? lock_downgrade+0x6d0/0x6d0
[ 2797.021300]  __io_queue_sqe+0x666/0x9d0
[ 2797.021767]  ? io_issue_sqe+0x77b0/0x77b0
[ 2797.022224]  ? __fget_files+0x2f8/0x520
[ 2797.022686]  ? io_prep_rw+0x7f5/0x1050
[ 2797.023143]  io_submit_sqes+0x44aa/0x8610
[ 2797.023649]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2797.024216]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2797.024750]  ? find_held_lock+0x2c/0x110
[ 2797.025220]  ? io_submit_sqes+0x8610/0x8610
[ 2797.025706]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2797.026262]  ? wait_for_completion_io+0x270/0x270
[ 2797.026825]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2797.027363]  ? vfs_write+0x354/0xb10
[ 2797.027768]  ? fput_many+0x2f/0x1a0
[ 2797.028191]  ? ksys_write+0x1a9/0x260
[ 2797.028609]  ? __ia32_sys_read+0xb0/0xb0
[ 2797.029080]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2797.029652]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2797.030248]  do_syscall_64+0x33/0x40
[ 2797.030682]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2797.031250] RIP: 0033:0x7f9d2ce7eb19
[ 2797.031682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2797.033662] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2797.034538] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2797.035316] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2797.036081] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2797.036849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2797.037617] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:45:28 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000000c0)={0xfbfffffd, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

[ 2797.081115] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2797.082700] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2797.084375] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:45:28 executing program 5:
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:45:28 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2, 0x810, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r4, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r3, &(0x7f00000000c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x4, 0x0, r5, 0x0, &(0x7f0000000140)="c75810d8afd392643fde6dc982f8d462dff5af0eae461e33cd024971085249070b1d6128cff61e02559146bfcc17d17a7b6c71b751d84d509d6d9d86c0885bf8907dd3e4fe88948b1a1799139d9a92d22301096cef6728f88a652d0fc9e608450812e4ecb6539543e749b6f2d786ea69a1abaebe06b507c7406de14a88b4b4c4a657888d6931482a1c74c234ef850b53ac24b7535de19927e1a87291642561137538b881a43dd1dec7a52c2a0df06e26d160d3460d2358146587eacfe305ca8396876c9ac54bd79007b3ce2a9f05c93f98e5cb4d31", 0xd5, 0x12100, 0x0, {0x0, r6}}, 0xa3ed)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:45:28 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f0000000180)=ANY=[@ANYBLOB="0100e20041f62c922b5df3e514be27f47a93994d96657aa30c2b3062922ccb202d816105e4ad2e20dc5a1732187b097e530214cd58e960accb52109bb570636a910ccececfd63cf57774c08faf81385ff876392e99862d6962e4bdab829f608d0711ea9b457557ffb34bfdcf02eafdcdd5121c472a90da0438b5e150239c69e8673f76fd5d24a457c9e6d8476dc02e92796eefdc04d92f89ea26ea7791961e314f8d7fc4385a2758e68c6d9fe809ca1cbe6f9bf4934bf734760ce8cf1fdfa7b552b4296e1729b9901a1f4b25ff9e808a3f3843bf7cdabf6c35fe17b81031368af64d432b"])
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000000, 0x1010, 0xffffffffffffffff, 0x0)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xa, 0x30, 0xffffffffffffffff, 0x10000000)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0)
r4 = openat2(r3, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x250042, 0x9, 0x9}, 0x18)
ioctl$KDSKBLED(r4, 0x4b65, 0xde)
syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, r3, &(0x7f0000000080)=0x80, &(0x7f00000000c0)=@l2tp6={0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @empty}}, 0x0, 0x0, 0x1}, 0x6cea89d8)

20:45:28 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x48, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:45:28 executing program 5:
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2797.159474] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2797.195219] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2797.196800] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
20:45:28 executing program 5:
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2797.200718] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:45:28 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:45:28 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:45:28 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 75)

20:45:28 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
signalfd4(r0, &(0x7f00000000c0)={[0xc06]}, 0x8, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0xe003, 0x0)
ioctl$VT_RESIZE(r3, 0x5609, &(0x7f00000001c0)={0x5, 0x400, 0x7ff})
ioctl$TCSETA(r2, 0x5406, &(0x7f0000000140)={0x3, 0x2a04, 0x8a4f, 0x4, 0x15, "fc0a168e4a44cc60"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KDSETMODE(r1, 0x4b3a, 0x1)

[ 2797.272821] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2797.312126] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2797.313780] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2797.316128] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 2797.323688] FAULT_INJECTION: forcing a failure.
[ 2797.323688] name failslab, interval 1, probability 0, space 0, times 0
[ 2797.325124] CPU: 1 PID: 13648 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2797.325866] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2797.326815] Call Trace:
[ 2797.327132]  dump_stack+0x107/0x167
[ 2797.327550]  should_fail.cold+0x5/0xa
[ 2797.327990]  ? create_object.isra.0+0x3a/0xa20
[ 2797.328523]  should_failslab+0x5/0x20
[ 2797.328955]  kmem_cache_alloc+0x5b/0x310
[ 2797.329426]  create_object.isra.0+0x3a/0xa20
[ 2797.329935]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2797.330525]  __kmalloc+0x16e/0x390
[ 2797.330937]  ? lock_downgrade+0x6d0/0x6d0
[ 2797.331398]  io_setup_async_rw+0x180/0x580
[ 2797.331887]  io_read+0xe98/0x11e0
[ 2797.332289]  ? __lock_acquire+0x1657/0x5b00
[ 2797.332794]  ? kiocb_done+0xc90/0xc90
[ 2797.333228]  ? mark_lock+0xf5/0x2df0
[ 2797.333662]  ? lock_chain_count+0x20/0x20
[ 2797.334161]  ? __lock_acquire+0xbb1/0x5b00
[ 2797.334650]  io_issue_sqe+0x2e8a/0x77b0
[ 2797.335118]  ? find_held_lock+0x2c/0x110
[ 2797.335587]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2797.336155]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2797.336700]  ? lock_downgrade+0x6d0/0x6d0
[ 2797.337152]  ? io_connect+0x610/0x610
[ 2797.337597]  ? lock_acquire+0x197/0x470
[ 2797.338052]  ? find_held_lock+0x2c/0x110
[ 2797.338527]  ? __fget_files+0x2cf/0x520
[ 2797.338986]  ? lock_downgrade+0x6d0/0x6d0
[ 2797.339444]  __io_queue_sqe+0x90/0x9d0
[ 2797.339901]  ? io_issue_sqe+0x77b0/0x77b0
[ 2797.340348]  ? __fget_files+0x2f8/0x520
[ 2797.340808]  ? io_prep_rw+0x7f5/0x1050
[ 2797.341261]  io_submit_sqes+0x44aa/0x8610
[ 2797.341836]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2797.342550]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2797.343109]  ? find_held_lock+0x2c/0x110
[ 2797.343553]  ? io_submit_sqes+0x8610/0x8610
[ 2797.344059]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2797.344588]  ? wait_for_completion_io+0x270/0x270
[ 2797.345145]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2797.345653]  ? vfs_write+0x354/0xb10
[ 2797.345664]  ? fput_many+0x2f/0x1a0
[ 2797.345675]  ? ksys_write+0x1a9/0x260
[ 2797.345685]  ? __ia32_sys_read+0xb0/0xb0
[ 2797.345698]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2797.345709]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2797.345721]  do_syscall_64+0x33/0x40
[ 2797.345731]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2797.345738] RIP: 0033:0x7f9d2ce7eb19
[ 2797.345749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2797.345755] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2797.345767] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2797.345773] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2797.345779] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2797.345785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2797.345791] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:45:42 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x254306, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x8, 0x76b2}, {0x0, 0x8}]})

20:45:42 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x8, 0x3ff, 0x10000, 0xfffffffc, 0x0, "42049e3612c98f00000000eb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x10, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0x9, 0x0, 0x19, 0x7fffffff, 0x80, "455f5b8c79d7c0b1b54b8c555910fe90f0ebcf", 0x3, 0x800})

20:45:42 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 76)

20:45:42 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:45:42 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x20000000, 0x0, 0x0, 0x0)

20:45:42 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:45:42 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:45:42 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x741800, 0x0)
r2 = fcntl$dupfd(r1, 0x406, r0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, <r3=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000640)={0x0, ""/256, 0x0, <r4=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r5=>0x0}], 0x80, "5fabd34a60e47f"})
r6 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={<r7=>0x0, ""/256, <r8=>0x0, <r9=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, <r10=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r6, 0x81f8943c, &(0x7f0000000640)={0x0, ""/256, 0x0, <r11=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [{}, {}, {}, {}, {}, {}, {0x0, r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r11}, {}, {0x0, r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r9}], 0x80, "5fabd34a60e47f"})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f0000050880)={{<r12=>0x0, 0x1, 0x7, 0x513, 0x80, 0x81, 0x12, 0x0, 0x7fff, 0x4, 0x1, 0x7ff, 0x100000000, 0x1, 0x1}, 0x20, [0x0, 0x0, 0x0, 0x0]})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r2, 0xd000943e, &(0x7f0000050940)={<r13=>0x0, 0x0, "34133a1b31c7bdaadd05f4971943fd50216a133beb22aced47003bf3633023a4f0da4f6db793bbcaa415ec1b6aeeda053c252727bbfa0254a087b9c8672752042e7a40c1fffbf934dd8254ba7d154a2cdd23487f6c2ee47db4edc7743d29fe5de5e98b0077257ffcffd2d6a88644709008edd938ffb55d147e05566d25eebb51962df1db94e0f85ac855f3b7f9f35d95c61cfc46557366bcff0bf4e22d3d5013c70140530ea549dd5a357ebe7ec7e46a3cb1b2675072660b1533a1144611ae15247420d1480d613dbcd33851f0e031793baa3a18b7edef804f3aeb5ee1e1f126af35b08115815739497e45fbef43b5f66d1ed22f4bb57446003814c01685a319", "1cfc1e104f0cec4f72d81908b6f61b256fecceb1e835ad7be2afc9f419b60c164950e7a5008418496a03646d5c75a6555093b71a53683fabc723f6082296f02889e1c212703761f05702a1959c3a78ae39b55b7e4e93da66b9d8431fbef698db23cfe0ca3639557edc6c2a1ad362fbea0969a67d2548d16b7c88167d5bb45fc35fdfe4674c7f2edead9f4b6660839347bffa1ed35d715726ee82f4c233db2ca628d7e574e88b49004fe488e1f5600bb7be5730a7eeed42a24716082dbcbd162081d92c65dc45331a69e1e2063979d8130c4075bc8cbdf0e4a4089a7ef04bfc09ea7bb42196d544d2f6064547f63f9ae631307ebe64fb8d85e91dff0d9575f60306e081fe223ced2a69d7f58df1833a93545f895dd305efc6084f6210edd0706544f8dc43ee6bbe9575201d33f174c97b9dd804114e7a19329c0226c8c82eef8a3a0954f22314b6718ea6be9b7794bd9aa1e201a15a5d088b205f4814cab07593e00072065b5487727ffcd594402809d4c6467ccd11367549e20c90ce0baeb168a19d2570223a35edd56a621bba80dc867e5ae13807d438f646d4f15095dbc35547baf452b0e0c512a303cd219f5624ab1356bb6329d552bd3d79e2e6c7deeb0c2ee4d62da7c1c3ea288b879835aa974f20373641e3e29ca13f579d349d676ab3a7ec39cf84e2b1a8dd986630440c48425f5ee27020a1c926003456590ef87feef4d7795b189a794c04b1016a4a46285e5378478d1456de02717b860bb265a30bdb62c1c61aa73e41b6e881dc4b980a891c32e85d9228571d77571144e226254b901f2f3d5bcdbf1421e0b71c35e7001ed5f07d9af35c2877871449d8e99cc8da96c0f250ad47ad7a643a67ff0be5d6e480afb15b3b09cf6a2148f0ef4a4d3e5324aeec7d51297fe04d467aec44b10402fc59b878d961e6fc10cc7385b1aaa96668406c516f69c590f9e76a8e8a0e8afd0aa23842e58b467eeae7238b183731487bf320f19d7e532f2a6893b648c2c9f575d461fb75792c40733f09e24d946df72e049e83c012c149418bbefdb731af29aec5bf9640db099f2bd25a990b71b3701945d3cafc6aa1190a89164bb91aaf3d45247f67495b3cc1630cdebe286167aa3880de24d2477048e35481c0848a78b04c501e4d840b8be34a5066712848a1f504d1537e32d6fb4e23bc9e08837d0c567b0ede9438e952a93221ed4c922cea07ff56eea0d7e186924e7da23a5b242f1c39201dc5569c0db5cac64b55cf7c4a1bdd5df2a0c7fa9e448a3f7ce26313c8db2b28c03bf76a5c1be2730e421b333c3e0b504bdc8d90d275a2cf68ea1a6f444a4869e1c7af77f4e6f042fc343f00a16afd7da894966dfec67bbf7b63b4210bf88ff7c1322712c8363cba379e64fa2b6a929a458336aa6602abd55ac3622a1beb51103da657f908071e32db53d97b86f6e4a218707706eeada3f8f3f9f0301cc6c6d5a8fc9f4f27df92ed6fdd2aa426dd211c5126280d45654deaa51468bfb087e16ec2c2066fe9b09f80881e28ee3e209c8520a33035b3687bb080ab7d708a0153e642741ffbfdfb827a15ad00036b002ef46af62fb235575a338c3793bb8b3e8047e302f7b5e3f70dd48954a0ff2f0b7efae6376c94dec49e4ba397edda05674dc5ba84c81e18159b9b835f08895f58fb5b661b08b77f7efb9a9044291b52112f89ea3f38b5075a8aeca75287e24adb0b3bba8f0f5df258215741081915e42219afd8e49d66d7200f6caec6b0f27530a67b74125ca7f2157cb7a77b5069fc28c34a131fe51da777ce1e5b0c6e0c91832cbe61ad0f1d8901ee88c16661647890991ce4fefcbe85d894c6840c30227997bae7c7457bf37f524725a3b8a0f3999cb28317c7a0554db8a556cdf3a9d6b6df8c80f283d4c7b82b3c5e7e3f50d718ece65c1b607f39d5df3ad54a8c1c30e0a44627b13fdfc015078498c5cec7af40b025ad5cb3526b73986338f2b499fa65c3bf5e6bb64a67fdc74b8f940ddf18af7b5b9d486b43f877281505bccbe08fcf0a39a143ec5bc46c3cd23aa407dc14e0da67d9ef9f045b60b1a0e9e72271142351681d2ac220bf4855d82c270376b6ff83fb2900102b1d13bc1f6cad11846431c17f0c4f9fde3cab61608b4e12da79cea15967b76c7db8c2d5888bfac2ae8ca808780f26a1afb7934a463709757cb356daed0e86112504037944ebbd006603cf760e42b17b6bfb8400971029382d3c1a088f7b19ef584329bc0c7ec308b2cc5e2c37f7074e720757f98eff1a301dc5c208efc926497cddcfd65e18b158bad6cefc8efecd93676de678d82ecf3abd39f7a77aee23508e069fa7f5f475f072ee8d62cc77d385c097d1c183094d5b74498247328220722534189d48d4aebcfc1d384c007b4179a0f660f3d995b13a3c6a9022f07b1662e858c0eeb6e7e7a40a48150ecfd2cf1e523ab2bae52c217addfd53a3984b20217803b7562a6180c703a6c27e7ee2616da40ae1b107c2049aeb89cc7f87399018bdf75247fde3eb579c39d1c9fcc082bf23fd37be6f18d024dd009dd792634e5f56b6121d36ee899058c68e6215a79d956e175c24d185f3d6164b26e926e6264ee2421b946d46d6da2ba36cc184038e75964b59a673b3f91371aff421764b17ec6c197e2617ea0c883cae48eec75177366706dfbe5f1f7e13bc3367671873fcc951ec457b3e5c3aff5c36d1b28e41339f440e59e7cc98ac16e40c8b3fe6e43f74db0e50761850fcf6312b290ec72405f53ade5f55fbc713fe9414091fa91cdcc0b276d69bc82322cd6b1c0fd64aa2bbf523fd6045877cb5af544bf83bbb2c85228ac6d316f3d8e1ba7543c0130204026a8976cb03e5bf6e5fe0b2211d1cc74ea4651c33f7b7c48ee429ba930520ca25ecdd2a332481a1ebc76c7c1339a2ec5f871b83aed7a7563b4138015205f5bd256e1e9f0cea495df2ff47584a8a8b16b7c9b281d37c917f96773b470da5f57586058a8da47c20bb58b153f944c6283b700c2e5920e2316d75a89f1ab76c309decc6a4ff63c55d205f893c938836fc4d629c3a6a8023a91c20e5178ba975a9caef68c4d6eddd8c6895683c773f602da7318ce26dca656590a15fe24238c237ed33b17b3307df7632801abbf33418d8ed6e82d209b5bd6dad1fced46210981d76b0432e99eeaeca975ee00762c38ac46df24afcc3a45539fc6d289de1adc5b28fb146ba5c87562040335603f78af3952276289fa21313d7937b6a7d18ff22995d40ef9bc60f0c8d68feca4fbadd8481372d0e449d19e90c6946f50f818ae30b720bb2c2ce3e9404c8d1193f8ca4eb5115de9d72d5f5364bca24f5a509d6c86ded835cd39432db3f9519810107c694df868e44fcddd5a15f0b13f5ea25c34186abfb9309651790fa029153a83df14acf7ffc437cb61c9ab4e7b1b84fcaf59edd9ae3d0b4978e52a89df337303d74d05cd018d1aae06a5a236343c00ca939c364bc1dc7d73c143e185fa4130ed663af0e4ed99fcbfa591fc983bbbcc904e2fb694f23d588b1c714ddecc0dc013cca290c1a40013073152c0b0597bb16d81452cbf80c375855aa71ede6125135282194aaf2048d550ad39fa71d3765812c0551189b18b106fff70fdaea92107f8737a83f761df3657162d830af3569e75f9027263d2c510ba4e2a066c2189a4108bc460f9194957895e4316ce682465c009fa7ef548068143dd8daf5ba2a05a8c727f290bb91e979068be99fcd7a433c950de75e05726b6e2f0156434bd37f71fe5f662de6331617b83dbee73644ca54fb43e607f5ed1be289a065f8a6e7f8109a5581b495639651881320d13f152e7f3de26945e2d5a35f4e5c8b167c1497ba516f61ffd4c84b20f71e45ac8e07442dc643944cfa157e9e2fc0b73f290cf74f523bde49cbec5e4008d47130fdd1d767abb174f3fb8205d81d51a194a06ed433563942fafd84efa423ba10028f46f5936deb5981dda47fc05cea4ad22737f358b545de3f871deababcbc65bcf9b966728f20551fefba4b8c531f2d708f8f3dcbabe9559419872914b0f91c9dd3eab67cefce6fd5c1d74ef2ffec0572a03c863de7f335c9667c1f0a2750b06e7125a71da7eac150d0aa2cb0881318529e98c9fd191a8f1e8c13b60888190dc08940e300fce16ad83898f5e4554d4287b84f8357f9e695fbe5935ff1d8c0ec301d9c8d02e763c36e37f2362a846352b5eac1163646d1c1efd427d18034f0bc962971febc7e92f60dfa68d2b1388819483ee1b0811e101313493e9234baca749ef1e25cc244f019782c9ca0f6cf5a7d0e23340115dc7c0e440ccd2de543777504d8617b7d6c1a9dfe17c55b2bb961d370a6a255cbf71cf9a75b7c6f7a197bb4cd8ee300f83ab1af2d635ca69b82d099517dd5bba23db92c705ff1eabfa1802a33074ba615e0fdb54da150df7ebf22e703b02420df9d837862d94e2d59c59f9322a905beb343390bd0e218831e02372b9a0081a42f555029376ec3109e136143c887077f288d4040cc4bdd1f5beb287fcfd82481ecbd42f1fb6dce108bc986ba2809feac83f6a0d6e97c4ea79dcab3b6a65a22445429daf37e00216b3db66e03202f2efdac442d30c6623f9600828b330769a8e3fd1be4c0dd40117f8beef66f4f8c0836acc50517080164211bd520c21b86eaf2f718c6a4aedcc2ed2809ef2bbc2452b33ef746c1f11aaf2d7c42ce8df1186f1cccedce1972c763e6534aff0d6178eacf1b0f8c69f4bcd91a9f3ad1bbdeda8533523319fa7b1ac29daf70f4019722553d6754b1ac28f264ca07104315cba2dc7efc4e23f8b2d291f50339d0247649a5b88dcaf6045506590e89440f71ba599d5d74f8217893eeccd33fdb68f4255367f4344fab6f19f1ba5063bd41d1d358c5d32b11e2d55a5474f2d05408c552ba8fa070ba2d18b2d3bcc11077cff85a658f3c94772c6a3d669b59cfee7a2128cb0240ec3fea2ac3292dd2f450cfc0a1b9f92b16c6d34cbdda18481e19904bbd484da9dfde86bdf87535f6d4d8317d289f0f5f2f925a01fd9b6055f9dbc150dfb713ecd95adb34dba012ed728c5ca4167d3a88f910b9369618eb30626dfe64b763172b9a5ee3db14da9a151edc63474b43286cee2c22a0b2324f0ed569af6facc0374878424c922617bab86c0aed0324cc246a19e362f6b8f6204a0d7f8547ed2d1d59ea17ec2210772ebdae640d41cb189e71b0aac49e5fd276d42705f9ddff9e5a969825a84fdcef9568550f75b971fb0f0a31ed7b1bcf0bdc79f1e3e874d91efedab428c63077ab33f3b2f23c0b7677da6e3ef3338ff200001586af0af1a25f24437fcd83fd4c55e9ba5b06191422a96f31963c692298873acbe555949748a83822b95707a0989af9733447996024e1ca396622d082"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000051940)={0x0, ""/256, 0x0, <r14=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000051b40)={0x0, <r15=>0x0, "418098d5afecb2eda006ce5f4714477f1ec01b255a2504154cb3d35479d432f3432aa117546ae3f52bcbf697b32e603ee6fb6ee805e2c15b36aa277680636260a5541068239c8cdb0d77605c4ae946b9305ee9745e8107ae726fb9b5e8ba803c14b95b39ed150ff8c1d7b885d1accab21f23699e8c44d84a100cdcc738765fe39aa30e33d5e38a35f8b416b59cfb29d721790208a1362d8317b3551b2f683935f888964c0e8a5a9621c54b40bd983ca14616eb18282995c3fa3e68899ea38141ac821452d79d88262767ef0d7c64339b2d61f50d8dc9c83c0deb1ab4823bf3943b8255e68897388f54edbf1763e00a8239a7aa19a512eb9aceba33ae41e8a600", "62cfffa072a03136ce7092ada074fe5ab11ecd0642395e4f1b0826f3ce3c1736511b2efe35937452e3b4a8678df441c6026d4d46a5450a8309838c893c73c29b81d6776f1e004c2862ff7a731c963b6cfc9885098b40c4db7788e5482a94443984897c5e6bf5beb2e122d6e6a2ddc7ecaa47c27fbf686e97efce49ef1745463a2356f94ec64d35d900315259c2d9539a2e7ee263107de5e2330f871215f931f130c6509b3ac4e2cbf38de013fed4585b0c20369053742064a5d656bde4f0220581817e390b7d6c397894d091fc5d7b8ef0ccc981719b0085eee8308cfacca40d280040bc05478362f522c02f26242d8356fc0f464380f64ce35ae3ad8d8086fd94d3001905aff164a3e0d7250f237698be2db555350ae9da6ff029e9b4410c99542552159fa35e3f19556f49c35066debd12dc8a908f1a9c9e760a78d1d1718d0a008dfad80df10c7f709940d796a8c0a7d27957ff9bd591a349cba2b49d2f111be94b73aa920f24228ccf6466ebb06a93a98d91aa1ec9122cb654c92acd7ede40152bb7ab8a5e054b1e2e88d612b42f3f061854857174ac596394b3fe16eabbbdcb0abe7088dd422c1d55404374e3a54fb2cdfe0ea97d98b3ae0e1d27b72f9148222f2f512b2ca63652a009dd0759c092c55ac84a17593372eef3b32ba06baf64d357fe7a26b2b622ea1107ae74cfadae5f2ec3d3b89d9f925e5cf527afbb7991e157a56809cc370a7b9684f3a36c9e26be69c41444177b02476119d19237c9705cb6dc7c9cfaf656d324c517163619261eed8f228bbe13c15549048446a64d67544b6bde7e4e31007e808db2787c8b321cec27c992419f4d67179a1ee91a0a8fa773ecf831d2a30135f66c16b3f8e02fe9ef8ead08e12b2d497f9da07e210286c2a7c2251f70acc6d51ee1be6c94804c8d5bd0fdb60d6888d7a86afb99ae3605b7763654d299d6abd3d6b0493982e75443d596ff356455ca116580d488ad672ecb1038f3cc5c5fba8a94b1faeea4dad90ba1ee98bfc31c748042b74e23427d178c1420167ff15965c547b58d7e3a9a2d4736687b6008e5c5a9fd2701df65ff73fefb6887b584912d73715aca800bc79ac871aa19886d710d60397b7516a9ed1fa4f77442807d8f0fd2d85d764d21279539dd28777d22e9de86601f91bb245f1a66daf3d7a6eeb33582847029b2c9fc4a769b8fecd4ca328ce32c0e0d3875115e3336f1d6baf7e47f258c27bd9582d93845fda8f7e20b42932a1fabad234c4c0582ff8f310c48fa809d9243ed075ddf15624c38513fbb0f23d14eefb330f99e80da8834deeec28cd822188001a45956087e0f75d22a633d1f77768b4d784a9ed09fb680280e5986e19975cc6b85f24111bc5dba56bcdf89150f53be7f78cde4ef04c24d79f7c40e3ba30818ca025281842fe099928a2c4abcf97846cb773af8653705a7f058a235031be9409be484b4b241fd0912054d383f3b909912fa1153eacaf8c2d5452fa3c4ae6a1782cfd63cb2796d418c9bb4f07e038604fee2fc85faec37574e293444d3ef8e0e936069d2bf482aadac744581129178ac1fe42c5adda11c0398b80cd5ae23681fb17ad79bcfc7f84a35ee35f92be03e5ebaf45ef235ee217945f1d86215b8f036c2e43c726af311211aef1f0a50c9a117899354c43360ce2ab7a071bb8ea45f006730bb2cbb6c0151c71f8e10f4f0bc36691cafe9fd7b6b08a6a5cd657216e48c3e45587a88c02d6388093986cf6137164a8d877803b97e82d9c769a55e33f1112b13f919724bd5c003865f4de5e30d04b178385739fa66356b2b60d81e93aac27f4e5f8e3b3bcd04dc54ae6c47689bbec8494cb380c279f0d56f6408c2d3ec8a87b6d4ea5f8cb990819862a3230666b83bc44ceec8c79a83c17df519b6c6b81383387c29cc3154b2b7570ffaedd0178feef860dcd1bab1b262300572f483ec422c2bacc6234e4c368c052a1936e79ede355b67f740c63c3acbb37e45cc043eb4abdb1bf32b131698f767dbb7e976d781f2e64357d944e6e8c809a3548cd439cac952909f3bcfefbaff81d2fe9fbab26d39dd411960f25ed80bbe030d35811879ccebf5e72efa2362eab2e7619092c192af8b925efc884f5e6fd004b92362a4251da76c9cdb50f2d0c295d78c77ac22a44224b279f3fb7fb4afc513386ffe630fa80ace40d6486f395fcf688050941ff83bcaed2f2df1bbf61235db8f05bd350743ba8a5d6fde7dd0adb4f8791716926b03559bc4ef21d9328846a69d462b1f30bb8d46d01da9602d0dedc7b2132e0c848bbd31e261d2d9450b598c1215d711b27472ad121dcec4c3b7b06944ad841dfe3c3e7f96911b11227cbba8efc8a0ff20ad0c971a71ae08c8d67fa4fd4852083c97a76116e0626b65c22babaea777846be25bb903a003f2925c0d8ab5e6048159aff5ad6e4057d287730b57802108da64e7117811e1593c93c741b82fee73dfd36e2ade2bd64f746854c214fd1980c88476ecfdfd510da96a4d8fda5483c5792eb9726b9ffca97ba97134506530d6ad8ad4fd516ee6f54c47d33dd508292b35cd2b58f4ccbc425016de2d34db9634215e3d944476ef5b5543ff4cbcabf03dd37f94ca338e16ee605798165a56ad0928bd7ffc6e0e10c5e2dcb9e7938c805430d1a9f3e57fca84decb596ec6e646bdf18cd3ea4c6c1d2fd6b59ab9c6d37bb195d9fbc0262dd497bf9a321bb92b189a0fa4b51129de224aac93bbde5fccf62f583ae5f9fb60e10c31c945cc995ac301668c7513d12d48351522bcd125997fbe07726442378bbe51b555c361807e39d347ad845bbbd0bd8d8d5f8d9e258d68bfe610bf4e08b9d71d940846468685332c288bae8a1e093eede76bd0307afd73f102bb6aba44d74237f67273f0e36729bd9042804a11a66fec647b2b4432ef1fe343e6671617b26044ce5705d74b0a8941a501b9214022c7dfa53ac8c68ec56d58c6d0e9d0f241fe3fb9c5140305df0d9562f02600660fde09bf23ec6fa2d203d0ad6ae231766209907991a1cd1f028ae464d9dc7834bcc83abd3e9bc1ee167b66b52c57c01a7a5ed925e9eb7549cc91b1b9d894861d950b52676c4f2b95d041aa0513fa50d51800fb7d34d9617ba6f8166013c82cca190941393fb70d7ead89cf85f14aa6f532ff217a217c49e43b7090707be51154555a82156d062ca52e0256d184ec03f14decceaf091a368eee2d68e0931d57687a67e0e56b87eb43ced83c68bf3310a0fe6ca953a9977bdf2175f85ce41624bde4db34ca527ffda6ca6caa163f372db852fe4174d88782c453f7fa472af7e027f80b9dd89599bd06397e6914132b974c17713b48fafddcc3a84536dc3dbde7cd434ea8a90754ef5889a586c31c6292a063b95ab230573dd4d3a8b15b826734a05d5855d74dcf77d5482dbfb18f31d044f1fe18509c6bcf9d854b9cc4f3c09b3609d5b41d2435a7203a0964304da3c71434846ca9ff83a98242da69688510695fe6dee2d8371b6ceefbfb28e70907adac959de70d92ae7ef3c56a7a5c59dc96121362d6d715db431d60ed066a6c3b0b3f29ec1a1c4888bf57bec812fb879515e2149798616ae77a02841d86a2c58d18b74a8699aa2b37214506d03ec8ddd3043ee93482cc0f7bbd155edf7c6bc0264eaf7b3691898db4007cdf9db3589b9af3fe75df8ca00177ac102d13dd0a0779009aff16a0a51fdb1f423a65a7f5c39d49a08a0459a7182a77da369947f147f801be0f7a451a1df83857814635c9446674390f501dd5dd74892cf4b6ec97c3997ee601a226addc241a825f8ad3c16ab072f20bd1a3521862fa950bdd126caec4b2dc35498f7931283b872ecf6c55574d0ad7f33d4390966f267c851287d44bb786cb687657747a043b6e79e05f01c3813c6a74cf5b26a8549c956e2b20a7b319f61171ec87c0c28a240fae11a6dffef259a14b7c54866b731d909968ce25f5d76b2de20f15cd3bcc6220fa9a7d9a6af25731c08bc0d86238b6ceced656301284c9373d0bafa449595ff986ef50f750d27ba30afe4bfe90b95a2e7f356f37449f8b41eb448f95bb37059b3e95f371275ee27a01dffc0b2d0a1fee1b77ce6728d43e480d3457033f9409984f2ef62c086bb6e59a4344979a1b9e03c32b5c7401711ec63751c4f65c6039dd24eefe178fa4c077f29f7abc479a2b5401c99fe6ec01fd896447199d50f525a2da41b950299591f62bddf297ce2180c42cb49389b8eaee6e904df074e7d343f925366e0a3b7f57e424be4da543f1da849c3991ef3394c52d688c1ff79178f222e00af014674f5000e72509acf569aa5e191341f482c5068e25b826540a15f5606a03d154355e37510bc4e84ce9a7bb5e1c228287a2189eeccea8995287e02c7b394932af0ca997dd9914e2c47f8c76bfe78c59bc335c11a490241a93874f1118f79130f6cd59819fd984a6fa7d363a89b8c438b9fe3f152c019b8a27424e4f25be593fac3b2c12287d9000677efcaa6878cc99b752561b321c2bcdd24b9a977da17784f80ef57094a6c4f2c66d097067f002f80591903ec08e9345999866dd66baa9be638436a2888dbdee32c7c7cf5c3c223300482a54a07070f8108f0778010a617ed7ef2c23febead23cee9710037b011ce31a3ba6659864a6c2aca5d73390f6ffafca0a587d1fe0cdf385a8b0dfdfff2779ed81a2b8649779e3bd531f0d92e856899418d9cfacc6948bcc330917b73f1d71c0bbc2a9fc7633862512416343f7b244608df8212bb2ace42a723759aa75af0e5c903bb08c920d4a44fa49b25d08d6c57af8cfe5d20e5ab8607a4dfaa81c6b626ce388764afee51e1c7e0563424365fa2ab5570d6b8c173ec60f91c1efb15895230046350332c344ac0def63057c9c4ea8acdfa2530672a5d8ba5c916b310afc8979a365bd83659aefe72a4aefce3731f63730a409f8b9e72a3b755f8dd8810e637c37fb0bce5c12ec7d1601f8a334e3b6bfe10eee4b508922b2e0a3c2d67d57f490ef35b4f83a4802e224e2425ae295ed5643259f80106b3c4f5b27403ae56e7fe9d2eeb1818a92f2d802ee83fb843a1336a1057633c0e6d5d55f61c8dc10e218330fb2d47bcdd3090062ab7b2e1fc139c63a04e5e15087c532ba9b36ed06b57dace0dea9fdb2160ba994556a5976e58341904a22dd3cdca0dfa03b5381281ef1db61a24154639b59cfc0549ae521aec8405899328983b3a88823f7356a7be02bb49423f7e5214facc8c7556682dc496fcc8e1fc6415f1b4d7379eddbdb086f7479c728b494bfbb1ad9cbec0a7e4077c22193a0fe07f30d7e438fc5d72349d715f79a00bdb29b2e1c1f2dc14511d354c1349ebfc40bd4c402b7139d9ec24eaa19287302d1ab288542cc2ababb3b160e474b9a29a1f"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, &(0x7f0000052b40)={0x1f, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r16=>0x0}], 0x81, "c191c566b2d8c6"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000053b40)={0x0, ""/256, 0x0, <r17=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000053d40)={0x6f9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {r7}, {r12, r13}, {0x0, r14}, {r15, r16}, {0x0, r17}], 0xe1, "6d8900aa29c840"})
readv(r2, &(0x7f0000000240)=[{&(0x7f0000000080)=""/28, 0x1c}, {&(0x7f00000000c0)=""/141, 0x8d}, {&(0x7f0000000180)=""/168, 0xa8}], 0x3)

[ 2811.297495] FAULT_INJECTION: forcing a failure.
[ 2811.297495] name failslab, interval 1, probability 0, space 0, times 0
[ 2811.298866] CPU: 0 PID: 13664 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2811.299659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2811.300602] Call Trace:
[ 2811.300910]  dump_stack+0x107/0x167
[ 2811.301330]  should_fail.cold+0x5/0xa
[ 2811.301771]  ? create_object.isra.0+0x3a/0xa20
[ 2811.302300]  should_failslab+0x5/0x20
[ 2811.302738]  kmem_cache_alloc+0x5b/0x310
[ 2811.303209]  create_object.isra.0+0x3a/0xa20
[ 2811.303730]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2811.304321]  __kmalloc+0x16e/0x390
[ 2811.304736]  ? lock_downgrade+0x6d0/0x6d0
[ 2811.305217]  io_setup_async_rw+0x180/0x580
[ 2811.305709]  io_read+0xe98/0x11e0
[ 2811.306110]  ? __lock_acquire+0x1657/0x5b00
[ 2811.306625]  ? kiocb_done+0xc90/0xc90
[ 2811.307061]  ? mark_lock+0xf5/0x2df0
[ 2811.307499]  ? lock_chain_count+0x20/0x20
[ 2811.308004]  ? __lock_acquire+0xbb1/0x5b00
[ 2811.308503]  io_issue_sqe+0x2e8a/0x77b0
[ 2811.308962]  ? find_held_lock+0x2c/0x110
[ 2811.309439]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2811.310039]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2811.310587]  ? lock_downgrade+0x6d0/0x6d0
[ 2811.311063]  ? io_connect+0x610/0x610
[ 2811.311509]  ? lock_acquire+0x197/0x470
[ 2811.311978]  ? find_held_lock+0x2c/0x110
[ 2811.312458]  ? __fget_files+0x2cf/0x520
[ 2811.312911]  ? lock_downgrade+0x6d0/0x6d0
[ 2811.313395]  __io_queue_sqe+0x90/0x9d0
[ 2811.313848]  ? io_issue_sqe+0x77b0/0x77b0
[ 2811.314326]  ? __fget_files+0x2f8/0x520
[ 2811.314783]  ? io_prep_rw+0x7f5/0x1050
[ 2811.315237]  io_submit_sqes+0x44aa/0x8610
[ 2811.315738]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2811.316312]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2811.316870]  ? find_held_lock+0x2c/0x110
[ 2811.317340]  ? io_submit_sqes+0x8610/0x8610
[ 2811.317843]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2811.318402]  ? wait_for_completion_io+0x270/0x270
[ 2811.318976]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2811.319526]  ? vfs_write+0x354/0xb10
[ 2811.319997]  ? fput_many+0x2f/0x1a0
[ 2811.320449]  ? ksys_write+0x1a9/0x260
[ 2811.320895]  ? __ia32_sys_read+0xb0/0xb0
[ 2811.321368]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2811.321971]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2811.322568]  do_syscall_64+0x33/0x40
[ 2811.322997]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2811.323600] RIP: 0033:0x7f9d2ce7eb19
[ 2811.324028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2811.326142] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2811.327053] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2811.327902] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2811.328723] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2811.329546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2811.330376] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2811.344078] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:45:42 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:45:42 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:45:42 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x2ab)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x3, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000140)=0xdb)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r3, 0x80047210, &(0x7f00000000c0))
ioctl$TIOCMBIC(r2, 0x5417, &(0x7f0000000180)=0x40)

20:45:42 executing program 4:
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setstatus(r0, 0x4, 0x42800)
splice(r1, 0x0, r0, 0x0, 0x5, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x81c0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000100)={0x0, 0x0, r2, 0x19, 0x80000})
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r1, 0x8983, &(0x7f0000000040)={0x6, 'wlan0\x00', {0x8001}, 0x5})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r3, 0x40045431, 0xffffffffffffffff)

20:45:42 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
write$binfmt_elf64(r0, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x8, 0x3, 0x80, 0x1, 0x4, 0x2, 0x3e, 0x8, 0xc1, 0x40, 0x2ab, 0x1, 0x2fe, 0x38, 0x2, 0x10, 0x2, 0x9}, [{0x70000005, 0xfffffff9, 0x3, 0xfffffffffffffff8, 0x5, 0x80000001, 0x0, 0xc}], "f70dd90f117df46b69a3a862e157de3d75b136bf7fd2593d00a0ed2d28f5f5912a9b8d1a91822bf3f343169a3ae6eed3369eadaac0b48754bcdbc2ebf134bbdee002e092c279e265d6e7ca76b5027ed96f9e36bbac8df59572c80f55326e6451a7c98c9dfa8d0ecb91f7a92241054159dda9838dfaf446f4d7d77e983e1a7c266602fd6858c8afb0b3e60e6f45777424a83cab635d992be3f4730a45037783a06f1af812bb24798e2522ccc0d74d51d1928b990aef2e11b9d5b13e59d5b8c160228e44e3a0a1788bf08f43a2fdf21c5baa07d4b7eee886f3b2be485b496c5247ac82ab948bd2bab7669134", ['\x00', '\x00', '\x00']}, 0x463)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x4d)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000640)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCGPTPEER(r2, 0x5441, 0x0)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r2, 0x40309410, &(0x7f0000000040)={0x200000000009, 0xdb, 0x2, 0x6, 0x2, [0x4, 0x800, 0x450, 0x5]})
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000600), 0x20402, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x5, 0x100010, r4, 0xe3166000)
r5 = syz_io_uring_complete(0x0)
ioctl$TIOCGPTLCK(r5, 0x80045439, &(0x7f00000000c0))
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000580)='./cgroup.net/syz1\x00', 0x200002, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r5, 0xc0189371, &(0x7f00000005c0)={{0x1, 0x1, 0x18, r6}, './file0\x00'})
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KDGKBMETA(r7, 0x4b62, &(0x7f0000000080))
ioctl$TCSETAW(r7, 0x541a, 0xffffffffffffffff)

[ 2811.446683] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2811.448651] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2811.450523] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:45:55 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:45:55 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0x8}}, './file0\x00'})
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000240)={0x20, 0x2ca, 0x6, 0x0, 0x1, "9d8b645470bb4d74"})
pipe(&(0x7f0000000080)={<r5=>0xffffffffffffffff})
fcntl$setstatus(r4, 0x4, 0x42800)
splice(r5, 0x0, r4, 0x0, 0x5, 0x0)
fallocate(r4, 0x0, 0xfffffffffffffff8, 0x8)
syz_io_uring_submit(r1, 0x0, &(0x7f00000000c0)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x6, 0x0, r5, &(0x7f0000000040)={0x1}, r0, 0x1, 0x0, 0x1}, 0x200)

20:45:55 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 77)

20:45:55 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x2000, 0x0, 0x0)

20:45:55 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:45:55 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000040)={0xffff0001, 0x7f, 0x1ff, 0xaa66, 0x6, "5aca9a9e715e7e684ebd326b11c1c127a56f54", 0x8, 0x4})

20:45:55 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x2, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:45:55 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCEXCL(r0, 0x540c)

[ 2824.095920] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2824.107159] FAULT_INJECTION: forcing a failure.
[ 2824.107159] name failslab, interval 1, probability 0, space 0, times 0
[ 2824.108747] CPU: 1 PID: 13705 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2824.109557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2824.110525] Call Trace:
[ 2824.110836]  dump_stack+0x107/0x167
[ 2824.111258]  should_fail.cold+0x5/0xa
[ 2824.111703]  ? __io_queue_sqe+0x666/0x9d0
[ 2824.112192]  should_failslab+0x5/0x20
[ 2824.112636]  kmem_cache_alloc_trace+0x55/0x320
[ 2824.113165]  ? lock_downgrade+0x6d0/0x6d0
[ 2824.113649]  __io_queue_sqe+0x666/0x9d0
[ 2824.114114]  ? io_issue_sqe+0x77b0/0x77b0
[ 2824.114594]  ? __fget_files+0x2f8/0x520
[ 2824.115058]  ? io_prep_rw+0x7f5/0x1050
[ 2824.115512]  io_submit_sqes+0x44aa/0x8610
[ 2824.116008]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2824.116595]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2824.117161]  ? find_held_lock+0x2c/0x110
[ 2824.117637]  ? io_submit_sqes+0x8610/0x8610
[ 2824.118141]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2824.118703]  ? wait_for_completion_io+0x270/0x270
[ 2824.119263]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2824.119804]  ? vfs_write+0x354/0xb10
[ 2824.120246]  ? fput_many+0x2f/0x1a0
[ 2824.120671]  ? ksys_write+0x1a9/0x260
[ 2824.121113]  ? __ia32_sys_read+0xb0/0xb0
[ 2824.121587]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2824.122193]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2824.122795]  do_syscall_64+0x33/0x40
[ 2824.123226]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2824.123817] RIP: 0033:0x7f9d2ce7eb19
[ 2824.124255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2824.126376] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2824.127256] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2824.128112] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2824.128938] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2824.129762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2824.130587] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2824.155499] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2824.157114] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2824.158918] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:45:55 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x4c, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:45:55 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
pipe2(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000340), 0x8000, 0x0)
ioctl$sock_inet6_udp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000380))
ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f00000002c0)=""/81)
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f0000000140))
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x74, 0x0, 0x1, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x6, 0x22}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x59}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x18}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0xf}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0xc}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x50}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x21}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x26}]}, 0x74}, 0x1, 0x0, 0x0, 0x4004}, 0x801)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:45:55 executing program 5:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:45:55 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:45:55 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0)
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x20c000, 0x0)
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f0000000080))
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

[ 2824.231823] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:45:55 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x800000, 0x0, 0x0)

20:45:55 executing program 5:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2824.275032] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2824.276717] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2824.278343] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:45:55 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="180000f60200000007000000050000000000feffffff7f00000001004000"], 0x400)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

20:45:55 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f00000000c0))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:45:55 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x4c, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:45:55 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0, {0x9, 0x6ad}}, './file0\x00'})
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r1, {0x9}}, './file0\x00'})
syz_open_pts(r2, 0x8000)

[ 2824.390742] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2824.438085] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2824.439606] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2824.441428] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 2837.941659] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:46:09 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x4c, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:46:09 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x20000000, 0x0, 0x0)

20:46:09 executing program 5:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:46:09 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r5 = syz_io_uring_setup(0xc65, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f0000002a40))
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xc, 0x0, r6)
r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x20003, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000080)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd=r4, 0x0, 0x0, 0x7, 0xd, 0x1, {0x0, r6, r7}}, 0x6c)

20:46:09 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 78)

20:46:09 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
r1 = openat2(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)={0x800, 0xc, 0x1}, 0x18)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000180)={0x7, 0x1, 0xcd, 0x7, 0xf9, "d92cc0b71048cdce2b7274bd945ba5438c0567", 0x605500, 0x17})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:46:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

20:46:09 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

[ 2838.018083] FAULT_INJECTION: forcing a failure.
[ 2838.018083] name failslab, interval 1, probability 0, space 0, times 0
[ 2838.020877] CPU: 1 PID: 13770 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2838.022438] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2838.024293] Call Trace:
[ 2838.024916]  dump_stack+0x107/0x167
[ 2838.025721]  should_fail.cold+0x5/0xa
[ 2838.026553]  ? create_object.isra.0+0x3a/0xa20
[ 2838.027576]  should_failslab+0x5/0x20
[ 2838.028428]  kmem_cache_alloc+0x5b/0x310
[ 2838.029378]  create_object.isra.0+0x3a/0xa20
[ 2838.030384]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2838.031541]  kmem_cache_alloc_trace+0x151/0x320
[ 2838.032611]  ? lock_downgrade+0x6d0/0x6d0
[ 2838.033563]  __io_queue_sqe+0x666/0x9d0
[ 2838.034449]  ? io_issue_sqe+0x77b0/0x77b0
[ 2838.035380]  ? __fget_files+0x2f8/0x520
[ 2838.036266]  ? io_prep_rw+0x7f5/0x1050
[ 2838.037161]  io_submit_sqes+0x44aa/0x8610
[ 2838.038128]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2838.039262]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2838.040348]  ? find_held_lock+0x2c/0x110
[ 2838.041299]  ? io_submit_sqes+0x8610/0x8610
[ 2838.042288]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2838.043380]  ? wait_for_completion_io+0x270/0x270
[ 2838.044472]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2838.045570]  ? vfs_write+0x354/0xb10
20:46:09 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x80000000000000, 0x0, 0x0)

[ 2838.046406]  ? fput_many+0x2f/0x1a0
[ 2838.047433]  ? ksys_write+0x1a9/0x260
[ 2838.048367]  ? __ia32_sys_read+0xb0/0xb0
[ 2838.049334]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2838.050493]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2838.051696]  do_syscall_64+0x33/0x40
[ 2838.052584]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2838.053765] RIP: 0033:0x7f9d2ce7eb19
[ 2838.054639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2838.058918] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2838.060671] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2838.062253] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2838.063832] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2838.065451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2838.067048] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:46:09 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0x5, 0x0, 0x0, 0xfffffffc, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x1f)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2838.075007] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2838.076684] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2838.080707] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:46:09 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, 0x0)

20:46:09 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:46:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
sendfile(r1, 0xffffffffffffffff, &(0x7f0000000040)=0xfffffffffffffffb, 0x7ff)

20:46:09 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x800, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$F2FS_IOC_FLUSH_DEVICE(r1, 0x4008f50a, &(0x7f00000000c0)={0x8, 0x1})
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000040))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)

20:46:09 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
dup2(r0, 0xffffffffffffffff)
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f00000002c0), 0x400, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000300)={'wg0\x00', <r5=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r4, 0x89f4, &(0x7f00000003c0)={'ip6_vti0\x00', &(0x7f0000000340)={'syztnl2\x00', r5, 0x0, 0x11, 0x4, 0x9e8, 0x68, @local, @local, 0x7800, 0x700, 0x8, 0x2}})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_MADVISE={0x19, 0x4, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xd, 0x1}, 0x3)
r6 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x81)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r7=>r6, {0x8}}, './file0\x00'})
ioctl$TIOCSPTLCK(r7, 0x40045431, &(0x7f0000000280)=0x1)

20:46:09 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x4c, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:46:09 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, 0x0)

20:46:09 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "76000000000000103afe1d0457d41400", 0x4})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:46:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x44840, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSBRK(0xffffffffffffffff, 0x5427)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000000))
r2 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCGPTPEER(r2, 0x5441, 0x7fffffff)

[ 2838.307984] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:46:09 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r1, 0x5407, &(0x7f00000000c0)={0x7, 0x401, 0x4, 0x0, 0x1a, "410741168eb6f447"})

[ 2838.424832] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2838.426434] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2838.428074] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:46:23 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 79)

20:46:23 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x2000000000000000, 0x0, 0x0)

20:46:23 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:46:23 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, 0x0)

20:46:23 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x4, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
fcntl$dupfd(r0, 0x406, r0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:46:23 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
ioctl$GIO_FONT(r0, 0x4b60, &(0x7f0000000040)=""/180)

20:46:23 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x4c, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:46:23 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x380a3, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000580)=ANY=[@ANYRESDEC, @ANYBLOB="712cdd3e6dccf7a4faf142165caed6488e9a4d3f5dfa60da48e70e87ba2002edd139952d621731adefa3e6cb7751fbd7e63658ac6ed4eae1d74f815be59a233a6edf730a57e7291dd5c08c208dc2c4254178848f5bbf38be3909c15ed101d506f8713bba5896128717c1d2a3e3c0a7d970efceb2d129cbb7", @ANYRESHEX=r1])
write(r0, &(0x7f0000000640)="7769a2695a5405b059cf0b1e37f6b65aad7f82cbf7aa9549ddd90eef5bb7ed089a9f12916afa83c76f4cc54933bb51be584498fa905ef430befdd2e06e48015e2a1964dc6745c12a1de909c8de63f1e58f4476ff3816a53119d2e24201eb049817bc561cf38a70302a308bc2231ba17945fc9f13ab3cfa4039001c59649119e29326e7d9cc98bc3574d0eae9ae5b3f57273e0f849dc97f", 0x97)
ioctl$TCGETA(0xffffffffffffffff, 0x5405, &(0x7f0000000080))
r2 = signalfd(r0, &(0x7f0000000500)={[0xfffffffffffffff7]}, 0x8)
dup2(r2, r0)
ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f00000004c0)={0x2, 0x1, 0x14, 0xb, 0x65c8f3c, &(0x7f00000000c0)="ff6e0695470542055b1f10d2ee7364a187f18db42dd6b7f72c1e85106516cea93b89b18210f179fbff263d9938f716eecca4bf4ca22e286e2e4cb4e134833dc5562ca56b12eb205a92341f87c47e81cc75b4ae03ddc2f30f21956e1e4b799ff3dae5b1601e80e4847dd5b8264300cc043f15a8ab2146b1029af30e1d03ad0d4ae7b6f60352d85819e6363aabe3c57a9aba25052fba66751ee7b8e59b58471c30b807b2660fccb943cf5e449422e388ccdce39965aacc37959d1e4eda3b806cb32501a1ad2e245d9b54e14724aacce23fb94e1b950d66d6ce49ed753251bb1e64b67f0556e7b5b5c1f7e8dafcea48c93e60180bb1f0ae1e41cf5bd9243f901aafb7ba6dbb86cf2c96717873e6b31b49e5566e499d768ce892d8b977899956e3164be709c4a33f021c6e5dddaeed0900097e02d8a3b1c1b307d0dffe8d3d83ed8dbf32c2f8d75eb95bbc8289fdd95d4129e34dc22bcb50a85869c1941f048c704768cf849d9c5d8666e2fe38ca43c9391e920e2b749906e492d5ae8428178343e010d6e6387587634567137eebb658fa7df8384224421d4dc809d9fd18b6fe696fbb90ddd7e4da5b0db3450581c185b1982ddbb7247b417246d8de563c5f61b1007b8ff3e704d664308313556eee4b4babd95a1e7c992cff4ac13fcad9bcc8405291a6ddc652b1e0566217027f2e2d62d3d72ec568f519621a6c8e8bce1ba26d5dcfc68c29090917122348564ae5d68259e2b46f651212f4e1144d9108220922d131bf8ba882c2ad69d6ba314aedf99462d5aa9306a7d6e33d36707bc89343b308903874880abb7c89e9b66bcb0c8a0b4a84534e5da159a0a9b26015499af93f4097eae30a300d56047779938292692ef738f683b2745454b385670e9ee1117375a744903b661202e3b91347bd1f2d711084cf2289669df592911bf4b26ff41e50aa9da354106277dffd2860c29638cade246a94ba9ad7ea7da2226351fa61788c7dde3cd6a55fc5ef1c9005993d2b65f016233b152db6d8fe249230581cfc963261d05e7155f246e581fceaae9f3763fa7897d5972cc8d0c80f48b35ac74a5d1bda8a95d534af5c3279b023aeb1a46f4941682c37f6419eb431722391ca528aa85b84619e896fae48c25c713bd50448dc1f4c54980f5990f7564cec83060b5e4ae2db017abb5c98db26106c66115d8214219ce9653628fc4ce5c3dbab5b2739c304f10fd52dceef11222546c864e3df95aee1875a9718a02ebdee022dd8757f7adf41ba27f17770c3116315fba7e11af27780e741fd191ad2c3b7a185400cbb314246c7fae820f8b2141b19cd10b01d019e6cc86fa5b8bbe0a09148654f077f33aea8083018213ecc7bdbeca61a337f0b9aa853d6dd89f29b9da0b81c1d800b75c6fc5bb09c91fb3f11a27de7b117798f6ba4f5a08ea2ba50be7e14a1ac08a61f"})
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

[ 2852.540815] FAULT_INJECTION: forcing a failure.
[ 2852.540815] name failslab, interval 1, probability 0, space 0, times 0
[ 2852.542959] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2852.543566] CPU: 1 PID: 13833 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2852.546510] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2852.548243] Call Trace:
[ 2852.548801]  dump_stack+0x107/0x167
[ 2852.549570]  should_fail.cold+0x5/0xa
[ 2852.550363]  ? io_setup_async_rw+0x180/0x580
[ 2852.551281]  should_failslab+0x5/0x20
[ 2852.552075]  __kmalloc+0x72/0x390
[ 2852.552807]  ? lock_downgrade+0x6d0/0x6d0
[ 2852.553688]  io_setup_async_rw+0x180/0x580
[ 2852.554573]  io_read+0xe98/0x11e0
[ 2852.555309]  ? __lock_acquire+0x1657/0x5b00
[ 2852.556216]  ? kiocb_done+0xc90/0xc90
[ 2852.557005]  ? mark_lock+0xf5/0x2df0
[ 2852.557814]  ? lock_chain_count+0x20/0x20
[ 2852.558746]  ? __lock_acquire+0xbb1/0x5b00
[ 2852.559644]  io_issue_sqe+0x2e8a/0x77b0
[ 2852.560501]  ? find_held_lock+0x2c/0x110
[ 2852.561357]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2852.562454]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2852.563437]  ? lock_downgrade+0x6d0/0x6d0
[ 2852.564297]  ? io_connect+0x610/0x610
[ 2852.565103]  ? lock_acquire+0x197/0x470
[ 2852.565947]  ? find_held_lock+0x2c/0x110
[ 2852.566808]  ? __fget_files+0x2cf/0x520
[ 2852.567650]  ? lock_downgrade+0x6d0/0x6d0
[ 2852.568520]  __io_queue_sqe+0x90/0x9d0
[ 2852.569356]  ? io_issue_sqe+0x77b0/0x77b0
[ 2852.570234]  ? __fget_files+0x2f8/0x520
[ 2852.571087]  ? io_prep_rw+0x7f5/0x1050
[ 2852.571912]  io_submit_sqes+0x44aa/0x8610
[ 2852.572838]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2852.573896]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2852.574914]  ? find_held_lock+0x2c/0x110
[ 2852.575774]  ? io_submit_sqes+0x8610/0x8610
[ 2852.576695]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2852.577736]  ? wait_for_completion_io+0x270/0x270
[ 2852.578756]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2852.579735]  ? vfs_write+0x354/0xb10
[ 2852.580519]  ? fput_many+0x2f/0x1a0
[ 2852.581301]  ? ksys_write+0x1a9/0x260
[ 2852.582109]  ? __ia32_sys_read+0xb0/0xb0
[ 2852.582980]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2852.584090]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2852.585198]  do_syscall_64+0x33/0x40
[ 2852.585986]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2852.587065] RIP: 0033:0x7f9d2ce7eb19
[ 2852.587860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2852.591794] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2852.593423] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2852.594992] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2852.596531] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2852.598079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2852.599611] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2852.636767] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2852.638349] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2852.640107] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:46:37 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000)

20:46:37 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0x1, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x5)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCSLCKTRMIOS(r2, 0x5457, &(0x7f0000000140))
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCMSET(r1, 0x5418, &(0x7f00000000c0)=0x2)

20:46:37 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 80)

20:46:37 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:46:37 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:46:37 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x404200, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
write$binfmt_elf64(r2, &(0x7f00000000c0)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0xff, 0x9, 0x81, 0xfff, 0x3, 0x6, 0x7c18e647, 0x148, 0x40, 0x58, 0x8, 0x75, 0x38, 0x2, 0x9, 0xfff}, [{0x1, 0x8, 0x3, 0x9, 0x0, 0x5, 0x8, 0x2}], "ed04331c3c5bd93a5e383d145c", ['\x00']}, 0x185)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000000)={0x0, 0x5fff, 0x1001, 0xfe, 0x6, "17542f44f51feb00"})
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

20:46:37 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x600401, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

20:46:37 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x4c, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 2865.934035] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2865.954958] FAULT_INJECTION: forcing a failure.
[ 2865.954958] name failslab, interval 1, probability 0, space 0, times 0
[ 2865.957647] CPU: 1 PID: 13852 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2865.959088] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2865.960824] Call Trace:
[ 2865.961388]  dump_stack+0x107/0x167
20:46:37 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2865.962158]  should_fail.cold+0x5/0xa
[ 2865.963128]  ? create_object.isra.0+0x3a/0xa20
[ 2865.964081]  should_failslab+0x5/0x20
[ 2865.964882]  kmem_cache_alloc+0x5b/0x310
[ 2865.965752]  create_object.isra.0+0x3a/0xa20
20:46:37 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x6)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2, 0x4000010, r1, 0x7d2e7000)

[ 2865.966669]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2865.967912]  kmem_cache_alloc_trace+0x151/0x320
[ 2865.968893]  ? lock_downgrade+0x6d0/0x6d0
[ 2865.969774]  __io_queue_sqe+0x666/0x9d0
[ 2865.970611]  ? io_issue_sqe+0x77b0/0x77b0
[ 2865.971479]  ? __fget_files+0x2f8/0x520
[ 2865.972313]  ? io_prep_rw+0x7f5/0x1050
[ 2865.973131]  io_submit_sqes+0x44aa/0x8610
[ 2865.974037]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2865.975076]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2865.976088]  ? find_held_lock+0x2c/0x110
[ 2865.976950]  ? io_submit_sqes+0x8610/0x8610
[ 2865.977880]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2865.978894]  ? wait_for_completion_io+0x270/0x270
[ 2865.979902]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2865.980874]  ? vfs_write+0x354/0xb10
[ 2865.981668]  ? fput_many+0x2f/0x1a0
[ 2865.982434]  ? ksys_write+0x1a9/0x260
[ 2865.983228]  ? __ia32_sys_read+0xb0/0xb0
[ 2865.984107]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2865.985213]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2865.986346]  do_syscall_64+0x33/0x40
[ 2865.987177]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2865.988268] RIP: 0033:0x7f9d2ce7eb19
[ 2865.989075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2865.992962] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2865.994582] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2865.996071] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2865.997573] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2865.999071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2866.000571] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2866.019693] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2866.021299] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2866.023048] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:46:37 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:46:37 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:46:37 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x3f, 0x0, 0x0, 0x20, "4204af8f613afeedeb91401d0457d61400"})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000180)={0x1f, 0x8000, 0x101, 0x100, 0xf, "c1c38425c31a357c"})
r3 = syz_open_dev$vcsa(&(0x7f00000000c0), 0x3ff, 0xca040)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f0000000140)={0x401, 0xffff, 0x8, 0x7, 0x1, "e8ccfc9d83cc4c8a3d6ceb4b494d329db71eda", 0x6, 0x157c})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:46:37 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x48, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:46:37 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000500), 0x200000, 0x0)
ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000040))
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x7)
ioctl$GIO_FONTX(r0, 0x4b6b, &(0x7f00000004c0)={0x23, 0xf, &(0x7f00000000c0)})

20:46:37 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KDGKBLED(r1, 0x4b64, &(0x7f0000000040))
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000140)=0x10000)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>r0, {0x7, 0x6}}, './file0\x00'})
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000100)={0xf801, 0x1, 0xdb, 0x1, 0xd, "887245a965bc6d09"})

[ 2866.215123] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:46:37 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x800000)

20:46:37 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

[ 2866.294007] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2866.295568] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2866.297597] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:46:51 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
r2 = epoll_create(0x7ffd)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r3=>0x0})
ioctl$BTRFS_IOC_WAIT_SYNC(r2, 0x40089416, &(0x7f00000001c0)=r3)
ioctl$BTRFS_IOC_RM_DEV_V2(0xffffffffffffffff, 0x5000943a, &(0x7f0000000500)={{}, r3, 0x1a, @unused=[0x8000, 0x200, 0x8000, 0xb48d], @subvolid=0x1fc})
ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000000500)={<r4=>0x0, 0x5, 0xdbc3})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000900)={{}, r3, 0x1c, @inherit={0x90, &(0x7f0000001e00)={0x0, 0x9, 0x10001, 0x520, {0x10, 0x8, 0x4cd340a0, 0x7, 0x2}, [0x3, 0x1, 0x1000, 0x0, 0x410c, 0x3ff, 0xfffffffffffff800, 0x2, 0xff]}}, @devid=r4})
r5 = perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r6 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001900)={0x0, 0x0, {0x0, @struct, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r6, 0x5000943f, &(0x7f0000000900)={{}, 0x0, 0x4, @inherit={0x60, &(0x7f0000000140)=ANY=[@ANYBLOB="0100000000000000030000f30000e1000500002e00000009000000ff0000000001ffffff00000000040000fffffffc008180000000000002ffffffff000400000000000000000000ea54ffff2100050001000000002500"/96]}, @devid=r7})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000380)={{}, r3, 0x8, @inherit={0x50, &(0x7f0000000300)={0x0, 0x1, 0x80000000, 0x9, {0x1, 0x6, 0x4, 0x5, 0x9}, [0x6]}}, @devid=r7})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000280)={0xfff, 0x5, 0x8001, 0x4, 0x14, "dc49bf59dd19abf9"})
ioctl$TIOCGPTPEER(r0, 0x5441, 0xff0)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x8)
ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000000040)={0x44, "08d82ee144e914ccac6c5ef1a20473eeb23f5312f1f67f5c5c205ea404783e87dc644cf10efa1b74d274ab7628329dd07f667e4e8606260c51ed41daa2b078a25f3340a83e1659904460f5f000d4aac8b024b01d7dd553d11367debf79c2d79bea15f494d804cb4b8a013a35378d18c35694a413a44b6fa9ab19f1cf900d34ba59d3e768833cee16129c7df5a599ffaa8b68f477747f9e4ce376554361025c9c705378dea725163419c4c98f7eb81c1ada583e469e0cf906d9a26a30f7954b31ecc8572247b1c19516d51b2387919c65bc917eb0645ad9fef0b1721b560fa80432795081633ebc6e3f458d07daa9442da832b6aa2c6d0f447798fac0430335e07230b263925bb2907ac0e630abe650ffc598c8b1120de78942be00748ff52568b2dcc8bcc2dbc36cbba4984ee8fc178a1bc2608ab7a07cb69af6f0d15fc8f692b94899bcda6e0994dc9153bf546ce9a35794f04ae479ff1c5b5fe0513466c1f89bf66a371ad772507b0885ab7729156f1d6abda84bdd732c7ba83f2b3e0106861cb58607b8faea80ab7690a62ae4c6fdc716bd2f8d99fc1e98fe601da49bf3fe92611bdea8e6d2caa68a2282a9ca81016242e0f4ab6c84420264cd121662b8dce37ad187593b07fab0eee7ad62639b5a83042d78def06b29c206d75bf1b7159beec1e8bd1ad5b4e6fce6badccf3c5e7609bc4234b68d4ceb991dcdad1249fc94"})

20:46:51 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x12200, 0x0)
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f0000000080))
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

20:46:51 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x20000000)

20:46:51 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 81)

20:46:51 executing program 0:
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1)
ioctl$BTRFS_IOC_LOGICAL_INO(r0, 0xc0389424, &(0x7f00000000c0)={0x7, 0x8, '\x00', 0x1, &(0x7f0000000080)=[0x0]})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x200183, 0x0)
ioctl$TCSETAW(0xffffffffffffffff, 0x541a, 0xffffffffffffffff)

20:46:51 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x48, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:46:51 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, 0x0)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

[ 2880.666076] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2880.673703] FAULT_INJECTION: forcing a failure.
[ 2880.673703] name failslab, interval 1, probability 0, space 0, times 0
[ 2880.677250] CPU: 1 PID: 13912 Comm: syz-executor.3 Not tainted 5.10.234 #1
20:46:52 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
r1 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x2, 0x7aa6, 0x4, 0x4, 0x14, "1b14072c649d7098"})

[ 2880.679093] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2880.681166] Call Trace:
[ 2880.681800]  dump_stack+0x107/0x167
20:46:52 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000080)={0x1f, 0x4, 0x5a, 0x81, 0x18, "6ec3294a52e0ff44"})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x80c0, 0x0)

[ 2880.682692]  should_fail.cold+0x5/0xa
[ 2880.683707]  ? __io_queue_sqe+0x666/0x9d0
[ 2880.684692]  should_failslab+0x5/0x20
[ 2880.685601]  kmem_cache_alloc_trace+0x55/0x320
[ 2880.686703]  ? lock_downgrade+0x6d0/0x6d0
[ 2880.687700]  __io_queue_sqe+0x666/0x9d0
[ 2880.688642]  ? io_issue_sqe+0x77b0/0x77b0
[ 2880.689626]  ? __fget_files+0x2f8/0x520
[ 2880.690586]  ? io_prep_rw+0x7f5/0x1050
[ 2880.691536]  io_submit_sqes+0x44aa/0x8610
[ 2880.692550]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2880.693742]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2880.694898]  ? find_held_lock+0x2c/0x110
[ 2880.695864]  ? io_submit_sqes+0x8610/0x8610
[ 2880.697011]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2880.698282]  ? wait_for_completion_io+0x270/0x270
20:46:52 executing program 6:
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000001ac0)={'sit0\x00', &(0x7f0000001a40)={'sit0\x00', <r0=>0x0, 0x29, 0x20, 0x0, 0x80, 0x4, @mcast2, @loopback, 0x7800, 0x8, 0x2}})
r1 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x5, 0x0, 0xffffffffffffffff, &(0x7f00000002c0)={0x80000008}, r1}, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'lo\x00', <r6=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @random="ca73da4133fc"}, 0x14)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000008c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r4, 0x0, &(0x7f0000000880)={&(0x7f0000000580)=@xdp={0x2c, 0x8, r6, 0x28}, 0x80, &(0x7f0000000800)=[{&(0x7f0000000940)="c07b06fad10fffef900b495d78ee37df45a5aa5b79a1b6dbdb94e65f8c56422458502837e371f73691c52c198b68e0d8e06336e6d97b6cf4986d7843939836d4980b2cc2bbecc872dbd20985ce4460db95e87b0ade19974c95066ff2b8bc795e2f88659fa247f944862150e8ea4b5ac57b390b33ab3e5a36d59fd33ea3c0d1890d908f77fdca341e43ee5636b9d78233c862436306378aa4608c133ef65af7c485fcc1f609e26a4654ca7c57eb52c9ddcb1ef5d610345c9527776ea5630c5459be3ffff09dfc0ac4914441efad01b780a04e60ab1e53fa318f4b17cfa8a83f74", 0xe0}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="5001000000000000210100000300000069805babe27e6fb2a70f3ee49eb152754655622653a4ef0ce98b64502103670f29f296505d491448d70f159461991fa771f666f9fffffff02380b1047e3e64df9c981f564e4ed41243ce06aee46b59d9025aaba63ee98dd2ea6a0e73890844bf362e635c4a76c2bbc0e12be521654eeecb8616c0c258e68b82d8fe88f4c3010f41665f91976547904a5c702eec3e055b78b04334e608697bba5448d6ac2c4e19e09a09e5aa376079d5cfdfea9e15096cb1c85e9cba14b3772feec7fc94a1276622d8122365baa8e6bbaea996fa3adf5facddab66a75621c2344c5cc7794f290178a4041481cbde834df69e463de30458a3ce328ae740103fd3c6415803969680cb1d841635228ac53ca680a16af76762aefa939dfb7d97334a0e5496e4ce12277acbf4bd25be64e00f4a9403544bf2ff5d86fde776f4510be734e82647030000d00000000000000011000000ffffffff90302612f7eb842474c00bb3a60ef531dd94c11d8c4d728d0549e4911b9f9666e80a9eb194aa4b3dc4f196bc818d6e770acaac8805c56d11b496dbec2852b5fedc4bd77597c6a3e52edbb3750057a6fa4ae762047cb289c3e44832a48a3b8083c0262aea5782b5f7c8d2eaf4d6a203037e603e81e116efdf634448d1bbb072362e7fdd3c26abcbbb6a1ed187415eb4926e5350585165bfafbacf49b98881ee365b06c96e3b5191a66acce1e4e8afedb64fefbfe650b43214126cf24d4147000098010000000000000b010000f9ffffff0e7b84cd6b8659e4e080089b88055cf0dfff35cae6e2252bb97259e472da025f1d4b21fb9bb8f3ead302b194a3f8c8a9b86b3a8d9d749cdcda1aef373a1d1c0eb91ae88dd1ce268009bb7180e56acaee1dec62bfad357f14e76a189182dc5919edb0c70dd48e6dab06ed688b3db58f93c6451eb2b8fa77ae3f8565bb7260b42fe659e10015acf37fb50bdfe7b2abdafef23b4754679dd8cb85d75e6c4254fbdab4c81f1e35129c713fbaa9099cb8dfd4803af22507e570677477674c28788c1fe1d044d3d04e274f328de4afaf9e7a34a05630336cc80711f0f9cc9f6e52faa1d7fd4cf47e385ba09eb73f708793d3599f72cce2c5e7ff0aefcc6f4a891d293b868a27d35a79ef6da3100ccec03e6ca11c90bee8d02288b7f0f9c8be51b3e624494bfc86f5addb0481d0703ebaa3c7824e830488dd16c861b767dc987d3185d191693f20b84d9e4b77439beb03bbf9864614f850e862e8029fa4e31fc5f148c4f329d0329a2d78c44bb63def5847450000e800000000000000050100000100000032ecf070bb0efe8fe18c878e30d2a1b5e0ccc8e6f7cf8ff79fcb4ff62276be93aff615b4117d8ad428b32f6c2dcd174212afd4e34d219fff5175a50c0378916d969a4b3f12a001d095a74c502e2109ec3d9ddcfca63feddb56bdb46541ce28e9d1d384dce75ccc03729e799756d8a2a7e04ea539b7aa4bed944cfd80177d2ff93548591cded63b8d51859cc7825cfa8d942cf292d1c0e8a49e8e654a78405dfe8fe6500a01ea561c38dc89658c5c95bd525ed5147c20d2498e2ab8e71772303cbfea6b393053a8be5f800ce86c25e828bb64190000000000000000000000000000679512847f95b4d9961449fe8fc83ccf5737b2ccb96b556f84a6d28c4dd1b2c11a1f93d648821ec4f6c4203b"], 0x4a0}, 0x0, 0x20000000, 0x1}, 0x3)
syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r9, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000300)="a63a85f508c53b74be1cc06a8682449c18237d779b4f25f709ca4b1d49", 0x1d}, {&(0x7f0000000280)}, {0x0}], 0x3}, 0x0, 0x24004800}, 0x0)
r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000140)={'lo\x00', <r11=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, r11, 0x1, 0x0, 0x6, @random="ca73da4133fc"}, 0x14)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000008c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r9, 0x0, &(0x7f0000000880)={&(0x7f0000000580)=@xdp={0x2c, 0x8, r11, 0x28}, 0x80, &(0x7f0000000800)=[{&(0x7f0000000940)="c07b06fad10fffef900b495d78ee37df45a5aa5b79a1b6dbdb94e65f8c56422458502837e371f73691c52c198b68e0d8e06336e6d97b6cf4986d7843939836d4980b2cc2bbecc872dbd20985ce4460db95e87b0ade19974c95066ff2b8bc795e2f88659fa247f944862150e8ea4b5ac57b390b33ab3e5a36d59fd33ea3c0d1890d908f77fdca341e43ee5636b9d78233c862436306378aa4608c133ef65af7c485fcc1f609e26a4654ca7c57eb52c9ddcb1ef5d610345c9527776ea5630c5459be3ffff09dfc0ac4914441efad01b780a04e60ab1e53fa318f4b17cfa8a83f74", 0xe0}], 0x1, &(0x7f0000001280)=ANY=[@ANYBLOB="5001000000000000210100000300000069805babe27e6fb2a70f3ee49eb152754655622653a4ef0ce98b64502103670f29f296505d491448d70f159461991fa771f666f9fffffff02380b1047e3e64df9c981f564e4ed41243ce06aee46b59d9025aaba63ee98dd2ea6a0e73890844bf362e635c4a76c2bbc0e12be521654eeecb8616c0c258e68b82d8fe88f4c3010f41665f91976547904a5c702eec3e055b78b04334e608697bba5448d6ac2c4e19e09a09e5aa376079d5cfdfea9e15096cb1c85e9cba14b3772feec7fc94a1276622d8122365baa8e6bbaea996fa3adf5facddab66a75621c2344c5cc7794f290178a4041481cbde834df69e463de30458a3ce328ae740103fd3c6415803969680cb1d841635228ac53ca680a16af76762aefa939dfb7d97334a0e5496e4ce12277acbf4bd25be64e00f4a9403544bf2ff5d86fde776f4510be734e82647030000d00000000000000011000000ffffffff90302612f7eb842474c00bb3a60ef531dd94c11d8c4d728d0549e4911b9f9666e80a9eb194aa4b3dc4f196bc818d6e770acaac8805c56d11b496dbec2852b5fedc4bd77597c6a3e52edbb3750057a6fa4ae762047cb289c3e44832a48a3b8083c0262aea5782b5f7c8d2eaf4d6a203037e603e81e116efdf634448d1bbb072362e7fdd3c26abcbbb6a1ed187415eb4926e5350585165bfafbacf49b98881ee365b06c96e3b5191a66acce1e4e8afedb64fefbfe650b43214126cf24d4147000098010000000000000b010000f9ffffff0e7b84cd6b8659e4e080089b88055cf0dfff35cae6e2252bb97259e472da025f1d4b21fb9bb8f3ead302b194a3f8c8a9b86b3a8d9d749cdcda1aef373a1d1c0eb91ae88dd1ce268009bb7180e56acaee1dec62bfad357f14e76a189182dc5919edb0c70dd48e6dab06ed688b3db58f93c6451eb2b8fa77ae3f8565bb7260b42fe659e10015acf37fb50bdfe7b2abdafef23b4754679dd8cb85d75e6c4254fbdab4c81f1e35129c713fbaa9099cb8dfd4803af22507e570677477674c28788c1fe1d044d3d04e274f328de4afaf9e7a34a05630336cc80711f0f9cc9f6e52faa1d7fd4cf47e385ba09eb73f708793d3599f72cce2c5e7ff0aefcc6f4a891d293b868a27d35a79ef6da3100ccec03e6ca11c90bee8d02288b7f0f9c8be51b3e624494bfc86f5addb0481d0703ebaa3c7824e830488dd16c861b767dc987d3185d191693f20b84d9e4b77439beb03bbf9864614f850e862e8029fa4e31fc5f148c4f329d0329a2d78c44bb63def5847450000e800000000000000050100000100000032ecf070bb0efe8fe18c878e30d2a1b5e0ccc8e6f7cf8ff79fcb4ff62276be93aff615b4117d8ad428b32f6c2dcd174212afd4e34d219fff5175a50c0378916d969a4b3f12a001d095a74c502e2109ec3d9ddcfca63feddb56bdb46541ce28e9d1d384dce75ccc03729e799756d8a2a7e04ea539b7aa4bed944cfd80177d2ff93548591cded63b8d51859cc7825cfa8d942cf292d1c0e8a49e8e654a78405dfe8fe6500a01ea561c38dc89658c5c95bd525ed5147c20d2498e2ab8e71772303cbfea6b393053a8be5f800ce86c25e828bb641900"/1170], 0x4a0}, 0x0, 0x20000000, 0x1}, 0x3)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001240), 0x0, &(0x7f0000001340)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xc0000000}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x64010101, @empty}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x2e}, @rand_addr=0x64010100}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x7}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x5}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x2b}, @rand_addr=0x64010100}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x80000001}}], 0xc0}}, {{&(0x7f0000001400)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000001980)=[{&(0x7f0000001440)="321c1d012aec157f6ce3cef9b88b5e77a4834d01c05f4cb90f37e562508ba8286ff37b72c57daa0f61737001d848705b29ad623eef6b8630acb28a2e16409e1911d36ad08201b1f9c25804bfa12aa2bc4cddeb97c4ebbe774ce55aff39d8b39a533863023ee5", 0x66}, {&(0x7f00000014c0)="3d720c0fd87ed9bb8f89dd3983a680ca23e26ccb96fc76229b8a3ea405af9ec2b7994b2d4840553054339c9183fdd7685a660baac3b8b83d7511a27031a479a661f246eb05a4d6c4283ebf", 0x4b}, {&(0x7f0000001540)="61d3e887db65297e6f7729b303b20b7683e9e0d7522da43f138fe4ce53a3a22ccd085251e4600c2c", 0x28}, {&(0x7f0000001580)="ce7893c17613ffef4ec9b087851ba21956843e564183cede854aa1d3f018749c75bce3cbc61b7dc73d6b7f020e63d66fa2b51fb3df78d2b105a93ec188898d77d8af2c8be1ab5babaca0d133ad37375aea3eb3b604f66a1f0cd200f3ee4a67251e4811058a0c580be8f41f5db4257bd4550d607aa740c5ccb72f1e8182273b7780e43ff54722716efde3df916f4fa48a830b30a2d4beb2a468169ca0d8687abf1530dde0f49360e258d4c55daf927f3b9e1b460cc95afe0aecc54a43faed47401b94eef734d55722d55d4b07915200fdb3065f1898c3afe70b67ab52b8bec20447", 0xe1}, {&(0x7f0000001680)="cdb6237178e15c33bbf0371ff44e5edd1664a3c5b675dad0d5e021847d8d", 0x1e}, {&(0x7f00000016c0)="3ababb30aa92f5c14fc7a96463036d1091c24f8091990b2d40a89bbb9b7cba507660", 0x22}, {&(0x7f0000001700)="ccc8e41f6255d64da8fe03a133c759d4485c3af8618355371cb50033df0c39bd16d5628faf0bd02414299eded3f5766e828242a938b463234b3efd36476b0a97812077cd24e5e3a97c", 0x49}, {&(0x7f00000000c0)="4196c88b335dc3e74298d67f", 0xc}, {&(0x7f00000017c0)="132493c66fbb7cf926ab897840438cae575956d14e6e88b9df4320fc4988dab1363223a6405e0dfb0216ddfd049c6410a145eb116e156377c165ea0b201cf7058cb202c98eefec0047ca33d8e080ad6e80bab1220f36ffa1e48b63fff2ec2179e40121f31b3f292c734d4be181e19d9e97da05dd437858a9dd8cc25e98540e7cd81c3d10e3bd1b25053555210e1197f98b9520c7da6d4badfec5d94cd494a7e7b6f3b4966c963ee1f168e75b2b9aa51c245fe7d126734b385c48155888591e81ed820b1a8678886fc9dd2fd7f8da4883098631f099ca4332af707e8363e58b3c9ece22be27f6089ee4c28e39a1798cc1cb14ccb6ab6b7138ec", 0xf9}, {&(0x7f00000018c0)="c774426a05d47e02478e42c19a57e44df633daefcbc4293d04314306879d8438a4cc25370a0206f7a2821bbff0392e5eaf008dd01c553ef5a6344d57622734250f0a267069ac2ddf30ccc989f296bbf86c9ac338cb586a32e81071143cbe4b1717d5c7cfdfefb89402a0a64e466e0e6e3095c1e02c896a3890bb1892a633627cbf62d630ff7a32daa2a127eb29192adea5a51d687ae309025a27b8086d4650e90f05", 0xa2}], 0xa, &(0x7f0000001b00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r0, @broadcast, @broadcast}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x38}}, {{&(0x7f0000001b40)={0x2, 0x4e23, @local}, 0x10, &(0x7f0000001e40)=[{&(0x7f0000001b80)="1cfeee4eb35832234846807d2ab65cca0321c1d51682744f909a4140e84bc578e49ecc2e524ba4c93a221dac1c6aab330dcfd7fde754d993d2b6926da84dce6b040bff79747a25c5c4f8a59d51aaedfdc318875fd577c6ab1a7c480bdea25e9133b2ff75b9128e8fb0cb8b6d3bf3e294d65c5f1ed9ed650997bfc5378c5ba4841f2836c006028a598592666a58f70a47f712502fab969eb61aa88431671824737775ea8ba1ef0618e95113244afa9dabaa1b7cac98f14727ffd3a01e316abc74c62702d07bb51183e22911fa6ccccd67126cb992195b6bebc24befd73226efe9fe3645721b4086030dc833dad5b8c5e248a063c21c", 0xf5}, {&(0x7f0000001c80)="549ee56f68ce091488195e8b9049cf3d8958d2a6a9762eb8ac0fb384ba49971415b12ddba9c45b78ef620992fb89cdadabd9b099c84269476566a9e6b5cbd313921852f5a5f7b22e3d9300c897b1970b43433416d18ed80a09d22dbea06b82c3aa8787de3eca36aec9d7e43d0b40e8fe978416ead353e4c896073001", 0x7c}, {&(0x7f0000001d00)="4f2a07b0d9636ecdd15f9b859c220b306b913543fddb5880dc8e212f2d63891e494abfc0c51a5884db634d5145d5dfe3f61842ddaa40713f95dc24a2c9bc6db9900a800d0b90e5bed5760286ae94a8635b63bd1e", 0x54}, {&(0x7f0000001d80)="328c54b6df97", 0x6}, {&(0x7f0000001dc0)="60c951387f2b018eae939bd6f123d573fd91f5ad6c9794fd1fe879691f15bd68722c26f3117f7ad62e5c2ba9651d44f618ea9aefcf7f6e1476663784dc9e72476eea85d1b25197a39a504b0ecfc6799894b80b62722df42bb8b8853a", 0x5c}], 0x5, &(0x7f0000001ec0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7}}, @ip_ttl={{0x14, 0x0, 0x2, 0xfffffff8}}, @ip_retopts={{0x6c, 0x0, 0x7, {[@lsrr={0x83, 0x27, 0x6a, [@broadcast, @private=0xa010101, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010100, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010102, @multicast2, @local]}, @timestamp_prespec={0x44, 0x34, 0xa, 0x3, 0x2, [{@broadcast, 0x5}, {@local, 0xdadf}, {@broadcast, 0x81ca}, {@private=0xa010101, 0x8}, {@loopback, 0x5}, {@rand_addr=0x64010102, 0x6}]}, @noop]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x161b}}], 0xd0}}, {{&(0x7f0000001fc0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000002140)=[{&(0x7f0000002000)="364885c1e3cb8187c28b8ea616271585bc087594d2050a0f1cd652c33f4a3d0c1d25804ad9d84256656cf5ec8bb920393ce3da9e68070092b0f52a97fc803d7f1ffeb60609de282a32645adfa8e395991cdd2aeffdf756134658c5d25102eacd1710fa8ed0dabc67eb896dda8a51dbde70d57d4fca8dda", 0x77}, {&(0x7f0000002080)="c682d743c28bcc5b3105bd7cdc2baee7a47d3706ae75f113859cd91ca8838e2c3c5249728c419fe0302f114aeb4e2074a4a8c33d5ac4f53edf6fa100311e8807e246553a747a23b4cd57154c3b0f2a4df86ac9ce9bdca6b71f1fd829b767a59b2282894b", 0x64}, {&(0x7f0000002100)="679a7977dd56a4489927720d6f52b6cc44d931b772446acc65433002bfa1b3f5d6eafb00"/48, 0x30}], 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="3c000000000000000000000007000000442c0581e000000100000080ac1414bb32cdbfcfffffffff000000060a010101000001ffac1e01010000ffff0000000014000000000000000000000002000000060000000000000011000000000000000000000001000000400000000000000011000000000000000000000001000000010000000000000014000000000000000000000001000000ce0000000000000014000000000000000000000001000000018000000000000014000000000000000000000002000000010000000000000054000000000000000000000007000000071bbf00000000000000000a010100009c6d8100000064010102e00000028927b0ac1e01017f0000017f000001ffffffff7f00000164010100e0000002ffffffffac1414aa000000000000"], 0x128}}, {{0x0, 0x0, &(0x7f0000002400)=[{&(0x7f00000022c0)="1ab82babe1b97d4c585bb30c7f5e6ad817fe19bec578f6630e9ef657236f7a643672e087a9ccd2e937f81f34fc468881badaf9cffeaffa29b7b5c00b6f27dab26159a7e510ca24644009ce8667d44b727ac7189ea80e886164bd9be9affdc564de404305987f39e63dec692b051e3f0c068b3698bf3393770c74330977c1184a4d9c602372a53023679db5dcf9a8b557cbb2bd7dc308649a3691d004ef3761f2e188938f", 0xa4}, {&(0x7f0000002380)="82c4882cd60c78a39a37320bd098a8622d2aeace7cc436036e9f8b249045fe7a8c5d6c53f0ffc1ea930c2dcd84a4bbd439db4397214bcc910ab558e56db45b3bb675ba1e22479375445080cb99c9022dbe2355026a9b66532bdbccee1b1e23", 0x5f}], 0x2, &(0x7f0000002440)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @remote, @local}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r11, @loopback, @multicast2}}}], 0x40}}], 0x5, 0x400c814)
r12 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r12, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r12, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r12, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2880.699534]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2880.700718]  ? vfs_write+0x354/0xb10
[ 2880.701614]  ? fput_many+0x2f/0x1a0
[ 2880.702494]  ? ksys_write+0x1a9/0x260
[ 2880.703417]  ? __ia32_sys_read+0xb0/0xb0
[ 2880.704402]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2880.705667]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2880.706905]  do_syscall_64+0x33/0x40
[ 2880.707797]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2880.709040] RIP: 0033:0x7f9d2ce7eb19
[ 2880.709931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2880.714331] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2880.716146] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2880.717862] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2880.719584] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2880.721271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2880.723010] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2880.771482] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2880.773313] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2880.775553] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:46:52 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000001a80)={{0x1, 0x1, 0x18, <r2=>r0}, './file0\x00'})
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000001ac0)=0x20)
ioctl$KDSIGACCEPT(r1, 0x4b4e, 0x14)
r3 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x53)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc0189379, &(0x7f0000001b00)={{0x1, 0x1, 0x18, <r4=>r1}, './file1\x00'})
ioctl$KDGKBENT(r4, 0x4b46, &(0x7f0000001b40)={0x1})
pipe2(&(0x7f0000001a40)={<r5=>0xffffffffffffffff}, 0x800)
ioctl$TIOCEXCL(r5, 0x540c)
ioctl$TIOCGPTPEER(r3, 0x5441, 0x5)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r6, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r6, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r7 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TCSETAW(r7, 0x5407, &(0x7f0000001a00)={0x0, 0x0, 0x4, 0x80, 0x8, "ef92016e5929127c"})
write$binfmt_elf64(r6, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c4601000105f7ffffffffffffff02000300ba000000a6020000000000004000000000000000e60200000000000009000000fc083800010001000100090001000000ff010000ff7f0000000000009200000000000000f7ffffffffffffffb6020000000000000300000000000000030000000000000002000000ff0100000080000000000000e10000000000000070e800000000000075000000000000000400000000000000ffffffffffffffff0d4cb01ed931ae54bed33503a0d8162afde1da34c921137d04c6f82ac012badab76143e8772c421cee9311a5677a218c0aa1977edd45a9d4782729558339f6b6400cf7995ea483af41bc7f37f0c9de8c1a51782fde7e9111304c066545f4d3a1394ac425fbd00f457b25759bdb14227bf13b97ebd398a14806fb95e00717d644b574d4bfd61802736e09f8c48279f34e1c4e03c4a94b6f933ffd648b441e034b1a6b1a310839945e04e1485d0b204bd83697639ec065cd2a07c802d5b812fca63d0668eac94404ece1f326887ee8a920b250cc0a8986b859a052dedc993c51b5430adba70b73ab8bd3f000c508789bcba06ac8a06d20543f72d27062ffa3697ddcffb3e32ea6839125f2517d29626d19063f33e82fe41f0dbc9b05688e720ffd2701469b8e64127a7fa5adee3f78256b37739254f9d6c4bf5492c284edccf14ebe35a20f96764fa12ab7064d219735a5e1150601861513d09f26782b5d4983d5137e4271a0be74fc99e1f285df3411ee4286d92ee40727c34358f44cde2ab9767664e24905d59b9081cc29df89c7125b710f8a376ba90a26f6d8a78b6d6756816a3f196c079c2ec74df6ef7718be740b5770fde6ac1a0db130061cfb6755f110d30828d3733fab16c16aeb09f934b1f50279a958ae16deabb096c35abf2f5bf34a22327fbfd6bd6657c4d4cb2272263cf17cffd9215c7d2d7b2245432c066e19823da88126ca8437f8fcd283a37647104f0d4e38f96c1d22cb63309a2275833ce6dd1d8128f693422c9afe3e029cb0ddc9784431bf6247eca95cb9ba872054a0c931ca7199256b020697c3f47a1afc6f07cb81522e70a8fef5e98b3c51c16f4ccfdff6e0364f37274da4ed70561e5c3db0cbe0855a17eab6188875032b47af337b4d2871acc24dd097bc7f1ea16263b02cb770d9e363791f3fc389a8baec942a4724dff254951e7303ff0f97544bf370d3e36ef8ea98ae5e14545b356ceb60ae561b96f9b6bb5f89d6a6a1f8108ad0e24b6bf3fb6c1587b112564af320d079666ad7397f70b0894db4a95b46d3b27d78414de7dcca2e69fd63bc5019ea25be41a80cad0812b5ba810ec47f516378dfa5b1e5dc68e6f4f48b00fad28a959f1c8517b7f8187cfe59fe16f1ecae83cc95358db3e8a607e05034940b77977a5352f3e8a41f50a46bed1bddaa21c23222ebf50b92d23792ed65ddd576f9c298e498d96fbbafb0f9b201cdf04766b49ebedb768b02c726c5555df3c2530d7ce3651b843ef7666fe96d92695bc677b47c51b2e6a60da122477181a16259406deb92b022e5cfc6074f3205a4d64510aa3ff09276404d2665086865be9a7b2a6de1d72107ef15540eb65e95484006da3b697edaa3342f497b01de7ea3e1cbf28022c90047472db4f8d008a5097e3b36d4ba322cea76f40fa4287bd77f265c34c8ad2934e7b75bb9ef79f9f6b7f3533468d85e3115b2a6f259222066ea882bbfe6a65488b3add9b94fa8920bb6f5eb03ccbf47951fffc010a72f5ba90994d94cabdddebfe058bf32a87dc547a7f869d6990aa190446fe87e41ad2298693d23ed4ec9a13c6d32b313f80216255edaa7fa9d38e0f4e7e6bdf3a81d16d4cd3121e1882a21fbc254a984f01c58978a8ec0910f199343e5fd832826d131593bc51580fed5d1f27c18717f3b48b3738838254eba87e702b8ee6622f478f830fa8d6282626baf3d6255372e5cb53f8fb36287ec808c3e15d2d2d09bae25a015aed1b50a058218b155f05da1f63d4eae155f60e994e386792dfeb807975c4a27e4cc07e4f1c14f5d740f55e7643a47eeda7f35f48914a19a08cb2553a48727570b0b4f88a054380c8731489fa91482aa3c902a24cf707637d41ea0d5256430441d0d40de249c39ae00f638408057b8a85eb3ef1f1f5e5b57002e409bfdd7e6c2aa644982c1bfc8e238501cf091f667a4a72dbc7451c6a946ed530f1cfaecf6a12658ad32903d55650b9fdfd670a67614eabe1ed06455c05788753c4f8cd06d8c2c9506570c626b872c891dd3cd91bf4d37e6e7d8b321c0c6fd0eeaa91229ad9148ff32e8e69f20c071739d161ba679c52141f31720214725c8651d5df4b2123352066f04d0e6a7c353c9393f851cb80a7174486a875734ff5863927fe867bfef116f9fced42794a85efcc5c057ca61eefe2addb124e253c59dc135bbefcd9f058856a9a3d66135a98a1d203409031d709812e68af11f2edc41b77bc3a08793258b0783aa469970bd7f02d399a62d0a39c25944159956c92325f406dd69fc2f38cebbe7b8cd4992420e5be82f14f6cd9eb6fe98b25a20f0de94de437513b15d522cd3eda31aa54f5cf3c70c5ec48cf8ad97115c79f2d8d37464ccaf8605cb5080a9c40ac9ae4314a0b047a8e4cd52181485956c9f62adf3aff614075e80ef2a288a5ad335a1545d2ef9b122e3ab284e0b6cf0facf20c79407a72e674633327b46f743237c41421c097a72e90d794c499cc212987e1d63298dc0d6f25f11b775f3d086f5463f5949b117c9e3cdc79cdb472837bd5a56bc294c97c51eba384ffb5c7c60ac3f1dd31fb51bd4f092702f5d536710432a2f1576077c5ab9cf5aa919cb414d1deb0c09d184cd9f587101ef36a884ecf1178ecd139ebc37096af5f055ee05c93d35d6e9b33d337adc6a17b0ea0ab704af71cc6fe49a0e34ae8db73c4ed8aa05863906932c770fdd7eec8a955c9ae356f7bc1391dd237a949c32c3f4d015bbd8f080162b86d36b9d0c30debe74af3399e42a27099a14cff0e3a6bcb315c379ce182d5e2a8f2b0013059855e893d15547ce24fb4a9b4a8208cd1dd0a2ca746419228a0c762ca0a68605d7ecaa466605151388d10199a47fb6c276dee7d97632c86aa4e188eb5516deaabff1d004add9b75fa868002046c00272f5f6752e24475a1fa4f9767c9ac034dc3a61b1151c9e7077cd6064f9e81a3931e4448263af5ad7141310d7d8c9d1b59a3eeb12b48a3f89b7a443410929e75f1f41d9c0df471824bbc63e2276729a82f7613557df5319e37a62172aae51ff6935cc37b7b6736061a786d201186fb82e68b891d4ace6eb90907758356f6e2e8aa01e731dbbe8a267013e56844f5c254d2d4360cd2e936fffed8ad7df4fabc8727a752c0df6436a1b51b274ba4ca970b71ff89d8952cbc11181724d4e0824094388184ab33bbfa542ebe8ca4aa78e128f6792a9c84f6286c1931562dfeb906c550c0ba33d2af02a10dfc2cce6a24aeb289b8fc8f7fc5f0b9e68cc51d438e16a1e3d2aaf1bf98f07adec00fdc52e1af8e3e61e1d45809a144129406b8d7d23c9277a106cddf80d5fc1edb90f7d6e735a0446ab318e1f25c1f25531773a6499a0c315abf56106841135d0f6fd8cf221f3ca2de7ddb508077fd67e1182676e0d38b93c2fb030b35cb4c622973536dfca25effca6fb940a1e84a48bd79b480994c971fdc262aa9fee34087c9c8129b93c0d86fba20ea9c640d4937e8f0b6a220b942fb82334b5bc335cad34c3738b1c8326a4dc91261717ae481a8c1d2158545add1f44d634eb62fcd1474a87067ac61801882f13aea74d1e169cfffe7aa76e2123afc12b877ade0b3a7742a940e9b2572d7986eac918ec5e890f3b07cb67fb713acfce5743ddba752e23cbc7f7e10038f46fb7931342ed4fd6d5d2e84b9810b122c600b7c0e8bae5b336cc36b7982d24aaceff67bab343fe23734abebba921ee2a1c7a25920b0451ed2c9637ba62907b774a83067cf90ee03b70dd38f61dd3b32466c0245c0bd94f619f7b7788fe012f4214f49ee1c64c51cc2c9383fc2f1efa0357d440295e4464f598b89cae7311db4a64b0e8d51635df77ebacbfde8b53a19c2cc8d562edf1de649059bdb182dcbd8e8c90ed7a1309d516d60f4ced22dc1bec5c701448dc8a780ff0a05e1f3ac70d8845d7d6abe1d24d8d61bfa3bc76e8f4a2a2a7a3316a8fef8517db5683c904936f50f222f9b50d4d0a2802198990957ac9a8efb2f8c05c5679dbc1afc117106b2959c76be195a87b86af96191500060a7b7d8802464e029291c1be9c33f22722408a58a97f104a41a6474b2f15a2299a79b7daa3a4e5a36e0e023516a55ef30d16c6ab431c8e6a10f056f8e80cf244fa99b57532227588158e2871dbfe2537cb960a84dd69dda6ed918be0e6040522cb56bc25617bdad3ac12b9e5a3016aa378ff4a0206cf488406564bca2fd6130db29e5f0fa549db9a471448e2aa4cd1ac466cca13a58a6af470b4e2a1dc25208f1477cabb401e2d6fbd9c396e4582cdec020be8026ca953fa0f1c9bc73ca729cf917e85083a804acf065509fe41cc76b3f67b9e44b54cf7aa648304a7e7c0a5d598c2287326d8b5e969fa3fec75a5a513bc1fa63915c90f6ea47106f8e3081671ed8a6d30fc5743927ac3d1379d93dc180792ab9137a9946c192f91c03944a1144ad202b5e0245e1b85b8e8f08c18c8f95713ffa2a3bb91432d7d4a0a017da0cf2edce51eef20d7039934bb1df0c90c2b396a514889750fc45feb6010bc730ed65a9196c144c624c25a245dc1977f3229cc995624e014bfd8f7205d78a14d2259ce95796f9511d49a7232ed838592678e84fd21658b9f57bcd6b8f180d8c81f84d0ac2cee70b163ba560f2f5929da274fd1296b699d076b7e3ce92fbd6a74a0c8f059e0292bcaedb8f0a8d43776afb8041af52e6edd50b62947f102c9dccc1f1750234373a6a23dd50ef4ddc258699c6363245216ee3ae18b0040098bda9882c100188fba82f254877d941265181dcf23fa326244dbdd29911fdb8374f3137cd1baa9394ec2a13884f2310ae744024835849bc424ae9531ab26adba027a1dae43c2ff02b29a6317e8bd083ef9cc188d0bf887a351ff84c9528a48cbd533f0cf16a7b7f2538fd778a25621aafc44ae9a3117e5ea404155106569a1708cd739a8cca38373f9c9c5b82de7fa56731dff412f709441bc8c237ce48ac82bd58f77d761283a73548801276d4afe29cc7ffe00eb1bda310a584e57514be2ef165e2ffdf2a68e4ecce577db1791f5cfd3bed51819c73a5ce6f9744ff30f3b72040e89bc6ba37905d4b7b9eafd3d8fd3ac15ae7966841a37e9fe1197ae8af095b9e778f8b1da2ee093341baa9e273aaf4e0da78584cde91afb63d5ed63a3185c4e0c42ed61a2803b9cc425ad30e729dac4416ac7724c59eeee9bb94b9c07f7d8f2a8e9d7e1f7ac0eeafc647f9ba6659930a820316a626838187ca9d1bc59c4012102e28a7a9666b89fa9431643165b7f68680f09d7a8524829fd234491d2e7e2e341e5c2e504199bca649f70951e5292fca5a032ffe0a32517b45a09e5ab310457f1bdcf6f0c56b330dd6327151946e51b9e9ba210cc7982fcc998c58758aa0fe5408ed45a7cb19c76d07c11b175a9a486959159ca8cfcb32fe1a450d238ee6d7020e12ee6af41aaf1f7cd0ec126fcbef79775174168c5df91730f75c0b52f10ac7534324913b008a79a62cbeebeba4abf940fc7cada45977e9b9f9ae68757f819c3ae7075dead1246c6508edd0c7850d2fec5470757d1ee18ed7b4ff421e9f2b6916182179690cd9591d98f5a90e5b9305b454d3a054ac3fd24ddf07fdcb0f073c92ae23182f223bb0bd0314f516b29193fd10684adf9aa937dd3d5361f99d0737be4e0c381e1a10aca35a837c2ddcf26e5891a4680c83d4a60964b9743d8550c1a53e3f5fee356c07bcc42c7eeea2bd06f7ec9c8f7b0a7b2b5a6b6b25ee41b180c6eb14ac8becd12000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e5367bc03e5dfd"], 0x19b0)

20:46:52 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSISO7816(r2, 0xc0285443, &(0x7f00000000c0)={0x9, 0x3, 0x5, 0x3, 0x8})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000040)=0x1)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

20:46:52 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"}) (fail_nth: 1)

20:46:52 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, 0x0)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

[ 2880.843371] FAULT_INJECTION: forcing a failure.
[ 2880.843371] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2880.845957] CPU: 1 PID: 13940 Comm: syz-executor.5 Not tainted 5.10.234 #1
[ 2880.847423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2880.849146] Call Trace:
20:46:52 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x48, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 2880.849718]  dump_stack+0x107/0x167
[ 2880.850595]  should_fail.cold+0x5/0xa
[ 2880.851409]  _copy_from_user+0x2e/0x1b0
[ 2880.852245]  set_termios.part.0+0x6ad/0x8a0
[ 2880.853147]  ? mark_lock+0xf5/0x2df0
[ 2880.853933]  ? tty_termios_hw_change+0x1e0/0x1e0
[ 2880.854937]  ? lock_acquire+0x197/0x470
[ 2880.855775]  ? tty_ldisc_ref_wait+0x22/0x90
[ 2880.856690]  ? avc_ss_reset+0x180/0x180
[ 2880.857538]  tty_mode_ioctl+0xe2d/0xf40
[ 2880.858382]  ? set_termios.part.0+0x8a0/0x8a0
[ 2880.859320]  ? __ldsem_down_read_nested+0xe1/0x7e0
[ 2880.860355]  ? __ldsem_wake_readers+0x3d0/0x3d0
[ 2880.861348]  n_tty_ioctl_helper+0x55/0x3a0
[ 2880.862251]  n_tty_ioctl+0x56/0x370
[ 2880.863025]  tty_ioctl+0x912/0x18b0
[ 2880.863797]  ? n_tty_write_wakeup+0x40/0x40
20:46:52 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x9}}, './file0\x00'})
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f00000000c0)=0x7ffffff9)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2880.864749]  ? tty_fasync+0x390/0x390
[ 2880.865572]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[ 2880.866786]  ? __sanitizer_cov_trace_switch+0x45/0x80
[ 2880.867871]  ? do_vfs_ioctl+0x283/0x10d0
[ 2880.868722]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 2880.869822]  ? generic_block_fiemap+0x60/0x60
[ 2880.870767]  ? lock_downgrade+0x6d0/0x6d0
20:46:52 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x80000000000000)

[ 2880.871643]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2880.872740]  ? wait_for_completion_io+0x270/0x270
[ 2880.873761]  ? selinux_file_ioctl+0xb6/0x270
[ 2880.874693]  ? tty_fasync+0x390/0x390
[ 2880.875496]  __x64_sys_ioctl+0x19a/0x210
[ 2880.876354]  do_syscall_64+0x33/0x40
[ 2880.877134]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2880.878222] RIP: 0033:0x7fae0087fb19
[ 2880.878998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2880.882899] RSP: 002b:00007fadfddf5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2880.884495] RAX: ffffffffffffffda RBX: 00007fae00992f60 RCX: 00007fae0087fb19
[ 2880.885986] RDX: 0000000020000040 RSI: 0000000000005407 RDI: 0000000000000003
[ 2880.887484] RBP: 00007fadfddf51d0 R08: 0000000000000000 R09: 0000000000000000
[ 2880.888975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2880.890477] R13: 00007ffe30e228ff R14: 00007fadfddf5300 R15: 0000000000022000
20:46:52 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, 0x0)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

[ 2880.916768] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2880.974948] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2880.975802] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2880.976706] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:46:52 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f00000000c0))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000140)=0x9)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:47:07 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r1=>r0, {0x8}}, './file0\x00'})
ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000140)=0x1)

20:47:07 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 82)

20:47:07 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"}) (fail_nth: 2)

20:47:07 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080))
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:47:07 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x1ff)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040)=0x1)
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
fcntl$dupfd(r1, 0x406, r2)

20:47:07 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:47:07 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = open_tree(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x8000)
ioctl$TIOCGPTPEER(r1, 0x5441, 0xfff)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
fcntl$F_GET_FILE_RW_HINT(r2, 0x40d, &(0x7f00000000c0))
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000040)=0x1)

20:47:07 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000000000000000)

[ 2895.851784] FAULT_INJECTION: forcing a failure.
[ 2895.851784] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2895.854327] CPU: 1 PID: 13982 Comm: syz-executor.5 Not tainted 5.10.234 #1
[ 2895.855832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2895.856934] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2895.857596] Call Trace:
[ 2895.857623]  dump_stack+0x107/0x167
[ 2895.857643]  should_fail.cold+0x5/0xa
[ 2895.857676]  _copy_to_user+0x2e/0x180
[ 2895.862343]  simple_read_from_buffer+0xcc/0x160
[ 2895.863347]  proc_fail_nth_read+0x198/0x230
[ 2895.864259]  ? proc_sessionid_read+0x230/0x230
[ 2895.865218]  ? security_file_permission+0xb1/0xe0
[ 2895.866241]  ? proc_sessionid_read+0x230/0x230
[ 2895.867215]  vfs_read+0x228/0x620
[ 2895.867949]  ksys_read+0x12d/0x260
[ 2895.868696]  ? vfs_write+0xb10/0xb10
[ 2895.869484]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2895.870594]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2895.871682]  do_syscall_64+0x33/0x40
[ 2895.872464]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2895.873541] RIP: 0033:0x7fae0083269c
[ 2895.874320] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 2895.878200] RSP: 002b:00007fadfddf5170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2895.879812] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fae0083269c
[ 2895.881310] RDX: 000000000000000f RSI: 00007fadfddf51e0 RDI: 0000000000000004
[ 2895.882821] RBP: 00007fadfddf51d0 R08: 0000000000000000 R09: 0000000000000000
[ 2895.884320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2895.885812] R13: 00007ffe30e228ff R14: 00007fadfddf5300 R15: 0000000000022000
[ 2895.920730] FAULT_INJECTION: forcing a failure.
[ 2895.920730] name failslab, interval 1, probability 0, space 0, times 0
[ 2895.923502] CPU: 1 PID: 13984 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2895.924971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2895.926776] Call Trace:
[ 2895.927338]  dump_stack+0x107/0x167
[ 2895.928103]  should_fail.cold+0x5/0xa
[ 2895.928916]  ? create_object.isra.0+0x3a/0xa20
[ 2895.929899]  should_failslab+0x5/0x20
[ 2895.930726]  kmem_cache_alloc+0x5b/0x310
[ 2895.931596]  create_object.isra.0+0x3a/0xa20
[ 2895.932524]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2895.933597]  kmem_cache_alloc_trace+0x151/0x320
[ 2895.934581]  ? lock_downgrade+0x6d0/0x6d0
[ 2895.935472]  __io_queue_sqe+0x666/0x9d0
[ 2895.936314]  ? io_issue_sqe+0x77b0/0x77b0
[ 2895.937180]  ? __fget_files+0x2f8/0x520
[ 2895.938020]  ? io_prep_rw+0x7f5/0x1050
[ 2895.938860]  io_submit_sqes+0x44aa/0x8610
[ 2895.939779]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2895.940850]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2895.941877]  ? find_held_lock+0x2c/0x110
[ 2895.942758]  ? io_submit_sqes+0x8610/0x8610
[ 2895.943693]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2895.944733]  ? wait_for_completion_io+0x270/0x270
[ 2895.945745]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2895.946728]  ? vfs_write+0x354/0xb10
[ 2895.947526]  ? fput_many+0x2f/0x1a0
[ 2895.948307]  ? ksys_write+0x1a9/0x260
[ 2895.949115]  ? __ia32_sys_read+0xb0/0xb0
[ 2895.949975]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2895.951096]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2895.952199]  do_syscall_64+0x33/0x40
[ 2895.952999]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2895.954095] RIP: 0033:0x7f9d2ce7eb19
[ 2895.954894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2895.958852] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2895.960486] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2895.962017] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2895.963546] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2895.965072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2895.966615] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:47:07 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
r1 = memfd_create(&(0x7f0000000040)='/dev/ptmx\x00', 0x1)
readv(r1, &(0x7f00000014c0)=[{&(0x7f0000000100)=""/123, 0x7b}, {&(0x7f0000000180)=""/236, 0xec}, {&(0x7f0000000280)=""/56, 0x38}, {&(0x7f00000002c0)=""/11, 0xb}, {&(0x7f0000000300)=""/35, 0x23}, {&(0x7f0000000340)=""/58, 0x3a}, {&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000001380)=""/201, 0xc9}, {&(0x7f0000001480)=""/4, 0x4}], 0x9)
signalfd4(r1, &(0x7f0000000080)={[0x3]}, 0x8, 0x1000)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
memfd_create(&(0x7f00000000c0)='#\\{\x00', 0x6)

[ 2895.973555] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2895.975120] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2895.976835] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:47:07 executing program 0:
ioctl$F2FS_IOC_WRITE_CHECKPOINT(0xffffffffffffffff, 0xf507, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
r1 = gettid()
kcmp$KCMP_EPOLL_TFD(r1, r1, 0x7, 0xffffffffffffffff, 0x0)
ptrace$getregset(0x4204, r1, 0x0, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff})
fcntl$setstatus(r2, 0x4, 0x42800)
splice(r3, 0x0, r2, 0x0, 0x5, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x4, 0x4, 0x7, 0x7f, 0x0, 0x4, 0x8000, 0x8, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000040), 0x8}, 0x402f0, 0x5, 0xffff8001, 0x9, 0x9, 0x401, 0x0, 0x0, 0x7, 0x0, 0x3f}, r1, 0x10, r3, 0x8)

20:47:07 executing program 6:
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000100)=<r1=>0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000140)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x4, &(0x7f00000000c0)={0x0, 0x989680}, 0x1, 0x1, 0x1}, 0xff)
ioctl$AUTOFS_IOC_CATATONIC(r2, 0x9362, 0x0)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:47:07 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080))
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:47:07 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:47:07 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:47:07 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
write(r1, &(0x7f0000000080)="090149e6d76617f9958eee588eb440ac3d9e974efdf116c4f3f7a239567c664bb3ad354e10bbd194338e8c2cf3e006356a6aa34bd0ae961c68aea30015c988096217caf33fd9749064bad475923d3b97c768f8e563ec765a896b231d4c544e5c73e33f1a8f840d8341118bec6d3b43c9d70c67e3a1e781a207cd93833e8197aabc1236abd7a686e5ffb9ff2941856297463497ff4169e187f2e25d74667216a06fe070a1c59f1e8db790abbe376e9caf9b25cdb97ba765363665ef6bbebde855b15dc2", 0xc3)

20:47:07 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080))
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:47:07 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
write$binfmt_elf64(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="7f454c4607039f72ff7f000000000000030003004000000088020000000000004000000000000000e003000000000000010000004000380001000700810001000000006008000000200000000000000076d5000000000000ff000000000000007f000000000000000700000000000000120400000000000082df575023f9f37b277bedee544c8b44d793000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000"/906], 0x38a)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x2b80, 0x3ff, 0x5, 0x4a2, 0x2f, "298040d544140444021da5bf111c93fae36b98", 0x2, 0x6})

[ 2896.173676] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2896.237960] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2896.239699] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2896.241942] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:47:21 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x28000, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
r1 = signalfd(0xffffffffffffffff, &(0x7f0000000240)={[0x5]}, 0x8)
r2 = signalfd(0xffffffffffffffff, &(0x7f0000000280)={[0x10000000200000]}, 0x8)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r2, 0xc0189377, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r1, {0x81, 0x200}}, './file0\x00'})
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000340)=0x4)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000040)={0x0, 0x3f, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000140)=0x10000)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x8, 0x80010, r2, 0x8000000)
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r8, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x0)
syz_io_uring_submit(r5, r7, &(0x7f0000000300)=@IORING_OP_WRITE={0x17, 0x6, 0x2004, @fd_index=0x8, 0x0, &(0x7f0000000380)="dd3095239fa41b190cd59376912344213b36cae627cca497fd9c559c079a3035aeb276f8e19df713c93f904a737cc950358abad1b53ec16ac98f325f6f2a9f985755842b4b", 0x45, 0x11}, 0x7f)
write(r0, &(0x7f0000000180)="19ccb7af0e0d90afdb34d13630d5a8d5efc5e0347f6b6e627ef7b3c7c1353f0f4d0493448cf0151fb19fb6ae52b12132c9c87f72298d914614f9637505136aca5679fbdbdde940b5ce0558e90b659234de478595b4c0c9ed34bda3c0f7374fcf29c5a9298c1a4cad487879678851e08e430ad1a1d8cc1a7b26cf19a2ee5121e8adb5355bf790008af66e56bc1d59cc0d941a7b33c08cd80e2407bf636a4c51e4ae", 0xa1)
ioctl$VT_GETSTATE(r3, 0x5603, &(0x7f00000000c0)={0x9, 0x7, 0x3})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:47:21 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f00000000c0)=@IORING_OP_POLL_ADD={0x6, 0x3, 0x0, @fd=r3, 0x0, 0x0, 0x0, {0x10}, 0x1}, 0x20)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0xa, 0x4010, r4, 0x0)
close(r3)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r6, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r6, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
close(r6)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:47:21 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 83)

20:47:21 executing program 0:
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x200400, 0x0)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)

20:47:21 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x2, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:47:21 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x185842, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCGPTPEER(r1, 0x5441, 0x1)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r2=>r0, {0x1f}}, './file0\x00'})
ioctl$TIOCGPTPEER(r2, 0x5441, 0xffffffff)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000100)=0x10000)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

20:47:21 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(0xffffffffffffffff, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:47:21 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 2910.585192] FAULT_INJECTION: forcing a failure.
[ 2910.585192] name failslab, interval 1, probability 0, space 0, times 0
[ 2910.587877] CPU: 0 PID: 14032 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2910.589337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2910.591085] Call Trace:
[ 2910.591641]  dump_stack+0x107/0x167
[ 2910.592408]  should_fail.cold+0x5/0xa
[ 2910.593214]  should_failslab+0x5/0x20
[ 2910.594013]  kmem_cache_alloc_bulk+0x4b/0x320
[ 2910.594959]  io_submit_sqes+0x6fe6/0x8610
[ 2910.595870]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2910.596919]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2910.597944]  ? find_held_lock+0x2c/0x110
[ 2910.598806]  ? io_submit_sqes+0x8610/0x8610
[ 2910.599752]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2910.600793]  ? wait_for_completion_io+0x270/0x270
[ 2910.601808]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2910.602784]  ? vfs_write+0x354/0xb10
[ 2910.603574]  ? fput_many+0x2f/0x1a0
[ 2910.604338]  ? ksys_write+0x1a9/0x260
[ 2910.605141]  ? __ia32_sys_read+0xb0/0xb0
[ 2910.605996]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2910.607115]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2910.608204]  do_syscall_64+0x33/0x40
[ 2910.608989]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2910.610066] RIP: 0033:0x7f9d2ce7eb19
[ 2910.610847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2910.614727] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2910.616342] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2910.617847] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2910.619365] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2910.620857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2910.622363] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2910.632678] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:47:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000140)={0x8, 0x20, 0x4, 0x3, 0x19, "68e181d85b3c7131"})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f00000191c0))
ioctl$TIOCGSERIAL(r1, 0x541e, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=""/102400})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KDGKBENT(0xffffffffffffffff, 0x4b46, &(0x7f0000019200)={0x9, 0x4, 0x8000})
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCL_UNBLANKSCREEN(r3, 0x541c, &(0x7f0000019180))
ioctl$TIOCSBRK(r0, 0x5427)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

20:47:22 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x4b47, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2910.753849] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2910.755437] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2910.760168] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:47:36 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(0xffffffffffffffff, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:47:36 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
close_range(r7, 0xffffffffffffffff, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r7, 0x89f7, &(0x7f0000000180)={'sit0\x00', &(0x7f00000000c0)={'ip6_vti0\x00', 0x0, 0x29, 0x8d, 0x1, 0x1, 0x0, @mcast2, @local, 0x40, 0x20, 0x1ff}})
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r8 = dup2(r3, r6)
accept4$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000340)=0x14, 0x800)
sendmsg$TCPDIAG_GETSOCK(r8, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x4c, 0x12, 0x200, 0x70bd2d, 0x25dfdbfd, {0x1f, 0x4, 0x81, 0x9, {0x4e22, 0x4e20, [0xfff, 0x9c8, 0x3, 0x6], [0x200, 0x6, 0x1, 0xffffffff], r9, [0x5, 0xff]}, 0x3}}, 0x4c}, 0x1, 0x0, 0x0, 0x24000880}, 0x200008e4)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:47:36 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 84)

20:47:36 executing program 4:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(0xffffffffffffffff, 0x40045431, 0xffffffffffffffff)

20:47:36 executing program 6:
ioctl$CDROM_LAST_WRITTEN(0xffffffffffffffff, 0x5395, &(0x7f00000000c0))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
write(r0, &(0x7f0000000140)="05807203f0ca38bc267143c14aafd972da67e52ca014e08f4525226c42298336f9ffeb41e1815f1e3ed797119fc48949eb6cba2ea46bf69cd35d00f5aa7c769c9fb2fc3612160133", 0x48)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:47:36 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x4b49, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:47:36 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000040)=0x9)
ioctl$TCSETAW(r0, 0x541a, 0xffffffffffffffff)

20:47:36 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x48, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 2925.203858] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2925.229950] FAULT_INJECTION: forcing a failure.
[ 2925.229950] name failslab, interval 1, probability 0, space 0, times 0
[ 2925.231488] CPU: 0 PID: 14070 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2925.232404] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2925.233375] Call Trace:
[ 2925.233718]  dump_stack+0x107/0x167
[ 2925.234164]  should_fail.cold+0x5/0xa
[ 2925.234625]  ? __io_queue_sqe+0x666/0x9d0
[ 2925.235134]  should_failslab+0x5/0x20
[ 2925.235621]  kmem_cache_alloc_trace+0x55/0x320
[ 2925.236183]  ? lock_downgrade+0x6d0/0x6d0
[ 2925.236702]  __io_queue_sqe+0x666/0x9d0
[ 2925.237197]  ? io_issue_sqe+0x77b0/0x77b0
[ 2925.237715]  ? __fget_files+0x2f8/0x520
[ 2925.238227]  ? io_prep_rw+0x7f5/0x1050
[ 2925.238732]  io_submit_sqes+0x44aa/0x8610
[ 2925.239264]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2925.239896]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2925.240461]  ? find_held_lock+0x2c/0x110
[ 2925.240980]  ? io_submit_sqes+0x8610/0x8610
[ 2925.241551]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2925.242158]  ? wait_for_completion_io+0x270/0x270
[ 2925.242763]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2925.243348]  ? vfs_write+0x354/0xb10
[ 2925.243817]  ? fput_many+0x2f/0x1a0
[ 2925.244267]  ? ksys_write+0x1a9/0x260
[ 2925.244739]  ? __ia32_sys_read+0xb0/0xb0
[ 2925.245248]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2925.245895]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2925.246499]  do_syscall_64+0x33/0x40
[ 2925.246974]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2925.247638] RIP: 0033:0x7f9d2ce7eb19
[ 2925.248071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2925.250338] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2925.251252] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2925.252161] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2925.253061] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2925.253902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2925.254793] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:47:36 executing program 0:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f00000000c0)=@IORING_OP_POLL_ADD={0x6, 0x3, 0x0, @fd=r3, 0x0, 0x0, 0x0, {0x10}, 0x1}, 0x20)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0xa, 0x4010, r4, 0x0)
close(r3)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r6, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r6, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
close(r6)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:47:36 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5401, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2925.278110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2925.279599] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2925.281161] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:47:36 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x48, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:47:36 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x61e, 0x5, 0x9, 0xa1, 0x7, "01ceb78ff5d136f2"})
ioctl$TCSBRKP(0xffffffffffffffff, 0x5425, 0x7)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000080), &(0x7f00000000c0)={0x0, 0xfb, 0x28, 0x7, 0x9, "6cbc994664fd82b438f97710d59b04a5", "1bc4d95e2f78d19f796aca221bd45ee56cf846"}, 0x28, 0x3)

20:47:36 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:47:36 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5402, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:47:36 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(0xffffffffffffffff, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

[ 2925.361163] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2925.394218] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2925.396259] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2925.399737] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:47:36 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5403, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:47:36 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x48, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 2925.489138] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2925.508187] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2925.510048] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2925.511675] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:47:50 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:47:50 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCGPTPEER(r1, 0x5441, 0x8)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:47:50 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3000010, 0x810, r4, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
close_range(r6, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)

20:47:50 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 85)

20:47:50 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (fail_nth: 1)

20:47:50 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, 0xffffffffffffffff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:47:50 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

20:47:50 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5404, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2939.440810] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2939.463805] FAULT_INJECTION: forcing a failure.
[ 2939.463805] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2939.466906] CPU: 1 PID: 14120 Comm: syz-executor.0 Not tainted 5.10.234 #1
[ 2939.468606] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2939.470637] Call Trace:
[ 2939.471291]  dump_stack+0x107/0x167
[ 2939.472212]  should_fail.cold+0x5/0xa
[ 2939.473191]  _copy_to_user+0x2e/0x180
[ 2939.474159]  simple_read_from_buffer+0xcc/0x160
[ 2939.475352]  proc_fail_nth_read+0x198/0x230
[ 2939.476473]  ? proc_sessionid_read+0x230/0x230
[ 2939.477546]  ? security_file_permission+0xb1/0xe0
[ 2939.478567]  ? proc_sessionid_read+0x230/0x230
[ 2939.479520]  vfs_read+0x228/0x620
[ 2939.480274]  ksys_read+0x12d/0x260
[ 2939.481013]  ? vfs_write+0xb10/0xb10
[ 2939.481811]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2939.482923]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2939.484000]  do_syscall_64+0x33/0x40
[ 2939.484785]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2939.485861] RIP: 0033:0x7f181f72969c
[ 2939.486636] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 2939.490528] RSP: 002b:00007f181ccec170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2939.492122] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f181f72969c
[ 2939.493609] RDX: 000000000000000f RSI: 00007f181ccec1e0 RDI: 0000000000000004
[ 2939.495093] RBP: 00007f181ccec1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2939.496586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2939.498070] R13: 00007ffea76b892f R14: 00007f181ccec300 R15: 0000000000022000
20:47:50 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, 0xffffffffffffffff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:47:50 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5405, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2939.541109] FAULT_INJECTION: forcing a failure.
[ 2939.541109] name failslab, interval 1, probability 0, space 0, times 0
[ 2939.543725] CPU: 1 PID: 14121 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2939.545168] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2939.546899] Call Trace:
[ 2939.547445]  dump_stack+0x107/0x167
[ 2939.548213]  should_fail.cold+0x5/0xa
[ 2939.548998]  ? create_object.isra.0+0x3a/0xa20
[ 2939.549938]  should_failslab+0x5/0x20
[ 2939.550705]  kmem_cache_alloc+0x5b/0x310
[ 2939.551549]  ? mark_held_locks+0x9e/0xe0
[ 2939.552432]  create_object.isra.0+0x3a/0xa20
[ 2939.553346]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2939.554420]  kmem_cache_alloc_bulk+0x168/0x320
[ 2939.555381]  io_submit_sqes+0x6fe6/0x8610
[ 2939.556298]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2939.557338]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2939.558371]  ? find_held_lock+0x2c/0x110
[ 2939.559271]  ? io_submit_sqes+0x8610/0x8610
[ 2939.560182]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2939.561183]  ? wait_for_completion_io+0x270/0x270
[ 2939.562195]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2939.563184]  ? vfs_write+0x354/0xb10
[ 2939.563960]  ? fput_many+0x2f/0x1a0
[ 2939.564741]  ? ksys_write+0x1a9/0x260
[ 2939.565549]  ? __ia32_sys_read+0xb0/0xb0
[ 2939.566409]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2939.567508]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2939.568616]  do_syscall_64+0x33/0x40
[ 2939.569401]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2939.570476] RIP: 0033:0x7f9d2ce7eb19
[ 2939.571263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2939.575073] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2939.576684] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2939.578167] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2939.579671] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2939.581183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2939.582669] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2939.594019] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2939.595772] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2939.597395] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:47:50 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x4, "e6400200"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
write$binfmt_elf64(r1, &(0x7f0000000140)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x5, 0x9, 0x9, 0x2, 0x2, 0x3, 0x7f, 0x356, 0x40, 0x40, 0x40, 0x1, 0x38, 0x2, 0x1, 0x8, 0xff}, [{0x3, 0x10000, 0xb8, 0x400, 0x3, 0xffffffffffffc749, 0x1f}, {0x6474e551, 0x8, 0xffffffffffffff59, 0x40, 0x728, 0x4, 0xd7, 0x40}], "4cfa333e9fa06d8b7186fec8141c6e6991b7902ef320129553129c9962252f40f7f6502f7c7e80e714bb", ['\x00', '\x00', '\x00', '\x00']}, 0x4da)

20:47:50 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCGPKT(r1, 0x80045438, &(0x7f0000000080))
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)

20:47:51 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)

20:47:51 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:47:51 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5406, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:47:51 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, 0xffffffffffffffff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:47:51 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSF(r2, 0x5404, &(0x7f00000000c0)={0x9, 0x10000, 0x200, 0x10001, 0x15, "c5a0b2d1c2ae350b54f08cd19992f3d42a4bd5"})
fallocate(r1, 0x40, 0xfff, 0x9)
ioctl$GIO_CMAP(r0, 0x4b70, &(0x7f0000000140))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCGPTPEER(r3, 0x5441, 0x9)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000180)={0x6, 0x0, 0x3f, 0x0, 0x0, "e6400200"})
ioctl$VT_WAITACTIVE(r4, 0x5607)
ioctl$GIO_SCRNMAP(r2, 0x4b40, &(0x7f0000000140))

[ 2939.737133] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:47:51 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f0000000240)={0x0, 0xfffffffc, 0x0, 0x3}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 2939.822154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2939.823677] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2939.825359] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:48:06 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000040)=0xfffffc)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

20:48:06 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x18, 0x0, 0x1f, 0x82002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x3ff, 0xffffffffffffff81}, 0x0, 0xdf4c, 0xc72, 0x1, 0x1ff, 0x800, 0x8, 0x0, 0x0, 0x0, 0x20}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:48:06 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 86)

20:48:06 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
dup2(r0, r0)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:48:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x2, 0x0)

20:48:06 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5408, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:48:06 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000000c0)={0x0, 0x2, 0x7, 0x10030b22, 0x1, "5aad2e5f63d63176cb4ed1533f448c197e6a1e", 0xffffffff, 0x9})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:48:06 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:48:06 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000180)=[{&(0x7f0000000080)=""/69, 0x45}, {&(0x7f0000000100)=""/37, 0x25}, {&(0x7f0000000140)=""/15, 0xf}], 0x3, 0x507c, 0x4)
r1 = openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)
r2 = inotify_init1(0x80000)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000200)={0x0, 0x0, r2, 0xec, 0x80000})
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x0)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000240)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2007, @fd_index=0x5, 0x3ff, 0x0, 0x0, 0x10, 0x1, {0x1}}, 0x6)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x6, 0x3, 0x101, 0xfff, 0x0, "bfaaa7289c1ee797"})

[ 2954.739647] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:48:06 executing program 6:
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r0, 0x2, 0x70bd2b, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x40001)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x2c, r0, 0x4, 0x70bd25, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)

[ 2954.771455] FAULT_INJECTION: forcing a failure.
[ 2954.771455] name failslab, interval 1, probability 0, space 0, times 0
[ 2954.773035] CPU: 0 PID: 14180 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2954.773842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2954.774793] Call Trace:
[ 2954.775110]  dump_stack+0x107/0x167
[ 2954.775535]  should_fail.cold+0x5/0xa
[ 2954.775981]  ? create_object.isra.0+0x3a/0xa20
[ 2954.776507]  ? create_object.isra.0+0x3a/0xa20
[ 2954.777043]  should_failslab+0x5/0x20
[ 2954.777474]  kmem_cache_alloc+0x5b/0x310
[ 2954.777933]  create_object.isra.0+0x3a/0xa20
[ 2954.778435]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2954.779012]  __kmalloc+0x16e/0x390
[ 2954.779422]  ? lock_downgrade+0x6d0/0x6d0
[ 2954.779891]  io_setup_async_rw+0x180/0x580
[ 2954.780371]  io_read+0xe98/0x11e0
[ 2954.780771]  ? __lock_acquire+0x1657/0x5b00
[ 2954.781260]  ? kiocb_done+0xc90/0xc90
[ 2954.781690]  ? mark_lock+0xf5/0x2df0
[ 2954.782119]  ? lock_chain_count+0x20/0x20
[ 2954.782606]  ? __lock_acquire+0xbb1/0x5b00
[ 2954.783083]  io_issue_sqe+0x2e8a/0x77b0
[ 2954.783538]  ? find_held_lock+0x2c/0x110
[ 2954.783998]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2954.784587]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 2954.785139]  ? lock_downgrade+0x6d0/0x6d0
[ 2954.785610]  ? io_connect+0x610/0x610
[ 2954.786047]  ? lock_acquire+0x197/0x470
[ 2954.786497]  ? find_held_lock+0x2c/0x110
[ 2954.786959]  ? __fget_files+0x2cf/0x520
[ 2954.787417]  ? lock_downgrade+0x6d0/0x6d0
[ 2954.787885]  __io_queue_sqe+0x90/0x9d0
[ 2954.788328]  ? io_issue_sqe+0x77b0/0x77b0
[ 2954.788803]  ? __fget_files+0x2f8/0x520
[ 2954.789264]  ? io_prep_rw+0x7f5/0x1050
[ 2954.789709]  io_submit_sqes+0x44aa/0x8610
[ 2954.790200]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2954.790786]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2954.791363]  ? find_held_lock+0x2c/0x110
[ 2954.791850]  ? io_submit_sqes+0x8610/0x8610
[ 2954.792366]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2954.792934]  ? wait_for_completion_io+0x270/0x270
[ 2954.793492]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2954.794030]  ? vfs_write+0x354/0xb10
[ 2954.794459]  ? fput_many+0x2f/0x1a0
[ 2954.794870]  ? ksys_write+0x1a9/0x260
[ 2954.795307]  ? __ia32_sys_read+0xb0/0xb0
[ 2954.795763]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2954.796362]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2954.796948]  do_syscall_64+0x33/0x40
[ 2954.797366]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2954.797938] RIP: 0033:0x7f9d2ce7eb19
[ 2954.798358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2954.800412] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2954.801283] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2954.802079] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2954.802885] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2954.803684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2954.804483] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:48:06 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
dup2(r0, r0)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:48:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x4b47, 0x0)

20:48:06 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5409, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2954.832721] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2954.834296] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2954.836070] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:48:06 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x540a, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:48:06 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r7=>0xffffffffffffffff})
fcntl$setstatus(r6, 0x4, 0x42800)
splice(r7, 0x0, r6, 0x0, 0x5, 0x0)
io_uring_enter(r7, 0x34b8, 0xc597, 0x0, &(0x7f00000000c0)={[0x81]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:48:06 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x540b, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:48:06 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
dup3(r0, r1, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

20:48:06 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
dup2(r0, r0)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:48:20 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x10400, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x4)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:48:20 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 87)

20:48:20 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffc}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r6, 0x29, 0x30, &(0x7f0000000540)={0xffff6c1f, {{0xa, 0x4e23, 0x0, @remote, 0xfffffffc}}, 0x1, 0x2000000000000c2, [{{0xa, 0x4e24, 0x2, @mcast1, 0x101}}]}, 0x110)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:48:20 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x4b49, 0x0)

20:48:20 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:48:20 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, 0x0)

20:48:20 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x540c, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:48:20 executing program 4:
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r1 = gettid()
kcmp$KCMP_EPOLL_TFD(r1, r1, 0x7, 0xffffffffffffffff, 0x0)
ptrace$getregset(0x4204, r1, 0x0, 0x0)
r2 = accept4(0xffffffffffffffff, &(0x7f0000000740)=@x25, &(0x7f00000007c0)=0x80, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000880)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000140)="dc4f6de730afa343e80d3ea0c031e1a3c2bbac6ba433b9011de266b7caa66124cdb82936e780a1a178ffccd8285c406141bc8ff2d2a7dbe5377088b05f79d862299f183e8b9ea80f460a794f6264a044c0f6d57bd9192dcf120040105e0a8b1c5afff8bce7fbba1fcf4d78bb8b4eb9f7be8178bf07a11a1824748355a766375dbbb0e489ce440662e9473ae3f1111b300f146f89be3fd9192598b68e42d115b3edec00dc94b6994dbfbb1d47ceef3719c96f3e912f081cff40cdaf15daa1cc73670e4c5f77d906bc5111d20fe218e70a8b4e1edfb3f249f31898e6df1b90ebf4afea", 0xe2}, {&(0x7f0000000240)="2ac2d6fbcb2d04b2130b83604cb4890ddcdefb7b8adbb6c82b6be783e06df6a93e21500e973603e3b5e3db0d13a7f965e7c567ec6654e99b2505a39ccde8fed609a1e1750b4875bc05fc69b50c25029c0555f960744965dab79f6ff7fd544ddd05e881d936f3171975a6bf50480c7889a4f6", 0x72}, {&(0x7f00000002c0)="cd8c79221898aa5e7711155139a55e6dc8ca3988a1d7bb3de73368b68fddc7837c4e452b1441cbd1bf1d32825c40ea22eebc15771f9c29b6680dd99ee8160b780e6884bca42b437e782a0ca75635a4faf56461d0c869f1e98d01306864d03ace41aafd258db64bd9a3eb7ad0e0ef0b5246dec5a33035ebf0319503a5ec6d7e2d587b5bb6ea2df867f27db445081cec1aa63837534430ac0ffa4740e1387605dd07d78bca4399", 0xa6}, {&(0x7f0000000380)="fed1ec6de343d727f4ddaada8522e32e3a6459078da72f9936c9d94b5655ad1173cb840eaa165c9bd12a3cd0d310542f1b522d2ca3a2d8dd0cdb031aebb05a9eba2cf449aabe6c6b94dff59922c13553cfe701ffc9ad14037c19c357830ebd303c272ce7dfa95e468dbd5ac6db5457c91c45cf535788c42493719bac6f90e574cfb40a5807dc945ca4ab858c56fd5ac491c50e6794b072d34e36edda493b41f5f4ac82ae2e2084c771cd2500642219f951443a766935e40a536fedec2268eaa675fdeb87331eb38acdf9b61c4b38c399ab8c94e804648fa8ee44fd00ebe5d07a00da0907d6", 0xe5}, {&(0x7f0000000480)="498d76e6fa4268f1b1bd8e5f2db4a2a8", 0x10}, {&(0x7f00000004c0)="07321daceb8efdd92ef8322325d6c7c2e40c0857931406eeecadb1f3ec0195a91e42946f42a6146a16599e793e7b4eb1e4d6a5748cc56615772742fc3cb76216317fbd8f52a1451503286ed0", 0x4c}, {&(0x7f0000000540)="e6877b3765e3ac970befc5359a2334bf4bdd1d032f2cfc0d09520d60e418e7", 0x1f}], 0x7, &(0x7f0000000800)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0]}}, @cred={{0x1c, 0x1, 0x2, {r1, 0x0, 0xee00}}}, @rights={{0x14, 0x1, 0x1, [r2]}}], 0x60, 0x11}}], 0x1, 0x40000000)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TIOCSPTLCK(r4, 0x40045431, &(0x7f00000000c0))
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r3, 0x80089419, &(0x7f0000000040))
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x301082, 0x0)
ioctl$TCSETAW(r5, 0x40045431, 0xffffffffffffffff)

[ 2969.035071] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2969.047934] FAULT_INJECTION: forcing a failure.
[ 2969.047934] name failslab, interval 1, probability 0, space 0, times 0
[ 2969.050601] CPU: 1 PID: 14220 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2969.052069] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2969.053844] Call Trace:
[ 2969.054415]  dump_stack+0x107/0x167
[ 2969.055197]  should_fail.cold+0x5/0xa
[ 2969.056022]  ? create_object.isra.0+0x3a/0xa20
[ 2969.056998]  should_failslab+0x5/0x20
[ 2969.057822]  kmem_cache_alloc+0x5b/0x310
[ 2969.058683]  ? mark_held_locks+0x9e/0xe0
[ 2969.059539]  create_object.isra.0+0x3a/0xa20
[ 2969.060460]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2969.061541]  kmem_cache_alloc_bulk+0x168/0x320
[ 2969.062517]  io_submit_sqes+0x6fe6/0x8610
[ 2969.063419]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2969.064464]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2969.065486]  ? find_held_lock+0x2c/0x110
[ 2969.066345]  ? io_submit_sqes+0x8610/0x8610
[ 2969.067261]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2969.068285]  ? wait_for_completion_io+0x270/0x270
[ 2969.069319]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2969.070300]  ? vfs_write+0x354/0xb10
[ 2969.071082]  ? fput_many+0x2f/0x1a0
[ 2969.071848]  ? ksys_write+0x1a9/0x260
[ 2969.072650]  ? __ia32_sys_read+0xb0/0xb0
[ 2969.073515]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2969.074624]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2969.075706]  do_syscall_64+0x33/0x40
[ 2969.076494]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2969.077592] RIP: 0033:0x7f9d2ce7eb19
[ 2969.078383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2969.082263] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2969.083881] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2969.085407] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2969.086931] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2969.088484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2969.090013] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:48:20 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x540d, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:48:20 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5409, 0x0)

20:48:20 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, 0x0)

20:48:20 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000140)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f00000000c0)={0xffff117b, 0xffffffff, 0x1ff, 0x37c3, 0x29, "f3446825b9f694071347c18fdc056da480e820", 0x1, 0x3ff})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000180)={0x40, 0x1f, 0x24c, 0x8, 0x15, "0dbe6a63a76a4abb"})

[ 2969.168767] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2969.170354] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2969.171949] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:48:32 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x540e, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:48:32 executing program 4:
ioctl$IOC_PR_CLEAR(0xffffffffffffffff, 0x401070cd, &(0x7f00000000c0)={0x2})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/block/loop0', 0x4000, 0x88)
ioctl$IOC_PR_PREEMPT(r3, 0x401870cb, &(0x7f0000000180)={0x7, 0x6, 0x2, 0x4})
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff})
fcntl$setstatus(r2, 0x4, 0x42800)
splice(r4, 0x0, r2, 0x0, 0x5, 0x0)
ioctl$IOC_PR_RELEASE(r4, 0x401070ca, &(0x7f00000001c0)={0x1, 0x1f84, 0x1})
ioctl$TIOCGPTPEER(r1, 0x5441, 0x9)

20:48:32 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x5, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:48:32 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 88)

20:48:32 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540b, 0x0)

20:48:32 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, 0x0)

20:48:32 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$VT_OPENQRY(r0, 0x5600, &(0x7f00000000c0))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x2, 0x0, 0x8004, 0x3, "4204af5078dc8f613afeedeb91401d0457d614", 0x3fe})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000140)={0x401, 0x9, 0x0, 0x1ff, 0x3, "54342eeb23e0e57d"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)

20:48:32 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 2981.615198] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2981.624183] FAULT_INJECTION: forcing a failure.
[ 2981.624183] name failslab, interval 1, probability 0, space 0, times 0
[ 2981.625753] CPU: 0 PID: 14260 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2981.626590] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2981.627581] Call Trace:
[ 2981.627900]  dump_stack+0x107/0x167
[ 2981.628340]  should_fail.cold+0x5/0xa
[ 2981.628812]  should_failslab+0x5/0x20
[ 2981.629278]  kmem_cache_alloc_bulk+0x4b/0x320
[ 2981.629850]  io_submit_sqes+0x6fe6/0x8610
[ 2981.630379]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2981.631002]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2981.631582]  ? find_held_lock+0x2c/0x110
[ 2981.632068]  ? io_submit_sqes+0x8610/0x8610
[ 2981.632588]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2981.633173]  ? wait_for_completion_io+0x270/0x270
[ 2981.633768]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2981.634321]  ? vfs_write+0x354/0xb10
[ 2981.634763]  ? fput_many+0x2f/0x1a0
[ 2981.635201]  ? ksys_write+0x1a9/0x260
[ 2981.635655]  ? __ia32_sys_read+0xb0/0xb0
[ 2981.636150]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2981.636772]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2981.637396]  do_syscall_64+0x33/0x40
[ 2981.637862]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2981.638472] RIP: 0033:0x7f9d2ce7eb19
[ 2981.638915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2981.641117] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2981.642039] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2981.642906] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2981.643753] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2981.644612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2981.645458] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 2981.665680] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2981.666868] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2981.667780] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:48:33 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x540f, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:48:33 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x1a, "2b88d68bc5f9d328"})

20:48:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540c, 0x0)

20:48:33 executing program 2:
r0 = syz_io_uring_setup(0x6ee8, &(0x7f00000002c0)={0x0, 0x98af, 0x4, 0x3, 0x2b0}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x823, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1, 0x4, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:48:33 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5410, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:48:33 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f00000004c0))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000480)={0x0, 0x1, 0x4, 0x17, 0x32, &(0x7f0000000080)="a7f2e4aacf338f8982500c62d609026624c1e23e7c6755a1503c98477dd545088d4551821a16e3fe4bb70cca32e092db85680b0312e0baf63727e32a7d14a401eb59d6cf23a03b630385cdcd1d4868c9adc90beec3276e6971760c9dfdbfb25efbac2ce706232385132ec01402c18b5714c9f53e49240170fde5d687d3437adbefc97d203da86309189c49aa16a0b8a53e6a3a2fbde79b7c02484ede76647c81f78b9aac5b0fc1bf7531290818a2f253c6288f383ec88f46fe00f5af27d1cf2a7f8c357d5a8c45861406d619394cfdefd03f5b5fc738c82c27ddb0bdfd46ff967f8289be86cc78af057a00fed31b9cd62af09cd64903e7dc8bf574fc6535518fa777fe1578723991914eba01198d3861e1848819af723070273221d6c890eb2644800a443b29f971983b96d75738295b38bf9b0e14b68b3aa0a566f556a8cd6073c7d485bb2015cbe2926b79165cd7162b5b64e7f638c65c6b36ec90b27744cabc3c7d85f4f678e1b926aeeb49b051dd3b6d2b8bc65e28a8edda05589317dab7682c41b6db466c1f659828813f0270e5ea83021b55a5d7538e7a345642a59082bed166de836e09075b2be69c666f7d836132c6402cb619c98a951272ccd45c16e9ce819d5ff27de0416185c3eaec7bbd2a3a10e898c91ecc918b3a85cc427a8b0484c65d1b235cfd14cf996b21d0fbea5cdc259e26ededc472ba239c7d0351613f262a6f7c66a2ec34378f027019349dc527e00e112413a837e4c3804b2b890b769cd1140cec3a65e93a5f1c90496ef857831fea5847767910b62ce3a2449532f01799674837c61f2bc3f36f4b1535d90cd49a0309d133f1308cdbb00d59c67f081005331a86c149ad7898c39ab4dd698b9f7afaec4997c91d526e2bc18eb8df238def46a1a95d735ff9a4383825f25f1f74305397953da44648c2a596e4045c3ec15325bb9009dbd95b48529eaa6e3d4bc9bf2a06f1d77b7e68c9e35b18cd792f8d19cd634f3c2cf74ba91533572c71dfde0dcac261627ac517e8590665c86b86a75b4d90fbd23769da36502684e8b9f53eb38445b7a05e4663ad10cf9d52f276f78981ade8ad62f69cc23b3e70561889ce5e69370bada1ed29e6b6d34044b329faa43a9b57ab27af0efdfccc491a5a4ad2fb984dd41861439af75d6390dfed7be041a6b7d1f67cf411b5ffff3f1bbf228dede26a301451159fbf58a59ca4dc510aea13754363c53feb8df43d45baa8049029b5a54bf6e97bce4e615485da21ea96e3b624e6bb3005b42ac563eaeaf19ebf9b04fc2de4fe19c6effbe106856627f4faeb74ac611f37b2c2d8016efb30b7a3a9495d82ed7411c5ecfac9e3752b79c94eb3207fd290a22c531293adf609e75b18df2b8cf72906fda33c2c0d0f959d2195e8112f81c813ee99285b774bb3ee88c3b0f3684f61b29d3078f5b607a7"})

20:48:33 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r1 = fsmount(0xffffffffffffffff, 0x0, 0x2)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f00000000c0)={0x3f, 0x3, 0x6, 0xf5, 0x8})

20:48:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540d, 0x0)

20:48:33 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:48:33 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x1a, "2b88d68bc5f9d328"})

[ 2981.812907] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2981.883792] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2981.884777] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2981.885655] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:48:48 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
fstatfs(r3, &(0x7f0000000340)=""/4096)
r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r4, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r4}, 0x0)
r5 = openat(0xffffffffffffff9c, 0x0, 0x400044, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r5, 0x8000000)
syz_io_uring_submit(r6, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r4)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r7 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
fchmodat(r7, &(0x7f0000000100)='./file0\x00', 0x10b)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PIO_UNIMAP(r5, 0x4b67, &(0x7f0000000240)={0x3, &(0x7f0000000180)=[{0x8, 0x4}, {0xbbb, 0xff}, {0x0, 0x1}]})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000007, 0x1010, r7, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:48:48 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:48:48 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5411, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:48:48 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:48:48 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 89)

20:48:48 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540e, 0x0)

20:48:48 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000000c0))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:48:48 executing program 4:
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readv(r0, &(0x7f0000001540)=[{&(0x7f0000000040)=""/4096, 0x1000}, {&(0x7f0000001040)=""/67, 0x43}, {&(0x7f00000010c0)=""/154, 0x9a}, {&(0x7f0000001180)=""/185, 0xb9}, {&(0x7f0000001240)=""/168, 0xa8}, {&(0x7f0000001300)}, {&(0x7f00000013c0)=""/116, 0x74}, {&(0x7f0000001440)=""/71, 0x47}, {&(0x7f0000001300)=""/140, 0x8c}], 0x9)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r1, 0x40045431, 0xffffffffffffffff)

[ 2997.035986] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 2997.059649] FAULT_INJECTION: forcing a failure.
[ 2997.059649] name failslab, interval 1, probability 0, space 0, times 0
[ 2997.062483] CPU: 0 PID: 14325 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 2997.063984] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2997.065744] Call Trace:
[ 2997.066322]  dump_stack+0x107/0x167
[ 2997.067095]  should_fail.cold+0x5/0xa
[ 2997.067904]  ? create_object.isra.0+0x3a/0xa20
[ 2997.068873]  should_failslab+0x5/0x20
[ 2997.069679]  kmem_cache_alloc+0x5b/0x310
[ 2997.070550]  ? mark_held_locks+0x9e/0xe0
[ 2997.071415]  create_object.isra.0+0x3a/0xa20
[ 2997.072345]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2997.073417]  kmem_cache_alloc_bulk+0x168/0x320
[ 2997.074377]  io_submit_sqes+0x6fe6/0x8610
[ 2997.075289]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2997.076344]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2997.077364]  ? find_held_lock+0x2c/0x110
[ 2997.078238]  ? io_submit_sqes+0x8610/0x8610
[ 2997.079166]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2997.080194]  ? wait_for_completion_io+0x270/0x270
[ 2997.081216]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2997.082211]  ? vfs_write+0x354/0xb10
[ 2997.082998]  ? fput_many+0x2f/0x1a0
[ 2997.083776]  ? ksys_write+0x1a9/0x260
[ 2997.084592]  ? __ia32_sys_read+0xb0/0xb0
[ 2997.085461]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2997.086580]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2997.087679]  do_syscall_64+0x33/0x40
[ 2997.088466]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2997.089552] RIP: 0033:0x7f9d2ce7eb19
[ 2997.090347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2997.094266] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2997.095887] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 2997.097392] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 2997.098903] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 2997.100408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2997.101920] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:48:48 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = socket$nl_route(0x10, 0x3, 0x0)
fchdir(r1)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:48:48 executing program 4:
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f512, &(0x7f0000000080))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)
ioctl$TIOCCONS(r0, 0x541d)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0xffff, 0xffff, 0x6, 0x0, 0x3, "fb507f7238a4bfb4"})

20:48:48 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540f, 0x0)

20:48:48 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5412, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 2997.175121] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2997.176779] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2997.185130] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:48:48 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSF(r2, 0x5404, &(0x7f00000000c0)={0x9, 0x10000, 0x200, 0x10001, 0x15, "c5a0b2d1c2ae350b54f08cd19992f3d42a4bd5"})
fallocate(r1, 0x40, 0xfff, 0x9)
ioctl$GIO_CMAP(r0, 0x4b70, &(0x7f0000000140))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCGPTPEER(r3, 0x5441, 0x9)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000180)={0x6, 0x0, 0x3f, 0x0, 0x0, "e6400200"})
ioctl$VT_WAITACTIVE(r4, 0x5607)
ioctl$GIO_SCRNMAP(r2, 0x4b40, &(0x7f0000000140))

20:48:48 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCGPTPEER(r1, 0x5441, 0x10001)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:49:03 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = dup(r0)
ioctl$VT_WAITACTIVE(r1, 0x5607)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000400), 0x200, 0x0)
ioctl$VT_WAITACTIVE(r2, 0x5607)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xfc, "e6400200"})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000380), 0x400000, 0x0)
ioctl$TCSETSW2(r4, 0x402c542c, &(0x7f00000003c0)={0x0, 0x3, 0x10000, 0x200, 0xe0, "b0351f692c0913a30ac3ac0357fa0e4ba64fad", 0x2, 0x5})
ioctl$GIO_FONT(r4, 0x4b60, &(0x7f0000000440)=""/255)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
pwritev(r3, &(0x7f00000000c0)=[{&(0x7f0000000140)="0404b9098892667cc051402b3cedfbe22a25da8b03d956e8e35075638656bec63189bbd27059d1e394c6824b95b94298228937dc90fbf154ae6835f4c4fa1c2f890f7332c27452572d078c50f5b5e2e5a56f379cbeedf0658ab16ced8ce3ff9875be0f5793f205fcab422f3eb75cafb64a1507aecaf3ab075cefd4e8a24d1bff75b7337cd300c2e02a611affcb5944a8a1d93e7ab852b4c81960e500732939fac9f95770e8b8068c856c698fad9794751d676f35017df0d53a935797713829bb4c257da45bb5974d1861c87628bffe18f32bf7c6eb462ff3ffd94508fe0b49caf14a17ef10aadd57ce2bad1572161bf7e7ed9e373d1ba2c54ff35eac", 0xfc}, {&(0x7f0000000240)="c14b6459a2464428b7c910a7186f247eabbf0d0747e2bf4a4f6b4261db385e486b4c94045991c03c26da6754f36f574ee82212a456437286a294431878edc2eddf41c68eccef432e74e44304a2d7a606bef2facf67a7cfe6fd6cd49488f3b4e9a3447d168505565c9ea122d52540fb2b7cec932eb4de1d0dfdfb300a3f967f399375fb467515d1329a4898db7a626d51468c1796794ec418d8a901533d4abb3e8648a12b6cf9", 0xa6}, {&(0x7f0000000300)="272ce260935ad2764ed57f43fbae83bdf3c53d07d2786c12cffcda4d750b71cddf683a146833d0e728d04ede0874ca3a74efcf17a651c48a2f6a915dbc02cee2a9cb1c5eef5845e88b924579c0dcbcfdccde84a9af07d8c314ae2d2223df1c979f1adc765a00717772", 0x69}], 0x3, 0x3, 0xfffffffa)

20:49:03 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"}) (fail_nth: 1)

20:49:03 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5410, 0x0)

20:49:03 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:49:03 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5413, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:49:03 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 90)

20:49:03 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000c80)=ANY=[@ANYBLOB="98000000200039040000000000000000020000000dc0c23671f1a964651e4d52c3dc9432e6af519d60c901a7ea83dce8f6a9c36adbbf7c23348ed7953cc124f0f2e2f1324bf1187b4e1f5a7bf5116e03f38056144e4fd6711849a6579e46004fbfb9ae80572129d57aa41a4c792b56978ebd2e72f57ca14145d7bcd879afed4e97abd691d56cf2d815f272170c0011000000000000000000bb3e3c7562af739c74b82fd57e7bd51e163e9c2394948632056b9357f234b64631000000009e6d0eae9098c89e3c7aa8b1cbc03bd674263161cff69945516e14595dfad881c353d7fb9bbdc2fb19f3306b4f29f5ac8dddb92ee4fe33f6e190dffd186aa055b9a9547a834f1d6190acda5d78a8cff254a2de72f20938d689ca4044e9b0a3ee3627818c70cc78d1fe11e55c898d61e09dd9cc4bdefd952f33d4697d06ffd93de78dd16ff6f62c982878d984496c08a7a672102affbb245b18a5390e66298d7220110693dd4d00d4a7b9a75298857b75fa243b23c8cf9643bb00000000006dabf39491a19826dd17133c71849784f2335028a747a6113ad6efdfbffa7205050056d0ee75b2f729232cc5bd028e654e69b60ba5313c46aa44fbefefa1dd182aa574a6fa732d6708584982012bb16aaceda807d810ad63ccfa5203bc3b2fac19fa9b5cd3d3f3e3cd43ced0a0870700adae78cb262f235c0401058ea209faecd0a5262bbda1d50def7cbef31c9b3ac3140d4741d25a4f0277c0ede8517e65b43a81d4e70e4f7c8f3e4c6b059a695ccf7349f5998c81899dfb3bc9b5323f0d1375b4ebd15655903e0460c513a373250000000000bc771389dee22e5bed6f7d9b280df86439599d3f61d89c4bdf254db1302a0833a8b94641b7321db5e7e20150d79ee2722ab8d97da2701276e5c265396f27741b5e3de3d4d87bb9ac2949b8c6ab53a044d93c8d05ee908d59de4c450b55376d9533c9abf98f4610e42e5d2046ac776b44614b836c720dbb23032544800e36654eb5b89661b09eba6d73fe94ccdd8d82f73c9711411abe909f76a11a4de077113e126e2f0ad250129eafec165e90633d65e7a750e86097d820eaa7a2e984fa70ab64a100000000"], 0x98}}, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r6)
sendmsg$DEVLINK_CMD_RATE_SET(r6, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, r7, 0x4, 0x70bd2c, 0x25dfdbfe, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040}, 0x804)
sendmsg$DEVLINK_CMD_TRAP_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x84052800}, 0xc, &(0x7f0000000100)={&(0x7f0000000340)={0x268, r7, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}]}, 0x268}}, 0x0)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:49:03 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000040)=0x1f)
ioctl$TCSETAW(r0, 0x40045431, 0xffffffffffffffff)

[ 3011.869763] FAULT_INJECTION: forcing a failure.
[ 3011.869763] name failslab, interval 1, probability 0, space 0, times 0
[ 3011.871568] CPU: 0 PID: 14364 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 3011.872544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3011.873694] Call Trace:
[ 3011.874068]  dump_stack+0x107/0x167
[ 3011.874574]  should_fail.cold+0x5/0xa
[ 3011.875130]  ? create_object.isra.0+0x3a/0xa20
[ 3011.875767]  should_failslab+0x5/0x20
[ 3011.876305]  kmem_cache_alloc+0x5b/0x310
[ 3011.876878]  ? mark_held_locks+0x9e/0xe0
[ 3011.877453]  create_object.isra.0+0x3a/0xa20
[ 3011.877892] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 3011.878065]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3011.878090]  kmem_cache_alloc_bulk+0x168/0x320
[ 3011.881717]  io_submit_sqes+0x6fe6/0x8610
[ 3011.882327]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3011.883038]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3011.883723]  ? find_held_lock+0x2c/0x110
[ 3011.884292]  ? io_submit_sqes+0x8610/0x8610
[ 3011.884915]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3011.885603]  ? wait_for_completion_io+0x270/0x270
[ 3011.886294]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3011.886964]  ? vfs_write+0x354/0xb10
[ 3011.887491]  ? fput_many+0x2f/0x1a0
[ 3011.887997]  ? ksys_write+0x1a9/0x260
[ 3011.888530]  ? __ia32_sys_read+0xb0/0xb0
[ 3011.889100]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3011.889834]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3011.890558]  do_syscall_64+0x33/0x40
[ 3011.891082]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3011.891793] RIP: 0033:0x7f9d2ce7eb19
[ 3011.892319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3011.894508] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 3011.894901] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3011.897728] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 3011.898808] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 3011.899838] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3011.900838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3011.901853] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 3011.903948] FAULT_INJECTION: forcing a failure.
[ 3011.903948] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3011.905615] CPU: 0 PID: 14355 Comm: syz-executor.7 Not tainted 5.10.234 #1
[ 3011.906589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3011.907762] Call Trace:
[ 3011.908138]  dump_stack+0x107/0x167
[ 3011.908660]  should_fail.cold+0x5/0xa
[ 3011.909209]  _copy_from_user+0x2e/0x1b0
[ 3011.909773]  set_termios.part.0+0x6ad/0x8a0
[ 3011.910379]  ? mark_lock+0xf5/0x2df0
[ 3011.910920]  ? tty_termios_hw_change+0x1e0/0x1e0
[ 3011.911594]  ? lock_acquire+0x197/0x470
[ 3011.912149]  ? tty_ldisc_ref_wait+0x22/0x90
[ 3011.912780]  ? avc_ss_reset+0x180/0x180
[ 3011.913354]  tty_mode_ioctl+0xe2d/0xf40
[ 3011.913921]  ? set_termios.part.0+0x8a0/0x8a0
[ 3011.914550]  ? __ldsem_down_read_nested+0xe1/0x7e0
[ 3011.915267]  ? __ldsem_wake_readers+0x3d0/0x3d0
[ 3011.915925]  n_tty_ioctl_helper+0x55/0x3a0
[ 3011.916524]  n_tty_ioctl+0x56/0x370
[ 3011.917048]  tty_ioctl+0x912/0x18b0
[ 3011.917560]  ? n_tty_write_wakeup+0x40/0x40
[ 3011.918166]  ? tty_fasync+0x390/0x390
[ 3011.918716]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[ 3011.919532]  ? __sanitizer_cov_trace_switch+0x45/0x80
[ 3011.920257]  ? do_vfs_ioctl+0x283/0x10d0
[ 3011.920827]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 3011.921572]  ? generic_block_fiemap+0x60/0x60
[ 3011.922196]  ? lock_downgrade+0x6d0/0x6d0
[ 3011.922799]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3011.923482]  ? wait_for_completion_io+0x270/0x270
[ 3011.924174]  ? selinux_file_ioctl+0xb6/0x270
[ 3011.924788]  ? tty_fasync+0x390/0x390
[ 3011.925329]  __x64_sys_ioctl+0x19a/0x210
[ 3011.925897]  do_syscall_64+0x33/0x40
[ 3011.926430]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3011.927178] RIP: 0033:0x7f7bde661b19
[ 3011.927711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3011.930332] RSP: 002b:00007f7bdbbd7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3011.931429] RAX: ffffffffffffffda RBX: 00007f7bde774f60 RCX: 00007f7bde661b19
[ 3011.932459] RDX: 0000000020000040 RSI: 0000000000005407 RDI: 0000000000000003
[ 3011.933474] RBP: 00007f7bdbbd71d0 R08: 0000000000000000 R09: 0000000000000000
[ 3011.934484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3011.935513] R13: 00007ffca2636c2f R14: 00007f7bdbbd7300 R15: 0000000000022000
20:49:03 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5414, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:49:03 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:49:03 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5411, 0x0)

[ 3012.013228] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3012.014167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3012.015133] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:49:03 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"}) (fail_nth: 2)

20:49:03 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5412, 0x0)

20:49:03 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c)
write$9p(0xffffffffffffffff, &(0x7f00000000c0)="1ffc52f645d890ef0b4e03dfce8561fb6efc67a2538ba20ec3a284d7916a071eb2c86d25af2187600ebf90e4eb805cbbe03733cdc1b49ed47240c8f520a34f747038756457a07ac2574cc7801aa544d3a88221bb29c77f8a6dae4cfaeaddc2ab8a29f12e615ed56aa67656081dc2ccba", 0x70)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r1, 0x40045431, 0xffffffffffffffff)
r2 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000180), 0x161042, 0x0)
ioctl$FITHAW(r2, 0xc0045878)
openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x800, 0x2)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KDGKBLED(r4, 0x4b64, &(0x7f0000000200))
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x15, "e6400100"})
write(r3, &(0x7f0000000240)="ba631b7f005c497a4e9c832a45787aa250db6a67bf44ba4c04f21f54abb6a62781b218aa691afe1e361aaacef7a9ff31d8eb23ea21032ba3d5f366802fead1ed7d06daa8941a262e52955eaa1cdf81b09bc0474f5ce977dcea59de379c9deb9801b6057d2fff246ef9a7992626dc5fc2bdc370c0e3cbb6f7e2c9bb6316ac7f92229f59da06d0fc4566af94aff2028d705dee04475930041ead635139ec6d6d64ce77677c324b3f7faa11f07f70858b75428239bd48df60807f871326400014eb058be8f58cf817117dbcb93f5b6752e73c74ed9d29a7b18aa7", 0xd9)
ftruncate(r3, 0x6)
write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f0000000140)={0x7, 0x21, 0x2}, 0x7)

[ 3012.069517] FAULT_INJECTION: forcing a failure.
[ 3012.069517] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3012.070953] CPU: 0 PID: 14382 Comm: syz-executor.7 Not tainted 5.10.234 #1
[ 3012.071730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3012.072671] Call Trace:
[ 3012.072979]  dump_stack+0x107/0x167
[ 3012.073400]  should_fail.cold+0x5/0xa
[ 3012.073847]  _copy_to_user+0x2e/0x180
[ 3012.074300]  simple_read_from_buffer+0xcc/0x160
[ 3012.074849]  proc_fail_nth_read+0x198/0x230
[ 3012.075353]  ? proc_sessionid_read+0x230/0x230
[ 3012.075901]  ? security_file_permission+0xb1/0xe0
[ 3012.076477]  ? proc_sessionid_read+0x230/0x230
[ 3012.077006]  vfs_read+0x228/0x620
[ 3012.077404]  ksys_read+0x12d/0x260
[ 3012.077815]  ? vfs_write+0xb10/0xb10
[ 3012.078247]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3012.078859]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3012.079458]  do_syscall_64+0x33/0x40
[ 3012.079884]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3012.080508] RIP: 0033:0x7f7bde61469c
[ 3012.080930] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 3012.083016] RSP: 002b:00007f7bdbbd7170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 3012.083882] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7bde61469c
[ 3012.084692] RDX: 000000000000000f RSI: 00007f7bdbbd71e0 RDI: 0000000000000004
[ 3012.085496] RBP: 00007f7bdbbd71d0 R08: 0000000000000000 R09: 0000000000000000
[ 3012.086305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3012.087141] R13: 00007ffca2636c2f R14: 00007f7bdbbd7300 R15: 0000000000022000
20:49:03 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5415, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:49:03 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 91)

20:49:03 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 3012.165460] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:49:03 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000180)={0xebac36e, 0xfffffffd, 0x10001, 0x6, 0x2, "41f58542be07328ea8528a4298058025a28210", 0x7, 0x10000})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>r0}, './file0\x00'})
ioctl$TIOCGPTPEER(r2, 0x5441, 0x5)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff})
fcntl$setstatus(r3, 0x4, 0x42800)
splice(r4, 0x0, r3, 0x0, 0x5, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000140)={0x1f, 0x3, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x5}, 0xe)

[ 3012.176809] FAULT_INJECTION: forcing a failure.
[ 3012.176809] name failslab, interval 1, probability 0, space 0, times 0
[ 3012.178184] CPU: 0 PID: 14393 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 3012.178964] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3012.179892] Call Trace:
[ 3012.180204]  dump_stack+0x107/0x167
[ 3012.180614]  should_fail.cold+0x5/0xa
[ 3012.181057]  ? create_object.isra.0+0x3a/0xa20
[ 3012.181574]  should_failslab+0x5/0x20
[ 3012.182007]  kmem_cache_alloc+0x5b/0x310
[ 3012.182475]  create_object.isra.0+0x3a/0xa20
[ 3012.182977]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3012.183563]  kmem_cache_alloc_bulk+0x168/0x320
[ 3012.184083]  io_submit_sqes+0x6fe6/0x8610
[ 3012.184592]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3012.185153]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3012.185714]  ? find_held_lock+0x2c/0x110
[ 3012.186176]  ? io_submit_sqes+0x8610/0x8610
[ 3012.186695]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3012.187241]  ? wait_for_completion_io+0x270/0x270
[ 3012.187789]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3012.188312]  ? vfs_write+0x354/0xb10
[ 3012.188748]  ? fput_many+0x2f/0x1a0
[ 3012.189160]  ? ksys_write+0x1a9/0x260
[ 3012.189597]  ? __ia32_sys_read+0xb0/0xb0
[ 3012.190067]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3012.190671]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3012.191273]  do_syscall_64+0x33/0x40
[ 3012.191697]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3012.192274] RIP: 0033:0x7f9d2ce7eb19
[ 3012.192690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3012.194762] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3012.195617] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 3012.196421] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 3012.197222] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3012.198032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3012.198845] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 3012.234048] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3012.234910] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3012.235783] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:49:19 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:49:19 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 92)

20:49:19 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000180)={0x1000, 0x3, 0xffff, 0x0, 0x4, "e7461340e8b9a509"})
r2 = openat$hpet(0xffffffffffffff9c, &(0x7f00000000c0), 0x202000, 0x0)
ioctl$TCSETSW2(r2, 0x402c542c, &(0x7f0000000140)={0x3, 0xc9, 0x8, 0x9, 0x0, "eeb754d43c412847ede15c4fedd6b710552d58", 0x1000, 0x9})

20:49:19 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}], 0x2, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:49:19 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1) (fail_nth: 1)

20:49:19 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5413, 0x0)

20:49:19 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5416, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:49:19 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
close_range(r4, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ff3000/0x3000)=nil, 0x3000, 0x1, 0x10010, r4, 0x0)
r5 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x5, 0x80010, r5, 0x8000000)
syz_io_uring_submit(r6, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0)
accept$packet(r3, &(0x7f00000000c0)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000100)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'syztnl0\x00', &(0x7f0000000240)={'syztnl1\x00', r7, 0x2f, 0x0, 0xf7, 0x0, 0x2, @remote, @local, 0x20, 0x700, 0xf86f, 0x9}})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 3027.912996] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 3027.924712] FAULT_INJECTION: forcing a failure.
[ 3027.924712] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3027.926676] CPU: 0 PID: 14416 Comm: syz-executor.4 Not tainted 5.10.234 #1
[ 3027.927800] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3027.929137] Call Trace:
[ 3027.929573]  dump_stack+0x107/0x167
[ 3027.930156]  should_fail.cold+0x5/0xa
[ 3027.930788]  _copy_from_user+0x2e/0x1b0
[ 3027.931446]  iovec_from_user+0x141/0x400
[ 3027.932113]  __import_iovec+0x67/0x590
[ 3027.932769]  import_iovec+0x83/0xb0
[ 3027.933371]  vfs_readv+0xbb/0x160
[ 3027.933938]  ? vfs_iter_read+0xa0/0xa0
[ 3027.934561]  ? __fget_files+0x2cf/0x520
[ 3027.935214]  ? lock_downgrade+0x6d0/0x6d0
[ 3027.935879]  ? find_held_lock+0x2c/0x110
[ 3027.936535]  ? ksys_write+0x12d/0x260
[ 3027.937166]  ? __fget_files+0x2f8/0x520
[ 3027.937809]  ? __fget_light+0xea/0x290
[ 3027.938428]  do_readv+0x139/0x300
[ 3027.939002]  ? vfs_readv+0x160/0x160
[ 3027.939621]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3027.940477]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3027.941308]  do_syscall_64+0x33/0x40
[ 3027.941914]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3027.942756] RIP: 0033:0x7fac9e282b19
[ 3027.943369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3027.946344] RSP: 002b:00007fac9b7f8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[ 3027.947588] RAX: ffffffffffffffda RBX: 00007fac9e395f60 RCX: 00007fac9e282b19
[ 3027.948749] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000004
[ 3027.949884] RBP: 00007fac9b7f81d0 R08: 0000000000000000 R09: 0000000000000000
[ 3027.951027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3027.952236] R13: 00007ffdabe864af R14: 00007fac9b7f8300 R15: 0000000000022000
[ 3027.966600] FAULT_INJECTION: forcing a failure.
[ 3027.966600] name failslab, interval 1, probability 0, space 0, times 0
[ 3027.968665] CPU: 0 PID: 14418 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 3027.969778] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3027.971112] Call Trace:
[ 3027.971540]  dump_stack+0x107/0x167
[ 3027.972124]  should_fail.cold+0x5/0xa
[ 3027.972734]  ? io_setup_async_rw+0x180/0x580
[ 3027.973450]  should_failslab+0x5/0x20
[ 3027.974079]  __kmalloc+0x72/0x390
[ 3027.974646]  io_setup_async_rw+0x180/0x580
[ 3027.975349]  io_read+0xe98/0x11e0
[ 3027.975915]  ? kiocb_done+0xc90/0xc90
[ 3027.976522]  ? mark_lock+0xf5/0x2df0
[ 3027.977119]  ? lock_chain_count+0x20/0x20
[ 3027.977787]  ? stack_trace_consume_entry+0x160/0x160
[ 3027.978602]  ? lock_acquire+0x197/0x470
[ 3027.979234]  ? __lock_acquire+0xbb1/0x5b00
[ 3027.979908]  io_issue_sqe+0x2e8a/0x77b0
[ 3027.980521]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3027.981353]  ? lock_chain_count+0x20/0x20
[ 3027.982014]  ? __is_insn_slot_addr+0x14c/0x290
[ 3027.982739]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3027.983561]  ? io_connect+0x610/0x610
[ 3027.984170]  ? lock_acquire+0x197/0x470
[ 3027.984807]  ? find_held_lock+0x2c/0x110
[ 3027.985451]  ? __fget_files+0x2cf/0x520
[ 3027.986084]  ? lock_downgrade+0x6d0/0x6d0
[ 3027.986756]  __io_queue_sqe+0x90/0x9d0
[ 3027.987379]  ? io_issue_sqe+0x77b0/0x77b0
[ 3027.988030]  ? __fget_files+0x2f8/0x520
[ 3027.988682]  ? io_prep_rw+0x7f5/0x1050
[ 3027.989307]  io_submit_sqes+0x44aa/0x8610
[ 3027.989993]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3027.990770]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3027.991536]  ? find_held_lock+0x2c/0x110
[ 3027.992194]  ? io_submit_sqes+0x8610/0x8610
[ 3027.992900]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3027.993684]  ? wait_for_completion_io+0x270/0x270
[ 3027.994454]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3027.995189]  ? vfs_write+0x354/0xb10
[ 3027.995773]  ? fput_many+0x2f/0x1a0
[ 3027.996340]  ? ksys_write+0x1a9/0x260
[ 3027.996945]  ? __ia32_sys_read+0xb0/0xb0
[ 3027.997625]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3027.998466]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3027.999275]  do_syscall_64+0x33/0x40
[ 3027.999878]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3028.000650] RIP: 0033:0x7f9d2ce7eb19
[ 3028.001221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3028.004125] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3028.005290] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 3028.006412] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 3028.007539] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3028.008636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3028.009729] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 3028.041424] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3028.043125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3028.045007] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:49:19 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f00000000c0))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x1000, 0x4, 0x0, "0000000000080500"})

20:49:19 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5418, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:49:19 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5414, 0x0)

20:49:19 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1) (fail_nth: 2)

20:49:19 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x2, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

[ 3028.091711] FAULT_INJECTION: forcing a failure.
[ 3028.091711] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3028.094376] CPU: 1 PID: 14434 Comm: syz-executor.4 Not tainted 5.10.234 #1
[ 3028.095913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3028.097730] Call Trace:
[ 3028.098314]  dump_stack+0x107/0x167
[ 3028.099114]  should_fail.cold+0x5/0xa
[ 3028.099965]  _copy_to_iter+0x264/0x12d0
[ 3028.100839]  ? __lock_acquire+0x1657/0x5b00
[ 3028.101788]  ? _copy_from_iter_nocache+0xd60/0xd60
[ 3028.102857]  ? prepare_to_wait_exclusive+0x2a0/0x2a0
[ 3028.103968]  ? check_stack_object+0x6e/0xb0
[ 3028.104904]  ? __sanitizer_cov_trace_switch+0x45/0x80
[ 3028.106025]  ? __check_object_size+0xae/0x440
[ 3028.107009]  tty_read+0x29a/0x5e0
[ 3028.107793]  ? do_SAK+0x70/0x70
[ 3028.108525]  ? __might_fault+0xd3/0x180
[ 3028.109392]  ? lock_downgrade+0x6d0/0x6d0
[ 3028.110311]  do_iter_readv_writev+0x57c/0x750
[ 3028.111299]  ? new_sync_write+0x660/0x660
[ 3028.112200]  ? avc_policy_seqno+0x9/0x70
[ 3028.113084]  ? fsnotify_perm.part.0+0x22d/0x620
[ 3028.114101]  ? security_file_permission+0xb1/0xe0
[ 3028.115161]  do_iter_read+0x301/0x760
[ 3028.116007]  ? import_iovec+0x83/0xb0
[ 3028.116843]  vfs_readv+0xe5/0x160
[ 3028.117601]  ? vfs_iter_read+0xa0/0xa0
[ 3028.118456]  ? __fget_files+0x2cf/0x520
[ 3028.119321]  ? lock_downgrade+0x6d0/0x6d0
[ 3028.120211]  ? find_held_lock+0x2c/0x110
[ 3028.121098]  ? ksys_write+0x12d/0x260
[ 3028.121925]  ? __fget_files+0x2f8/0x520
[ 3028.122792]  ? __fget_light+0xea/0x290
[ 3028.123645]  do_readv+0x139/0x300
[ 3028.124397]  ? vfs_readv+0x160/0x160
[ 3028.125207]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3028.126340]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3028.127461]  do_syscall_64+0x33/0x40
[ 3028.128265]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3028.129369] RIP: 0033:0x7fac9e282b19
[ 3028.130174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3028.134144] RSP: 002b:00007fac9b7f8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[ 3028.135794] RAX: ffffffffffffffda RBX: 00007fac9e395f60 RCX: 00007fac9e282b19
[ 3028.137322] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000004
[ 3028.138846] RBP: 00007fac9b7f81d0 R08: 0000000000000000 R09: 0000000000000000
[ 3028.140379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3028.141906] R13: 00007ffdabe864af R14: 00007fac9b7f8300 R15: 0000000000022000
20:49:19 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x4b47, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:49:19 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}], 0x2, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:49:19 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5415, 0x0)

[ 3028.198166] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 3028.246966] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3028.248775] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3028.255500] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:49:35 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000000c0)={0x0, 0xffffffff, 0x0, 0xffffffff, 0xd9}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd_index=0x3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r6, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r6, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000240)={0x0, <r7=>0x0})
fcntl$setown(r6, 0x8, r7)
io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000300)=[0xffffffffffffffff, r6, r4, 0xffffffffffffffff, 0xffffffffffffffff], 0x5)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:49:35 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5419, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:49:35 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000100000018000000bc0ed87c5e689c896fe2a430c9c23dfe1e0814c5a51c27cd67a44bf24337b8d06803dfe21eae901a15799003fa20028528e4e0a40a5ad47579c2e144975a9ea378f2c7eb7de09fd36a762ed15ac8328d37a67a30eac055fc4d4a79c84751c419c9375049679c53e38eb7eeb9d62d5918", @ANYRES32=<r1=>r0, @ANYBLOB="01000000000000002e2f66696c653000"])
ioctl$KDGKBMETA(r1, 0x4b62, &(0x7f0000000140))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:49:35 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}], 0x2, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:49:35 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1) (fail_nth: 3)

20:49:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5416, 0x0)

20:49:35 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x4b49, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:49:35 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 93)

[ 3044.178443] FAULT_INJECTION: forcing a failure.
[ 3044.178443] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3044.183201] CPU: 0 PID: 14463 Comm: syz-executor.4 Not tainted 5.10.234 #1
[ 3044.185037] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3044.187130] Call Trace:
[ 3044.187884]  dump_stack+0x107/0x167
[ 3044.188833]  should_fail.cold+0x5/0xa
[ 3044.189804]  _copy_to_user+0x2e/0x180
[ 3044.190779]  simple_read_from_buffer+0xcc/0x160
[ 3044.192036]  proc_fail_nth_read+0x198/0x230
[ 3044.193032]  ? proc_sessionid_read+0x230/0x230
[ 3044.193999]  ? security_file_permission+0xb1/0xe0
[ 3044.195018]  ? proc_sessionid_read+0x230/0x230
[ 3044.196029]  vfs_read+0x228/0x620
[ 3044.196789]  ksys_read+0x12d/0x260
[ 3044.197536]  ? vfs_write+0xb10/0xb10
[ 3044.198326]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3044.199456]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3044.200590]  do_syscall_64+0x33/0x40
[ 3044.201373]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3044.202458] RIP: 0033:0x7fac9e23569c
[ 3044.203243] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
20:49:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5418, 0x0)

[ 3044.207184] RSP: 002b:00007fac9b7f8170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 3044.208996] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fac9e23569c
[ 3044.210503] RDX: 000000000000000f RSI: 00007fac9b7f81e0 RDI: 0000000000000005
[ 3044.212063] RBP: 00007fac9b7f81d0 R08: 0000000000000000 R09: 0000000000000000
[ 3044.213566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
20:49:35 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5401, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

[ 3044.215063] R13: 00007ffdabe864af R14: 00007fac9b7f8300 R15: 0000000000022000
[ 3044.220638] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 3044.280177] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3044.281816] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3044.285666] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 3044.285945] FAULT_INJECTION: forcing a failure.
[ 3044.285945] name failslab, interval 1, probability 0, space 0, times 0
[ 3044.289940] CPU: 0 PID: 14468 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 3044.291405] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3044.293175] Call Trace:
[ 3044.293785]  dump_stack+0x107/0x167
[ 3044.294561]  should_fail.cold+0x5/0xa
[ 3044.295369]  ? create_object.isra.0+0x3a/0xa20
[ 3044.296347]  ? create_object.isra.0+0x3a/0xa20
[ 3044.297315]  should_failslab+0x5/0x20
[ 3044.298174]  kmem_cache_alloc+0x5b/0x310
[ 3044.299082]  create_object.isra.0+0x3a/0xa20
[ 3044.299996]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3044.301058]  __kmalloc+0x16e/0x390
[ 3044.301828]  io_setup_async_rw+0x180/0x580
[ 3044.302766]  io_read+0xe98/0x11e0
[ 3044.303515]  ? kiocb_done+0xc90/0xc90
[ 3044.304336]  ? mark_lock+0xf5/0x2df0
[ 3044.305127]  ? lock_chain_count+0x20/0x20
[ 3044.306000]  ? stack_trace_consume_entry+0x160/0x160
[ 3044.307131]  ? lock_acquire+0x197/0x470
[ 3044.307991]  ? __lock_acquire+0xbb1/0x5b00
[ 3044.308878]  io_issue_sqe+0x2e8a/0x77b0
[ 3044.309731]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3044.310905]  ? lock_chain_count+0x20/0x20
[ 3044.311828]  ? __is_insn_slot_addr+0x14c/0x290
[ 3044.312799]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3044.313913]  ? io_connect+0x610/0x610
[ 3044.314781]  ? lock_acquire+0x197/0x470
[ 3044.315636]  ? find_held_lock+0x2c/0x110
[ 3044.316520]  ? __fget_files+0x2cf/0x520
[ 3044.317367]  ? lock_downgrade+0x6d0/0x6d0
[ 3044.318242]  __io_queue_sqe+0x90/0x9d0
[ 3044.319126]  ? io_issue_sqe+0x77b0/0x77b0
[ 3044.320026]  ? __fget_files+0x2f8/0x520
[ 3044.320886]  ? io_prep_rw+0x7f5/0x1050
[ 3044.321724]  io_submit_sqes+0x44aa/0x8610
[ 3044.322671]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3044.323722]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3044.324752]  ? find_held_lock+0x2c/0x110
[ 3044.325615]  ? io_submit_sqes+0x8610/0x8610
[ 3044.326586]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3044.327612]  ? wait_for_completion_io+0x270/0x270
[ 3044.328653]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3044.329635]  ? vfs_write+0x354/0xb10
[ 3044.330459]  ? fput_many+0x2f/0x1a0
[ 3044.331262]  ? ksys_write+0x1a9/0x260
[ 3044.332081]  ? __ia32_sys_read+0xb0/0xb0
[ 3044.332948]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3044.334059]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3044.335204]  do_syscall_64+0x33/0x40
[ 3044.336008]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3044.337094] RIP: 0033:0x7f9d2ce7eb19
[ 3044.337887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3044.341881] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3044.343537] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 3044.345083] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 3044.346642] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3044.348218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3044.349735] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:49:35 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x541a, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:49:35 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f00000000c0)={0xfff9, 0x40, 0x400})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:49:51 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 94)

20:49:51 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x541b, 0x0)

20:49:51 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
pread64(r3, &(0x7f00000000c0)=""/86, 0x56, 0x9)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:49:51 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:49:51 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x541b, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:49:51 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f0000000140)={0x650, 0x0, 0x3, 0x852})
ioctl$TCSETSF(r0, 0x5404, &(0x7f00000000c0)={0x1, 0x8, 0x8434, 0x4, 0x5, "218a90f9e126eaaba2e93b2dbf8499184c6827"})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:49:51 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {0x0}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:49:51 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5402, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

[ 3060.251168] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 3060.284749] FAULT_INJECTION: forcing a failure.
[ 3060.284749] name failslab, interval 1, probability 0, space 0, times 0
[ 3060.287265] CPU: 1 PID: 14495 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 3060.288747] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3060.290502] Call Trace:
[ 3060.291067]  dump_stack+0x107/0x167
[ 3060.291839]  should_fail.cold+0x5/0xa
[ 3060.292660]  ? __io_queue_sqe+0x666/0x9d0
[ 3060.293561]  should_failslab+0x5/0x20
[ 3060.294368]  kmem_cache_alloc_trace+0x55/0x320
[ 3060.295335]  ? lock_downgrade+0x6d0/0x6d0
[ 3060.296211]  __io_queue_sqe+0x666/0x9d0
[ 3060.297065]  ? io_issue_sqe+0x77b0/0x77b0
[ 3060.297946]  ? __fget_files+0x2f8/0x520
[ 3060.298784]  ? io_prep_rw+0x7f5/0x1050
[ 3060.299614]  io_submit_sqes+0x44aa/0x8610
[ 3060.300517]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3060.301557]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3060.302570]  ? find_held_lock+0x2c/0x110
[ 3060.303435]  ? io_submit_sqes+0x8610/0x8610
[ 3060.304364]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3060.305385]  ? wait_for_completion_io+0x270/0x270
[ 3060.305686] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3060.306401]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3060.306419]  ? vfs_write+0x354/0xb10
[ 3060.306440]  ? fput_many+0x2f/0x1a0
[ 3060.307410] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3060.308392]  ? ksys_write+0x1a9/0x260
[ 3060.308414]  ? __ia32_sys_read+0xb0/0xb0
[ 3060.308442]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3060.309075] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 3060.309764]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3060.309790]  do_syscall_64+0x33/0x40
[ 3060.317307]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3060.318519] RIP: 0033:0x7f9d2ce7eb19
20:49:51 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x541d, 0x0)

[ 3060.319396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3060.323910] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3060.325750] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 3060.327461] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 3060.329183] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3060.330876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3060.332580] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:49:51 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {0x0}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:49:51 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x541d, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:49:51 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x2}], 0x1)

20:49:51 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5403, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:49:51 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r1=>r0, @in_args={0x1}}, './file0\x00'})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$BTRFS_IOC_SYNC(r2, 0x9408, 0x0)
r3 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000180)='memory.pressure\x00', 0x2, 0x0)
r4 = syz_io_uring_setup(0xc65, &(0x7f0000000200)={0x0, 0x8ba3, 0x10, 0x3}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f0000002a40))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r4, 0xc, 0x0, r5)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_WRITE_FIXED={0x5, 0x0, 0x2004, @fd=r3, 0xffffffffffffff70, 0x7, 0xfffffa78, 0xd, 0x0, {0x0, r5}}, 0x0)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000140)=0x6c)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 3060.413027] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:49:51 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x541e, 0x0)

[ 3060.467704] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3060.468916] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3060.469919] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:50:06 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {0x0}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:50:06 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCMBIC(r1, 0x5417, &(0x7f00000000c0)=0x4000)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:50:06 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
link(&(0x7f0000000280)='./file0\x00', &(0x7f0000000340)='./file0\x00')
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_setup(0x4544, &(0x7f00000000c0)={0x0, 0x305f, 0x10, 0x1, 0x16, 0x0, r3}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000000180), &(0x7f0000000240))
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:50:06 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 95)

20:50:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x541e, 0x0)

20:50:06 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x20000114}], 0x1)

20:50:06 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5404, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:50:06 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x541e, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 3075.385177] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 3075.409219] FAULT_INJECTION: forcing a failure.
[ 3075.409219] name failslab, interval 1, probability 0, space 0, times 0
[ 3075.413988] CPU: 0 PID: 14552 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 3075.415446] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3075.417189] Call Trace:
[ 3075.417743]  dump_stack+0x107/0x167
[ 3075.418506]  should_fail.cold+0x5/0xa
[ 3075.419304]  ? create_object.isra.0+0x3a/0xa20
[ 3075.420261]  should_failslab+0x5/0x20
[ 3075.421060]  kmem_cache_alloc+0x5b/0x310
[ 3075.421940]  create_object.isra.0+0x3a/0xa20
[ 3075.422886]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3075.423964]  kmem_cache_alloc_trace+0x151/0x320
[ 3075.425006]  ? lock_downgrade+0x6d0/0x6d0
[ 3075.425895]  __io_queue_sqe+0x666/0x9d0
[ 3075.426746]  ? io_issue_sqe+0x77b0/0x77b0
[ 3075.427611]  ? __fget_files+0x2f8/0x520
[ 3075.428449]  ? io_prep_rw+0x7f5/0x1050
[ 3075.429288]  io_submit_sqes+0x44aa/0x8610
[ 3075.430189]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3075.431239]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3075.432253]  ? find_held_lock+0x2c/0x110
[ 3075.433114]  ? io_submit_sqes+0x8610/0x8610
[ 3075.434030]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3075.435010]  ? wait_for_completion_io+0x270/0x270
[ 3075.436042]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3075.436984]  ? vfs_write+0x354/0xb10
[ 3075.437744]  ? fput_many+0x2f/0x1a0
[ 3075.438502]  ? ksys_write+0x1a9/0x260
[ 3075.439296]  ? __ia32_sys_read+0xb0/0xb0
[ 3075.440150]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3075.441248]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3075.442323]  do_syscall_64+0x33/0x40
[ 3075.443099]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3075.444165] RIP: 0033:0x7f9d2ce7eb19
[ 3075.444954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3075.448789] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3075.450381] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 3075.451863] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 3075.453361] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3075.454842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3075.456324] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:50:06 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5405, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:50:06 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x7ffff000}], 0x1)

20:50:06 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x541e, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:50:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5420, 0x0)

20:50:06 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
r1 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000200)={0x9, 0x0, 0x1, 0x500000, 0x84, "c830b773e47d526b048a208ea2d2eb2d632c59", 0x1, 0x3ff})
ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f0000000140)=""/129)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f00000000c0)={0x2, 0x7ff, 0x80, 0x7ff, 0x9, "49f6fbcb79e90327379aacf879097c89e16364", 0x0, 0x6})
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x1)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x6)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x7, 0x0, 0x0, 0x0, "e6400200"})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$GIO_CMAP(r2, 0x4b70, &(0x7f0000000080))

[ 3075.529180] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3075.530861] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3075.532441] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:50:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5421, 0x0)

20:50:06 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000500)=""/116, 0x74}], 0x2, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:50:06 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5406, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:50:06 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x2)

20:50:07 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x5e280, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:50:07 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5420, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 3075.689575] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 3075.767157] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3075.769118] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3075.770717] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:50:07 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 96)

20:50:07 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5422, 0x0)

20:50:07 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x4000010, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x51018, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1f, 0x4}}, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:50:07 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:50:07 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x8)

20:50:07 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5421, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:50:07 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000001c0)={0xfffffffd, 0x0, 0x800, 0x0, 0x0, "9d550000000000003afeedeb91401d0457d614", 0x3})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
openat$incfs(r1, &(0x7f00000000c0)='.pending_reads\x00', 0x400000, 0x2f)
bind$packet(r1, &(0x7f0000000080)={0x11, 0xf5, 0x0, 0x1, 0x2, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x14)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'geneve1\x00', <r4=>0x0})
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000040)=0x3f, 0x4)
bind$packet(r2, &(0x7f0000000240)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @random="ca73da4133fc"}, 0x14)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendfile(r2, r1, 0x0, 0x500000001)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
setsockopt$inet_opts(r1, 0x0, 0x0, &(0x7f0000000100)="4005e80a1849166ef9f75d093f7b62b6ab8725fd4d262b4e18", 0x19)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000180)={0x3, 0x5}, 0x4)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 3075.878067] FAULT_INJECTION: forcing a failure.
[ 3075.878067] name failslab, interval 1, probability 0, space 0, times 0
[ 3075.880698] CPU: 1 PID: 14594 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 3075.882172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3075.883900] Call Trace:
[ 3075.884456]  dump_stack+0x107/0x167
[ 3075.885247]  should_fail.cold+0x5/0xa
[ 3075.886041]  ? memcg_alloc_page_obj_cgroups+0x73/0x100
[ 3075.887131]  should_failslab+0x5/0x20
[ 3075.887922]  __kmalloc_node+0x76/0x420
[ 3075.888739]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 3075.889829]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 3075.890873]  kmem_cache_alloc_bulk+0x182/0x320
[ 3075.891827]  io_submit_sqes+0x6fe6/0x8610
[ 3075.892720]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3075.893787]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3075.894794]  ? find_held_lock+0x2c/0x110
[ 3075.895644]  ? io_submit_sqes+0x8610/0x8610
[ 3075.896548]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3075.897583]  ? wait_for_completion_io+0x270/0x270
[ 3075.898596]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3075.899556]  ? vfs_write+0x354/0xb10
[ 3075.900327]  ? fput_many+0x2f/0x1a0
[ 3075.901114]  ? ksys_write+0x1a9/0x260
[ 3075.901903]  ? __ia32_sys_read+0xb0/0xb0
[ 3075.902750]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3075.903843]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3075.904947]  do_syscall_64+0x33/0x40
[ 3075.905722]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3075.906790] RIP: 0033:0x7f9d2ce7eb19
[ 3075.907567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3075.911422] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3075.913035] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 3075.914511] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 3075.915988] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3075.917506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3075.918991] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:50:19 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 97)

20:50:19 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000500)=""/116, 0x74}], 0x2, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:50:19 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r7, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x0)
syz_io_uring_submit(r1, r6, &(0x7f0000000000)=@IORING_OP_READ=@pass_buffer={0x16, 0x2, 0x4007, @fd_index, 0x3a, &(0x7f0000000240)=""/81, 0x51, 0x3, 0x1, {0x0, r4}}, 0x0)
r8 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r8, 0x8000000)
syz_io_uring_submit(r9, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:50:19 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5422, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:50:19 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5409, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:50:19 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5423, 0x0)

20:50:19 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCMIWAIT(r1, 0x545c, 0x0)
r2 = dup(r0)
readv(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:50:19 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$GIO_CMAP(r1, 0x4b70, &(0x7f0000000140))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 3088.487460] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:50:19 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5423, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 3088.552795] FAULT_INJECTION: forcing a failure.
[ 3088.552795] name failslab, interval 1, probability 0, space 0, times 0
[ 3088.554613] CPU: 0 PID: 14628 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 3088.555472] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3088.556514] Call Trace:
[ 3088.556848]  dump_stack+0x107/0x167
[ 3088.557305]  should_fail.cold+0x5/0xa
[ 3088.557781]  ? create_object.isra.0+0x3a/0xa20
[ 3088.558357]  should_failslab+0x5/0x20
[ 3088.558829]  kmem_cache_alloc+0x5b/0x310
[ 3088.559339]  create_object.isra.0+0x3a/0xa20
[ 3088.559883]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3088.560508]  __kmalloc+0x16e/0x390
[ 3088.560949]  ? lock_downgrade+0x6d0/0x6d0
[ 3088.561498]  io_setup_async_rw+0x180/0x580
[ 3088.562027]  io_read+0xe98/0x11e0
[ 3088.562460]  ? __lock_acquire+0x1657/0x5b00
[ 3088.563003]  ? kiocb_done+0xc90/0xc90
[ 3088.563471]  ? mark_lock+0xf5/0x2df0
[ 3088.563945]  ? lock_chain_count+0x20/0x20
[ 3088.564485]  ? __lock_acquire+0xbb1/0x5b00
[ 3088.565011]  io_issue_sqe+0x2e8a/0x77b0
[ 3088.565531]  ? find_held_lock+0x2c/0x110
[ 3088.566045]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3088.566706]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 3088.567301]  ? lock_downgrade+0x6d0/0x6d0
[ 3088.567826]  ? io_connect+0x610/0x610
[ 3088.568316]  ? lock_acquire+0x197/0x470
[ 3088.568816]  ? find_held_lock+0x2c/0x110
[ 3088.569348]  ? __fget_files+0x2cf/0x520
[ 3088.569843]  ? lock_downgrade+0x6d0/0x6d0
[ 3088.570361]  __io_queue_sqe+0x90/0x9d0
[ 3088.570849]  ? io_issue_sqe+0x77b0/0x77b0
[ 3088.571373]  ? __fget_files+0x2f8/0x520
[ 3088.571871]  ? io_prep_rw+0x7f5/0x1050
[ 3088.572358]  io_submit_sqes+0x44aa/0x8610
[ 3088.572896]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3088.573527]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3088.574138]  ? find_held_lock+0x2c/0x110
[ 3088.574641]  ? io_submit_sqes+0x8610/0x8610
[ 3088.575189]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3088.575779]  ? wait_for_completion_io+0x270/0x270
[ 3088.576381]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3088.576950]  ? vfs_write+0x354/0xb10
[ 3088.577417]  ? fput_many+0x2f/0x1a0
[ 3088.577860]  ? ksys_write+0x1a9/0x260
[ 3088.578325]  ? __ia32_sys_read+0xb0/0xb0
[ 3088.578821]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3088.579466]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3088.580119]  do_syscall_64+0x33/0x40
[ 3088.580485] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3088.580578]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3088.580596] RIP: 0033:0x7f9d2ce7eb19
[ 3088.582214] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3088.582772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3088.582788] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3088.587523] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 3088.588385] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 3088.588534] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 3088.589245] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3088.589253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3088.589260] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:50:34 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 98)

20:50:34 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5424, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:50:34 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x540a, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:50:34 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000240)={0x0, 0x4, 0xe31d, 0x9, 0x6, "d559cab42e556267"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r1, 0x5407, &(0x7f00000001c0)={0x0, 0x100, 0x1c0, 0x7, 0xf, "933a1c3d3ee38127"})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0xfffe, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000200)=0x80)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3fd)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r4 = dup(r0)
readv(r4, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)
ioctl$TIOCMSET(r4, 0x5418, &(0x7f0000000180))
ioctl$VT_GETSTATE(r0, 0x5603, &(0x7f0000000280)={0x5d, 0xff})

20:50:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5424, 0x0)

20:50:34 executing program 6:
prctl$PR_GET_DUMPABLE(0x3)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:50:34 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
mknodat(r4, &(0x7f00000000c0)='./file0\x00', 0x8, 0x9)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:50:34 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000500)=""/116, 0x74}], 0x2, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 3103.268480] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:50:34 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x540b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

[ 3103.310841] FAULT_INJECTION: forcing a failure.
[ 3103.310841] name failslab, interval 1, probability 0, space 0, times 0
[ 3103.313287] CPU: 1 PID: 14649 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 3103.314741] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3103.316558] Call Trace:
[ 3103.317214]  dump_stack+0x107/0x167
[ 3103.318143]  should_fail.cold+0x5/0xa
[ 3103.319152]  ? __io_queue_sqe+0x666/0x9d0
[ 3103.320310]  should_failslab+0x5/0x20
[ 3103.321301]  kmem_cache_alloc_trace+0x55/0x320
[ 3103.322577]  ? lock_downgrade+0x6d0/0x6d0
[ 3103.323776]  __io_queue_sqe+0x666/0x9d0
[ 3103.324893]  ? io_issue_sqe+0x77b0/0x77b0
[ 3103.326052]  ? __fget_files+0x2f8/0x520
[ 3103.327212]  ? io_prep_rw+0x7f5/0x1050
[ 3103.328300]  io_submit_sqes+0x44aa/0x8610
[ 3103.329486]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3103.330905]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3103.332259]  ? find_held_lock+0x2c/0x110
[ 3103.333389]  ? io_submit_sqes+0x8610/0x8610
[ 3103.334566]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3103.335896]  ? wait_for_completion_io+0x270/0x270
[ 3103.337138]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3103.338425]  ? vfs_write+0x354/0xb10
[ 3103.339455]  ? fput_many+0x2f/0x1a0
[ 3103.340451]  ? ksys_write+0x1a9/0x260
[ 3103.341488]  ? __ia32_sys_read+0xb0/0xb0
[ 3103.342644]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3103.344068]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3103.345498]  do_syscall_64+0x33/0x40
[ 3103.346570]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3103.347718] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3103.347994] RIP: 0033:0x7f9d2ce7eb19
[ 3103.348024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3103.349147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3103.350140] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3103.350168] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 3103.350189] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 3103.353242] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 3103.354746] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3103.354766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3103.354785] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:50:34 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
write$binfmt_script(r1, &(0x7f0000000180)={'#! ', './file0', [{0x20, '-\xa9'}, {}, {}, {}, {0x20, '/dev/ptmx\x00'}, {0x20, '/dev/ptmx\x00'}], 0xa, "ef8e5891ed8159b43e24323f184e3ca1b24ad3daf6624d342d147378e607fa9fd7a89ef88366cb84da77a032c4c938269e48e1fc4ee8bfa0cf9542bc4f38411de478f9bfc1"}, 0x6c)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r2 = dup(r0)
readv(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:50:34 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x540c, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:50:34 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x101, 0x8, 0x1d6, 0x2, 0x80, "58ea3e6a4720b31515af7d2eddc53f4a450294", 0x5, 0xffffdb9f})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:50:34 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5425, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:50:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5425, 0x0)

20:50:34 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {0x0}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 3103.492763] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:50:34 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x540d, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

[ 3103.559033] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3103.560145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3103.562243] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:50:48 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x540e, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:50:48 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 99)

20:50:48 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xffffffff, 0x8, 0x1, 0x3, 0xfe, "000002000010f662c7000000e30000ffdd0014", 0x4, 0x6})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000140)={0x4, 0x277b, 0xdc, 0x6, 0x6, "58d91dd7650d42e3"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r3 = open$dir(&(0x7f0000000180)='./file0\x00', 0x602, 0x34)
close_range(r3, r2, 0x2)
finit_module(r1, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0)

20:50:48 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5427, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:50:48 executing program 4:
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000180)={0xa, 0x4e23, 0xd3b0, @dev={0xfe, 0x80, '\x00', 0xf}, 0x1}, 0x1c, &(0x7f00000002c0)=[{&(0x7f00000001c0)="629afc8a4bd24b8bd2df7c481f0784d6ea187ecd97613501f49583cfd4cbb0f8b4c3d731d61e386c0bd628e2cb", 0x2d}, {&(0x7f0000000200)="1639c59378665db870f67a6eb79e0898007c50d3f0a22c55bd51f96185212a723704a6415df6ebed4c3475635b65f031a10f1a16a0aa067368c044eb2ec2310c4d4a1ec9c1df57f8b9735de7d29f378d36a47faaaf6292cb41e7e4804a79da519992ee762487e7c3ff93d94e0c4a552c7b993349ee37f37a556c06f8afece3e03397ca57f287eada6b0d8ae1db90237ef9d95ffac6f067ea3353fb59e5f2873387b06cb0f6800d39e6f261ce12dda0bcdce787f5c78d204d8f9f", 0xba}], 0x2, &(0x7f0000000300)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x9}}, @hopopts_2292={{0x58, 0x29, 0x36, {0x3b, 0x7, '\x00', [@pad1, @enc_lim, @generic={0x1, 0x2e, "5ce7fb22a5a85098cfc03065f15b032b2b7c1d1989bb447117f0940731ab18261918519ee531a6c82a3e11c87456"}, @enc_lim]}}}, @rthdrdstopts={{0x100, 0x29, 0x37, {0x33, 0x1c, '\x00', [@padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x10001}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x7f}, @generic={0x63, 0xb8, "df07727fa19a29e5f56639453659dbda006e34d814c4d7bd27e0e6d3f5865a0d97b9e866dbf89b0651b5427c8b30d1b64cf0e610f514e9ffdf966c246db69b6955ddee7938ac8d2e3b9762bb606cb4bea19b52671b89941c2fc528ab5b909a26a86751c333639c3e1dc4425c725a1cee1e20607ddd53d7d04d045f8692417c3fd798b4545d38505c6b6e8e3e359bc519facd389ccc41e6eae5029b86b099257f9d7a232006c99f307c3b358f8cfa55ba22af570166838643"}, @ra={0x5, 0x2, 0x579}]}}}], 0x170}, 0x20)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

[ 3117.468837] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:50:48 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5427, 0x0)

20:50:48 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {0x0}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:50:48 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r6=>0xffffffffffffffff})
fcntl$setstatus(r5, 0x4, 0x42800)
splice(r6, 0x0, r5, 0x0, 0x5, 0x0)
ioctl$SCSI_IOCTL_START_UNIT(r5, 0x5)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r7, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:50:48 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000140)={0x5, &(0x7f00000000c0)=[{0x1, 0x6, 0xf7, 0x4}, {0x5, 0x7, 0x3, 0x1}, {0x4, 0x0, 0x0, 0x1}, {0xfbff, 0x9, 0x4}, {0x3, 0x7, 0x0, 0x8}]})
write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="7f454c4603010309010000000000000002003e00060000000c000000000000004000000000000000cd0300000000000002000000db0c38000100ff03261e0200030000000100000007000000ac00000000000000000000002b870000000000004000000000000000460000000000000008000000000000000700000005000000ff7f00000000000003000000000000000b090000000000008100000000000000920500000000000020000000000000008e73a5acf10ba1c0ae8c7d8c6e6a33b1b9d8a36e31bd663ba81ba52cc00835fa0c7c8749c408be6998374278dfa5b294197167996fb33a30d5e0c60fabd806a0f10992053f4fd4d3c885c47139e92d4f3e2fec1669816ea1471f44c4829b460c836ff6739b06646bc7c5db699f137b15f7be6d03"], 0x124)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 3117.522221] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3117.523362] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3117.524514] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 3117.525078] FAULT_INJECTION: forcing a failure.
[ 3117.525078] name failslab, interval 1, probability 0, space 0, times 0
[ 3117.528182] CPU: 1 PID: 14711 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 3117.529655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3117.531433] Call Trace:
[ 3117.532002]  dump_stack+0x107/0x167
[ 3117.532784]  should_fail.cold+0x5/0xa
[ 3117.533598]  ? create_object.isra.0+0x3a/0xa20
[ 3117.534590]  should_failslab+0x5/0x20
[ 3117.535401]  kmem_cache_alloc+0x5b/0x310
[ 3117.536273]  create_object.isra.0+0x3a/0xa20
[ 3117.537203]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3117.538286]  kmem_cache_alloc_trace+0x151/0x320
[ 3117.539290]  ? lock_downgrade+0x6d0/0x6d0
[ 3117.540179]  __io_queue_sqe+0x666/0x9d0
[ 3117.541033]  ? io_issue_sqe+0x77b0/0x77b0
[ 3117.541913]  ? __fget_files+0x2f8/0x520
[ 3117.542768]  ? io_prep_rw+0x7f5/0x1050
[ 3117.543617]  io_submit_sqes+0x44aa/0x8610
[ 3117.544531]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3117.545596]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3117.546631]  ? find_held_lock+0x2c/0x110
[ 3117.547503]  ? io_submit_sqes+0x8610/0x8610
[ 3117.548438]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3117.549466]  ? wait_for_completion_io+0x270/0x270
[ 3117.550506]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3117.551489]  ? vfs_write+0x354/0xb10
[ 3117.552285]  ? fput_many+0x2f/0x1a0
[ 3117.553064]  ? ksys_write+0x1a9/0x260
[ 3117.553872]  ? __ia32_sys_read+0xb0/0xb0
[ 3117.554752]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3117.555862]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3117.556966]  do_syscall_64+0x33/0x40
[ 3117.557754]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3117.558850] RIP: 0033:0x7f9d2ce7eb19
[ 3117.559647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3117.563563] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3117.565193] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 3117.566708] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 3117.568236] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3117.569747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3117.571275] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
20:50:48 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {0x0}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:50:48 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000180)={0x3, 0x2, 0x3f, 0x7, 0x8, "f968b706b68eed29"})
r2 = dup(r0)
readv(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x13)

20:50:48 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5428, 0x0)

20:50:48 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x540f, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:50:48 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5428, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:50:48 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x2, 0xfffe, 0xfff, 0xf, "e6400200"})

[ 3117.646853] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 3117.688904] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3117.690480] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3117.692113] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:50:49 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5429, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:50:49 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5410, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:51:01 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 100)

20:51:01 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5429, 0x0)

20:51:01 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5432, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:51:01 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000000, 0x2010, r1, 0xbf648000)
readv(r1, &(0x7f0000000040)=[{&(0x7f0000000180)=""/79, 0x4f}], 0x1)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x3f)

20:51:01 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x2, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:51:01 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0x1ff, 0x0, 0x2, 0x0, 0x7f, "4204af5078dc8f613afeedeb91401d0457d614", 0x9})
r1 = openat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x80, 0xe)
ioctl$TIOCEXCL(r1, 0x540c)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSERGETLSR(r0, 0x5459, &(0x7f0000000180))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x7fff, 0x101, 0x7, 0xffffffff, 0x0, "4d0c6b8041e0559cdba0ff00", 0x72e4a6bd, 0x5})
recvmmsg$unix(r1, &(0x7f0000003940)=[{{&(0x7f00000001c0), 0x6e, &(0x7f00000007c0)=[{&(0x7f0000000240)=""/234, 0xea}, {&(0x7f0000000340)=""/3, 0x3}, {&(0x7f0000000380)=""/227, 0xe3}, {&(0x7f0000000480)=""/241, 0xf1}, {&(0x7f0000000580)=""/129, 0x81}, {&(0x7f0000000640)=""/31, 0x1f}, {&(0x7f0000000680)=""/205, 0xcd}, {&(0x7f0000000780)=""/17, 0x11}], 0x8, &(0x7f0000000840)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x48}}, {{&(0x7f00000008c0), 0x6e, &(0x7f0000000e00), 0x0, &(0x7f0000000ec0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58}}, {{&(0x7f0000000f40), 0x6e, &(0x7f00000034c0)=[{&(0x7f0000000fc0)=""/234, 0xea}, {&(0x7f00000010c0)=""/183, 0xb7}, {&(0x7f0000003ac0)=""/13, 0xd}, {&(0x7f00000011c0)=""/4096, 0x1000}, {&(0x7f00000021c0)=""/172, 0xac}, {&(0x7f0000003b00)=""/4096, 0x1000}, {&(0x7f0000003280)=""/102, 0x66}, {&(0x7f0000003300)=""/224, 0xe0}, {&(0x7f0000003400)=""/160, 0xa0}], 0x9, &(0x7f0000003580)}}, {{&(0x7f0000002280)=@abs, 0x6e, &(0x7f0000003880)=[{&(0x7f0000003700)=""/224, 0xe0}, {&(0x7f0000003800)=""/96, 0x60}], 0x2, &(0x7f00000038c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="30000000000001000000010000000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0x68}}], 0x4, 0x0, &(0x7f0000003a40)={0x0, 0x3938700})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000003a80)={0x0, 0x0, r2, 0x48})

[ 3130.617539] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:51:01 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
syz_io_uring_submit(r7, r2, &(0x7f0000000100)=@IORING_OP_WRITE_FIXED={0x5, 0x1, 0x2007, @fd=r0, 0x4, 0x2861de28, 0x7, 0x10, 0x0, {0x2}}, 0x9)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x6, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000200)={0x0, 0x1, 0x3, 0x7})
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r8, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r8, 0x5407, &(0x7f0000000040)={0x4, 0x0, 0x0, 0x0, 0x3, "e64002fb00"})
dup3(r6, r8, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:51:01 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5411, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

[ 3130.656150] FAULT_INJECTION: forcing a failure.
[ 3130.656150] name failslab, interval 1, probability 0, space 0, times 0
[ 3130.658823] CPU: 1 PID: 14748 Comm: syz-executor.3 Not tainted 5.10.234 #1
[ 3130.660317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3130.662086] Call Trace:
[ 3130.662658]  dump_stack+0x107/0x167
[ 3130.663457]  should_fail.cold+0x5/0xa
20:51:02 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = signalfd(r0, &(0x7f00000000c0)={[0x1000]}, 0x8)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCGPTPEER(r2, 0x5441, 0x4)
r3 = syz_open_dev$hidraw(&(0x7f0000000140), 0x1, 0x24000)
fcntl$dupfd(r1, 0x0, r3)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 3130.664275]  ? io_setup_async_rw+0x180/0x580
[ 3130.665345]  should_failslab+0x5/0x20
[ 3130.666164]  __kmalloc+0x72/0x390
[ 3130.666923]  ? lock_downgrade+0x6d0/0x6d0
[ 3130.667818]  io_setup_async_rw+0x180/0x580
[ 3130.668751]  io_read+0xe98/0x11e0
[ 3130.669518]  ? __lock_acquire+0x1657/0x5b00
[ 3130.670446]  ? kiocb_done+0xc90/0xc90
[ 3130.671265]  ? mark_lock+0xf5/0x2df0
[ 3130.672065]  ? lock_chain_count+0x20/0x20
[ 3130.672982]  ? __lock_acquire+0xbb1/0x5b00
[ 3130.673892]  io_issue_sqe+0x2e8a/0x77b0
[ 3130.674741]  ? find_held_lock+0x2c/0x110
[ 3130.675620]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3130.676737]  ? __io_arm_poll_handler+0x59b/0x9e0
[ 3130.677750]  ? lock_downgrade+0x6d0/0x6d0
[ 3130.678634]  ? io_connect+0x610/0x610
[ 3130.679465]  ? lock_acquire+0x197/0x470
[ 3130.680315]  ? find_held_lock+0x2c/0x110
[ 3130.681192]  ? __fget_files+0x2cf/0x520
[ 3130.682044]  ? lock_downgrade+0x6d0/0x6d0
[ 3130.682946]  __io_queue_sqe+0x90/0x9d0
[ 3130.683792]  ? io_issue_sqe+0x77b0/0x77b0
[ 3130.684695]  ? __fget_files+0x2f8/0x520
[ 3130.685560]  ? io_prep_rw+0x7f5/0x1050
[ 3130.686399]  io_submit_sqes+0x44aa/0x8610
[ 3130.687322]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3130.688393]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3130.689429]  ? find_held_lock+0x2c/0x110
[ 3130.690297]  ? io_submit_sqes+0x8610/0x8610
[ 3130.691238]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3130.692275]  ? wait_for_completion_io+0x270/0x270
[ 3130.693310]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3130.694301]  ? vfs_write+0x354/0xb10
[ 3130.695107]  ? fput_many+0x2f/0x1a0
[ 3130.695881]  ? ksys_write+0x1a9/0x260
[ 3130.696694]  ? __ia32_sys_read+0xb0/0xb0
[ 3130.697566]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3130.698681]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3130.699791]  do_syscall_64+0x33/0x40
[ 3130.700586]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3130.701673] RIP: 0033:0x7f9d2ce7eb19
20:51:02 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000004010000fd9dd78f41", @ANYRES32=<r1=>r0, @ANYBLOB='\b\x00\x00\x00\x00\x00\x00\x00./file0\x00'])
dup3(r1, r0, 0x80000)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 3130.702466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3130.706558] RSP: 002b:00007f9d2a3f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3130.708210] RAX: ffffffffffffffda RBX: 00007f9d2cf91f60 RCX: 00007f9d2ce7eb19
[ 3130.709732] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003
[ 3130.711264] RBP: 00007f9d2a3f41d0 R08: 0000000000000000 R09: 0000000000000000
[ 3130.712793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 3130.714318] R13: 00007ffe021ed69f R14: 00007f9d2a3f4300 R15: 0000000000022000
[ 3130.725633] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3130.726544] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3130.727486] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:51:02 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$FIONREAD(r0, 0x541b, &(0x7f00000001c0))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)
openat$null(0xffffffffffffff9c, &(0x7f0000000180), 0x84200, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000200))

20:51:02 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5435, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:51:02 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5412, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:51:02 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5437, 0x0)

20:51:02 executing program 6:
copy_file_range(0xffffffffffffffff, &(0x7f00000000c0)=0x4, 0xffffffffffffffff, &(0x7f0000000140)=0x3, 0x7, 0x0)
fgetxattr(0xffffffffffffffff, &(0x7f0000000180)=@random={'system.', '[&#]\x00'}, &(0x7f00000001c0)=""/215, 0xd7)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:51:02 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x2, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 3130.843171] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 3130.886754] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3130.887643] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3130.888535] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:51:16 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:51:16 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:51:16 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5441, 0x0)

20:51:16 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x2, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:51:16 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5437, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:51:16 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5413, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:51:16 executing program 6:
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setstatus(r0, 0x4, 0x42800)
splice(r1, 0x0, r0, 0x0, 0x5, 0x0)
ioctl$CDROMSETSPINDOWN(r1, 0x531e, &(0x7f00000000c0)=0x4)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r2, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:51:16 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000004, 0x100010, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 3145.037097] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:51:16 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5414, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:51:16 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5441, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:51:16 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5450, 0x0)

[ 3145.130146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3145.131766] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3145.133469] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:51:16 executing program 6:
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000000)=0x3ff)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xff, "e6400200"})

20:51:16 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5450, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:51:16 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5415, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:51:16 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 3145.286555] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 3145.341907] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3145.343547] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3145.345292] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:51:28 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:51:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5451, 0x0)

20:51:28 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10018, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0xfffffffe}, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
r9 = mmap$IORING_OFF_SQES(&(0x7f0000ff8000/0x3000)=nil, 0x3000, 0x100000b, 0x10, r3, 0x10000000)
syz_io_uring_submit(0x0, r9, &(0x7f00000003c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x3, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, {0x2}}, 0x10001)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r8, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x0)
r10 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000009, 0x810, r3, 0x10000000)
syz_io_uring_submit(r6, r10, &(0x7f00000000c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x4, 0x0, 0x1d8, 0x0, 0x0, 0x0, 0x0, 0x1, {0x3}}, 0xffff223f)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:51:28 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, &(0x7f00000000c0))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:51:28 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:51:28 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5416, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:51:28 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5451, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:51:28 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r1, 0x84009422, &(0x7f0000001900)={0x0, 0x0, {0x0, @struct, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r2, 0x5000943f, &(0x7f0000000900)={{}, 0x0, 0x4, @inherit={0x60, &(0x7f0000000140)=ANY=[@ANYBLOB="0100000000000000030000f30000e1000500002e00000009000000ff0000000001ffffff00000000040000fffffffc008180000000000002ffffffff000400000000000000000000ea54ffff2100050001000000002500"/96]}, @devid=r3})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r0, 0x50009418, &(0x7f0000000200)={{r0}, 0x0, 0x18, @inherit={0x58, &(0x7f0000000180)={0x1, 0x2, 0xd123, 0xfffffffffffffffe, {0x3e, 0xfffffffffffffffb, 0x5, 0x5, 0x6b6f}, [0x9, 0x80000001]}}, @devid=r3})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r4 = dup(r0)
readv(r4, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

[ 3157.304540] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:51:28 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5452, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:51:28 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x1, "e6400200"})

20:51:28 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5418, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

[ 3157.364597] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3157.366646] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3157.369363] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:51:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5452, 0x0)

20:51:28 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5456, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:51:28 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:51:28 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat2(0xffffffffffffffff, &(0x7f0000005fc0)='./file0\x00', &(0x7f0000006000)={0x101000, 0xb8, 0x10}, 0x18)
ioctl$TIOCEXCL(r1, 0x540c)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000140)={0x1, 0x1, 0x0, 0x101, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCSERGETLSR(r0, 0x5459, &(0x7f00000000c0))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000005d00)=[{{&(0x7f0000000180)=@abs, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/253, 0xfd}, {&(0x7f0000000100)=""/57, 0x39}, {&(0x7f0000000300)=""/63, 0x3f}, {&(0x7f0000000340)=""/71, 0x47}, {&(0x7f00000003c0)=""/227, 0xe3}], 0x5, &(0x7f0000000540)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x28}}, {{&(0x7f0000000580), 0x6e, &(0x7f0000001a00)=[{&(0x7f0000000600)=""/129, 0x81}, {&(0x7f00000006c0)=""/161, 0xa1}, {&(0x7f0000000780)=""/20, 0x14}, {&(0x7f00000007c0)=""/77, 0x4d}, {&(0x7f0000000840)=""/29, 0x1d}, {&(0x7f0000000880)=""/123, 0x7b}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)=""/192, 0xc0}, {&(0x7f00000019c0)=""/40, 0x28}], 0x9, &(0x7f0000001ac0)=[@cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x90}}, {{&(0x7f0000001b80), 0x6e, &(0x7f0000002200)=[{&(0x7f0000001c00)=""/225, 0xe1}, {&(0x7f0000001d00)=""/65, 0x41}, {&(0x7f0000001d80)=""/197, 0xc5}, {&(0x7f0000001e80)=""/46, 0x2e}, {&(0x7f0000001ec0)=""/27, 0x1b}, {&(0x7f0000001f00)=""/226, 0xe2}, {&(0x7f0000002000)=""/98, 0x62}, {&(0x7f0000002080)=""/70, 0x46}, {&(0x7f0000002100)=""/193, 0xc1}], 0x9, &(0x7f00000022c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [<r2=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x118}}, {{&(0x7f0000002400), 0x6e, &(0x7f00000035c0)=[{&(0x7f0000002480)=""/208, 0xd0}, {&(0x7f0000002580)=""/4096, 0x1000}, {&(0x7f0000003580)=""/41, 0x29}], 0x3, &(0x7f0000003600)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x90}}, {{&(0x7f00000036c0), 0x6e, &(0x7f0000003b00)=[{&(0x7f0000003740)=""/199, 0xc7}, {&(0x7f0000003840)=""/96, 0x60}, {&(0x7f00000038c0)=""/230, 0xe6}, {&(0x7f00000039c0)=""/70, 0x46}, {&(0x7f0000003a40)=""/167, 0xa7}], 0x5, &(0x7f0000003b80)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x50}}, {{0x0, 0x0, &(0x7f0000004080)=[{&(0x7f0000003c00)=""/77, 0x4d}, {&(0x7f0000003c80)=""/192, 0xc0}, {&(0x7f0000003d40)=""/182, 0xb6}, {&(0x7f0000003e00)=""/123, 0x7b}, {&(0x7f0000003e80)=""/232, 0xe8}, {&(0x7f0000003f80)=""/165, 0xa5}, {&(0x7f0000004040)=""/30, 0x1e}], 0x7, &(0x7f0000004100)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x128}}, {{&(0x7f0000004240)=@abs, 0x6e, &(0x7f0000005800)=[{&(0x7f00000042c0)=""/143, 0x8f}, {&(0x7f0000004380)=""/125, 0x7d}, {&(0x7f0000004400)=""/102, 0x66}, {&(0x7f0000004480)=""/240, 0xf0}, {&(0x7f0000004580)=""/121, 0x79}, {&(0x7f0000004600)=""/242, 0xf2}, {&(0x7f0000004700)=""/204, 0xcc}, {&(0x7f0000004800)=""/4096, 0x1000}], 0x8}}, {{&(0x7f0000005880)=@abs, 0x6e, &(0x7f0000005980)=[{&(0x7f0000005900)=""/111, 0x6f}], 0x1}}, {{&(0x7f00000059c0)=@abs, 0x6e, &(0x7f0000005b80)=[{&(0x7f0000005a40)=""/222, 0xde}, {&(0x7f0000005b40)=""/55, 0x37}], 0x2, &(0x7f0000005bc0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x128}}], 0x9, 0x1, &(0x7f0000005f40)={0x0, 0x989680})
ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000005f80)=0x1)

[ 3157.466522] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 3157.495957] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3157.497624] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3157.499786] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:51:28 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5457, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 3172.207082] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:51:43 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x545d, 0x0)

20:51:43 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0)

20:51:43 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
syz_io_uring_submit(r1, 0x0, &(0x7f0000000280)=@IORING_OP_FILES_UPDATE={0x14, 0x5, 0x0, 0x0, 0x7, &(0x7f0000000240)=[r3, r0, r0, 0xffffffffffffffff], 0x4}, 0xffffffff)
r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r4, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r4}, 0x0)
r5 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r5, 0x8000000)
syz_io_uring_submit(r6, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
syz_io_uring_submit(r6, r2, &(0x7f0000000180)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, r4, &(0x7f00000000c0)={0x8000, 0x80, 0x1}, &(0x7f0000000100)='./file0\x00', 0x18, 0x0, 0x12345}, 0x101)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:51:43 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5419, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:51:43 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x0, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:51:43 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x545d, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:51:43 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSBRK(r1, 0x5409, 0xffffffff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:51:43 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [], 0x80, "5fabd34a60e47f"})
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={<r3=>0x0, ""/256, <r4=>0x0, <r5=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, <r6=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000640)={0x0, ""/256, 0x0, <r7=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [{}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}], 0x80, "5fabd34a60e47f"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, &(0x7f000004ed40)={0x80000000, [{0x0, <r8=>0x0}], 0xff, "77e7657b756b1b"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f000004fd40)={0x0, ""/256, <r9=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, &(0x7f000004ff40)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r10=>0x0}], 0xc8, "548b4df498ac0e"})
r11 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={<r12=>0x0, ""/256, <r13=>0x0, <r14=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, <r15=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r11, 0x81f8943c, &(0x7f0000000640)={0x0, ""/256, 0x0, <r16=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [{}, {}, {}, {}, {}, {}, {0x0, r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r16}, {}, {0x0, r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r14}], 0x80, "5fabd34a60e47f"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000050f40)={0x40, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3, r8}, {r9}, {0x0, r10}, {r13}], 0x8, "5473a8c94038cc"})
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:51:43 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x351041, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TCSETAW(r1, 0x5407, &(0x7f00000000c0)={0xfff9, 0x27, 0x8000, 0x3, 0x13, "2ce33b49ea88d254"})

[ 3172.266942] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3172.268035] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3172.268991] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:51:43 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5460, 0x0)

20:51:43 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5460, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:51:43 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0)={0x0, 0xfffffffe}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
r6 = syz_open_dev$mouse(&(0x7f00000000c0), 0x101, 0x20000)
io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x40, 0x0, 0x7, 0x30739, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:51:43 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x541a, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:51:43 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2800, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
write$binfmt_elf32(r0, &(0x7f00000002c0)={{0x7f, 0x45, 0x4c, 0x46, 0x7f, 0x4, 0xd4, 0x6, 0x3, 0x2, 0x6, 0x7, 0x1f6, 0x38, 0x1a9, 0x9, 0x0, 0x20, 0x1, 0x0, 0x9, 0x7fe}, [{0x1, 0x1000, 0x6, 0x405, 0x9, 0x0, 0x0, 0x7}], "b7900034c264e05ac08a05ae16cb5f5df181a9b3156946256df0c84e6f02f111673d03d95d3c5cf797422c49b7e92101723dc39140591e79a11f00bcb80bbefe48ff7ca63ffdeb28b9baad169e5f62c3274d8d16e2e5dbce4bafa7de6b7846e50d33efebbe4302a095a9392d749595516eeed93485d6411186e8aca1315a3730889816b806133f8586c35bfc53ed4893d4cfea6d48fc91"}, 0xef)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000180)={0x200, 0x3ff, 0x81, 0xffffffff, 0x17, "b5c7e6fd9f02d6d5b257aeee3414c45a02e7f6"})
r1 = dup(r0)
readv(r1, &(0x7f0000000280)=[{&(0x7f00000000c0)=""/84, 0x54}, {&(0x7f00000001c0)=""/184, 0xb8}, {&(0x7f00000003c0)=""/120, 0x78}], 0x3)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x7ff)

20:51:43 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x0, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 3172.371473] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:51:43 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_NAN(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c1c0000", @ANYRES16=r0, @ANYBLOB="000127bd7000fcdbdf25730000000500ee0000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000804}, 0x44)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCL_GETSHIFTSTATE(r1, 0x541c, &(0x7f0000000180)={0x6, 0x8})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000140))
r2 = dup(r1)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000200), 0xe100, 0x0)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000240)={0x401, 0xffe0, 0x401, 0x7, 0x3, "5ec078281565eda0"})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_SELLOADLUT(r4, 0x541c, &(0x7f00000001c0)={0x5, 0x4, 0x247, 0x885, 0x5})
readv(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:51:43 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x4000010, 0xffffffffffffffff, 0x10000000)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x3)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCPKT(r2, 0x5420, &(0x7f00000000c0)=0x23d3454f)
r3 = socket$packet(0x11, 0x3, 0x300)
syz_io_uring_submit(0x0, r1, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, r3, &(0x7f00000001c0)=0x80, &(0x7f0000000200)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x0, 0x80800}, 0x7bfa)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 3172.431170] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3172.432828] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3172.434516] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:52:03 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045431, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:52:03 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x200000a, 0x810, r0, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r7=>0x0, &(0x7f0000000100)=<r8=>0x0)
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r9, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x0)
syz_io_uring_submit(r6, r8, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x1, 0x0, @fd=r4, 0x9, 0x0, 0x4}, 0x9)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:52:03 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x40045431, 0x0)

20:52:03 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x8)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r2 = dup(r1)
readv(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:52:03 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x4000, 0x0, 0x0, 0x0)

20:52:03 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x0, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:52:03 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000140)={0x3, 0x6, 0x5, 0x5c9, 0x2, "7d0c63b3a582abc8d747c3d844ede4404caf97", 0x3, 0x8})
ioctl$TCSETAF(r0, 0x5408, &(0x7f00000001c0)={0x34e, 0x8000, 0x8001, 0x8, 0xf, "eac7319346aefeee"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xe, "e640027f8c00"})
r2 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f00000000c0)=0x2)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r3 = dup2(r2, r2)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r3, 0xc0189371, &(0x7f0000000180)={{0x1, 0x1, 0x18, r2}, './file0\x00'})

20:52:03 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x541b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

[ 3192.475911] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:52:03 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x541d, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:52:03 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40045436, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 3192.533907] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3192.535620] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3192.538824] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:52:03 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x40045436, 0x0)

20:52:03 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KDMKTONE(r0, 0x4b30, 0x3ff)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
write$binfmt_elf64(r1, &(0x7f0000000140)={{0x7f, 0x45, 0x4c, 0x46, 0x3f, 0x7f, 0x2, 0x6, 0x6, 0x3, 0x6, 0x8001, 0xb3, 0x40, 0x176, 0x9d, 0x0, 0x38, 0x1, 0x6, 0x7, 0x1}, [{0x7, 0x1f, 0xd8, 0x400, 0x4df3, 0x20, 0x8001, 0xfffffffffffffe01}, {0x6, 0x8, 0x6, 0x7f, 0x5, 0x7, 0x100000000, 0x9}], "3d7772a2fc8e4075de59af55034ec02826b07918e16115b21d448d604d7d54d151c91fd8536c4d3750678f80d19112fb09f0889a09ed30a42a212ede89b8a935209a902357c1e775180edc468a590e2ed93d2bddae4d9eddf475bc6e91113f2ef80956a3e79440f3b50dd1dd2112dfbe2b003accfe602aaadf3f17c991dc809cbce31aec660c9610744421ca8d4b6eae1ed6d93b6e462ce8623fa4c891e08bc73705ebaf06768945cdd4e6bed0ebc5171a9fa8c2a608c802b6e59e5f68917aef2f0a0e8b1548f81f61a9245578", ['\x00', '\x00']}, 0x37d)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:52:03 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000180)={0x9, 0x200, 0x0, 0x8000, 0x200, 0x2})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:52:04 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x541e, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:52:04 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x0)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 3192.742912] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 3192.807188] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3192.808829] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3192.810495] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:52:17 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f00000000c0)={0xffffffc0, 0xffffffff})

20:52:17 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
pread64(r4, &(0x7f0000000340)=""/176, 0xb0, 0x7)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r5 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r5, 0x8000000)
syz_io_uring_submit(r6, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:52:17 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x0)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:52:17 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x101000, 0x0)
ioctl$TCSBRK(r0, 0x5409, 0x3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
fcntl$setflags(r2, 0x2, 0x1)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:52:17 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0)

20:52:17 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x541e, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:52:17 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x40049409, 0x0)

20:52:17 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40049409, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:52:17 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x40086602, 0x0)

20:52:17 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40086602, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 3206.139832] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:52:17 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x252860, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:52:17 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5420, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:52:17 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x7f0, 0x1, 0x3, 0x6, 0xe8, "f66ca00cfe39fe00f1ae5f88be7ed89fc55955", 0x3})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
fcntl$addseals(r0, 0x409, 0x1)

20:52:17 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x40087602, 0x0)

[ 3206.228025] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3206.228937] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3206.229913] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:52:17 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x40087602, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:52:30 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5421, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:52:30 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x2dc}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3, 0x3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c46020502ffffffff7f0000000002003e00ff7f0000320300000000000040000000000000002502000000000000090c0000feff38200200040001000100060000000400000007000000000000000180000000000000040000000000000005000000000000000400000000000000000000000000000005000000000200007200000000000000c500000000000000ffff000000000000f9ffffffffffffffff0f00000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000001c1c00"/432], 0x1b0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x1)
syz_io_uring_complete(0x0)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000002, 0x4020012, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r7, r2, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x2, 0x0, @fd_index=0x2, 0x5, 0x0, 0x10001, 0x5}, 0xa)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:52:30 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x20000000, 0x0, 0x0, 0x0)

20:52:30 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x4020940d, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:52:30 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000180), 0x60000, 0x0)
syz_io_uring_setup(0x7def, &(0x7f00000001c0)={0x0, 0x80dd, 0x0, 0x2, 0x278, 0x0, r1}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000240), &(0x7f0000000280))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r2 = dup(r0)
readv(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:52:30 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffffd, 0x0, 0x0, 0x0, 0x0, "4204af5078dc8f613afeedeb91401d0457d614"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCNXCL(r1, 0x540d)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:52:30 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x0)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:52:30 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x4020940d, 0x0)

[ 3219.265562] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:52:30 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5422, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:52:30 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x402c542b, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:52:30 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045430, 0x0)

20:52:30 executing program 6:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x4000, 0x0, 0x0, 0x0)

[ 3219.343182] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3219.345315] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3219.348664] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
20:52:30 executing program 4:
ioctl$CDROM_DEBUG(0xffffffffffffffff, 0x5330, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000100)=0x402)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0x20)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
r3 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x9)
r4 = dup(r0)
ioctl$TIOCSERGETLSR(r3, 0x5459, &(0x7f0000000140))
readv(r4, &(0x7f0000000040), 0x0)
r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x1e3003, 0x0)
ioctl$TCFLSH(r5, 0x540b, 0x2)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000180)={0xf87f, 0x4, 0x3, 0x4, 0x13, "7ceba196feab3bf3"})

20:52:30 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x402c542c, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:52:30 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5423, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:52:30 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000000c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1f)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r6, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r6, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
write$binfmt_elf64(r6, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x61, 0x2, 0x81, 0x1, 0x679c, 0x3, 0x6, 0x100000, 0x194, 0x40, 0x4f, 0x9, 0x6, 0x38, 0x2, 0x101, 0xfff, 0x3ff}, [{0x2, 0x4, 0xb0, 0x7fff, 0x553, 0x5, 0x80000001, 0x4}], "0a564730c6df0d12e14927020cf51a79faddd61d8337af720b9fee080bdd75c851fb9ade9fb5ba0a6a33404257904e90255aaada5a60c3a310cc412d48568706ebe34e94cbab761ca5954a569f8f3e364ddb2f9660e07c5eae9e38bd6b189e30ed410b010cf25f398cba4524ad550b97ea4b66bb471e14e3af9be46d2a0aa72ac63ea3e36c20401de410cbb49d93b31a974e7bf026bddf6cbfe1838c30916e99a996f842357b916a0df9ff23abebb0926496acf0d185ed4798cdcc1016b135cd4cb040fb7e2f5985eed04b80eda88f7fa5646f92d9c5ba56228d33b7c1bc2295902ed0026c2a0053a2af73f7881e077ebe2567b74a7ceec6e00ecb6de601dbe492a2eb4cda5a916f85e124f32c86e537650add67211c85d10df59171f9c3c02080ae17307c0cd918a389892eaad3520e76e14f34e759a85c698b1867404384f33ed0be90778a4ffdced063e8733f1a41e8b08705e96a0a3ea90bf4ad6cd6ff77759c33e2c3573114a283703509f9eb79af0be32d53030637d7d9e6d03b9a88201d060947eb9f61331722d71b33bdf02fad1ab77c6330f8359988d741f4f13dc44f81fca2bfade16dffffea6986d1bd2adfb0fcb3ee74284c7589718989e5ee2d3c3402fc39a89bf415753c90cde56a090d50b729cb0fe302710081ce4b9985c97d09ac5c135c131c8cd57c44abfc8714ff7fe19fc30375170da3cf4fc4bc6c1b85f88727726688d0a3156410c60db359722bc76d40ad70190ffb0c5b158036083d1bf9f0eed531d807741e0715c3482669728992761e63c8eb9632de11e9c1f1efbf397f62d4be8122f04a3b57eaec509d6f97df95c80f0f1572cef060092925972fe14ee5f67deb88d10d00a2874ffa544cbab71a73c93cb3908c7b137ec13d744aea83e20e0e716b171b3e61892bad7ac8e064a7ae437200584f2072bbc4db13fcaf8228da4d9ecae3df76d133288ba07e175c823b0c900b37bc55812502aa6ceab109a64eadb506bbad1edf957cd978a2ef4a1b4e8c4a8ffae2679b75103047b03324490c2cc7133cb41f62feb41c18f8fad319f2c9d2fe0f61acd5199531aaf7c1161b556d83100cc77a3a754fd1b132e858ad60ae209d6f257ac2fcdb000ab326459c9a335fea5b7bfa03a4ffdc6dadadd2b5a82b54653b2be0c43858d8553974f6bc767205785f8dbafc19678016577684fc519a9f8fee5d313d32ce7ef289bc723a273795f13a65fa7746408e2f7596036a6ac88ae1194307c363a7d0a86c7c37c3f38b6cc53cbf374e668d371ec37fd1dc8b6a77fc837f5c81e57d697e395858eff7ac12436340c3608cfcac8c9a0298ed3219f6a9bf914b4dd0aa9e28d461dbb3b450af137b6dc54e6d9eb2b65017040dad85858eed8be9b968b69adf82e9dbea7c82a36d671516258ba4be4bfe2c97554241c650ea7ea911a0c2039d149bb980fb5fc8d1e879e87e934475e1a7abb08b43a1e30d8296506029a38b05b42f22004854c396d900f35f2d05e951c1ddf254809ca45f6b29c694896d7ce51909c02fc9c5b729e280d7dc4b4c575836d937f9328d7fa948ae52766934ed789d7fe8ea84213eb4f3fe243ff18c41aab9f6fd20ab414790fd967b7aae4f7eaa286585d89c42d0ffff2158ca0b89104232fef25627bc7703f81bd0200f587cf65843e2a59b0c8d6747bfd6466e361bd91618ee20fe06c2841154a1cc89b194dc6ee8e88f6a1da1c7b6bf33d39ccbffeae38b7b4e7cf004409ff6814410aa12fca0d3f9121b1ff09caa2bed73e4163062c0e691892def82fbbd8887d1ea66b7bafb815571a2e00caa2f614fdc392b6382b4701ef58c8b6b008d3efb0d803eb05f92b052fe38f9a89ebaa076e6dc021b2ef5ff4a718c93e4bd78419c686f5e4d9985e627fe8148afe1148b8cc548a68575e0ed23b3f99bc3c78a8e56f1727df64f194df48c67b59e8c70c3e9c8c53ae62061f62c4999a5beaeda6ec1211bf197f4d1ff9397530a2ba20bf8991f798abc2b58fb1b2e03f0a80b2ae0e59023e4df4ab728bb69c82c35d690b217ea88906ed36ddc4033403a9c7bc579fc0815ed28a4968853165894f7fcea0bcce70d18e0097271535357f5feba0bbd83977a6c736b671a4f6edae9b641ffd745e7d148c9d67c71af857d931c741b06add2f14e9469bb19d589363f32e63b80e813ce96f352bd936e878a988acb3b7bae2087d85437e49023d2453b9fe76d538d68ab32f4007797beff84be87962aa459de9c77e29d18d0e9c6f42f004cd38f66270c2eaa4cc61d3b694047989a60be9c2c874c439910996d1f13c26dab41720de935e75e9dfacad8382e4ac22023c123126b51409b4f84f6749d5d3b98aecdceee27044358d1c3541334f86a97ccd28c238df670d635182be4f3bb198a8c01bd31dd7b3c1523ee22edf748d57d84e329801f76080c5256c7c4557eef907aeab8ed955697e29b93a8ff579f24f59265857a378bc2096ff749ef9527f4fedc63888f218bafa66a5a71762a51ecaf5cd0f7553f4e3f221a5e174b910afb6433f24d1b080c28aa82aa39d48ff8c4443bdd4d71c56372613ba522d9a52c60408b6f4e4beb86c238c25fdea0c34a7b3fdeee989d13be2f94d471a9d91f755a32c117173ef4cddaa284a95a17b6772abed45a60508ec4e8a5cd1b8edd4a4cf2c7fbb09bd658eacff80a2e8ffaab7fc2fbe93c808e27e547f14e4cc91131d6e97dc199a80014877f359a99f68307811ab4d94a353e4d749dc93ff8c1d55be4d97f225897d4c9136b50c358cc2480b683a419e2f230aed3ca5663177b89a395d546406daceebb059669027f9f616a142cc9fe3b0bd3df2c4b68e12e2bfb0a824130ed2c85ff05f4b61a058b254ddf3e331edfc2f4ab7300d666cf26c33aa260277d6174ba7fe5ae22acff5a9157852e85c0dd30fa620931b1be33d6c0916987f5ae5007c55a89a66de5d38ef87acea4e66bfe0f06c9b75ff2295211ceb889798b7b1623d66ae5dd95ab0684f6266c3ce976386fe9088d893795bb5a329057e95d663fbd6e2fe78116a5383ca31976d4182d42a9d022aeac21b3882d00d5354a66304e76a52bc11ce6bf880c4c4dcfb96c13211b774477f62597068460eab308ceee434072426cf7c064e67a62021df37e3a3dbe841f200dad7cea3178e0e6ed61c41626cb28180d70c4213b50aad465b6f8086480183ffba1e6eef9f33dbea6acdb97cc2a32d823851d2c36425ff4741a0d02795012f575caeb3330701809f9c8bf209df3d126b016f955f113ba8278ddac618af5d9f6edbb7403c61fe7d574beffaa961e90b8a0144d52dbd517308d7c8714d682fce64cafdcdd1c7e8ea1c2a2c2cf869e285567065d83c488f90a7628e84b0e7815b825ffaf0a1ecf883167a01c68858af215b533ba3ff52fc2881b2d99438c2f33925ae3514b5b154845d715a49c91f4bca970e4e41267cec31fb189451fe714b9eaf0b1ba3032e66bc22aeb2e2a39596c125199aa41619b1661dec7a248a4910007549c8e807457ad4e0fbb7aead895dc0aef06b7aa792b235fa8e94b0197b5f30d5ffebf10ea4d8181bde37792b064949fbe303b80e47dfbbed95b8626cd0a77a676ecc416ee0c9d44cdf43c659a4e192561c68e440054f0cf8c9de2a113cda2a5f0067911d17ab75058bf1e1a0e79b0df8d57bdf4a2278afb023dbc3bb66afebc0409f67c7ed7df9a71be6ab49ad587f09c66b468036a5eccd4e18285c43212282bcdd58347fe2a5932f48a5c058e5dc3dad1fe0a9b7654b6b6287e4c63e89324c7746690008698497eca7da009e7b9daff40b7e043d6e3ec2c4314b3a35aac1c9c9a37f6e120583daa2ca068f551fa967f9cb83f275953a7aca0249d1442e7f549e7540474f1f2ffbf450660b7d478821efad5ca238ece81673dfd23bbfa43892ca38fe5ab4e616ec6d938c2a7c27610f41f87cb5d381c3aeed0049309f5db8ac55637c0e1ce31048cc79ec7980f766e67dad23e78f02991c20831fbe9ba6f26d3ddb0c0bce03ade3051b4086d3be5b016b528b4617b4e1d0750c8829a26b8ab807345b7e8dfe530a8ddd58865e842214221352cbeddcb54b47fc0e404adcbfdbb889ae4d81c73579594021f789658c23e2522c6970181a336de561551df844b7e4fd4c529834cc974b6d3146bf3a1343814c7426617b725c605df532305cd058adc1dd35fd277a68fef129b51cbb01322f91efb7eda2ace669378aee10b091f952fa6d60eb08abb48c809aa2807579d2803264933367a0e2d5889938feb66d366704631df6bd4a5970bda8f1877a4b46d11b6f6b36f6e13f80bf81fd660ad67c1af4fb9b2c8fb47261cfb3eed76072d236f98985bf8300fcc2f0f43589917cb0af55a4796253f394c3cf20990c6c45f2d8a882aebe03fe3c87c534bbd614945aed5c61201e3fc0c007fe278e72fc677dcbcf42a35e49ebe8b2e03a293dc8fb80e073723385b229948f1e45b321ed32cc44acc9a39c9eb00f5773516ed1b3b49c9b737f3414e52d96355f9648e01be11a23c4377edb37e4e0731f1897f69b0a53d2f90451a45b229e330ba7929abf56a6c3e44213ebe9e4c881174d7cd63f4dbe0f87d65faa9345cc3f1ef7d3c3fcfe4f19339424c636640e3c6156c92bc2c1e118f9427d0cc80f8d8aaf9927a48c566131d508907c35700e8abbe7de9c494404fa50797160bad19409874ee70d0f62c0379ee77120570a7e74aba0f80d46b511478740c8a4ef8ef54d28fc617d11b35c6dfc07ed664a7a6764a60ad04d44ff102bc6f33794d4e05bc003efa0e34713d6436a1234a1e1eeadd0512ec6ec3ba8cce137cd5f866e82b862af59cb1094af693e045b01362ede4a17aecce15a144a609750a897a73a81c51a980a351d2cb51fef16c986e906b592a2bd7948a46ad3e85e8f42b56d3e4262bdcba5771c28af3c6735b4e23e59a67a8a414bf26f4a9b1f206231d3db11533e08b31ed6d2625320103be14667b4d6b3b1906405dc08a4e33c65862c5982cdbf7b7db806033f16433d9d2fa3e87f246feb7fe1c97484e4f4331f1b05b7e6ae6f0fb4610499ad8b63a6da1867241da13acb84655f97af08c5baa50fc279dc0b96ff1f4e217d77194543bc2a743045d2547de651fb17ea481a50c11a0e9aa093fb250d97825a989bd02b8b223a3e7604611b41f155bbb9b33edb4ef53ec45654407d843ff6275f0ddfb66acd8ce2976b45b956d4e35c9d555ecee28dcd6529b392194847d95da017130919ff66aba577098a5f53d049b187a27c4036e7c6b9c6cd80da4bec351be89fb79122a0ff59170552f7e4d33017b99fafe9694aa457fe3588d0046ddf9206dfbbfa15de628b20bab16a11e08a86fefe938f60063b955b0c0357d94421bd12d8a763d451644e6340ce8405bea11d82e94c41eec40f1b1d676b93127c88db2ba8e88522f6efacbf3f864d214733d76b9aeb7d29b2fa69d9d049b368394c85ee12095ed9c608edea480855d879f43f68324e8629274c3fd35d04070e06777e4b89ef696186341abf2ea70cec33db9ead8620950c92e5001a0df85a390e651e89faddb2c02585cec4d8fc1e8c3d4cec705566f723627c618cb87ea5c851f50fe9b35ac6cfe417ef9128382428851e4cb032da0c51943b9c01370d69f047176d97cb0c8e74e8c9b557a71eaf912817ddd8c9d774f0b90f820189a4acb30577ef70e7a40afaaf6972a215d455c16e8229f2ae206491cd18e4403b52bb9f3f0d4fa6de056d16590ce127fdb98c908dbef5a57157f", ['\x00', '\x00', '\x00']}, 0x1378)
r7 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
fcntl$lock(r7, 0x25, &(0x7f0000000600)={0x1, 0x0, 0x7fffffff})
socket$netlink(0x10, 0x3, 0x0)

20:52:30 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(0x0, &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:52:30 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045432, 0x0)

20:52:30 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5424, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:52:30 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x40000000, 0x0, 0x0, 0x0)

[ 3219.505452] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:52:45 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x402c542d, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:52:45 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x2000, 0x0, 0x0)

20:52:45 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000001480)=[{&(0x7f0000000180)=""/208, 0xd0}, {&(0x7f0000000040)=""/31, 0x1f}, {&(0x7f0000000280)=""/158, 0x9e}, {&(0x7f0000000100)=""/52, 0x34}, {&(0x7f0000000340)}, {&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000001380)=""/42, 0x2a}, {&(0x7f00000013c0)=""/192, 0xc0}], 0x8)

20:52:45 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(0x0, &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:52:45 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5425, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:52:45 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045430, 0x0)

20:52:45 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
open(&(0x7f00000000c0)='./file0\x00', 0x500, 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:52:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045438, 0x0)

[ 3234.606720] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:52:46 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045430, 0x0)

20:52:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045439, 0x0)

20:52:46 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x80045430, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:52:46 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5427, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:52:46 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x110, 0xffffffffffffffff, 0x8000000)
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r4, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r6=>0xffffffffffffffff})
fcntl$setstatus(r5, 0x4, 0x42800)
splice(r6, 0x0, r5, 0x0, 0x5, 0x0)
r7 = syz_io_uring_setup(0xc65, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f0000002a40))
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r7, 0xc, 0x0, r8)
syz_io_uring_submit(r1, r3, &(0x7f0000000240)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x4, 0x0, r6, &(0x7f0000000200)={0x70000005}, r0, 0x1, 0x0, 0x0, {0x0, r8}}, 0x7)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r9 = dup(r0)
r10 = openat$sr(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r10, 0xc0189371, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r9}, './file0\x00'})
readv(r9, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:52:46 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x4000, 0x0, 0x0)

20:52:46 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(0x0, &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

20:52:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045440, 0x0)

20:52:46 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x80045432, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

[ 3234.770917] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:52:59 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045430, 0x0)

20:52:59 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', 0x0, 0x0, 0x0)

20:52:59 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x8000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:52:59 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = syz_open_dev$vcsn(&(0x7f0000000180), 0x9, 0x0)
write$binfmt_elf64(r1, &(0x7f00000001c0)={{0x7f, 0x45, 0x4c, 0x46, 0xba, 0x2, 0xff, 0x0, 0x1ffc0, 0x3, 0x3, 0x50, 0x13f, 0x40, 0x255, 0x3, 0x3, 0x38, 0x1, 0x7, 0x9, 0x6}, [{0x60000000, 0x5, 0x7fffffff, 0x1, 0x7f, 0xff, 0x7, 0x4}, {0x4, 0x3, 0x6, 0x6, 0x403, 0x2, 0x0, 0x5}], "29aea0c26cb93f8da0c9e6ad42519b7c72c05c006bc37f87c3af2b81387cc1f0dccf427c019ab7d00de10a5c297837d18cc0d96c60b458f3d05110e8822a5f8cdf7fa3dfbfe4c47e8577f25b6d15b5a281fc8dc25a69833a4483febe1497a6e1f7a1f140405bc002d383b185f52b6e18240fb3e603bcf850bcd9167dbc450d4b3c47b81c77ff8a124d612c407f58bac78b7afe72f645d87c4cf47e20bfff786e50321bae12b3d78579c5ec65f365d4e8a8cb33172723aa7387ae69ecf6087b48157c825bf21e0ed1c85cf9059189ef9d4d80f05077d9eaf0b9a4b0018fb494", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x78f)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r2 = dup(r0)
openat(r2, &(0x7f0000000a40)='./file0\x00', 0x2, 0x20)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f00000009c0)={{0x1, 0x1, 0x18, <r3=>r2, {0x2}}, './file0\x00'})
ioctl$TIOCGETD(r3, 0x5424, &(0x7f0000000a00))
r4 = syz_open_pts(0xffffffffffffffff, 0x20000)
ioctl$TIOCGWINSZ(r4, 0x5413, &(0x7f0000000980))
readv(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:52:59 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x800000, 0x0, 0x0)

20:52:59 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x80045438, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:52:59 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x80086601, 0x0)

20:52:59 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5428, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:52:59 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x20000000, 0x0, 0x0)

[ 3248.129627] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:52:59 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x80087601, 0x0)

20:52:59 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$KDDISABIO(r1, 0x4b37)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r2 = dup(r0)
pidfd_getfd(0xffffffffffffffff, r0, 0x0)
readv(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:53:13 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
dup(r4)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:53:13 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5429, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:53:13 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
r2 = dup(r0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_FSYNC={0x3, 0x3, 0x0, @fd_index=0x8, 0x0, 0x0, 0x0, 0x1}, 0x5)
readv(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:53:13 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x40000000, 0x0, 0x0)

[ 3262.229730] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:53:13 executing program 6:
ioctl$TCXONC(0xffffffffffffffff, 0x80045430, 0x0)

20:53:13 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x80045439, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:53:13 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0xc0045878, 0x0)

20:53:13 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', 0x0, 0x0, 0x0)

20:53:13 executing program 6:
ioctl$TCXONC(0xffffffffffffffff, 0x80045430, 0x0)

20:53:13 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5432, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:53:13 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x80045440, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:53:13 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0xc0045878, 0x0)

20:53:13 executing program 1:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x93b}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x30, 0xffffffffffffff75, 0x10001)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000940)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c790d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c1"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x301000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x90}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000240)={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0xe, 0x80000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000001}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x54, 0x0, 0x400, 0x70bd28, 0x25dfdbfa, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x10000}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xb}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x91}, 0x30004840)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/184, 0xb8}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000500)=""/116, 0x74}], 0x3, 0x16, 0x4)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', 0x0, 0x0, 0x0)

20:53:13 executing program 6:
ioctl$TCXONC(0xffffffffffffffff, 0x80045430, 0x0)

20:53:13 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x80000000000000, 0x0, 0x0)

[ 3262.367606] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
20:53:13 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5435, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:53:27 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x4941, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000001c0)={0x7, 0x6, 0x8001, 0x5, 0x7, "cb9d63929cf93fd1d11db0b9606dbac2b38aa2", 0x3a})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000180))
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:53:27 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(r3, 0x0, 0x490000, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x80, &(0x7f0000000840)=[{&(0x7f0000000300)="a63a85f508c53b74be1cc06a8682449c18237d779b4f25f709ca4b1d49", 0x1d}, {&(0x7f0000000280)}, {0x0}], 0x3}, 0x0, 0x4000000}, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000140)={'lo\x00', <r7=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @random="ca73da4133fc"}, 0x14)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000008c0)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000880)={&(0x7f0000000580)=@xdp={0x2c, 0x8, r7, 0x28}, 0x80, &(0x7f0000000800)=[{&(0x7f0000000940)="c07b06fad10fffef900b495d78ee37df45a5aa5b79a1b6dbdb94e65f8c56422458502837e371f73691c52c198b68e0d8e06336e6d97b6cf4986d7843939836d4980b2cc2bbecc872dbd20985ce4460db95e87b0ade19974c95066ff2b8bc795e2f88659fa247f944862150e8ea4b5ac57b390b33ab3e5a36d59fd33ea3c0d1890d908f77fdca341e43ee5636b9d78233c862436306378aa4608c133ef65af7c485fcc1f609e26a4654ca7c57eb52c9ddcb1ef5d610345c9527776ea5630c5459be3ffff09dfc0ac4914441efad01b780a04e60ab1e53fa318f4b17cfa8a83f74", 0xe0}], 0x1, &(0x7f0000001280)=ANY=[@ANYBLOB="5001000000000000210100000300000069805babe27e6fb2a70f3ee49eb152754655622653a4ef0ce98b64502103670f29f296505d491448d70f159461991fa771f666f9fffffff02380b1047e3e64df9c981f564e4ed41243ce06aee46b59d9025aaba63ee98dd2ea6a0e73890844bf362e635c4a76c2bbc0e12be521654eeecb8616c0c258e68b82d8fe88f4c3012000000000000000904a5c702eec3e055b78b04334e608697bba5448d6ac2c4e19e09a09e5aa376079d5cfdfea9e15096cb1c85e9cba14b3772feec7fc94a12766b88c122365baa8e6bbaea996fa3adf5facddab66a75621c2344c5cc7794f290178a4041481cbde834df69e463de30458a3ce328ae740103fd3c6415803969680cb1d841635228ac53ca680a16af76762aefa939dfb7d97334a0e5496e4ce12277acbf4bd25be64e00f4a9403544bf2ff5d86fde776f4510be734e82647030000d00000000000000011000000ffffffff90302612f7eb842474c00bb3a60ef531dd94c11d8c4d728d0549e4911b9f9666e80a9eb194aa4b3dc4f196bc818d6e770acaac8805c56d11b496dbec2852b5fedc4bd77597c6a3e52edbb3750057a6fa4ae762047cb289c3e44832a48a3b8083c0262aea5782b5f7c8d2eaf4d6a203037e603e81e116efdf634448d1bbb072362e7fdd3c26abcbbb6a1ed187415eb4926e5350585165bfafbacf49b98881ee365b06c96e3b5191a66acce1e4e8afedb64fefbfe650b43214126cf24d4147000098010000000000000b010000f9ffffff0e7b84cd6b8659e4e080089b88055cf0dfff35cae6e2252bb97259e472da025f1d4b21fb9bb8f3ead302b194a3f8c8a9b86b3a8d9d749cdcda1aef373a1d1c0eb91ae88dd1ce268009bb7180e56acaee1dec62bfad357f14e76a189182dc5919edb0c70dd48e6dab06ed688b3db58f93c6451eb2b8fa77ae3f8565bb7260b42fe659e10015acf37fb50bdfe7b2abdafef23b4754679dd8cb85d75e6c4254fbdab4c81f1e35129c713fbaa9099cb8dfd4803af22507e570677477674c28788c1fe1d044d3d04e274f328de4afaf9e7a34a05630336cc80711f0f9cc9f6e52faa1d7fd4cf47e385ba09eb73f708793d3599f72cce2c5e7ff0aefcc6f4a891d293b868a27d35a79ef6da3100ccec03e6ca11c90bee8d02288b7f0f9c8be51b3e624494bfc86f5addb0481d0703ebaa3c7824e830488dd16c861b767dc987d3185d191693f20b84d9e4b77439beb03bbf9864614f850e862e8029fa4e31fc5f148c4f329d0329a2d78c44bb63def5847450000e800000000000000050100000100000032ecf070bb0efe8fe18c878e30d2a1b5e0ccc8e6f7cf8ff79fcb4ff62276be93aff615b4117d8ad428b32f6c2dcd174212afd4e34d219fff5175a50c0378916d969a4b3f12a001d095a74c502e2109ec3d9ddcfca63feddb56bdb46541ce28e9d1d384dce75ccc03729e799756d8a2a7e04ea539b7aa4bed944cfd80177d2ff93548591cded63b8d51859cc7825cfa8d942cf292d1c0e8a49e8e654a78405dfe8fe6500a01ea561c38dc89658c5c95bd525ed5147c20d2498e2ab8e71772303cbfea6b393053a8be5f800ce86c25e828bb641900"/1170], 0x4a0}, 0x0, 0x20000000, 0x1}, 0x3)
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r4, 0x89f4, &(0x7f0000000180)={'sit0\x00', &(0x7f00000000c0)={'syztnl2\x00', r7, 0x2f, 0x0, 0x7, 0x1f, 0x40, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, 0x40, 0x10, 0x8, 0x8}})
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:53:27 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x80086601, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:53:27 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045430, 0x0)

20:53:27 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0xc0189436, 0x0)

20:53:27 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5437, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:53:27 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x2000000000000000, 0x0, 0x0)

20:53:27 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045430, 0x0)

20:53:27 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0xc020660b, 0x0)

20:53:27 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045439, 0x0)

20:53:27 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5441, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:53:27 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x80087601, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:53:27 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045430, 0x0)

20:53:27 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = open(&(0x7f0000000180)='./file0\x00', 0x551003, 0x100)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f00000001c0)={0x3, 0x8, 0x5, 0x7, 0x10001})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r2 = dup(r0)
readv(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)
ioctl$TIOCNOTTY(r0, 0x5422)

20:53:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)

20:53:28 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045439, 0x0)

20:53:28 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5450, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:53:40 executing program 6:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x80045430, 0x0)

20:53:40 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0)
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000001680), 0x44000, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f00000016c0)=0x3)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000002a80)=@IORING_OP_SENDMSG={0x9, 0x1, 0x0, r1, 0x0, &(0x7f0000002a40)={&(0x7f00000001c0)=@nl=@unspec, 0x80, &(0x7f0000001600)=[{&(0x7f0000000240)="5161528093ab479409734bd7e73d1abfc982f6c1fe816b9eeebc51c681d100830f454ea89266c2facfe44ee6403054e74e9569de9460847199f54279e5edf44f8a81f841f1b345b3af8f5f0f7396205329b5023d6b42e174df42cfce8b675e3f947fa530d19efa781b6537a87edf0fc127e84d7bc950c82ad8c6a0a7ac2fc755a46b29520fe89f266037a28ca4eaf1b413068661386a3ad3c4440b4e976ac9b350fb7e4d4721c9f3bcf4d201ad571866e8df582c3987ce6cab382c76c2b533c6879eec4de6f9f60d953ae3ffcc46cf312ba9b5f23cdeed63ee43342fa02195f49a0b21127b7074fddf5e611305097d2a", 0xf0}, {&(0x7f0000000340)="47610a8e7c2fed62e3e330b21628038362016852edc1fdb677379a12289034a32276aee5dab4aa4747c571b2b797cf0371c2251c304760a93588b33d0752508162dd037ea1ac54f210113e1106bf56dba1a0d586204716f4aabc4f0cade3df53b7ca3192b63d1833d5a6970d49d11351416b7081df88bb35aec688a5acd1c942fdf99d", 0x83}, {&(0x7f0000000400)="383fcd04289618fdea4e9ea9d74a4fd71b1ecca97f456e07662f83aca98ab6b876e5759c90221c7f28c7c816619d21e06049fa09d5ec575ebaf4d341578748ed39cea554a64670a1cc26c1f7d7eb6008a478fe48df65ed26f559ae01719b1ab35550a94ae29d73ff6f744b479ec048ed83212cef67a7ead7a9b6e161885732a807260ec46faf9070519aca3173c6ff510d64690fc84f6c86e6e022a98bc78e1cade8d287113e6230bf7dd0075740134cf1aa45403977b73d6ba9f5ac95c32994835de20c0f3fcff04f29c219c80a0e3efa22226ccbd77b5521a6b5b6f2ed4feeee7841f4ba3f5e0f355fe76312c59c2a88ef1b13c057d7cbc7d54fc2d60e6f9bd981b680c70cb5f11f72d464bb9758b1791e80fd5810e5ae67c9e3ff2d49e4451a9503ba9dced0efffa82136f15d3a451785580bbde44cd18265320bf7d57c63af2fd561671480d603ebc6723cd0a2ae25e14c8463686e58ee47f012bf01c327a94b252d1035095850476897a097fc5256e1f4943c96b17986d1adb58172848cf8d2b897b91af8e655f7fe022b7b13277b08d366ddd5976fc97dd45200df72387d84271e438fd70b7233c61b9f985cc800acb4195742690be5b2baaef5bb2f5781204a67d52d11c25e7d25662092a288f59662ec8a3ace6674968bcda74539fba1de05521fe1ff7ed984a71d09dfaf4da465afdb06e2d093b358d69548ec7a4772d0b58cc578efa7cf399774df0755d0450f096abdce5e0572814fd8e25c44ada3892fbe0e5fd03b8a0869b9864d91fa39c55253c64bb1af43b67352c9a89a5278ed2bf01906b55f22c3d1a28cd65e38995ef65d0714e54a1900e463fb09fbdaedf2e6741a7c6558a78df0c85c0fd9df4576f5a4737e3c7088d4f41122574f7237cb7d84b65815d9414ee70e53a352e5d5f2db8d831079b2da2939568974694df5205c7aac4d7763968a75ab3d61e817b07ccd068431b6cc65213437b6ba4cb119aaf796b6ca42d98031f9596f3da8b378ae10b20fbf05bb7940dfaebd533baaaf035bd19b1aaa1f013ec8ff94a79647600beecea28c68e65ffb2e33e598fc5c3576edc01968138f1084602ed65c396bf1b711ee037db55a51c4e52d37099bd92d281c19aa8cbeae2f359b18e3f09b3ecfc5f6fa968ab5f2e13fbf5ca6d63c80727ab90c92245be70f2a1a851866d223429400ec47f1d27d357186a8b1fb7238b950debd6abc0505bcee659ffb54ba74f96def3e85ff2bcc218b8d1e114054f37549309372436e3b18a90ae56e5c9d67f78fd63b680229973f735adee4cf070214ab5443a103e77c9ea19b75262c228e2f41a5c0e21aa666ab869c35ad00889262d5a9de3c8e8a0714cdb8d5cfb20ca2930d3e332d6744c8aa2de77bcbf3c9a1853045c9cd07a55ab277420a2ad17ab6b2826939a7328a739dd690c8de06df14cc872a315d7a98db192616cecc4161fc09ea9044028374f942cb3255ea05b4bb8c3c1fe61c153f14d7762a06c0da9291708f14a65378f23345bb02425d1cec3d1cd41816dc95098e76895dc93c5523e1e52255c0ef62b70e3fe6c0627292ad45f3f820c6643698a2b6cde665b007ccb748c3bb9b8bc8c278870cc747fc40015dfd292cfe9e553bb5d58b44136ca33b8eb9c79cf6de24f2b1f28cfbd48e09af16542380f0421e624c5b1016e6b44207a0600a095b57874e017d8205977e2106108115b6c03d47734ef49b4ef94586e0cd08587a1d5d78fe12db08dfda2d1f25446d1091f48b42408517923c3a1e1dd89f9361bec9da46ba8084ebcdcc7f941e6fd70ffc16871e9620fe1382ce2ac71d9090998eae631347fdfc4e5ecd8819f37aa70081460e455cf42a3b24a19393b82c699cef2ea622d1b854b725e859fb844195cb61b0c1fd98f4710dba96e9f4644c480aa2bba2457b6889a4bc426138b25958d3e36e2903f2c8939f1496bfacfe9efc04e724431990e9669bfa1d6f4ce0fadf64dc65274a77f2ad2225aa38987ed023f424c38853471cf595e8ebe9a823ae0872d32f1b3a0c02dc0c11133a612cf1aa540fc7e1149b97bee1b9c8e2277bc1f03ec873185d8c0befe22200ec3895007e70533bc0681495d982b9603a997a551738ebed60cbb317bbe6ee4e37ca861dd4444cfaf6b5da7ff97170200a2620ed4be8a460cdc2c258212061f3f8a1224db17cd0de312d8541a69a482fceb25980663a77ca3ded1b5bcab5232d8095bb8687e533aeae530d072211b6ef955d343e5daf66bc364c7c833096c24fb9d4b237c4fe0508e24b7035ca02d6999dc90830d4723c00353a20958fa0738984c335bb43e817e6f29dfc3593c5f5ff9c73678adb1ceb0439832d686091a1bbf801dd508af40b2fde1a7dbcadb06483c724d59ba53c0a015892e1bda5535e24410d8908d15e32c392d2494be89c6f83a6e7a620eaca1b73fe79b65265a44769d0aedec385abd9533cdbd51317b62a1f40ee96932aab6ff290fb1dea201d9626037527331cb32fca11537da5a3b7ba7c57e6e0db4054348e19580135901057256312c781f85444fce81bc340db26b8df15ffb2a462683c0d26a47b79ddf4948eb6af8062d8e057d4423cfff664a990514da6d9299719d9bef1efd825995f4cd50d6efdc89f1c784102f0cc016ffd6241e3d7448946c0158c27796b6e484dd00060ba5a98ca6221a0147c371ce3ed6efba2783ddcbcc52e262b4e922770b867889255a0d127ca4a92260b3b811f8579fbb67c43721ceba4cc2c760eefc967474e772b711da648f7ad46d4fb6b626295c05df366e1dcb4cd5bc6849bdcebfd332f30a486a325d1ee5e8d8e621ded60c2b6b6b0a8be276111019eb3cd83363d6162b7bfbeba874e6ef845d817127f09087fce262430a5f0e24a041d5659b2b5cbf5de84d88b30501c15a3b5f0bf174ad93a4cdfd4b7bfc0c75c5a7426b322fe27a418aaff3015b6a3fd753b3955fc9755ce283004979bc4cdb8a0f653bbdc53f8c71bd4c3ae6ee313d074cc6fd2960a7f57fc2e5b48b0447c4603c449ee21d0f15ae30624f506179f46baadbb1109917c9fb2ba3bc0d2422d5e8d2fd802d2071bef915efec4c1ef73dd793956b53927a7fde5c793fd808e8780dea38f6c18e2d532cf69b3077121f487179dacd9f2a001e4187f5c4590e3482de766698a0cd5eb1a8392afaacaf39abff9c3b92fa2e0fccfa2972f62bf11d628e1baf7c2af8f1bbab8930132b33291ef1b1c6f7b339ac028878d5b64f79250c78a2795bd65de2d4a8d582ff58ed8b3741d4e693ff6213972dd84a4c2564bc31a8f5a0755645fb4a9e82ba259639914033830883e6a4c1d6892ae3e2adb84a834f892255a7292bd58445063204bca8fdf0c1d9cf77397cf4faefcaf0402a2722d287501ffe3ee2fe369c3af549cf4416461c7052515d9b0075995aa875d4324c6ea362798069e20324e331d14a129176f9a8d263cab625868956b8796de9bae65cc525ef01485fdb56be28f3319f9cf8971aba4fe6a7b24b90a14f3fac786ae1b01830cf426c2a0619f721726a7b1835daa1f834d777ad18e92c06f6b70f91ac60e8cea2ae709698f244268572d0aa3fc331d3c1748298ad237fb061e1e57ffbe652a0c39e37ae93753f8ab02acef3f969b8592f820fb9e8a3df43a0baa5b347af9b82a543c295069176328ca9445aa51a9f177f4b526166a5991e9caba749bb3b605b3be7bcbafd4285169c579497cee0c10a5a5637b128c7f698009102e1494fd62774ead3f8caed48687e0541eb815e21935194abc287bc23d7b6f1463509bd9877a27233d7ec8b159c5bf3e01409901248b232f5c6d486353cab8d96ee2b766ee49028fa42a743c5919f579f16b22313b25f5fa94dcf9e3c72b3f77963fd34ebb99c6cf5bd507bf2f09fa1167cd68c9bc951686a362531cda33e968d50f118c82215655936a62ec9185315ae4d694ff644123528e074f56b840e9e5b48b819fc28955f91d5c5a3beb02783f12df165b1104fed9e45e02b7af3e3be5f51c26fd05109ece0c16211dec9f04ff441a2d3db3e8cc3539f8f30046c6e8db6a6d8b0ca0b42784d1e1cefe5bc49dfc4b64b7cf2681e7593cf3366283b66058c9100715a2ce0b8391c59fe4ae5f0ee2c4a232e266a26d70e6b169337949de2b1839476fe96e9978fe6511a66596df09296789cb62c6e47440a51177f083a144e635392c277ffeb5ecb4b298c7731682684defd502e6bc9a5ff3d871ec5d1b98eb1f9498333b08e32a7846bd921bc733b9faa19b53e0aea07f632f9d6ab7673d352db79ef0549cb5a6d6b08639efd4137f44a99fb2bfcdb8aefbffce742763cc0949a3e75d5555a94f447232e5eb5ae3b53dfc2c44c1f3d01dd6666e2fe5caffed2ee09968062ac17946fe75ced6e6ec6953c64681538819a09aa8e28c580ffd190b28b928decfd69fc91d36699ef3f27e67a1a948b7fc500fa318c90579e3f5fb0ac9e1dc5f64614373472f0d86624f9760ac8ca79aee06211c03931fba096a163f9ceb0cbbde96c14fc8cd5b43de23d569e239e7de24c08e68bfa3902f5153a4dc1d8e7f2041b02315cd63e1b6fcebc1d54249d1cce37ac778341b18d1844497fc4b524c5093fb270ec85ff9ccb13a500101adcd4c85c50ca53a833802302b8455d429157a03eb1e481589632af5697ecf2fdc291384f822ef390450f1c843f637aa98e8b54f71e3223859e769a155382c7ade0d524fea8549273a5d2463f023888cb7c50a914fa62596967829f731cc56f79c2e7f8dce23cc62d8a8b83ebbfc7be04967d7a81b8302863968bdb3f3d4ae0a8dfb4b305eddee1fd5765383a77dff0664339eb019ac69de04cc7db9f6d41265dbe5da3849c0452bf76e486c586cbe5eb19d4669fa1c4339f03223ba4d84447d50d3d8f1188fb4500f94431e4990617582ed0f62f5a25c671a682d2c9db85bac4310667a7da35a775119410ec6fbc8eae418dc50743f675de37a27b349e7c9deb1f4bac17aac904141a8d7f8c9739870eb1c67c5842a1e4ca01a170b5a920d2036effaef449130c0050d046fdb9eb7fb575b27c871add487017767733091e50cad7ea44faf65bb9325b602028c75ccc4ae1a15367962cc07ba5624581cebc523df9874aa11b2d6c2014ddf662d5f84f4e7f1cb3434a4d4529bc87dccbe00a51a93083590571683d1fa61cc8abc3c779568e251f480a2502005c0d13738e5792c4b25276ecef013d80eea967ca724b4accee2109bb28fbebbf9cd5435d6ab3304df05255f0994c526c6484121d358adfea52fa2ae90e1acebbaad88369db0320abe39ea5f7198bb266c944b2328a7823d88a375c8bdf1eb8a85d87c91a526a755927f06e3719143fa7c9d8391ca8984b5eb6cd25182c9755e9d8486face3355d158ca402853eceac1ddcf6c6baf37af9ca05731aa125a5f93a1bb0aef30b1e101cd243ea190eae1f09fd2fcab0b2ddc3759fe12a076bd2d1a8cf2673d538e767992faa0db421f9d5040bc874fdc71bfee395a9c60c959c85f252c4248e5fc8f601dfb75c35623ded8a38c90c0c3f5aa3e024858a673794fdcb8640221c2e8b756a2bb323b7acac98a7d2a23c15bc17131f156b67714f386a95037e1c849fd1c51db4d6fdebf7ef19763b20b0f31518b7c6cb6ad40e20c1bff8f83fc34f682633af9f160008b7e0181620e312fb39cb7963e5cea030cdb77bff3ea4d41f73a0d5d2263dbbe88031ce2f8cd44d4fd648459f2d8e80100b5ca342da057d1150f06d488c35eebe0371a84f3e1a3cf", 0x1000}, {&(0x7f0000001400)="d7bf672d35cab054042a0bfb0a240be3f3ac06d1ae4e6dd2b1ade2c9d0ebf89bc519a974b3e1f747c46bc7854692d50c8d2b13bf8c4d07ff6ec364ea31b0ebfe6295f9c02405616c3d6b57c7e1e1e992f5de3449e0f2fa19cd6c2a9b1ee79cf8e7bc45c4e6702baadf500a00c151a80158bca798070c2f0d7492ba668f968ead6571b8f1ac9d46d184e0a28240ac20e451c96601c72aebb588f6309e0e28cdf10342a681a48393d1", 0xa8}, {&(0x7f00000014c0)="7fc90fd76b1e85a146045766dd15605b0db8716d17cb1c4ae6e0a3dc9f064133456a152dc802bc65cbb8f41fb385a98a67f466ace7db4033ff8e4d47be16af4c021a803169645e1738f295c6dc907c6fc12b2ac30dab042b72eecc8c22d5327b174080bd3a6711a9c69fce85d7c198762e23b1a6486c9621ce8fa039f7578929746ff7934d2e451f8de64425f2c462ef5850cf168af7fafe644256c2669cf24a5eb96406bd572cd6211311ef22490cd7c377189186324c0fdf5c3b528eba887619cbcfc99ec50bfbe654d0521c4ab24db60cef2de05a56ce480fc4394a9a67faf7", 0xe1}, {&(0x7f00000015c0)="083f60119334cb3a97114068f1", 0xd}], 0x6, &(0x7f0000002b00)=[{0xf0, 0x10d, 0x5, "b43878830bb82e0ffeb769d8c7616c7519f0a142bfba156e67dd48ba7ea642957a637cd0a129c4ba864e8660ab6d661d3165f4a12b875fba5872dce0ab7ac903bd8a53b0f182fdc229b012be0c3fdf22c9bb5c346b0cadd51a0c571bfeb1c56b1478a4b8ad8efd079d642cfe6dce0e84e363abcadc375378c4fbadd37a4544caabe6b8255ebf046bcf72df5792bd1cef25cefd72d37ced40072e218d9b0f592064bac16e5fd5eb12bb58e9447970475a7d961ae9e80ddd7dbe5a0becc465f44c5408e1e782fc8532391ebe2ec90d033b9d524705c46b8fb76f7f"}, {0xd0, 0x6, 0xcec, "0c6e155a9517c3a80dfe512ba8a61c709e392035999537780269074ad3484461ec53f546b9c53abfb7054f576020039feb54c39dda047241bc801ab2f3ebc012d21600e454e98c1bd550e1f2135e4e8f357378fa23a77df147bfb3a5a0c110d82821593a06cb6003bf335b997b7ee3864068ab549552decc3f0348856c0bd72b32776111ae81dbc726c622311525c5591a528345cfda0cd54fb829cec0f8a53a0fde8fb3a1f22ecbee5512da1ed2459a449ecf002d9e51d4cb3c28"}, {0x88, 0x113, 0x300, "a0d68f26e6ec316d81ef3d2d47b6d19b467ad594d69aa72375ef2685f9da719b268dc3822c938eca691b5407ad5e67c1648d6411c13e981199d4d7fc65f4ed3fdc79776a88635e6bf3b60bd257b0587e609b575d0b90ae63739d745b344689b88185d92d7e6365ce77adfc3251820b53f5472e1e1b2629bf"}, {0x1010, 0x115, 0xfffff000, "a121cb1b69a05e10a98e332782cf479b0f21678eef4706adc65e3e8f31afb112570cd02e848ee9245bf8153bb7f8acdfa533adf285f7d2831cf7be53e62fa58a44272046920fbf1b9055c470418a43f2d33fea80e068d8e4f03c412906b5accaf94757609282ba6f5e1cbb318878a8c3cca1cf08c4f5b18d0d6c7e739d87995c548a5012fb58af5b1e6819e3b44f34de947a2e751e536a2cb484df202ade805fb2d2fb9c39ead458731fb666d2737ba88b529236388e345f401c83b18a5b628395ba8552a002f8890103465f403439d8e8384a7eae0ff417d121a0d8dd317247f49d8ce131f78047f8ac7d05d58dbb15015fea01b0cbba601b8f0f8f92997523df91b876372a9603648643a9ce2c9d7e089ddcd88a7efbf4276d364025d4fbf0412b9105c7107ca042fed741f839fa855b9b6dbd8279d5a2ea96b8cc40064f0d00a8d399474895ad888e397ad401e298760539f35c93f414041c7099c1227c575021ce20f35963fc8c6d2e88e8ba5a4d8c09208081ecbcc13abf1f7b65e4122442af270f716f4946dfec39bd77e60c05672cb5838a5c695edcfa2f40a9d6804a0459d349c7a2983906c0592fd854ac4157580c0b7ac89d764ba1eba4bce44e997ad1ecd7d5088f61fd91f04fedb243e026d29bd1a9e023afdd79a31cef671a250955ba39bcdc56abe96d681aae72070cee17127b08b7f05ab894d30bc858b94ea3cbc80655b87919c8dcf49cf3a45bb4bcf12b8d4e34908bf1a362bd2138b400dd749092e35dd6ac4ca6cdd19883df8b9ea59e2e7a2245c329fb7f5c1a26b75dea29121bb9b4cb58ae3e8b00fb5f217637bf717e80826003d9a94b2d840a2883b94221a393baa39da23843f36808be8c78b8afbe67fa062a5bcbfc5f389accb1595c38a40f6a1118b950fbd77412c3b758efa2ac0743f3653e9e3f1fed1c71512c887248924a78f9b3a06b71caedc85389eedab4b1a086897647ea60e4851fa589afb99f8e3437fc9307d3741d64a81a3a4ad9b1cc86959cce7c058ed6860e986a77e5962a593b4117f75d586b2345ae9f38cad98d26090a2fc98e92f92ed2badfe9b34c65dc10637a6efba57e430144a0360201958917b9354c8d7ef85628f06e4243cb9047be928f3703a2f15a109c3927f33fa1d874a8ceed7eab020bcad3292a86d025fa693e6fa60054e9d63bb8bcd52ac3e77315e6e7becd1e9a70830108f036a9a91786c4891d53195921883020961aab228faecb0ad87969c863f900b70abd77cfe39a4928320cf598321f284dc719ba1de50dfbae721d3cddc420c4602b88e9f59df17bf477181320cfb4e757667bcedb865e7d1624392c9446441975570ecd0d159c12f7a4d0d31a3fd2abafa92f3a8b4af572bcb28339582f88eaca625a4a2016cd758907397d74e38c76c41ffa6ff394b7173b4737062eec6d4a087381927b266010cb89f867e6a5702a12ebf52d1403535b056612b789cddd7c168d0dd70924eb154b269b7b313b364fc20a14ecabb3f69b0c3254f2090c7f1af2f360b01cf8835e1536082c1d0918b8eb3ca58f87165522d242b2c9ada324df8485db807c608dddc3dc5bc1c3f52440f2337d85dd39a27768ebdb74510d2266a5b128fd08f83bfb71d7aa12eca7ef97a55638389914a7c444a78e271c5090095160e2d26fe83dbc393a72189bff3a5783d1aa086b55a0ca253fa49d1e48536e2978090f887f2401b55a18a23552d3bcd1251576c8133ff7ddf404096de7f02c07e84d3fa59d63afc2b789f74b1ce7e0d96c0e628e137b0b13c8272699e535b8ff36688db96c8d6bb8a6b802f4f740f638e227333202afd758b6e9ddec054bf9d9cb8a83624c00e663d9da2f1b31e817c6ef3ed95d9fc1ba9151b472023fd4a1c6a7a03e45e7f40e93698bc0154fba1f53bdcdedd62502b327a3c8015befc3f7a29f880b6c987ad091cee7300caee8c4158787700a941ac32a515b5317ebe6938235ff0dcc9bcc31af6b8ecdcf62aa5b8d98f0cad67da109e9f082ac1db67b18c22c275e330352166b45fc77fd58094cde7c23c94685cf247b06590c881f004347ba7b531ff21a2ae87859fdbfa679730443232b9e374b2eda2fc3e0062e528ac68f9ce559635c672ae9ea9c3c8d0f3ef421a36b24b3981222dff367bb6ce0470c625504ff808e70822cdc47f64ecc8c1e7a04441418e9a490f2d24c493810b54e47b03449cf15a77b2889031cbfb0faa2090616ce58bebc99e612325fa41cb279213a5eef2b154ac2cbce28568eb598c1c11794d2fdff3056ca70b9ac8399c392d54f48133735ce3d200aaea7cb19d6e297cc9d0ebff37f36a48571fee92afe52235e9195f5aa66e9c6cc8c8f4e3aa89d9622abc0c337d864045d98d94f7d9d4eee480cc25adbb640f11da0b6356e665567bbaf74882625591d0ea91b21378dd2bafda02ad3639301d6c81c02ad5ff277c43f598dc2698216c4edab0be10d1e252d412b24da33bd068441af88f5c5f8e1ffc736f90027a10fb81006edcc96609ed6f312546170d24c94f78f67f5c36419b66bc1599f4bb3af27c9fa9049bcf504288a8dc3381a9ffea895089f1cf4e1da64bd794888c6f29b7f32f7eb0decb8e2f048acb33108817322dd5e4f4685f51f8883c9726b362813e9f1670d8b46b4ce294fd1006068b7d70ecd64b1ec7ad2a6b909824bc30e8d8427fdf7b4f2c4f3a26d1a2fe90ea5575910d4a1a3e601f1ee90fdbc3156b03cb79d39cfcc63ef01503ed46892b5d1ca41efc473e8946ed15b1cdc1f32c50e035a08f37990792c1106dd732747ef59b7f3414e1b5803e64d145a2b073444968de45c2adf08e840e12876d20bf459f319eda591bd0db63c9ab715f717a9c5e41cad89305e66030e8724085efa3a4c1793e60b300d5ef61975ddc1a03a972486ebd8a5a080ae67390a1e950a8bb373ca332c082589a109bcc139275329c50f67f4cec2899b36f1a7bb71774917dda5f0f1dc851c6e84fa4be0d9855b6d604c432a60678a99ca308e9157758c824900dbb955f031e8b6da17652fd36d63eaea04f8a9aa5b169cc1a1c81a56ee5251606a89b60e2b1ab665ec67fca984e888a8cb3e3d6b433345bf997b1228efede746a1720785c68f5d81fbb0c368d3a66591e62795b1a970f6815800a6aa64f05668934b2365b79a44aa500fa8d37a81e73a6e8f5c78b24c048301387173ebc0fddeab8053b1e9b92d4291de784a2293ce2c31571d4b3d6a0c8b548b890022ba71847c240ecb29e693d56a63efe0b8d383607170b0f5b54b2f9684ec30da62cb0efab787c2a1c2a32d0d5ab0cf5eee974d1df6e0f71ab3306aaf28e1ee7a537803f8cc6d780f721191fce988bb38ad42180446ffa9ed8b093b1b5be9b7cd98afced01e90be58f6f18f8e94a748c337e62194b48be01febc13173cf1c8db961309c048903a13fb2fa3291a37c2dd7d036db18520609e8051627a31dcf584555381a902a3e611bca927acab5b80496f261591e6eb45bf9edd31ba436cad91239d306ce49bd3662155a5d7053feb9af2db0b365f51872215c6b8c099df37dc30264908c92c7a0301955320675efc96e2f1d16ad1a621d8c81b51c1d44e21d4cb3b548a0f77347e1bf25ff7a5cafa7651f55808087d72c0244b960c0e670416208ffc2dc1864b2fe100d4f15e399465be2960fa5889ce4ec80ca8b6eef8327a269e2f14137e48589d7c1e7a749e0f7e692fc3de8157af6a96ed815a0840e911a32e78e30982d0bdafbe900549138ab570730d455bcf7365fd8a559c898b33c524eea5aecc8e19306a88ccbee340944e1e3264003f858c52adae9ebd94d14f376efaddccc092f8b26578a107383f755b3b2b6855dba8aa6ecb495c2085c0d2e91183c6234d7c3a48de1a4ae330a669e467523be0bc7f3689179b11cfe396d55a8027e101eefac269d3b13d179719a9c02ab8a0d5ccbd033e3635f15cb828818b85b1763b82022e7e41cde3718cd074af0f318472fc88c24f052b5a7577a03590c5576bd13cbab3de49c8964b1d08f44bce4ef3a316b74dd644a1591514d540c321bdf74ba25dc4ecda5ae0d1c4c67cd4935380f2299542fc3f3e34c3b32d2e01aa10481ba0c2445209002ae800473ee49eeb54800a04822c0252a808440c1130d22162b8bdc7f98f80205b3b47868112aea9b0850ccc0fb4737123bf4d023839759e71f0c717168373c6ce5d562084da1b908b223cbb31c172f92a66b5d3ac4ed638186a3ee79e29cdd432357b0a4d065773ad016c0b8e38f4e12177d4f9820ff771228480e68321a8bab43bf7b664525dede966324f9952cb463b6ef48c9e0f23ac51a379b2cebfe76de2aca84861e0a1ab435d26c7c1bd5b737836de3a71984c4fae790ecfeef3a4baf26fa5534b387bc09dbb32b3ecc9950299201a44d524620757cccf90ca4f7ba7d1b064117c33c4f328d8f1d4368cf82c2cb51fe6ab481fe7ed90695e036eee9f35ea9eada38ff6f2184099239268adaf0c394f145d6f748b0916065534632ce753f631d871cf5a332bbb328c16b19c38d74a237a00a7b0ddbdc3f345249d2081eb985d4c70a169497cf3586681ad70f510c69e3f4237f8948384a50d78d17012fe738a40892cc1d38d6439b24d8bb42370cbc0aedf71e50d12699f853be8b1c1a004c8793790326b71620a0d3930c03778590d46fdd35d3bbaaa092b01fecb6c4d73ae69d7d93a8bf23d5c14118a09339e686d7b21736477ce90d961009fd79656a8dd481ed8fa88306ae83549068ec67ae6068aadcb505cd28cb5f52dc07ad21a2049c4150fed12dd1479c2df00856d0499e8f59cf1e54b2eaadb1052785aebadb9859485ba89945ada193bad188a4904ad9ac44e68e762c354fb4cf1ec3133ea193243501bae782e2fdd442b7914760c68db82ab938d518ede08f768f11c7d0aac00a04e93fb31dfe759464153db55559ec58b4e2ab1a1652dc59cc89aad9bdd110ddd23d1135d148d9927397b34281b428f9b816b5e249c3b3c3341ddbc1f5eb85241c18e1b95822f259f39bf69e580ed0700a2bd3ea46c48892090bcf79e94ce8982110963d85de7653afc74f7f5d303475ab8be1142f63124ea4def6e4b690972ba7178f701793a9c679a0570f91e3b925f58165a2d0cb1416b66f1b142f2729c6aed0bb939c304dc4f47e906b6410ebcd7c338ac4ec646c74882b66e6809ace24ad64ead38a845629cddadfbc3128be3f73cd1fa280d699a082f41c37cb8ba00d5fcba39752df618e80696eeca64046e1767b2130634fdb0a793a720f636707a57b67096a62a80a23f84611d49322a82bbf85e8bd8c239456ca53ff3014fe44c691b451cc9e1fe4168057639b9c52c356b3c986c1c731ae2cd9a6662882e4d2af16aebae89efdec742f4ee069359822252f9726bc96985745a3c6a41458dee2987a20c06bba7c4bf0ace01b2085522fdcbba199df75cf2f4de1c7c87f6695d53c0878a919eb73ff362760202df0739b8422c5686197b18bfd8404bc7210dd6a4d9ff8a81db8f16ce8a9c273929abffc99a3e3a3763e3dc3fde3e13455429ff7894b0fdc4ae7c126ad8d28be9fcd0772813ce4ab66bd971b6732ca534527befc402d0375a3a82e5aee30ebe084e52bf44bea14d170c01d3fb36a8816908faadc8731744d4f01abeb08fa8290425902f661759abbbc550f5a104b7df4cbaf2c7bf186671f2e6a2eb64e2752f78f7bedaa88ad1f2a7e02eed3b334436aa13d2f76f8576eb009a4c506f0e36beec6ef109dfc69"}, {0x28, 0x29, 0x9, "b113f6a2270e6f4b43ba0b2dbc5ae07cf96e443697"}, {0x108, 0x114, 0x0, "962f011accd66b284e62a2e5940949338e8e8e53bd5bf2dd9e363354032115187597b79d047fc1848a0b7f997aa21580e14d757872e3efe2418375f4793c5cdf82581da93a212855b49073c4326092857614a3142c230caefa10cb8c840d753065321998cc55c3f9675d94088ad9e428e0e3f1c293a5466ebd45105e4c0010ac0ef1a21ba6a86ea10de13331fbf37ba07b7758bbbc3839b46d207434606811dd2726a3c65f6d4541ac3827ea2a3a26f36e6cefbea609a00404ce39434489c21b1bfa0a5451b77c5e637c531ca33010e28311ed74799e13587fcf802b567b522df6b5186372b9e57be0a285a91515a9d3bb21"}, {0x1010, 0x29, 0x0, "ea6bb05e37daa6efd2d1df9acfa8a89586bf1de6ab640ac5146650361a9804c367980620fadb1bae9cf30036194fa8638772c52bdd5c146bf13e6f61e4f0af99f23449b2cf5ef3ff2524c96fed0f66e51f26c1779a9d16e7dc3333c0bbbe0b4362c1c99fbf4488c902bb98d45423582ab21f2e0ff4d5f0ed039ee1c5d54fada8c8cc2697061d9d894a07e98c7da33bb9e7764af4c7c856e19ada7f2f86a2ad44507baa3263a4c75ea83711ab9ccb02a7f4bfe07b787c2c16a697e67f4c5061a9369a067c2186972a8ec137fe3f2afaf4edd10f9c344145ab8710e88c58de1078e195af42e55b27e60644d7e555b6e906d977af23adb6e1853a4cc2ca72808386595fc2b1767f04fd5d3bda7dcb1009a6f5cd5a929fbb509a680f2dbe1c28c551d0a8e8729b3cd8cff774f8d6ad2f3c18ef8ba4b41b0ba6a732a969319b4c694130dc35bf923bf01cf5cb239842c8e1712d977ab870146e514b2634757edfb2828cc79462847bd047e2cfafd43b3316c6ff9bfa7d0ddfb8bd2a6bcd75fb7bc61e8920656fbb2dfddb173ec4d534413e6b4ed26d2b9cd557e1ced4ca04a878ad900a9ef3a958441c7384caeb61b3979022beee8f03b23224f2b423893ea251e46519aea45c5b1a02d62cbc41ba3b6db20ea062736dcb837ea784a0512fb14bf246c0e0aa053fe198b5897966144144c0db186f334c1860987032c3d105ea935b25147f719fecc01c63baa7a270050d47d34a1b751b8d462e4a3bed36cde045d89fdfd36bc6c0d1eba7a902d0dccd7a3c8495ea3fe0f79cae135ca93b1f31604b58d5359a24624b42d254e4a752fd85a149425ec9aa44f61e89e1f1b6e62b704bccdcdef5b292160441222ac0041d26753941a9ae3fc78e41e5ad3206c96c3ff67e5f05bcf559288e55b02ba2e6c5a3de4e914f4c42cbcf98ef1986a0a9c5e3db319f98853c898fd47d059743b8140f5dccb6cb158d466e2bf8a6b78aa61fbedbf2e3878e4e473bfb27ae4df7dd61fb7c978447bd99324c0806750d811609e9157bdbc7fa798b680cc8ae6e2ccfd3ed04d9bc0bd572cd95c2328f08a9edb6ef881156c3a296f0dfbe40a7436f6dd1ec3a50e5f4fae91c19d7c2fba027efc067b77d6d509796a22570bc0b72eb76f7db39c671ef709f08067c72b7918e28baddf31d1a442c243c1e83b457348e91d51b6725d0855848db43d17d1f16af1ad2810cfba804103f2a49f47bc5bb6f81f6351740993771956de3b06c5050e9dd2de37845e1291c497c9f5e385aa509b3f8a857e60903bad70000d0c0ff195c3e322ee50f2bc60ede7dbceb8ebb3c1fe271a75508c81a50f551f8e020a33a0cc198c692ea944b2e990817b60ec8568bc6d93685da8ede059b2e00f825937bc3f358281905b7e9b778c72f271f4439e3b5584854644d48f2964ee34ada9c7973d547817d0e77afb42db7ea0847fd7a6a5c8547124700e5c655c815d27364318211bfb55253fe895156041eef037f3c5a635c727658e0e0be621a20ccf45d5da29cc1e922faa71cf4af80a0bb06ec1ea5d06d7bb80b8d4e914485d48fb6772939792531407ca541244509f7a68b24c286b5271a5456161d209d8658932f69fb894fc6cfd5f71405fd3166588a5a6e212db65769680d2f200a13e62ab2bbe296c53a1444012d1ba4281c2343d224a5a66b5ac3d477276df47153d59c45cc8071224a53bc7432e7becce30b553a034a643f2ae70d00d393438bf6284afc6441ce1ff805d0b4e4e04ad45ec4bc56a851356288973777aa55042c83475f1f41a6e5e3a8993479f4fcd3857c2523604f72df3187e4a54e34da8d3dfb9be3e3affe8721891a603af5ce8e340e90c43c80c15c0ee40d3b4cd79bbb2383a30c2564110052644c72ed521fdb5a4acb27e97b62892c7589c5c3df067c8ec24443d34b0f950b5cc0f68d0fcf30e48124441537f9e6960b655f8125709f2a415ee0baa12b4bb1471cde98c1a7adb4c2c2f6159fa15471812b009646e684a50637e3cb42ecfc4ae7934a8782525c4547326adf0aef70279a567b6ad1b374ed045ff4c0f23a54c13edbd0d0202b7d349c9dc9170a88eff319806afd0e6958543ac6bcc18b5433416c0d6052e1fdb08c0796868257094a8118a15db6bee89a21d55e947d56c2ad7395b67c46a27163e2aa4033eedb7ec5c75550ee3c420f4cc8d6740643048a7ea1c94e768fe37f0926461252f1ab058a4dfbc0a03ac8d4d42a630f88eacffc8450670d274104c15333eab3cb2c6a9ef4b6abaca0d63b9b1171a92d150285f4d65f74f707d43b8ebbaa46ad4d8ad0c679f290a4d23d8df59585ad96f7b77a687bf855c1b8b37fafc2f62e5f4ee439de86ae0dba933779a26510cee38feb73fd44f0326b4dfb3e62db3426a6f3e9b86091cdb7634c5615d1e3a0cb1cc220573329ea4ccc96f70f12d7baf6fc067fe4b4c109e8592f26e63d4c1abaf531f98106123ebae9556212136789ba93511630ad81ea98d6756e820208c37332494265edcf84965ca38bd16311b7451831b922fc2e0737692ea3b397e3b7b74685ff6e4ca1101a12c4202401db30d42baf098e68c9a889d64e4a22260aff4f900fb6327a258353cb74841a13a832ef1f65313b055e0ce79e84d29608edd77b4ad20cd34f829d4fdf2695d20f208d97cd8e657465255d4419453bafc8cbb6462990fd8957e7030cf0dec80b1c2aa31672d37778d7766005910d8f4f3ad345993b85b3f53a30eafa80a8e55654fdafdbf5cc0a4efd2ab97af82e2c01bbf19d7969793ef84d6cee8dadf05b2546b665c50f32f91a3eca3450ac4dbc68af3d1919d6b7a8ab30650826c7f1f0ce94f20eddb10bd19bd5779369ba809c4997b86dc19d5f93022cf7697de35df8c0de484ff6dd115331d6156ada12c7743e4650151739d923f377bd6de207394ecf31cc8054815e90885d40ba91850fd28a7c5516f690ed3b5dc2a935b6e9293048d2b31295d61266c07cfc3d24b081326cb5347e91849dbbf4e978f3c363e52743faeb9817ae38ad8a9916d7ee3e1c68a41fd7f7029d1092eff206efabbaa928bbb8ef11c9981a3b0314a5e2c3ad2ba79ce0478db29f5ca373fd27de6d2cd21250a36ebef96467ef52e9f0dc979b56e38067c5a7ddf0f752fe245c9eb181cd69bbbc65374ac6f44904723ffc9360eb7e51bbcb63fcbcc7ac61953720f50860cc6c2ba56c7967baf18632de73c2b9fe6b9334a4c0f26c9c7ecedfc6aafeb7b5befe24cbde14b58717f494faafccca3a73c9a47f136bb8fe69875bc06236710ad687160046121db9bed8b580a6c6122e208c1c4b8775867adf979a9cfaa4e6e722e6f1060fa948a71de8deac420c2b57ac3350962645de1877548f01929ac83c53957e6c7a96c33dbfb823f1b05cf10799bf27b1a2de9daea6fa2ba931e9b25e4069804fab23b1a79efab99b90c6fa05cc4fc6b83fa2d94e4cb52897f8ad373145ba451236ad18d198a8d1090e7cf2fe691b3e7ae908cb713a3ed48740bbbd3129f3a1f45d746b556cb72481a0b8f6bd7c328773ab60dbc47da1ec754ced7128f79a7b5fe2d6d0344083d8f63db10397af0740703fa7fe1bb02bb71cd9f46a9f55bf91e47fb6bf77ea7bf99940a32de3b779efc244488ef480646083875dbc2560b97f0945239db118a7528f100e832e7286c42f1a1dc9c665ee3ebda76eb802fcb57e2b2938815716b50f2e06b5248230b99e5fc8ad08dca94ae0482a256924188a7b9f8d0456324a4d69f9dca4623c7a99e59383b46fe731367690d4b79640d7ca8ba806233d2d37043be63bb7f985e9bcbe97463c10ec0461a4ef5179ef2a4d9f02d84d15b43f0ec9b166bca92e6a9efbefc4a4ba4ad4c58121c5cd726219426306d691984179fcd455ab757ed726d649ca98f6fa85fe455ebe132d5b611f783422993c437a16c79147ce39fa1818c5d7e10812813373a73daab663698416e85376fe69a40fed6d9a1c93b4754a4e20bc8538c170ae11750fd7984ac270979f73de270d0b3cd8f9f2a45d16e7483a771b85e30602ea4a13adde7285186f509b9e2c30a881d8ba4c97cdb27f616d239631593f1d96d40025f57bb92dbd6be28155847d747d341fd03e458f14f460ddedbc0a8f0a4602c0baa50ecc2f4eae38c3909a2ca6a16d2dbfe6b71d57e6e6b6cdf316121d8c9e1cc5d1a0368a219f1b6bdbc3ce408fe32ed5e30de6fb7dd19c5d9d36291d2c2d2c949eca440184e581ff1c67695a67f7098de872d122be7afbd96a14a9b42e46e874287d879528dd1890579876bba8a124f8fefa4ed928602e6e3fec613b1591c7ccf029407b712b5ed30bea18b52a52cb1c7946b9335568ed3226cd600635154a2c41215d4f72a67441c1b1e2ad2dc51ac89a917850417fecc926e68987e8cfb979e568f14b88103fd5f27a67b9d6362acdeba41b2489b01f58db0e6bd8a69c88e603b4a6a6ea00c2e32815d9f6dc0dbf7b1e8ebc5c5aa1225c7118c9c50271b58431c2ccecd11ac0966dc64fb3a8f81a670d341edbb37c21bf88bfb4496f67d31cfea35e8c0fe9e36c4b1e3f4b9fe3b4d1d400a6ebaea4d0d50a3a8b7b496b8d79b52b370c65a2e926d93dc32d745e777afe97a6e863c15f1be5b0eb1dca4e284003794689b8ff51c564121acdf25c7decb00eb93f8faec6d54feedfb2cc95a6859ded4cc8c952adcd71173a76f055a0907e57e5e9aadbc959c2cf8ed3ffff174d3d3e142b956fab5138fd5ef848af121e82ed97db27987cbd0c59a8dc322b0b7987aebed3b260f821ebbf23cd02ff974bc1b3a2eb63a1d516b7fa8ce8ed4ade6778a20785a9a09872ced9780fe7940a220297681bf139207f6860d74aa4ed83cf53b6d97fccf140963a9825d401da6aa8298fd8b4340c91db1b51cd519df20bc84680ba374a0418bfebb96736212ab46ae9b023c0fa337f14c68b3cd51f9f09aa4d8d2d64579126255a88ae09b0693ccbbe44402c6c4290a6316948092f35191c88cac7f4979c84f0b612568d8bf80e0ef721d02d6f6fcc45db7730a76c0e214f8de699dbdeab1aa1981d2f6e95fa6a8a9284e9ca9a66b04b039a3566a41cea3e5bc2586acf2cdbe5c12b29f6cb098c00c00f61d2a590481665e2b28c3e30243a9c0982bfb93f28d3568214507e56240973d688e633e0cf370e4cfa395fc9cc8774012f1317c274e000cfb0b73bb86657ae31d55dee97d2bf3f2ee0ae2531c04b445fe6dac2657ae2304a0e0410beb61d60cb071affb9bb667dc4200ea4bb5450111bdb61c474e18356830aa387c8c0f76c62a444e7695cf3ce56910dd3aa10b71e90570ec0bd16a82a9f8118e2df1b283909ea87057aed973d234db17a66ee6e8e8b3011462cd8fd6d801cf0014a9c2651a7a57b71b85b0daf6b5bc5f55e150cb256ade01653db18631ac2cf8a20e0f54f33d2487fae8024dc239979da23731fb6ca904e6c848d8a88c6c8aac51b97e8d601abbb2b2f48c095ac49f444f3498f79079919d2f755ad2980afa4e9bb1dd4485548116d801477c23534e0e525dbc1f7c09e5139e1ae414f48c3eb8eff5a4ade5aebdaeee11b36af8fa3b0b65306a496c25d6bcd9ae80abc9e26295e374f4338db3b0d733e22863bd927402f1b373dcb1f9fba7af7daa726a191220d3b061503b3073f029a8b997ee26cf7ed6530399974e74ee480db2acd476679a2ddcc134f86ac4847e13c7e0901e9250665ae6fdf1288b7794510282f63f84f8be50e18fe663f651ed808f44e3ad2bae30d12e3a60cdeef7f897846c6"}], 0x2398}, 0x0, 0x1080, 0x0, {0x0, r2}}, 0x66d)
io_uring_enter(r1, 0x4972, 0xb673, 0xbd04de3a30ba8392, &(0x7f0000001700)={[0xddb4]}, 0x8)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r4 = dup(r0)
readv(r4, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)
ioctl$TCSETSW2(r4, 0x402c542c, &(0x7f0000002ac0)={0x7, 0x4, 0x4, 0x10001, 0x80, "ae453d8ffaf36379c89639de9d6b2d3130560f", 0x4, 0x7f})

20:53:40 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f0000000340)={0x0, 0xdbc0}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r6, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r8 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r9=>0x0, &(0x7f0000000100)=<r10=>0x0)
r11 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r11, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x0)
r12 = accept$packet(r4, &(0x7f00000000c0), &(0x7f0000000100)=0x14)
syz_io_uring_submit(r7, r10, &(0x7f0000000240)=@IORING_OP_FILES_UPDATE={0x14, 0x2, 0x0, 0x0, 0x4, &(0x7f0000000180)=[r8, r12], 0x2, 0x0, 0x1, {0x0, r5}}, 0xbe)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:53:40 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x802c542a, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:53:40 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045439, 0x0)

20:53:40 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x3)

20:53:40 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5451, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:53:40 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x4000000000000000, 0x0, 0x0)

20:53:40 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x300)

20:53:40 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0xc0045878, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:53:40 executing program 6:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x80045430, 0x0)

20:53:40 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5452, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:53:40 executing program 1:
ioctl$TCXONC(0xffffffffffffffff, 0x80045439, 0x0)

20:53:40 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCL_SELLOADLUT(r0, 0x541c, &(0x7f0000000180)={0x5, 0xfffffffffffff800, 0x8, 0xdb, 0x9})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:53:40 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x1000000)

20:53:40 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0xffffffff00000000, 0x0, 0x0)

20:53:52 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000)

20:53:52 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5456, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:53:52 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/class/ieee80211', 0x480000, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000140)=0x1)
r2 = dup(r0)
read$hidraw(r2, &(0x7f00000001c0)=""/84, 0x54)
readv(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:53:52 executing program 2:
r0 = syz_io_uring_setup(0x2b32, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r6=>0xffffffffffffffff})
fcntl$setstatus(r5, 0x4, 0x42800)
splice(r6, 0x0, r5, 0x0, 0x5, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r5, 0x2402, 0x8)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r7, 0x0, 0x0, 0xf8b)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
dup2(r6, r6)
close(r8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:53:52 executing program 6:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x80045430, 0x0)

20:53:52 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0xc0045878, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:53:52 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2000000)

20:53:52 executing program 1:
ioctl$TCXONC(0xffffffffffffffff, 0x80045439, 0x0)

20:53:52 executing program 1:
ioctl$TCXONC(0xffffffffffffffff, 0x80045439, 0x0)

20:53:52 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0xc0189436, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:53:52 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)

20:53:52 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x3000000)

20:53:52 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5457, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:53:52 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)

20:53:52 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0xc020660b, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:53:52 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x545d, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:54:07 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045439, 0x0)

20:54:07 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0xfdfdffff)

20:54:07 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x1a82)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:54:07 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0)={0x0, 0x0, 0x1}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_setup(0x688d, &(0x7f00000000c0)={0x0, 0x9fc0, 0x10, 0x3, 0x195, 0x0, r4}, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000000180), &(0x7f0000000240)=<r6=>0x0)
syz_io_uring_submit(r1, r6, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r8=>0xffffffffffffffff})
fcntl$setstatus(r7, 0x4, 0x42800)
splice(r8, 0x0, r7, 0x0, 0x5, 0x0)
connect$inet6(r8, &(0x7f0000000280)={0xa, 0x4e20, 0x3ff, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x97}, 0x1c)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:54:07 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)

20:54:07 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x5460, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:54:07 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x13, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:54:07 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x4000)

20:54:08 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:54:08 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:54:08 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045439, 0x0)

20:54:08 executing program 6:
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x2)

20:54:08 executing program 4:
ioctl$KDSETLED(0xffffffffffffffff, 0x4b32, 0xc0c)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = open(&(0x7f0000000180)='./file0\x00', 0x585001, 0x80)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r2 = dup(r0)
readv(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:54:08 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0xfffffdfd)

20:54:08 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x40045436, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:54:08 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x100000000000000)

20:54:08 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045439, 0x0)

20:54:08 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x800000)

20:54:08 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x40049409, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:54:20 executing program 6:
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x2)

20:54:20 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x40086602, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:54:20 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x10, 0x0, 0x0, 0x0, "e6400200"})

20:54:20 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0)={0x0, 0xe382, 0x0, 0x3}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0xc3, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
dup3(r3, r3, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x80880, 0x28)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x8, 0x30, 0xffffffffffffffff, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x100010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
getdents(r3, &(0x7f0000000340)=""/169, 0xa9)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x104c0, 0x0)
ioctl$TIOCPKT(r6, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r6, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r6, &(0x7f00000000c0)={0x2006})

20:54:20 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
dup(r0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000180)=0x3)

20:54:20 executing program 1:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x80045439, 0x0)

20:54:20 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x200000000000000)

20:54:20 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x20000000)

20:54:20 executing program 2:
r0 = syz_io_uring_setup(0x1bea, &(0x7f00000002c0)={0x0, 0x0, 0x20, 0x3, 0x4}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42800)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_STATX={0x15, 0x3, 0x0, 0xffffffffffffffff, &(0x7f0000000340), &(0x7f0000000180)='./file0\x00', 0x20, 0x400, 0x1}, 0x800000)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r4, 0x8983, &(0x7f0000000100))
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})

20:54:20 executing program 6:
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x2)

20:54:20 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x40087602, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:54:20 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x300000000000000)

20:54:20 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x1e, 0x0, 0x0, 0x0, "e6400200"})

20:54:20 executing program 1:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x80045439, 0x0)

20:54:20 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)

20:54:20 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x40000000)

20:54:20 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x4020940d, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:54:32 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x80000000000000)

20:54:32 executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYRES32=<r0=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="000000002e2f66696c65300083145a67270baa07faba9910e2d4650856b275da10"])
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000480)={<r2=>0xffffffffffffffff})
fcntl$setstatus(r1, 0x4, 0x42800)
splice(r2, 0x0, r1, 0x0, 0x5, 0x0)
io_submit(0x0, 0x4, &(0x7f0000000640)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0xfffe, 0xffffffffffffffff, &(0x7f0000000340)="b0622af60a3798db848576b909db71e773e8a137d2e92cd3e1e4748c16e3ed645cbe73eb0c720646149c7b74eecd46c05e36b54eb944bc1dff5182131af4e2b0e906b4901defd0e3519a8244fdc0809240b368a8432191b32d7254ea25e90cf1c37cfd24de69be7d9f15e1e9c54a4debe188f5d84af1b9ec575406cf31a65bf0f2405d1149313aedf4f1863c2dfbdc0d11965730218a18036dcd41756658d788348f94ce9536c5817e4c70018990e65e03848be1a78183460016a52564222fc2f497663059669e19f057ad27c1cd362f63d2ecdba793c72b6e6f65338f4d18306b5285062cebe5c2565affabf762be4ca0dda648906135", 0xf7, 0x100000000}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x10, 0x6, 0xffffffffffffffff, &(0x7f0000000100)="c439bb00fe4b420bd45a8a24f352d64a0e1716a7d1e91d9692f4c56d0a4e8da4d2ef57b53b9f1f87e10e0c92762dc9", 0x2f, 0x8, 0x0, 0x2}, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000240)="e52ec8e30098d2eb5a2781bcdbc761b92350b7e6b871a1d1d3910144579366f1c94c692b438b2e36900be1b12b6d7eee4a4c90d00e6755c510e259cee339d621baf1c480195fd9a59269d093a7246065ce94b2830b7917e94f1c368ec66baa7859fef26f9147ebc450791d553477a4fd805663c9aa72128c68", 0x79, 0x3, 0x0, 0x3, r0}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x8, 0x45, 0xffffffffffffffff, &(0x7f00000004c0)="8dc777e2e6e752afaf71fb68375ad8e92f2297a09b2968d4560119937ab8517886e9f38a99635e23838586929b57e40b1161bd23c7113cbbc58ba87a1b482557fe99bd3078b4cd11bd52e6bcabe6adf75ee74513e59fce5868c128f24b13ca46fe953010cb663c22440b733aa463704da3df4584e2f8a2b98c9d546007a0a93e8881da8fec29bb7528109fc2ff3d6dbe7df92608e7510971d2c84a3ac6ee228debb0983d39751ebb2089bbcb526517f64513506ca17a27040f67c74142d3aca3267a3e4550cc4ee3d8005d57eddddd9fcdb0208d867f3beb9e75495c1c19c3b094da2746cbc6e0a622cd13cc46c033e2fd8945d7d17f", 0xf6, 0x7, 0x0, 0x3, r1}])
r3 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r6, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r6}, 0x0)
r7 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r7, 0x8000000)
syz_io_uring_submit(r8, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r3, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:54:32 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0xfdfdffff00000000)

20:54:32 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)

20:54:32 executing program 1:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x80045439, 0x0)

20:54:32 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x1e00, 0x0, 0x0, 0x0, "e6400200"})

20:54:32 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:54:32 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)={0x1c, r0, 0x1, 0x0, 0x0, {{0x6d}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0)
syz_io_uring_setup(0x4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000140))
r4 = syz_io_uring_complete(r3)
faccessat2(r4, &(0x7f00000001c0)='./file0\x00', 0x160, 0x300)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r4, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, r5, 0x100, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x15f}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x8001)
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r5, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x44000)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="040427bd7000fcdbdf410600000005005300010000000500530001000000080005000b0000000800050000000000080005000400000005005300012000001c00e700e6cd6a10924e8ff854ce4664b3811318635946f5be9a25c2"], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x40843)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r6, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000140))
r7 = dup(r6)
readv(r7, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r8, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r8, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TCSETAW(r4, 0x5407, &(0x7f00000002c0)={0x3f, 0x800, 0x2, 0x3, 0x13, "5187da39b5f6278f"})

20:54:32 executing program 0:
read$snapshot(0xffffffffffffffff, &(0x7f0000000080)=""/116, 0x74)
syz_mount_image$tmpfs(&(0x7f0000000100), &(0x7f0000000180)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x80, &(0x7f0000000200)=ANY=[@ANYBLOB="7354bb2c000000000000000000000000d1e8c0397d3b60ca21ac223aa5256dc1c806e4e058105e22d124bc53fe646d1d0e15242649643831e7189c1d1b05d6bc0848838d81892e666d477ea0e2686b10482b4d3a6c58ba29848a84bd200900632d9f7a127c4642cd1467143377510cbfa98d639da7aaf41658afd0ad2af222080011a5b4b90b77bb6a15a70cea5c334eb08ad88c9c7fef9cd4348a480f03f2f5b2fc18be63dcc1688fc38c87fcb589c14568f2c09982089baa739b562022b5935885c900ae9b0a3c88326201a951578bae4a91f909edee3246e350ad698fe228a57b20e8a7372972f41f9b5e218eee62ee97d478f43aff4e3e2ed6c9009b4977c3c9c96d107b4109eb2a2d15fa9b926d0772e314707a3bf3c3e1db8831778683e958c2d12557ab6c317f0585f90edfc564f47124bf8a04dea84013093efa1303b5a19ef9c3f5c74759eb3b72f0581b6a652513e4a6d1827ca521b3eac5f5943b599d6b87cadd1dace80029d2b0f1fc2b61d2d94b5e5a643bc4e3fdbaf0d6694d490ad942c0e41be47fdc5864ba1c1d0f9a56d81f47add320f3129570"])
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000001ac0)=@v2={0x2, @aes256, 0x0, '\x00', @c})
r0 = creat(&(0x7f0000001680)='./file0/file0\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)="b2", 0x20000141, 0x8001)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0)

20:54:32 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045439, 0x0) (fail_nth: 1)

20:54:32 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)

[ 3341.547080] FAULT_INJECTION: forcing a failure.
[ 3341.547080] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3341.551237] CPU: 0 PID: 15522 Comm: syz-executor.1 Not tainted 5.10.234 #1
[ 3341.552704] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3341.554452] Call Trace:
[ 3341.555017]  dump_stack+0x107/0x167
[ 3341.555786]  should_fail.cold+0x5/0xa
[ 3341.556601]  _copy_to_user+0x2e/0x180
[ 3341.557410]  simple_read_from_buffer+0xcc/0x160
[ 3341.558404]  proc_fail_nth_read+0x198/0x230
[ 3341.559328]  ? proc_sessionid_read+0x230/0x230
[ 3341.560289]  ? security_file_permission+0xb1/0xe0
[ 3341.561318]  ? proc_sessionid_read+0x230/0x230
[ 3341.562290]  vfs_read+0x228/0x620
[ 3341.563030]  ksys_read+0x12d/0x260
[ 3341.563789]  ? vfs_write+0xb10/0xb10
[ 3341.564585]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3341.565695]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3341.566790]  do_syscall_64+0x33/0x40
[ 3341.567575]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3341.568659] RIP: 0033:0x7fe7cb51d69c
[ 3341.569439] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 3341.573319] RSP: 002b:00007fe7c8ae0170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 3341.574936] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007fe7cb51d69c
[ 3341.576431] RDX: 000000000000000f RSI: 00007fe7c8ae01e0 RDI: 0000000000000004
[ 3341.577939] RBP: 00007fe7c8ae01d0 R08: 0000000000000000 R09: 0000000000000000
[ 3341.579450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3341.580954] R13: 00007ffe8eb19c1f R14: 00007fe7c8ae0300 R15: 0000000000022000
20:54:44 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:54:44 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000180)={0x860d, 0x1b, 0x0, 0x1, 0x2, "eacf48ae254de574"})
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

20:54:44 executing program 2:
r0 = syz_io_uring_setup(0x1fc5, &(0x7f00000002c0)={0x0, 0x2a88, 0x0, 0x0, 0x2cf}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$RTC_RD_TIME(r6, 0x80247009, &(0x7f0000000180))
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:54:44 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000000000000000)

20:54:44 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x402c542c, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:54:44 executing program 6:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x2)

20:54:44 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x80045439, 0x0)

20:54:44 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCGPTPEER(r0, 0x5441, 0xfffffffffffffe00)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TIOCSERGETLSR(r0, 0x5459, &(0x7f0000000040))

20:54:44 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCSERGETLSR(r2, 0x5459, &(0x7f00000000c0))
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
fallocate(r1, 0x16, 0x1, 0x1)

20:54:44 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x2, 0x0)

20:54:44 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000380)=0x7dfd)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r2 = dup(r0)
readv(r2, &(0x7f0000000300)=[{&(0x7f00000000c0)=""/84, 0x54}, {&(0x7f0000000180)=""/5, 0x5}, {&(0x7f00000001c0)=""/38, 0x26}, {&(0x7f0000000200)=""/214, 0xd6}], 0x4)
ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000340)={0x8, 0x5, 0x5})

20:54:44 executing program 6:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x2)

20:54:44 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x10, 0x0, 0x0, "e6400200"})

20:54:44 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x402c542d, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:54:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCCBRK(r1, 0x5428)

20:54:45 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x4b47, 0x0)

20:54:59 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x4b49, 0x0)

20:54:59 executing program 2:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
setxattr$security_evm(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180)=@ng={0x4, 0x2, "9113e0927bc335b440dfd09e34d9d36777c3"}, 0x14, 0x2)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r6, 0x40605346, &(0x7f0000000240)={0xc6, 0x2, {0xffffffffffffffff, 0x0, 0x8, 0x2, 0x1}, 0x5})
r7 = gettid()
kcmp$KCMP_EPOLL_TFD(r7, r7, 0x7, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8000}, r7, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:54:59 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x1e, 0x0, 0x0, "e6400200"})

20:54:59 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x80045430, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:54:59 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x4000000000000000)

20:54:59 executing program 6:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x2)

20:54:59 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
process_madvise(r1, &(0x7f00000002c0)=[{&(0x7f00000000c0)="b9bf6f54c25220480beaafbdb0ceae7bc08f0c2c0fe675e91c291ed1f0117db2daca8500f7573f6e2af4ec9fbbc9d57fbbdbbd5177ce18a423e492b4b28e8c211a77498b95bfad8e4097f7a306697985e50ee751a40c437aa6c99412a251834ab26c4588620531121faa6f58be0637367a208d8720aedc444543eacc6e8f3b4ae940d5c96dd16842f61cc8c6619f32e17f35cc6889c6ff6fc3d7e6fb76594efd5556cc49da378d5865fd5cdfe9541512dd47e1c1862e730317d51da26cba432537b0a878fa62c31483aaf7ab6e6b25799999f7d957aaa756b5", 0xd9}, {&(0x7f00000001c0)="365cb498a54e789a62b96f7378ca4c47dd70673a2185a8c1ddc9b5e202d85a16bd97a4428ff7ecc4fae9962401ebba6247b999c41c81070613e0571602e3d9d4f86df200e1f8c3b0c8febccfc4f4f4b00974a6fe8c0e47681d650db9d706729c9054ecd47654d34c3f74576010d6c97ff469eaf58ac10f301768d0abd2e170fb82e5d1abd06fa23e8b65fa5665acc95788510528412f42d839dc22933fc780dc9f0c29cd7c3d6cfed5988d404b324be275c49365c01e93d579a511240bfff4100dd764b1e09c6bc0a04699b3fd388aa22a", 0xd1}], 0x2, 0xa, 0x0)
ioctl$TIOCSSOFTCAR(r3, 0x541a, &(0x7f0000000040)=0x55f)

20:54:59 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x203100, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff})
fcntl$setstatus(r2, 0x4, 0x42800)
splice(r3, 0x0, r2, 0x0, 0x5, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={<r5=>0x0, ""/256, <r6=>0x0, <r7=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000640)={<r9=>0x0, ""/256, <r10=>0x0, <r11=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [{}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r11}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r12=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r13=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}], 0x80, "5fabd34a60e47f"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000050240)={0x3c8e, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}], 0x8, "ec9943c342ef3b"})
pipe(&(0x7f0000000080)={<r14=>0xffffffffffffffff})
fcntl$setstatus(r4, 0x4, 0x42800)
splice(r14, 0x0, r4, 0x0, 0x5, 0x0)
openat(r14, &(0x7f0000000180)='./file0\x00', 0x410000, 0x1)

20:54:59 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)

20:54:59 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x1e00, 0x0, 0x0, "e6400200"})

20:54:59 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x80045432, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:54:59 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x5409, 0x0)

20:55:00 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x100010, r1, 0x10000000)
syz_io_uring_submit(0x0, r2, &(0x7f0000000240)=@IORING_OP_WRITE={0x17, 0x1, 0x4000, @fd_index=0x9, 0x3, &(0x7f0000000180)="a39ed4dbf7be98b07bf4a533aef59181faf758bb848d3571f6521a249511e511999e3bc66ef94df9881396a36d0a3d7e38529d67c292dc3990a4cf543095de8aa91097e4e2fa3bb106d20a7066c725e6ef836ad61348c9002837b0b8f16dfd6e468294229f251c8c11f80af03e4f00e650d237760627d9aa588796fc1aa9ffe21670a02895a29cd15d64387afc5af706a4c363d879f3cf468e5e", 0x9a, 0x10}, 0x400)

20:55:00 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc020f509, &(0x7f0000000380)={r3, 0x2, 0x6, 0x18000})
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_FSYNC={0x3, 0x1, 0x0, @fd=r0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
r6 = syz_open_pts(r0, 0x64040)
ioctl$KDDISABIO(r6, 0x4b37)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r7=>r0}, './file0\x00'})
syz_io_uring_setup(0x3723, &(0x7f0000000280)={0x0, 0x1c0, 0x10, 0x1, 0x391, 0x0, r7}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000300), &(0x7f0000000340))
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r8=>0x0, &(0x7f0000000100)=<r9=>0x0)
r10 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r10, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[], 0x30}}, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r8, r2, &(0x7f00000003c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x4, 0x0, r11, 0x0, 0x0, 0x0, 0x10140, 0x0, {0x2, r5}}, 0xab4e)

20:55:00 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)

20:55:00 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x0, 0x0, "e6400200"})

20:55:00 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540b, 0x0)

20:55:00 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x80045438, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:55:13 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x80045439, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:55:13 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$VT_DISALLOCATE(r1, 0x5608)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r2 = dup(r0)
readv(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000180)=0x5)

20:55:13 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$KDSIGACCEPT(r0, 0x4b4e, 0x2f)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
signalfd4(r1, &(0x7f0000000040)={[0x1ff]}, 0x8, 0x800)

20:55:13 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540c, 0x0)

20:55:13 executing program 3:
r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, &(0x7f0000000100)=""/62, 0x3e)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x2, 0x4)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0xffffffff00000000)

20:55:13 executing program 2:
r0 = syz_io_uring_setup(0x14c4, &(0x7f00000002c0)={0x0, 0xffffffff, 0x8, 0x0, 0x150}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r3, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000)
syz_io_uring_submit(r5, 0x0, 0x0, 0xf8b)
socket$inet6_udp(0xa, 0x2, 0x0)
close(r3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

20:55:13 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)

20:55:13 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x10, 0x0, "e6400200"})

20:55:13 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x1e, 0x0, "e6400200"})

20:55:13 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x80045440, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:55:13 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540d, 0x0)

20:55:13 executing program 0:
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "e6400200"})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000000c0)={{{@in=@initdev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@ipv4={""/10, ""/2, @broadcast}}, 0x0, @in=@initdev}}, &(0x7f00000001c0)=0xe8)
sendmsg$nl_generic(r0, &(0x7f0000001380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001340)={&(0x7f0000000200)={0x1114, 0x26, 0x20, 0x70bd2a, 0x25dfdbfd, {0x10}, [@nested={0xc8, 0x6b, 0x0, 0x1, [@typed={0xa3, 0x42, 0x0, 0x0, @binary="0d68cf5c7b090ccc9fbe036c29311b7a169b6c8832a04265ae7c3982ad5e665ed54c761931d0564a0dc57fcfbe06302731923338b1de8ab15f206ccd8c65f18a4c381ab5605f297cda72263a40cc267228f1ecf2778b0f52314c7d9c64fc70598cc58d41aafea01a5fbc0cb2bbfb98b773b8f87b779f735e135b7274a8cfe01849d20fdc39da4bd0d7162131c776cb4ccc208ebf8217e495abafe6e195f64e"}, @typed={0x8, 0x12, 0x0, 0x0, @ipv4=@multicast2}, @typed={0xe, 0x2f, 0x0, 0x0, @str='/dev/ptmx\x00'}, @typed={0x8, 0x89, 0x0, 0x0, @fd=r1}]}, @nested={0x38, 0x4b, 0x0, 0x1, [@typed={0x2a, 0x1a, 0x0, 0x0, @binary="9be96e26ce37018b3068ff2f47207441098e51ee9f3dbe98c64265329966be34efd95780b69a"}, @typed={0x8, 0x95, 0x0, 0x0, @uid=r2}]}, @generic="bb666c7d653d3c6eead44af9134cf2a17bc71c3a6afb9501cbc4673694ef856a996d6689484dfb1238c04926edb941667773f874a5bf927913b76fcb2d90c27baf001b305151b420d7a258ecb8394431e1dbaa354e067a48fe1e9818aa0103a61b905acaa2f07f6d8fb874f7e8769e8a844ff4d86beaeda645ee893c4d48ac943230ab826ffad2b6fb5803d7b1cc954a8003bfb0ee07072302e5ff089121bed29cbc70dd24221da2e978723255f9520ea9852315a18d2b5a82bed5b00ccb020437bf47382889de1507af7b4ca8e221e3d8c72532a247600cb3738903b95b1f1c59a1fab6509fc3fb96abc1b40d73998c0216f9aefd8cc18a8aabc786a23c9ce540ac5d20a7896af8bb71ab6dfcc37e9d90e3b74ec3250d8fef1a8f004db779d4c2a48321eed50cb10c059151adad10ce009f8d192fb46a9df292cb95337802d2b3ebcd856688740648aff717d999c9913b968f50f47802b8c84d1888ec5b6720d005fc26a781ca211f12eedfd381f868ec375d476efbeebe82e7099af8d56880851ad42477597ab1f663ff3f850709a0f22025ddabe8281fe439caad3b800ef4a43f89c091bf7316de4452db3fe5a7abf6ff5823033cf2e59611de86e74c0d3164ff1171c2c3daeef8b1b73eb53b10cfed724697ec97236ac5fc072478c3eb13a5fda1c7e019a81ba429c79649ace78aaabaaa022b0fdfccb26cbe8e0be007a5c570cbb521899d5b7a6ef55076cbe7620bdb95cb4776c06b83ecd9aa9d44e3f3de9a71093c6362cb28b65df532e71d3709b17ddaa2a57037b77f973b3fb82a333ec7f07045ad2ee8fc313540f03dccba833eb8e44b689609f4de347ad44e1f85f8a813f58e31e6ec8d12472bd4defce3e7ed4066223c8396e5864982ce58ec92d552c1a6956a0d277ecc0ef7533a3cdff47d8f7ae309d38e69662e2cd04782b9a00e51762f6009ffc23c2683e680b2f0d04f75d8c60b087234765cfddd428cc23b51cafa1383aa819d0a09c6fc85d7928159d77c5baf6920dc82ed048661d042ff98f4b591be4d1ec2c9d3b8f00d0e6c1765ad8fcee83caa00a43159b7087f84471b98cf2448b1c844249e14885deeb12be8866c434de32019501f011c79d01f225314be54268bc71bfe38828cbf27bbba03cc13509c70163fb1b91650510376d90368cd7a65a007e27934a4aed8452d4a3876eefc0738b993c3b8d77c8d220d66e05f606db560527a9f4c303d52ebaf68aff6d61a9cc1d6061c1294e24eb3bf876b0f2e3c2eed909b77d8f72fdf27ec31626bf05a000800b94a61416f560cefcbc203f50257101c3d607d07c59ad9be4f305f45ee3118d14ddac412de4ea083f5cc761c5a902c27842356307fd6ab78fa999939f602412c69a6a4029c65065cac567d4ed6d5616083dbc2730b9001c2632476a09ebade31588d760e39ff01b3aca1253e4f41fe1aef5380713e5eb37583a03f9b0c172d47da22ab8660958f53b03c5948301d3bdcd1d08ed43d2c48bd9168ea0155779051c32223b14678d2cdb95ccaad2cf8b7143f074703c338dbae31840693dd59315273a1083f84b67e0a9d15ee97779a62b22788142ea364f02de9fcaba7d72d21e33e5349ea752146c949dab9323a7d67e98c6412457b0085bc700545b1d4ac66a50f32b217af5a1266b422d3b19e89e80431ef8a517f3c108f2e84a64e5d996004fb71da5255e520d1666325ed77d41da5e4940699f1da31887036339859de2612aecea625896c6980cabb3f2ea30429c0f9779ef83cd845fada3bd06158a963cac6b20892ba8e49a1d1b49ba500a7baa06e7e105d8eebefd1022279ec4a57b433914b515eb3ca21efc74e9a521eb698ca52e3e8a70b382711ac88b9b4f8993d175fbfd514360d6e4856861e7cc0a396531b96db13be54e5e93366ec999569a3b8b97160ff0c42bc23cac9532bdb8e22757712b5909d7367a9f3238231e55bba7c02468a30a873831280fdbb00cd62f53ce177d5d6a99cdc01cd16ee0acfaa93a69a457b63967f775fc0d8d3c01774b4481f44d761f0f4885c9e2a10d0b8d6427cc8e9c707dfa14977708ee41304bdebdba348a218a5409588815d3a3f8938ab24c2f629e9e7a49ab9f380646fc7466ec28987c5d604b0589ae336ac9a2fac04e30b5ab90e4e48c810bcdd31d3b968c5a12a44bace2c944d99d130f989d71979077b3391eeac2f6ee59e783ed37c767f3857e87cd0345e431b896087915560e30271f7e5840c1295d4672ad78f8a59f9c1f32132e1a537d0d16ccc26bc369ed4eee191a51413c007928a58a53bdb9484920c3ae29f5dbfb840c309655f4209d6fc98229816252dc718e54d6cb24e20388c4d901bc75cf131157b6bfe11775eb4b95f04281b4f7b6a965d98c31b0287bfd2aee2493e9b722da9e3c66bb01a48c727ea27835c176eff25728dc2886a1b886a05dc186b6bcfcf33741c35bc4125a1292eed321739eb0adf633a8f74bcf1213789d43ca4ea6d610abf3932391c2dec7ef53b9e743117160dbdb7e84b2317b036d396ac384a5fd7f795632c8f6c1a6cc11205960fb34c65b4fcf71e715ef4bf5d9c81cc83c9ddb8df1bd11098b1a3882d07fe0d053c9ddf0ed7c88e2a957f21dc7a0fef225d510d6f10388c2f39ee23bf73fbb3ed6feed9a18607722764f13f436df1ef340003910ab40444ef928fc815de5d98966a7faf7f8e5e5c8415dbd429e081caa44f4d3e74a09f02644c8c38974b22a551d4cb39889b99e8bfb40eb2cf503b18e77035659dfd49315984a63f79440ee155815796f77336f1473f3cbe3f3aa0b720cf7f18f249f4bea7e425988bb18f0cc1dfeee24f302f1c031f366282a104c4dbb316ecd8f551445f1f5098bc7d0437d32361cc21e392f949add0760bc2cc9d8f69b973b537ce87a121669478209b9d8bda94d648867a76304d58f51009b41d3b5048d5e7113636a7a909198254c56bb4276397ab608040d7de206511b4ccd412b59538c3448463bed699622d36341d3e6a2662c94d420b4597ff8f4e042dcae081bd87abd180914941def8ba77fee09c646fe93083f3d7c16511c81ffd5b2ecdf5ad9b38df15efb1e5f8de4520c605d7b6e421a59e772f8cbd454d2cb87d034a88a59da555c2561f5d89fc9361f54f2ca778c7f0f5a2840ced08394bb326ae3f1539975900d996345016385661d2b7dd4e9698fe3fb5a60dc81cb1e51ccc5768b211035dbb2f419462d3efc287c92013571eac4970b96c47e6de23469ec642d346510bafe84f43149275f860334528b5fe68dee642fa56f2bcaad099543906085ba9c74a64bb36b756ee8224fd3bcb56265b283822a1abf399ca40a25691695521896e56e593b95d04cb9e5b4d53410529cca2f57b2dcf86d587d036c3e26d689d421df82d79d1785f04c0a1539a3d7d2de77184a2eff1f03e003c943c4381aa791c4e0501938b8965ee3fcf1e0b606a6ad5bb73016e40843007d558550fe86329c35332dd2ba7697ae105c1286c6a7339624623adc7eaba109ccd6985502a502f39827bf43a92179cb51e17a94bbc18bec5b826b75d5dac0f253f19d72c77062a8c0a389d4119f39901b4fc07c11d2c33eb999ff6a3eef5a214a23ffd9fb09148bdbba993a213f1ee25586755801cc32adc487ee6da97835050b43201ea66f835165b28da01a23a175436812960fae6f73df9f87a81bf55edb9712329c1177f6d13331e8a6700ca443287bea68e648db7edab52e9dfdc672e7bd76027eae3abbf9d81dac303cef1ed6afff0d1606e47fd738aa372a3aa1ed05514c95670d68ec602ce83bad9979afa5782905aa7f8a90e11c7af86426b6aa9ca00f49cf31d1600a39900f7642c171e93340b8d724d52898c8da174e9703f680a2f09eff24dec30c00d18a33f112b980956446865ec8ebf1969056eccfcf82864d51c72d718b1c659fd983ba60e43a5ed6a60dfdd042eea4c32a9b0ccced738e62d6d7a0b0ca6d1d091ee614cc34c7f9fa704354dcc580910aeb14b17af00f927710b8e03bf31fdc23549577c0ee89989a71605b8c8b48fcd149add810e6a57c93a524d80c9adf7fa9ab427bb152129dd7bf8ec49d56e9d195ca3d8f7aee7a967792684e962aadfc29d93a22cf36fdc26db0aa6509fe1149d83c4d51af58a9cbd03542ad869caf0c4beef5fa95a000d5279120521c7fdeaee3bf02566cd31653bf9d922c3fd19337d67ac423f9f703548264d47def847e2a399142dc7eb029eeecaf8eefadbea94a784ba1a4662d04329ab82a42d6f7ad3a245b00894304f2bd49e9387ea1066aa0e1e6a99f95661e66834f327d342838781ccfe067c2b3f4a7a46bf70c7412df13e7f10d5573649b83ea855dae57e450818f33fb54c07d3e84c082d555f9dfb918c8ba2ebde2f4bb6183f1a574b1c7ef6b5e9eda7b5291e0dd9a27f427dbef3419a05b2dcf774a76b0cc541136bacfd99909a915816b0b835cb1c78989dda1e2b58c3f046ebe89c0d01cfcea6a0ad8d862841846d39af43bf9159dcf50d49d5f86fc65dc577550ddfd23f2cb524bf6007e9bc38701ffe48b97e76a2d41ca135101d0cc55726301163ecf9a0688651b507decf508b1fa7ceeb0ca94e382b89b7e4647e5d17fbb8d86c9edf9b585d41d85e1f4af65ec464332558f301f37abb367ca12600899f2e2aa6ae65f83b80931e7871bea4ad0563002ce65cd1e645e942272081c463339349d37e85d332bd1acab97fdff4fa46969e53e748974727d1af051630977fc677a0dd3f90719241ed5d14fb91fa6fe8d657b08c34b2f270fde2d8f44d2494b5f8ce0c773a815c46aba9407344b57faacead8e9879404d1f127ecd2b7ffcdd1b623057ddcf51c564f6e42ed9090f07f5ebe2c47e0c5dd266d2aa4fbc7199017c2249cd67a75f94bdc2d9a20d0aa4dfd3e1acd619248dad7fd2b65ba29ee4f386402725347663eca98b3e4e6dc1e4bc060dda79dc127d89ca313078a572727d7f8e84f4c717509fd80c9d55682853770c86549670f20974c227319c1c0eaaa0b9c571869f6bf823bb78a525b8924b6657d19365a08787bc3899c79be01e00e44d7599485234a4afdf8ccce6c034af8b4e3531379d7674cd0da8af723d39f93a5c16dac8fe6aecc4b7a1a4524bc6382baf16a3747bd2185ba3a8976c33662bf4c649bcc0e57f5b8534f38463a4f354a0bff542485237aa499e749ce7bf84190db5f387eb36ee5325cb641a96c16a3448e5ef4b7c600a24b062608870ba7cf5ed3740a2fa039964a9eee4c95f39a9194e2a9b2f236fe6eadc53b10373a7bfe79b537b4db89c5b37f85a7c6b47f533f6faa43e76f342ad0f00c7c8b797115d07d0a5a31adb49abb91e3657b758b929e0ac2dc24e154ea30c5de8ad050d1cc6edcbcd196626d59ca82e33222e1b59557fc99f027eeffc423f15c4f088c3317eea71976834805e40f00e0deea1a56b30aa1f8b1b61a6f1a06dcf38977130651e4cab4327a2d01738cfd10fe607cebc3498be9e8f3c33bb005e6780ed1e46784b4fd85ad9bd51da730e98efc121092ad7133058c675a31cb666a16f771ba4e56956883409c8c1cd26696764682e1cc7b37e60a354476e33ce367af77b6a30c758eafbbf85cc8a0cd19d669dc0748302b5ecddc38ff12e2eb58bd4a6d0bdbead5d3ece47f8a7a75df1433187fcf177b85d3f916a0109e632dca8570ad84996c6f111125cd49654c3947273f7acf690a02165fcbc876799e8a77d1ff1e0a774ca522a5cce768fb5bdad38ca20c14f1218c0a5"]}, 0x1114}, 0x1, 0x0, 0x0, 0x1}, 0x10)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x268ac2, 0x0)
ioctl$TCXONC(r3, 0x540a, 0x0)

20:55:13 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2) (fail_nth: 1)

20:55:14 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xfffff800, 0x0, "76000000000000103afe1d0457d41400"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
r1 = dup2(r0, r0)
ioctl$TCSETAW(r1, 0x80086601, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "2b88d68bc5f9d328"})

20:55:14 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x3ff)
ioctl$AUTOFS_IOC_FAIL(r0, 0x9361, 0xffffffff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140))
r1 = dup(r0)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/84, 0x54}], 0x1)

[ 3382.705247] FAULT_INJECTION: forcing a failure.
[ 3382.705247] name failslab, interval 1, probability 0, space 0, times 0
[ 3382.709638] CPU: 1 PID: 15676 Comm: syz-executor.6 Not tainted 5.10.234 #1
[ 3382.711115] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3382.712905] Call Trace:
[ 3382.713458]  dump_stack+0x107/0x167
[ 3382.714239]  should_fail.cold+0x5/0xa
[ 3382.715056]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3382.716185]  ? tty_buffer_alloc+0x243/0x2b0
[ 3382.717108]  should_failslab+0x5/0x20
[ 3382.717917]  __kmalloc+0x72/0x390
[ 3382.718659]  tty_buffer_alloc+0x243/0x2b0
[ 3382.719553]  __tty_buffer_request_room+0x156/0x2a0
[ 3382.720606]  tty_insert_flip_string_fixed_flag+0x91/0x250
[ 3382.721784]  tty_insert_flip_string_and_push_buffer+0x3e/0x160
[ 3382.723050]  pty_write+0xe6/0x110
[ 3382.723806]  tty_send_xchar+0x29b/0x3c0
[ 3382.724655]  ? tty_write_message+0x140/0x140
[ 3382.725596]  n_tty_ioctl_helper+0x191/0x3a0
[ 3382.726514]  n_tty_ioctl+0x56/0x370
[ 3382.727289]  tty_ioctl+0x912/0x18b0
[ 3382.728070]  ? n_tty_write_wakeup+0x40/0x40
[ 3382.728986]  ? tty_fasync+0x390/0x390
[ 3382.729798]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[ 3382.731024]  ? __sanitizer_cov_trace_switch+0x45/0x80
[ 3382.732131]  ? do_vfs_ioctl+0x283/0x10d0
[ 3382.732996]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 3382.734118]  ? generic_block_fiemap+0x60/0x60
[ 3382.735076]  ? lock_downgrade+0x6d0/0x6d0
[ 3382.735970]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3382.737001]  ? wait_for_completion_io+0x270/0x270
[ 3382.738029]  ? selinux_file_ioctl+0xb6/0x270
[ 3382.738964]  ? tty_fasync+0x390/0x390
[ 3382.739790]  __x64_sys_ioctl+0x19a/0x210
[ 3382.740655]  do_syscall_64+0x33/0x40
[ 3382.741474]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3382.742572] RIP: 0033:0x7f4d0d143b19
[ 3382.743364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3382.747318] RSP: 002b:00007f4d0a6b9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3382.748956] RAX: ffffffffffffffda RBX: 00007f4d0d256f60 RCX: 00007f4d0d143b19
[ 3382.750480] RDX: 0000000000000002 RSI: 000000000000540a RDI: 0000000000000003
[ 3382.752011] RBP: 00007f4d0a6b91d0 R08: 0000000000000000 R09: 0000000000000000
[ 3382.753533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3382.755054] R13: 00007ffc772ad71f R14: 00007f4d0a6b9300 R15: 0000000000022000
[ 3382.756621] 
[ 3382.756631] ======================================================
[ 3382.756640] WARNING: possible circular locking dependency detected
[ 3382.756645] 5.10.234 #1 Not tainted
[ 3382.756653] ------------------------------------------------------
[ 3382.756660] syz-executor.6/15676 is trying to acquire lock:
[ 3382.756666] ffffffff84f0dca0 (console_owner){-.-.}-{0:0}, at: console_unlock+0x2e1/0xb40
[ 3382.756688] 
[ 3382.756694] but task is already holding lock:
[ 3382.756699] ffff88801d276958 (&port->lock){-.-.}-{2:2}, at: tty_insert_flip_string_and_push_buffer+0x2b/0x160
[ 3382.756721] 
[ 3382.756728] which lock already depends on the new lock.
[ 3382.756731] 
[ 3382.756734] 
[ 3382.756741] the existing dependency chain (in reverse order) is:
[ 3382.756744] 
[ 3382.756747] -> #2 (&port->lock){-.-.}-{2:2}:
[ 3382.756768]        _raw_spin_lock_irqsave+0x36/0x60
[ 3382.756774]        tty_port_tty_get+0x1f/0x100
[ 3382.756780]        tty_port_default_wakeup+0x11/0x40
[ 3382.756786]        serial8250_tx_chars+0x51f/0xb00
[ 3382.756792]        serial8250_handle_irq+0x4e4/0x660
[ 3382.756800]        serial8250_default_handle_irq+0x96/0x210
[ 3382.756806]        serial8250_interrupt+0xf4/0x1b0
[ 3382.756812]        __handle_irq_event_percpu+0x2ef/0x6d0
[ 3382.756818]        handle_irq_event+0xff/0x280
[ 3382.756824]        handle_edge_irq+0x249/0xd00
[ 3382.756830]        asm_call_irq_on_stack+0x12/0x20
[ 3382.756836]        common_interrupt+0xdd/0x1a0
[ 3382.756842]        asm_common_interrupt+0x1e/0x40
[ 3382.756849]        _raw_spin_unlock_irqrestore+0x25/0x40
[ 3382.756854]        uart_write+0x304/0x580
[ 3382.756860]        do_output_char+0x5e8/0x870
[ 3382.756866]        n_tty_write+0x4c9/0xfe0
[ 3382.756872]        file_tty_write.constprop.0+0x529/0x910
[ 3382.756879]        redirected_tty_write+0xa5/0xd0
[ 3382.756885]        do_iter_readv_writev+0x476/0x750
[ 3382.756891]        do_iter_write+0x191/0x700
[ 3382.756896]        vfs_writev+0x1ae/0x620
[ 3382.756902]        do_writev+0x139/0x300
[ 3382.756907]        do_syscall_64+0x33/0x40
[ 3382.756914]        entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3382.756917] 
[ 3382.756920] -> #1 (&port_lock_key){-.-.}-{2:2}:
[ 3382.756941]        _raw_spin_lock_irqsave+0x36/0x60
[ 3382.756947]        serial8250_console_write+0x9f5/0xc60
[ 3382.756952]        console_unlock+0x82a/0xb40
[ 3382.756958]        register_console+0x40c/0x850
[ 3382.756964]        univ8250_console_init+0x3a/0x4a
[ 3382.756969]        console_init+0x24c/0x356
[ 3382.756975]        start_kernel+0x2e6/0x489
[ 3382.756981]        secondary_startup_64_no_verify+0xbe/0xcb
[ 3382.756984] 
[ 3382.756988] -> #0 (console_owner){-.-.}-{0:0}:
[ 3382.757008]        __lock_acquire+0x29e7/0x5b00
[ 3382.757013]        lock_acquire+0x197/0x470
[ 3382.757019]        console_unlock+0x360/0xb40
[ 3382.757024]        vprintk_emit+0x1de/0x4e0
[ 3382.757030]        vprintk_func+0x8b/0x140
[ 3382.757034]        printk+0xba/0xf1
[ 3382.757040]        should_fail+0x47a/0x5a0
[ 3382.757045]        should_failslab+0x5/0x20
[ 3382.757050]        __kmalloc+0x72/0x390
[ 3382.757056]        tty_buffer_alloc+0x243/0x2b0
[ 3382.757063]        __tty_buffer_request_room+0x156/0x2a0
[ 3382.757070]        tty_insert_flip_string_fixed_flag+0x91/0x250
[ 3382.757078]        tty_insert_flip_string_and_push_buffer+0x3e/0x160
[ 3382.757083]        pty_write+0xe6/0x110
[ 3382.757089]        tty_send_xchar+0x29b/0x3c0
[ 3382.757095]        n_tty_ioctl_helper+0x191/0x3a0
[ 3382.757100]        n_tty_ioctl+0x56/0x370
[ 3382.757105]        tty_ioctl+0x912/0x18b0
[ 3382.757111]        __x64_sys_ioctl+0x19a/0x210
[ 3382.757117]        do_syscall_64+0x33/0x40
[ 3382.757124]        entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3382.757126] 
[ 3382.757133] other info that might help us debug this:
[ 3382.757135] 
[ 3382.757140] Chain exists of:
[ 3382.757143]   console_owner --> &port_lock_key --> &port->lock
[ 3382.757167] 
[ 3382.757173]  Possible unsafe locking scenario:
[ 3382.757176] 
[ 3382.757182]        CPU0                    CPU1
[ 3382.757188]        ----                    ----
[ 3382.757192]   lock(&port->lock);
[ 3382.757205]                                lock(&port_lock_key);
[ 3382.757218]                                lock(&port->lock);
[ 3382.757229]   lock(console_owner);
[ 3382.757239] 
[ 3382.757243]  *** DEADLOCK ***
[ 3382.757246] 
[ 3382.757252] 5 locks held by syz-executor.6/15676:
[ 3382.757256]  #0: ffff888018175098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x90
[ 3382.757281]  #1: ffff888018175130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: tty_send_xchar+0x1e2/0x3c0
[ 3382.757306]  #2: ffff8880181752e8 (&tty->termios_rwsem){++++}-{3:3}, at: tty_send_xchar+0x22f/0x3c0
[ 3382.757331]  #3: ffff88801d276958 (&port->lock){-.-.}-{2:2}, at: tty_insert_flip_string_and_push_buffer+0x2b/0x160
[ 3382.757357]  #4: ffffffff84fee020 (console_lock){+.+.}-{0:0}, at: vprintk_func+0x8b/0x140
[ 3382.757381] 
[ 3382.757385] stack backtrace:
[ 3382.757393] CPU: 1 PID: 15676 Comm: syz-executor.6 Not tainted 5.10.234 #1
[ 3382.757403] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3382.757407] Call Trace:
[ 3382.757412]  dump_stack+0x107/0x167
[ 3382.757417]  check_noncircular+0x263/0x2e0
[ 3382.757424]  ? stack_trace_consume_entry+0x160/0x160
[ 3382.757429]  ? print_circular_bug+0x470/0x470
[ 3382.757434]  ? memcpy+0x39/0x60
[ 3382.757440]  ? alloc_chain_hlocks+0x342/0x5a0
[ 3382.757445]  __lock_acquire+0x29e7/0x5b00
[ 3382.757452]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3382.757457]  lock_acquire+0x197/0x470
[ 3382.757462]  ? console_unlock+0x2e1/0xb40
[ 3382.757468]  ? lock_release+0x680/0x680
[ 3382.757473]  ? lock_downgrade+0x6d0/0x6d0
[ 3382.757479]  ? do_raw_spin_lock+0x121/0x260
[ 3382.757484]  ? rwlock_bug.part.0+0x90/0x90
[ 3382.757489]  console_unlock+0x360/0xb40
[ 3382.757494]  ? console_unlock+0x2e1/0xb40
[ 3382.757499]  ? devkmsg_read+0x730/0x730
[ 3382.757504]  ? lock_release+0x680/0x680
[ 3382.757510]  ? do_raw_spin_unlock+0x4f/0x220
[ 3382.757515]  ? vprintk_func+0x8b/0x140
[ 3382.757520]  vprintk_emit+0x1de/0x4e0
[ 3382.757525]  vprintk_func+0x8b/0x140
[ 3382.757529]  printk+0xba/0xf1
[ 3382.757535]  ? record_print_text.cold+0x16/0x16
[ 3382.757541]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3382.757546]  should_fail+0x47a/0x5a0
[ 3382.757553]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3382.757558]  ? tty_buffer_alloc+0x243/0x2b0
[ 3382.757563]  should_failslab+0x5/0x20
[ 3382.757568]  __kmalloc+0x72/0x390
[ 3382.757573]  tty_buffer_alloc+0x243/0x2b0
[ 3382.757579]  __tty_buffer_request_room+0x156/0x2a0
[ 3382.757586]  tty_insert_flip_string_fixed_flag+0x91/0x250
[ 3382.757593]  tty_insert_flip_string_and_push_buffer+0x3e/0x160
[ 3382.757598]  pty_write+0xe6/0x110
[ 3382.757603]  tty_send_xchar+0x29b/0x3c0
[ 3382.757609]  ? tty_write_message+0x140/0x140
[ 3382.757615]  n_tty_ioctl_helper+0x191/0x3a0
[ 3382.757619]  n_tty_ioctl+0x56/0x370
[ 3382.757624]  tty_ioctl+0x912/0x18b0
[ 3382.757630]  ? n_tty_write_wakeup+0x40/0x40
[ 3382.757635]  ? tty_fasync+0x390/0x390
[ 3382.757642]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[ 3382.757649]  ? __sanitizer_cov_trace_switch+0x45/0x80
[ 3382.757654]  ? do_vfs_ioctl+0x283/0x10d0
[ 3382.757660]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 3382.757666]  ? generic_block_fiemap+0x60/0x60
[ 3382.757672]  ? lock_downgrade+0x6d0/0x6d0
[ 3382.757678]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3382.757684]  ? wait_for_completion_io+0x270/0x270
[ 3382.757690]  ? selinux_file_ioctl+0xb6/0x270
[ 3382.757695]  ? tty_fasync+0x390/0x390
[ 3382.757700]  __x64_sys_ioctl+0x19a/0x210
[ 3382.757705]  do_syscall_64+0x33/0x40
[ 3382.757712]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3382.757717] RIP: 0033:0x7f4d0d143b19
[ 3382.757736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3382.757743] RSP: 002b:00007f4d0a6b9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3382.757756] RAX: ffffffffffffffda RBX: 00007f4d0d256f60 RCX: 00007f4d0d143b19
[ 3382.757764] RDX: 0000000000000002 RSI: 000000000000540a RDI: 0000000000000003
[ 3382.757772] RBP: 00007f4d0a6b91d0 R08: 0000000000000000 R09: 0000000000000000
[ 3382.757780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3382.757788] R13: 00007ffc772ad71f R14: 00007f4d0a6b9300 R15: 0000000000022000

VM DIAGNOSIS:
20:55:14  Registers:
info registers vcpu 0
RAX=000000c0008063b0 RBX=000000c000320a80 RCX=000000c000001e00 RDX=000000c000001e00
RSI=0000000000000000 RDI=0000000000000000 RBP=000000c0008063c0 RSP=000000c000806330
R8 =000000000093a1c0 R9 =0000000000000001 R10=000000c0073323c0 R11=0000000000000001
R12=ffffffffffffffff R13=000000000000003d R14=000000000000003c R15=0000000000000200
RIP=000000000040c285 RFL=00000246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA]
SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 000000c000320b10 00000000 00000000
GS =0000 0000000000000000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00005594ecd61eb8 CR3=0000000019438000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000004157dff400000000 XMM03=ca661de2791c550130ee9d1061cd3a43
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=49d015b601fef109dfa0202fd5e78c0c
XMM14=00cd4db5b9aaed6f7a428cdc0b1c8e93 XMM15=0f28e87aacdcdebe73b33eb2cffe8d8d
info registers vcpu 1
RAX=000000000000005f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822dde81 RDI=ffffffff879f3140 RBP=ffffffff879f3100 RSP=ffff88806cf09c90
R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000001
R12=000000000000005f R13=000000000000005f R14=ffffffff879f3100 R15=dffffc0000000000
RIP=ffffffff822dded8 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f4d0a6b9700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f4d0a6b8f78 CR3=0000000053d8e000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=ffffffffffffffffffffffffffffff00 XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000