0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[  814.588100] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
22:59:57 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0", 0x2d, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[  814.681059] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
23:00:11 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:00:11 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0", 0x2d, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:00:11 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:00:11 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone3(0x0, 0x0)
clone3(0x0, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000100), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x20, 0x0, 0x100, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x4080)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000100), r0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000000140)={0x11060900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x1c, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_GET_SCAN(r1, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x28, r3, 0x4, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x1, 0x37}}}}, ["", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x40841}, 0x804)

23:00:11 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:00:11 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:00:11 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r2 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6)
fcntl$dupfd(r1, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r0, r3, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:00:11 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[  828.173902] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
23:00:11 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:00:11 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:00:11 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:00:11 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0", 0x2d, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:00:11 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:00:11 executing program 5:
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x10001, 0x30341)
ioctl$SCSI_IOCTL_START_UNIT(0xffffffffffffffff, 0x5)
r1 = dup2(r0, r0)
pidfd_send_signal(r1, 0xf, &(0x7f00000000c0)={0x34, 0x5, 0x9}, 0x0)
syz_read_part_table(0x7, 0x2, &(0x7f0000001280)=[{&(0x7f00000001c0), 0x0, 0x5dc7}, {&(0x7f0000000280)="0ee690244eb9a8c538da833095db5f695d8cc2e377971da08c1190f9bb4a8dfbce4c507614a9465a0349093091d62988d331b9b8022ea4b09794334fd848fb8015c543cc64ca4784beaefda79616e5d71937f9d6080eaab5ac4d8b578e1fcf43a44dcdd989028a09ddee04e1ccbb637bdaafe516a848f71f085d02cd3e8e5b55fa7e16b5750b699138864ab5f05a7c34c183106f2332f0aafc41319890cd1ff8b4023cbae532db490d4c615991797a2b709578484a25e36885a67d601fa449d226e9ad9d37c91cca75379d9f16eb418889d701823fde932cd632c1b0d80d0f6636e3fd087c14b375c4eb741859997b95bbefc25f1ca3cf159ec3e16c572575916b14623975845f782ccf5829e3fa3550ccd82c96483fb1c5176d6baa2849a7403e101f5c79fa58d26189a26afedf3ba748cb4563f68824ed91c676dd40d8c78f7645b9570793ec6fa12a9a1b1e35421362871f68172d11334a47feeed242688a91060d31ac9fc4d742842449921cda32fc2b4465314da749091e2ced8ade936aae2067e7a50dcbec239b5117921604912184c3cdb3694bc5e3b89ad94d95cb55634fa149c0d1978fdeb5548f432696cf35dc54ce463de275c75b8dbb9628a384d432a35a092ccb0b4901163572a1bf969e89ed347570c8a10e746138cb12f28d9ed593ca1264867beb26b161e0d5ddd0d0a0e81de43718d3fe999fd057412865d64ab902622f16e3a8b6b239f18d765e1d8f346dc206869efce0cbd76c23ca5d6a010812a99ebee84f9468d84da17031a390cfd557ca5dbd06220ae1c7c05e5838fc97b3bd90839f8cb60309c3e0c4ce7f8223bf214b76f1868e63191be3f151faf2ab6d22c0f3490ece7794c932acc51653ea84c9c94050e9d37ddf932017a87e4ca1590e77a7aa93134fbec4b467669c68d969164abe638056eb2a608e96195764512798fbee0a74e15f30f0336ce58c5c25aa586b8744dd690ce3ae12693b1d02b5ddd0d047c063cc3c5a77faa37e34b9494ca2004cd3694ccf54c3cdf6ba15b43e623fdf010028582a51934847b311ae44b6fd030f82bd1dbf412f00cd91d20d5acd4fbf81262060f23149d16d99fb4f93042846979b8a2617d1de3a609d48cb2d6b36dfd1fcd5997fe2c2adab54346b8348f03dcb951a114441e65c08a714a1984cea0b4021a87a3b637b43561948fa5bb4568ca622626d235b2e39722fe2e1bc994381c3a2c1deb746135133be292689f4acd4850ab67979a0de7073ebd536b0637e229ca2d98c3d7cbfcfc85f74c4b097e23265387009f18f968b43ddab55c0e0fd02b95f8d1b72095fa2a2f8a076cd6954a92e395173cf327358bdfeec998ed1491c43c9c802b29fff894466666268e72b771a50df90b9c7380a65519f9ba1ef596eec6f6ebb63626bc85e173fd882f2cc8aa4e5b8c23178e75f9daa02b2f805879592ed3812ac0268c6d0036d27dba10a32344981ae1c8859ed5641cc9fa99c30f351e19da05b89729dd1fe2635ffa3dbfe81df7037d24bf5b53b4a29c73696ad76b8b7bbcb732516c32cd847fcbe7c8402df3fba484a92a5a4a92c6302fdbde36c704fd814a714e9a5978fbf164f7f9fca1fc0828db5236adeae9ebf313833926bbcd59e1f52c6414ea2167ba50c082edbdfa2c4e46e053c1d27005b0c776d2865d1f1ef7412b4705a5ac360cf15e12b74f43fedf1348eec51f39ceb4ce3f02948f33c07c90899651f1dd452d61d589b8a6c2d9c45e146bf1732c3b307bc765ed221ad632e4e7e7b9f7001ba7805b73917d16dc659e5c4f001e1b67c90001bedbb9519c717f321ab53442a07285d50710ed96f5744f55b14d101ed062305ac7152f39815be089383fd6c8afb16eb4c9c7cc7bb2d6cf51e566958e7b264983e82ddfea9379b8965933c694cf86e7e3399bdf976d47b0da225e455ffe5a1c90e3c0529ffa0ad7a9464123da47bf70625037b07fa75efe6854f4942df5bec82865f71c6f559026f78d11532e30a427a29705e00d7e6e361382249f5b7b714f1f6146efd881dff47ea48923770fab7c0cdfacf88345f12cf41ede28a3ca51c685963ef16b61da53848df200f1cc3754090c5ae52aab68069e60ad80bf30b03399c7b382c46b9dac1a0168877a687639f9ea9c30b92b654bee40abe7d1c577a5903baf2765f893963446692fa822c4af955c41bf4e68c964a6679695230c496faa76db4d7a1710ae4f5e45938674f6e0a30238ca2d229cf85409ee84e0b259c0544bb89ec367691ce60e7b58097bf355765c926c3b76c681370c431e76cfff07405c82baa3188817d7568f5e7c327c142d440714faaadbc36d482ba54094325933619555ca49bd0785923214769155a8f5d84e050372c2b4d642d0d5f5cab40d928a02915bca3590878fc4f213db4769075f9f3aeb8d16892ed8ef2bf9b72f875a33a6b1e60490627b8e685724a53f49c082482af9943d3c8a2268ebecf4efca8d3fb8184f1c90847aa35acef8698170c67785adaf02b28dffebe3d88d2b2ffd1c7047bb5fa06c9092e3f6481ddeb6c5b8477ae326450bec74f965a2fe6cf103b229db857fcaf952faf86973da407e1ef9531dae174e75350a40d171ceb6e0be4690245390600774e00e00fe908842b543e5c8cf7b2905b55bf62c86bfd28c05044205e408acf5f89bec4095cee945c41e513a29b01767edd924769e2ede62d6db426340a6468b550b9d1ee444f202e722fb3e010891190efcfc27c08facdae98123b838a87d2b691e1a0975958cb297472e59a9fea38b0fc2d5c514f07de7e84cd7b22f34e664bfdf6ffcc963a92781e791e42669350308c76022965cd36d57afb79ea78099bb34b9ab85972c812c9251931fc586ad52b4169f32b64a79a8a0d20d675e3f8f072122891f6ae838972cdcb978cb0140cd60af711caa126fa53c6bf748d6550098806a770a576f25b0fa100d1f0620e7c187c3a88918a48a7407e6ace5d219b4ea9f4662c84bda44f0ea98d2d0dd8f05bbe5b58be5d2b4082dd2e0e31d3ec80ecf3a0bc525c4b9847211515601545cd2119c60327173a20858e04ae9aeb440d0b5a74c2eb7fd1325bf15d9140c9063334eef6efa21ff96aec25732db89f16861be0f1d6844313c82f25136139fe3bf7f0e5275513870359", 0x8c0}])
pidfd_getfd(0xffffffffffffffff, r0, 0x0)

23:00:11 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:00:11 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[  828.406455] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
23:00:11 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000000280)=<r1=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r2, r1, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:00:11 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:00:11 executing program 5:
mlock2(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0)
sigaltstack(&(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0))
r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x20, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sigaltstack(&(0x7f0000ff7000/0x4000)=nil, &(0x7f0000000000))
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x3)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/snmp6\x00')
readv(r1, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/4089, 0xff9}], 0x1)
r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0xe8b82, 0x0)
r3 = syz_io_uring_complete(0x0)
io_uring_enter(r2, 0x630a, 0xce52, 0x2, 0x0, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000000)={<r4=>0x0}, &(0x7f0000000140)=0xc)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000100)=0x800, 0x2, 0x3)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=ANY=[@ANYBLOB="b800000013000100000000000000000000000000ff02000000000000000000000000000100000000000000000a00403c00000000b430caeacd1ab5df1d46482ec49af9e505171d4b5fad90ec7942ca1654bfccb7c9b628b4bde6eb10989e701397e5a970ae80637b017299502d5ceb903fd607284d9cfa9d3710d614d2eb7ed84c315eaaf7fba06d61", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/112], 0xb8}}, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
dup2(r0, r5)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x5, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1, {0x0, r6}}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x3, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r6}}, 0x4)
fcntl$lock(r2, 0x7, &(0x7f0000000080)={0x1, 0x1, 0x8, 0x2c0, r4})

23:00:11 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:00:11 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:00:26 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:00:26 executing program 5:
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000140))
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00')
r2 = socket$packet(0x11, 0x2, 0x300)
r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0)
read(r3, &(0x7f0000000000), 0x1b4000)
socketpair(0x10, 0x1, 0x1, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
setsockopt$packet_int(r4, 0x107, 0xf, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000380)=ANY=[])
r5 = fsmount(r1, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x7002, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
r6 = openat(r5, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r0, r6, 0x0, 0x100000001)

23:00:26 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:00:26 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:00:26 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000000280)=<r1=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r2, r1, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:00:26 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:00:26 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r2 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6)
fcntl$dupfd(r1, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r0, r3, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:00:26 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f", 0x44, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:00:26 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000000280)=<r1=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r2, r1, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[  843.381210] EXT4-fs error (device loop3): ext4_fill_super:4962: inode #2: comm syz-executor.3: iget: special inode unallocated
[  843.384274] EXT4-fs (loop3): get root inode failed
[  843.385267] EXT4-fs (loop3): mount failed
23:00:26 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:00:26 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:00:26 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:00:26 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f", 0x44, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:00:26 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, 0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r2, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:00:26 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:00:26 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:00:26 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:00:41 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, 0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r2, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:00:41 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r2 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6)
fcntl$dupfd(r1, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r0, r3, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:00:41 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:00:41 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:00:41 executing program 1:
socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:00:41 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = dup(r0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r2, 0x4b40, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f00000000c0)={0x0, <r3=>0x0})
sendmsg$nl_generic(r1, &(0x7f00000019c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001980)={&(0x7f0000000100)={0x1844, 0x29, 0x200, 0x70bd2a, 0x25dfdbff, {0x15}, [@typed={0x7, 0x4c, 0x0, 0x0, @str='syz'}, @generic="fb80379576ac54fe535c2ac36e584fe6b1f631e8852eeea6a985231e42de178095060caee86c7d7735f88e77c6b1a22f33688a652cc258f8f70d0853310a4554ad1692e4180bb795be7478d574354bbc68be97be5897a306696222764489a0d4b44a399ac5adefb70482116ae12bf29fe6c2dc06791fa4388468ab30e698810c5ba7b74bc0e9352269364e598eb828c9775484900a04e7ff650bcee90c8b41805b63c5bff6f98e45e226e689e291fa0b21a895f4af55c3dcee931d468a20", @nested={0x14a, 0x19, 0x0, 0x1, [@typed={0x4, 0x63}, @generic="dbe3d1ac565252789bbff4829b16ac473148d739916b734e4d8a971affcd4edb539224b71d20395b978421511233bc2f19d4fea804e3d7f2de1a1f635ebc6ec488108d0a9b5e026b8120a762ed06e27c3ab09d200b8e94202150212376d6f66b1f75cef529437f62b0c9ecf61ad345f47984fbab907a627d5d686109af4eb3fb83db182e9ff2218ffe", @generic="517351ff8b70e85426ad4421dbdad9572ab18dd0aea2a4a40d97299e2c691e5b8c6d27dbc1cd0e3554e88e3d1dd1a600ce1bbe2da7b5df95a7dedbaa7047725fd69902dd0da9ba35419ed1b1bd7ac96879e9f6535d523c32559f02e7c0b7136b495b841f65f3b43c5321f3", @generic="e3f7c89dfd16d1c387aa29f41ee4364de3aa3b99a1463757b73ca65a89bb290eef7f3a6d8eae750101baa0838f7bcea3f06aab5f36bcbcd13772956db0a566891f0a5db8483cf30e2ae322fdae94"]}, @generic="99fe1946af85333bd095e91c4ba29317cd18737290e5511f5f1f7b0123a046341fc9f2d0b54b009db4f0010f406ec1bfe9e570cd312c314f75e3b5f2df0e5dada20f25464a717d86a418c0e723cf5af81dd723aab3c66ca6434b2e89c2", @nested={0x1c0, 0x12, 0x0, 0x1, [@generic="96e1b4846535e415fe197ba896a5cf02eab2b863d932a67c2914e0634699412ea00a03dd02640084ed44d516521beb583f775730ed7864c8336824f586c4c3c731330f81e0ecca95da4cbe607c9a8c730fcc2dea0633642b5140d2f26b7369c658e7913afeac142063427e26b6ed80e904e80e7f4fb494ffe393b5aca43811c353462e884ecada025c583866c270b58d7a15", @generic="6be0b445b6a35d5bcdc0", @typed={0x8, 0x1f, 0x0, 0x0, @u32=0x8}, @typed={0xf, 0x40, 0x0, 0x0, @str='asymmetric\x00'}, @generic="1c236e9410735b1687d26c39f84b75226052", @generic="03b96f75350f084253fdd4563ecacc712a1fb350e6cf7ff22538684911d53d745787c0cbbe5500c7649b4fac391dcb0d05fb2d1b9298c69e7b5b1588b0b4f979dfb9dfc18f94dd25f30e310b99016b5e5c0ebeaac80702f24537e29af27d54dd8ed5e8d914f21a372df5c4af6a28e5009c1b086c40004e94b22ee223bda1375ca2bad9ca2e354c9d9a6b3373dde8eb18ade843c1f81ead9ddbbbdb262f8093180c56cf56a5e14fd874684a517dd204d2ad07d1323933b79365f0242f9ca1b2a7b3be8e3eb07a2b3ae9be988442b2f1acdc2e685e6eaac242911ba34303e1344f1ecd9a2799606241de7a445dd954", @typed={0x8, 0x7f, 0x0, 0x0, @pid=0xffffffffffffffff}]}, @nested={0x8, 0x76, 0x0, 0x1, [@typed={0x4, 0x43}]}, @typed={0x87, 0x58, 0x0, 0x0, @binary="0adc28a355e7c918a61cdeb41f4366bff0f36e3c9400d6b0791b2f4db69f8a9b844a6f9edee9acea0bf2df09c1dae6ed3f6946a37b84a25930284fab1ab32d5bb1f4ea9a2c003888ae45bb356665b7b80b840c0f6a5fc2845db37dcbe0bd45c5c3d741066c41b7b8f345d6cbf26d9d55e52b41c11ebe2a1258a15c6547df0a5ce6290c"}, @typed={0x8, 0x25, 0x0, 0x0, @fd=r2}, @generic="d827f824caaeec65a7d70cc291727d25e697c242c74856cac538c57183bc6c94e1bb73c0812ff6eabc575e3298a78b7645f026cf019fe9eda2ae3a5b1b9cd02f253dfe9fc3735bff633be219888ed27438db113a1392b6d3e06c6b40b7f789117c1039bf4a4918e39963954ed53e1409a8e0f88d19b60c3458b0e1223d942f03863cec8d9d2a60d30adfd00f4538e748378dde7439584b9fc95975e1b6990e3b0f0b47fbb9dcde018ea075bf49a1b2caba6661240c4a3f3e23475f3c9c7eebb33e882ee8592559b3c3985812af5984d881cb96ae81ac99e7ba926354d69c4bc46137b73f68ca490c67ac0d9c1f6c4cd5d638d97fca6a23bb32b3e8c7f6", @nested={0x1269, 0x26, 0x0, 0x1, [@generic="ac5c6c9b075818bbdf734473ae5bea8e46c5a43a49403905f90a450d7214c2aa4f7f1d9d3dac3632832e7178e1790449a83fb79d55f9ff3d4e611687bf80ae36791bc93969e5f472e58058b5d0f5c14f02efe808f3eb6f73cd7cde90fc7cc4483d960c79d04cb7bf8fcf89112349fc0faa0711ee1a9a674b1aceda7f0faef6e3c6fb682ac3a391510a7a8171c8c5a2b7b73aa02f1564cc138fab166b1ccc2504d2262d9a45be291f126f76b06c0f8756ac9691405eaae11cc41d47a2d1fab04bcf9f9f63983fe19de78c970931fd62f48272a4644224c20883c741967458feb122991222c1c44235837df0c0fd4ac72190b1af0728f29b3b2f88607d57c39ab68896bfe609d045223c37355507bb5d37d98d0221f375cef3d70cab42fd604a842b9f43f16893452e2ee684b974df5c88b0d5c19b288d0da31537e150386dbc51b943b44a82503499f3d3bae75c44347949efaf5436420ded97b02f441a77cdcd129462652dd98332b594c5345bc2b489b9c153780db1072b7f10ff80fbdfa05a4142ae9d65608a8d1b1c6dc36db15d313ee197385ae9e090f1ceeddd702c0084d13fc873a34e3fdd4da33dcd3efd389145891eb6acc1cf63de5db88f9405731da582d4a64a078ad9a9ded353d62aab916d0c34cf661f7bce2b85b6f7dc3cdd3303c8aa8cad79b2a07dbd1f8d353db17493d932215dd0cf89313c59cfc18bea3ce1da5261d2e258fc603bd29fbc7a0bf9f22414aa994858740a955c8f08cb53b54988e786fa744165a259b84429b8f3aed8013c8eb6cacafd6e97b0cec5db8c6a25cf420d70fec5e722dfa1050c6b20a518b0afae83b835185465d88fab59e3e1d6b58bb6ac4ffdec61db23dd9f05061393b7ceaba566de7d3cfaa237481e6c0409d75e902543e48a59f089e0faff28499af9e00497649dd9ef31a42c441ce8d74c081b011d4e5cc6104a84bed2317c0374b947bb5e12c20d5a2b343949024676285102ef0363815e32686edbd890151d24b770ef40b152a5a7835ee302cc0d718cd537f772f8708648acf77fbc7ff3946da4f7c0f07a8d424b93283c595b42839bc07477df87f0e2f9a7edc6df49e297d2721bb10bb3ff1c19a7dda49a6cc6da989288ace97ae54001a19f8e8c6abfd628eeed2aabbc7dc52ce4ef2d9c28691647eb24fd53f8ff4d7a5e58ad188cfd1d1bd4d66aff0b3af56f825df8c9a621a93bd796b87fc9db725089bae04a0990bc6ed8d77f2c7b43d5f90c1d213eea8931b3d6a8373eeb940d63c1b41617a5a71cdaca72861e32e7f9c23b41c24db751e28c4f436255cbfe91aca9190071789531c6fb5d52442a3cf376408e9e36a0ff8e97d61f7595e24477a11f608ffcfe8cff377bc910a10b8f016e32e96abb79ea5660d254d64fca3f6ec11547cb955ffd4c53240e91e153886254368a68acbd04c4d436179a0f3058dae58961673992ec870cba772039afebce3fb23681cc52668719a71865b8958ca8faedfbb4ce45fe34e7cd61efcb654911c6b8997cca6a9ec29fd27a9aa45d5cfa824c71256a4e9cfcf07a0c82ce2282308ad42e1a3903c8dff86d36a94d57089a3042211973d4a014ce4f823000d83ee508ad18c2ab9ebfda45565fd1f46de0e52eb15147d932996233ef655f0209e903a5148f79f2a40fccec1cd8e385e41a09d963404d2d6e5c69923cfec71b8ae452f68438c55954596ce752b20aa142179dcf9a1e2ea33cb392456682c4dc745f81724457a8ad680296d7960cef548596e9f1f812e36ae3c3855040d6ec3beda32ea066428be77d374a556f262be03d1999acd8f45d9a29c1797e1cf175add13db20619c2ab697f0914d80fa97b84bb0d1d37ae8e0f11e16f8b3f8a9659170b3a342c58d0fe81dcb78b091ec4d4e73ceb91bebd3856fcbeff0b6697936b15319fa88eab88cb80add137bd64f2ec09be057cd8789a0d631b9a9b51131f415d4c7421420ee6bb8539af38a656fc6babe6193f87a73ca52d6a75e7c833800a8e71320dc91edfee6f4348e14d57edb85701566461fdc1a806f0c12aa1c387d7eebfd9898b375b09f34f17984129f47d90f6fd35dcb16483cfea11c845bfd1de85e41710aaecbb5c182d6e6769ee9ec1b07182c342265a6f4e5485dc61491c2a223b7f582432ba5f9abbc550d494a22cb8397e50d8b966b3037daffd45b2c16a561c308fd93b772bfd99b859509e918758f249dfd166a8bfa9f67f4190a2204a8614bc7c4f20184989fc38d05d9460e623567afc4a7323655e7f280aaf18afa627709f40c84825e5140083d3417d32a29b6d0c8531ef12c25d6d34def135842c9cf48d442e0ff96760caa3b4426a79d8d7eaf56e0e3ec2b501846d96060845c8d1f4f7dff82124070fcb2d14ba43ce2568ea6cb5593b43493c0b40385b5adabcdada32e1389017faabcfcfba98d86cd52ff75a0accad50cedd9464e5e8c359f556cfdb05e3f47410228ec4571fa491c54c66ca46c2fc34958eb28fa257ce4ea0ca997427d7d1a04d135d2171f9392ca20f3c4459bb6480e8cef725588cd25bbeb69d8b75d5117fc0085de99650f7bc62ac6dbaff2af7691b68b12cfec0d2636dfcb773bb23290f5627ac8d56d79c9174d01cfdae756204832c4c81891034809bd3c7851a638cfe0be395c97e79d6438fe3400a4c19bca5bf0ed57a02ef33f3df74d91f139ef39b7c4167820dee9bb109e7aa12c5f3bc1e0b48cf55e23ed9c390e4121e22c7df3d4391b80f77b5cadc2d04bc86b59c317720c50ed793ab4eaee3560892fb60e206c4f70e43fe9d4d47e47be0560b5ad39d7b16466a20cdb719c922a3199d18b269d6088dcc0b3ce42f04dc6f0f63ac1f9aa17a97768d8aa0af1f377f739465a1eaa3d8d793ddf94587a6a221fed5259879a73dd587c33481111b62e8c5d090176e7437e58f66818150ecb4b4d267273a944eaa1a262f5522d64247c47e64ece5548248d61895ed5e9413de7f7ab5e27e985dabac89eea0f4c7b3af4f7522e12fc19e3ef29d561db36038d452185dd4ca3f028892930f303a409aac14d0e48790e7a259c72fcaa081bb4bd1bdb8f17947b24472c1a812b00ee5381da32662e50c05a70881a0b3769ebfe7e65e0f6896eb459bc2b9c2bf8f6471039ea4fd4efec2168b2049e21911ddf14a50638dc3eb72a463312bec3534227ae3d80925841a533afd45b9faad8b478ff1b3171227dcdb676a5a7524d31381ac00f9d44e0784d026aa6da7ab30d059c51809a434cccfa8eb26ae190fee37d4016280d50336663c9325760d901f9ba0564013bcf3927ee0e64b089ccb772adb77a6bc90b9b55c9b4ab6dc6e7145d3e6e822a8110b4060207ae334d8786f643bfe5ead52a6518783ccacbacd1e8228cd96d6eff4a8318761178f95644a2928797117d560c8ed6e538a48607229e307ed9ded076614fadcf0ac505385c5ef9d03eeb7034479dc1a899edaf1001880af4283b5551b519bc4ea8f32f48a0ab0e7f63993af6b7972f595f628308c383c95d2f45444a8f0160aa38125619a4bd24d04bd65236f762cb786eee6cbb339dbd0e52b618eebce1841385f83cd9b9b38874ed77403d23ad907191ef92269ecd99ef0afb1bd7f8aeb39fcf1ecb9443b577f7f3c1b209ca095aed56ce235f217ad3c7fb87d42d7e05d0a04b7a96be12d5ed6b56a78e32c5a0b45e8b7eed9d5a7075c5ae05315cbf466d5f63cc44d53fcfce583051fa11ba670e14bc353bac7b572b4ebe1a080ab28ccea002a09824290520439e9f8bfb5c53848f5d54f7524caccaa786626cba8c7ef2702a1346286a17e06dd30e4b185cb00e03073f4266c1bb24d3116cd367dfa5c5bb3e749877aeeb87477f63305ca3d32cb8688ce2491e02864482f0ee6c7c94d3c35977fbbc49b6977d66da069148c77a7f246dbed9165eb5308508f23db61f0746acb61a773c6eae9b61d4904b54eb42447e067056d4e12d74735bed2123bd0c44cb4e1b3e5297b3e0ff34d55bacd88ad508811359b5e4c3570c98c7eae5f8b0753399e0e21274bcfb6639186675cfab14502fd63658fb9a566a61e90f55336e7ac521163fda8bb89085bd92864d37837fba1a96cf984cc55aa9c0fc4d6e87519cc72726ccab6ed47b64d617583e28e097e26a11613612cf35b79fcb5b34743192e41ddeb409cf5a7221f22b7855d238b72b97ea3d3cb7565ee00d8f6bcc62c215a14a7cd9fdc7fed4b90c41fddcf81e02760a216a5fd16860b4de627adfbc493e2161e326fbb08a1d55f046eaeb537a0c67df7f2e4a7a25614c374077d0f696853439a61b28002ef41c053d49db87b791345bc61bff4752c6c6b72645651139eb479d5f1101e350811dae42a4b843065bb75e56deb22be4e336338f545d1d82b2f76e9ac816dab51f3d5ecfcf5db1712f639045147fdf831fb18f17c557f9d3310c9cf98fe9e17077cdba9f0cbce5b4f06a6757b50d646ab38ba1858b2500c7428e75aeea751034c91c6bdab656b974b85afa7658477f26cff33903955e0ed92c1289183447138e25ed35d280fbe8c2bd01d1ab29248f84f887535edabeb321ac83707d19fd0b1f96b0ea2f49d2da777e5aece6f8212906bceec107048aaba820a31e3e4a7f8014f6f030d9bece644b969318c42fd3b658107fc2bac369edd3a42fbe07e9363ad8087f975fad27def99db4869067c65cd34060ef7d1cefa132f615ccc37507868ec22a0703da1891c9927829e66d238827e381fc1acf399c165fd3a30a909549995bbd3cc4d82bd78cb710b637a126cc0b4a182f9c85de55081dd58e1781831e6ae4f441ca6cb09a4e41378ce3de610765e3d3aadbc2b9b93a703e7595ba4cb15559f8510d3263afe5cfc3a1df64cf48773161e456b0bf073ea8524bdc98dd047a9d090baf79550913294be8bf713fd169f887c64527c46a6397ee181175a4dd101aa619e99c023222ebb72a301566c255c957ad278dc134674e9571a99256f5947b930629353d7b338a8ac48f646d4eb5cc96bb9c0e330ff73fa461ccddff2e388a02ab3b00a5a2a4ff4c09fb34909c99c805ff032c0fe9f4aae831509e2fc5319c4ca2ed5a050da3a900373723466fe733a08c71e38651dfeb045b50e22dbd958de3c8e6f622b3987e3f52c1551ababae5830db4a5ceb25cb0e0c6c16fb155c0275f5569780d95e63c69ab9a06c8d5e531ac2a873f7dea8595ee96adf5c1c1987392265f9415b014e1ce855447d631a48b9d77b56a4fe652dd3e6e79e64f8457a49031b3a4722026924897505c6850142c1c10d0f773283a2fc645789962a05937a326c2f21d795acdff45dd1eea0f80abbc3ba50eacd984b1616604b5259b9b722522637e4745ecc2390bd9e1118dc597b4969b874406974603a308c687eb649302693c97f705cd09014f9af15d7416bfed5175e9b3d75f286fb923f84fa0334aa22538d5f687684f87cf2971c73672105d53a76805ad2e56b74e81b6a36b66d7748a4b4057c1f86303c88b249885ce15409e9c40e3f667c83c373c078ff2c32a8ce2badc84c8501147812e87bc84962116dc625919309c0c093d10919d57a80f38bff49fc1478cfdbfc4f3c17df9a51a7face589302c1fe894d925f9817f8d61b8624fe131dc9d7383661f90b24ade7fd42cb791f98a4e0c105028e37ac345186de68d8181b17961acba23d9a0c8842ce28ee97cbb47f9994394f019d03f5988fcb96e08ae82a9485340cad40dacccfd568be3128575ee3f0e0594a6e58c2ace93540fe080572fe33eb32438a7e1e", @generic="780f0f25aadab2112c53fde7d8eccd9c6fd882be6c30642afde8aca95698af7d9b30a0a5dc5fdc1316170776ba215268698e4d33927b92b36a2eef55937fd9300988e405f019cd4d0967a52d10fd0b08baf41e388f5a3d2377bcca419bac929800ebac679733842982f5e4cee20e2c3f4367756bce99c3340506701848b589bba938af19132914910a7217f037798e356a3184cd8a", @generic="62e30b43c55106f7d081e939e9d7e4a54d5c0e672722dc54da4c527efb6b7a7ba56e1c95004e132e5160b7c174757f85aaff5ab494c165332230f3cc039b82ea7dcd65b74baf6f0b213bdff016fd7b6cd270a6855516d2f1a306532bc1826d66e61fcf709a836ef644b8318ba76f638a75c86d9011997132c59ae7a5d28ace0fe21af4f6f193af87ec59a51a098247c5754f42656079ebd5b57fa4ff72fff099b22730e3cf366abc20ddceb7a8f3b5c240d3ada59f", @generic="fa88f941d5802ec6fc1f3ee7980ed323665632932b1556cf62fbb7cd7645cfe6255f5322eb8fb076c19e694cf0e8e367b6c3c14851390eac4f6f3d2685c0fe2e70afb5cea043659c4354fa74d28c8378fa7870ea490e676776dae237756d1f31a498ce6e3afd50f68dc82558", @typed={0x8, 0xc, 0x0, 0x0, @fd=r0}, @generic="784e742f905072cfc1c1def5063bbc348cb532", @generic="e8144915e45d8d673594093559a8c84f34dc66de95536d52599e6ac29ef70b83876ff41dcc04c12062d6cf5dd34822c23a06c810d5f6d3dfc160c9904f663e66c31e117f1dea8e815f46687642cfae8fb75473b52a0e3436e2aa06ddd703e262e04ae3217ff28fb96babbb28e241b6dbdee705cb51cbe4655a1e7c09aea31b88915a1afa0617d365aa42fbe8", @typed={0x8, 0x44, 0x0, 0x0, @pid=r3}]}]}, 0x1844}}, 0x4000001)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000080)={'syz', 0x3}, 0x0, 0xfffffffffffffffb)

23:00:41 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:00:41 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f", 0x44, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[  858.951835] EXT4-fs error (device loop3): ext4_fill_super:4962: inode #2: comm syz-executor.3: iget: special inode unallocated
[  858.953135] EXT4-fs (loop3): get root inode failed
[  858.954115] EXT4-fs (loop3): mount failed
23:00:42 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:00:42 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:00:42 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f0000000000000000010000", 0x4f, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:00:42 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[  859.112666] EXT4-fs (loop3): invalid first ino: 0
23:00:57 executing program 1:
socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:00:57 executing program 2:
r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:00:57 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f0000000000000000010000", 0x4f, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:00:57 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, 0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r2, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:00:57 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000001, 0x0, @perf_config_ext={0x5, 0x5}, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x457f, &(0x7f00000000c0)={0x0, 0x58c9, 0x2, 0x3, 0x89}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000040), &(0x7f0000000000))
clone3(&(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0)
read(r2, &(0x7f0000000000), 0x1b4000)
syz_io_uring_setup(0x5466, &(0x7f0000000140)={0x0, 0xccd4, 0x41, 0x2, 0x3e6, 0x0, r1}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000001c0))
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x401)

23:00:57 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:00:57 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:00:57 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:00:57 executing program 1:
socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[  874.382008] EXT4-fs (loop3): invalid first ino: 0
23:00:57 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:00:57 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:01:09 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:09 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:01:09 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x804, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_usb_connect$cdc_ecm(0x3, 0x50, &(0x7f0000000000)=ANY=[@ANYBLOB="12010002020000082505a1a440000102030109023e000101c1e015090400fb0321550d24ff0000cb0351775d8bc25e8409017d09050302"], &(0x7f0000000240)={0x0, 0xfffffffffffffffd, 0x45, &(0x7f0000000080)={0x5, 0xf, 0x45, 0x3, [@ss_container_id={0x14, 0x10, 0x4, 0x73, "27d7474d5e78b47fb717d5d3f77cfbac"}, @ssp_cap={0x18, 0x10, 0xa, 0x47, 0x3, 0x3, 0x880, 0x3704, [0xbe00, 0xffc000, 0xde]}, @ssp_cap={0x14, 0x10, 0xa, 0x1, 0x2, 0x5, 0xf00, 0x3, [0x3f00, 0x3e8f]}]}, 0x1, [{0x2, &(0x7f0000000280)=@string={0x2}}]})
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x24, 0x1d, 0xc21, 0x0, 0x0, {0xa}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @typed={0x8, 0x1, 0x0, 0x0, @u32}]}, 0x24}}, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x4040, 0x42)
clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r2, 0x4b40, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40286608, &(0x7f0000000140)={0x0, 0x100000001, 0x3, 0x1, 0x11b2, 0x7ff})

23:01:09 executing program 2:
r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:01:09 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:01:09 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f0000000000000000010000", 0x4f, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:01:09 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:09 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, 0x0)

23:01:09 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[  886.844075] udc-core: couldn't find an available UDC or it's busy
[  886.844785] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  886.861125] EXT4-fs (loop3): invalid first ino: 0
23:01:09 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, 0x0)

23:01:10 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b", 0x55, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:01:10 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:01:10 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:10 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[  887.015644] EXT4-fs (loop3): unsupported inode size: 0
[  887.016170] EXT4-fs (loop3): blocksize: 2048
23:01:10 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, 0x0)

23:01:10 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:10 executing program 5:
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000300))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x248e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r0=>0x0})
setsockopt$packet_drop_memb(0xffffffffffffffff, 0x107, 0x2, &(0x7f00000001c0)={r0, 0x1, 0x6, @multicast}, 0x10)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000340)={&(0x7f00000007c0)={0x78, 0x0, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}]}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x3}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x7f}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x93}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x5}]}, 0x78}}, 0x10)
r1 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x80080, 0x0)
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
close(r2)
setsockopt$inet6_int(r2, 0x29, 0x43, &(0x7f0000000380)=0x45, 0x4)
r3 = getpgrp(0x0)
setpriority(0x0, r3, 0x0)
perf_event_open(&(0x7f00000008c0)={0x7, 0x80, 0x7, 0x39, 0x0, 0x1f, 0x0, 0xfffffffffffffff5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x4, 0x1}, 0x3000, 0x1, 0x40, 0x9, 0x0, 0x2, 0x82, 0x0, 0x12, 0x0, 0xab}, r3, 0xd, 0xffffffffffffffff, 0x2)
mount$cgroup(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="e67265657a65722c00"])
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000017c0)={&(0x7f0000000000)={0xa, 0x4e21, 0x0, @loopback}, 0x1c, 0x0}, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000006c0)=ANY=[@ANYBLOB="010600000000001c180000fafaffb436280760754af3d29c3c258f78f366f7134bac626262acbabc7eef72e4d95a22bed820b7b49be3ee1ffccb0384038c7eaa6ce71870223da33b85dc6413a1f35d4d20c7e3c0715f021d1fa30282c92a68ccb99efe46990885fc625ed0fa281ccf4e055a91f08845334720ef6bb2b2746247621b1dd8148e321ba9a9ceafae243fcc0769a25b88088fc4e34089e86a247652984e5452db52a3ee68850f937afdbece2c5ed5a4c4a5a8ef9e9cd3e1ff2ebcb2436bb26934170b33c8ac000831e9e03b535797cfb69400"/230, @ANYRES32, @ANYRESDEC])
fsmount(0xffffffffffffffff, 0x1, 0x71)
ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x8)
pwritev(r1, &(0x7f0000000640)=[{&(0x7f00000000c0)="946356f28815adb9c7b918a4e137cd7400ff6319ce5ba1f2001b6ff6497d7e", 0x1f}, {&(0x7f0000000140)="726b108c02f17c024b516b3d6818db3e2f", 0x11}, {&(0x7f0000000240)="c3afdac2813661e21955945ad19e1b7c6c1485df6b96a47668a852cf95112705e87a12f1b278f33018479e7cce287f328ca60c827fb3632c019087a6ff858d8f854a6d527739b057eb740da584ad10c52b8ae5b98e1a298ab4589bbdb456cc9079dbe9fc329fd15cca48bae0d44be041367bfe886b1bb9a0dc451432e946a1b71fcbd0269399e6ec82e5ca74ac858e9b09b2be5bbb4b564e184ace248882ac7dce251384", 0xa4}, {&(0x7f00000003c0)="43a7bc5dfc17bf498b287080d7badb6fe6b4489aa72f607e87e8141b01ce661ac9b42fee3e4bcfc9ef03c3444ba7b40fb7e5414286dceabf3036021a3a0b27ac99fba983632bfbb2e7d768e5db383448fb479067de1b539f784f56158f0ef9170468ce71850a8c9d86dbc2868a2c34d037ed45bab0a58455868f2b6998857d1827231ad47b6abc61dad620bd091e560ee665c4f7f8b6da81bc710dcf25c276721f6d", 0xa2}, {&(0x7f0000000480)="634c81333e6dd201f6f4843126f7ca79347c50ec06116ae981bbcf5e84699cf583348a41e2afc4a5843ec7850e7646f360c819f302d1150d45139784e2de94349289a4b2474b44066852a83b69f449a73f222eb13b69375ccc0cb40446920d8209b2732f35adc8667efb1eb1ea7ef0329e77eec99ade1e6ed9229a9a9d6fd102ae8d8c650016a66d3ae9ed4d353f89a378c46c983577e0f0cf405fa898d38bc800e5943c9836fce04d2e3d1cfc25a719d72b8c2b621764215c1dd0baf1d67a0b6990880e86f1", 0xc6}, {&(0x7f0000000180)="fd2e908320b6", 0x6}, {&(0x7f0000000580)="febe85dec118a9e719045781a811a22d9a034057e4823c66b5e59c241a3794391702ccd73c2dff67d38c703cd66963c66684aeed0f1a772eb3da3849a42287b8f045e3182f543857d79e86bb519b184ff9bd008cf0d58026313806d7383206ab3973bcf4a0771e786fdfcdadf2141cdffaa5990e5495c0a83f99156a8594ba1f1929fdb59ebb3f19a994b0779ace554fe8593b2022c577f697695ce150c1d9d643ec0b1faafb054f58e8faa45fc47d7eb9254498", 0xb4}], 0x7, 0x100, 0x1e)

23:01:10 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:01:10 executing program 2:
r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:01:10 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:01:10 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:10 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:10 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b", 0x55, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[  887.243531] EXT4-fs (loop3): unsupported inode size: 0
[  887.244058] EXT4-fs (loop3): blocksize: 2048
[  887.249518] cgroup: Unknown subsys name 'æreezer'
[  887.289148] cgroup: Unknown subsys name 'æreezer'
23:01:23 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', 0x0})

23:01:23 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffeffffffff, 0xffffffffffffffff, 0x0)
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x2000003)
r1 = syz_io_uring_setup(0x3ac4, &(0x7f00000002c0)={0x0, 0x62a7}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r4}, 0x0)
ioctl$FIOCLEX(r4, 0x5451)
close(r4)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_setup(0x203, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
syz_io_uring_submit(r6, r7, 0x0, 0x0)
syz_io_uring_submit(r6, 0x0, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x40a4)
copy_file_range(0xffffffffffffffff, &(0x7f0000000180)=0x1, 0xffffffffffffffff, &(0x7f0000000280)=0xa8, 0x9, 0x0)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

23:01:23 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:23 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:01:23 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:01:23 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:01:23 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, 0x0, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:23 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b", 0x55, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[  900.385912] EXT4-fs (loop3): unsupported inode size: 0
[  900.386473] EXT4-fs (loop3): blocksize: 2048
23:01:23 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, 0x0, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:37 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:01:37 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', 0x0})

23:01:37 executing program 5:
openat(0xffffffffffffff9c, 0x0, 0x610002, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = socket$inet(0x2, 0x1, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0)
read(r1, &(0x7f0000000000), 0x1b4000)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @broadcast}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f0000000100)=0x20, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000180)={0x1, 0x0, 0x0, 0xce5})
fcntl$lock(r2, 0x5, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff})
sendto$inet(r2, &(0x7f0000000380)="975c105e268962fe5d946a6a906b9d10705baf3cfa76f84640ad7f2f0147e08b1f3881ba88895a8dbd30d5883333eec2e71cffe33bcf1284df2d8282355e389aaf69b3f30baa8633fed36d886239114e7ae3ffd3813b3a95f95a8f069b1c50b482c8967d7ab22f5f59e08b19a91a8406b4099362b3d64ddbb1cd72e58f1add89592872306af4cd8f3ef4b52f50f623e268a56855b3994d721e917cbeb42e5b87747b0f3c0a5ccc1a2b0b36454e8b0f55fa336ec06560560ef487b01ac75a05e41bf09578530f2f4bd84d948cd1ed03d605b684291586f6614f46aaec8273934a8bfc3059780b09edb2e767aab65cad942a19dd91e8fca2dc644c57242029ee0350cf4a74b7c092e12864864821d9308ad6ba49d63b3777f6e3985de4b2b03dd63e7489f0f3818aa56081bd493fef1c7c0655779201595b54c4685f90ced2cf6405b70344150043b1db92321783e66a2ba4321912eb9ac65e23ca30a238cb41cb0b380bb8bea1869f0f5587c95c64e1c97dc12d58e9eb11d02d5e5f041c7ea5d812867e5c719676727806691e595b1cd81949207e571055c12ec1d07cafa4939fa632990195681767263a4be15802542e99e12b275c5f49d705cee01b5748b2682c89e7aa3d2a48b82998eaa03e2f77e2dcea3895a01349c9e98e89e4b4bfb54449c27ad28f96baed52ada492a77678a8287712982b9389b8e9e7db50d4dc90f46b25628bcff0704112234bcae7aa1498adb23c4ca1bbcee2d2c26fe62acf3c3f0b6ae36ee58f5dead2c0241fd6af89e1b79bd9fa7543d33b95fe681d5ccd92ce10faea9161354e303ba2b5b65a4d9956852a49370791c5807f8df04e7adfd60287b491409c4e9923f28d35c10ed5dcb226ba74052fb7e8c64d8e8488113cef0001fe7bb5e24478cf0002e692370b408cf5116ab92c831a55a0fa899f7d91f6cc42cd3d2c28dd4354959b4932b6c1f20d82a5061b3cd0fd11c1b640e7fda9b6d6f6305ea6da8cbfa2b790e78936db4e6771c0eb9b818a05f9859b7e79ba1cb8d10b4e1ba28a6ea388bd9fbed9dbd8a21de9b2172e6bdc08d97ecf6b59c002feec2338b41df5f7aeb4c4202d29dbe4318b27d9e6c7eb25fe65c9c33e1225ed8f3088432a8f5bd007a730664f40d32ea642f69094f9f5dcf1ad317caca79269f914dee7f551057f318622fda91f7a0962bce7ee8bd38d0311b27d92c6d5e04851ea26d09f01f89a73eee406d61127ab6aacbdd18acc7713447dbc5072e7714cac1a26b0aa6787b95c49470ad8c3782db9f55579917c0f3d983d375f92b56507704643f8567fba6f35f6e7d3120c86e8bd9aff5cdf28c6ee3c661fc63e81fef78dfd458d5ec4bdc3700c66497f9c4bdf73349823894891eb5cec0117940407dbb361edf01c5d31f7fd7e00eebad8d5d7f4d21b2bcc72b2df2fd1498d1b6e7e6e77485083b3ad9683432e14c9b1c45b143198ce4f60107d3eceb383a43b84718e4c5e140e8424f233dd28feb3637d429dcf6b1ac0d9cba3a59af136ba4b03008972ef047062248fafc9445bd50f541d0a12228cf18020e58f371b6efd4e7efc0afdcde249795bc4fe4524d6c85dad80f5e0ff9c621c41bdc67d46b054ec01e164ea7517a0406f5cd5fe173de16f4896fb2e63b6ffaa20ab5bf4f247b02834900afbc9ef400bf2b15d6ed4e0ec16ec03fe5ef5718d305e1180efb584d7218dec5cea444e919c7c775f122ff454874c57daa9b3b8b9938d7ba589bd9bebd290d93adf743313d96b8c0aba5ceee8a9cc104867a97357aa48e04c4d9e78898e386acba4379f5857f550f534c56d92c0d130707cf9ee569fef7d939405e455b0ae6e12eb27c82df53a9c3ce186436b2e725fc0f5be1e00aa05aff82d63c37c2d1d99fa6edbba35626339462d5790f49426dba2a65ca11b9ecd0098894814c72fcf561bf7365a400f75189444fc3b9b2729622e9625a7c8116481c3640fe714db829a0f256943c7f17811c56eadacff94c02f87a6e005ab99354c4e833094ea8802b2900f0c4bab51b09fdde117eff1d0a23ef2c6e3b77b1498f6c30feb66a6c2f63454e984c6108e28f8846ed4bb5be949385609a816d95d148fbbdcce7f673cf99803f4cf6363211a47d8eed1c874ae4abe933035eec490e8a82548f2bc819d0fd4808faba1c9d764b8164335718b9614202766a4937f811ee48c5c538bab14bec8bd6ec2864c1a5cb2eea0fb4e64f2fc8ee147834a52758626f928e39dd870364d1321e3ae3a5ddbfdac762d517e5403f58ecd8a0686a71542691776e5ab62129453ebf7df54c8345144c79e12c58b8ae488b3c585ba518cb4e647c7a1771f99b8af8caa342bed03985eeb62c34a921d1f6a7b3f291c92951dabb6a467f703944aa276aa5167d028e41593de06a33ea60cc5b29cfdcbcc363fd7f84f143d6fccad3cc0a82d30d6d9973ce7e5b3c45442eb155485e6e2514bee75ca1e28a85ccaae23cb20485649bae98ed31aafefb0d3f4c667aace0e83cd753bca3682f0a93f54b95c2076f9b7424517f928ded26da00e32760038d128e8e4a7cbc80d931882710b6cb43530fbf87ef7bb50a712f86b997270277c1ad996013cac3ce620f5cc366e567a9723bd0191e05617cb47a5817eb5bc943b58833e284a4aefb7e0b6bfcf99c56ce25e7cf80b762e8509a67d9283114cd94d7e4446c8e64aacf3c374f99dcfaf7cf27af4eec8966d8b33cfe97f59ad6daaabde319cfbc5c1afdef1682b188e4535758c7fccdb4b034698fb1ede37f1fe18c5ef35d0c16e5ea7a5357395c104fb0cdd0c40e4ca83d434eb3c67d2fa446267713e95589cfb4ccffa8f46ef52107e974dd85b63105d23771ebd698c515403d1cce28b95096cbe670438f1626304d3b2561fbe23aa5753ba285293e7321a9d149c8a92ad06540260cfa0c8a2f5f7b63d11c7fa206d537c8623f6dd51d87ab3828e93448bb45bc53ab8e40c916f8e41d48a9d34206ef00e74b0956ab35f67a3443f270b6627dad3129869577a020d615e5e12bd3b546b7fbc7a4ef5d7e6353e58eb647c618467cab9301d65464ff1d3d32568dbf73468e19810e6bf02dbe553f9cf68011be8f1790b64a30537927b911ce508ba2e4871f2132d33f55db9e5184cbc1da1c235f3c1e9f2fb0db23123e8de6d8d248715880c706c30bf571d75ca80c72f98f5cb124b75ab0ad5208187ef96935e422db6875d0f198cac665acd50a8b4e06d790fc7018b6f2152b32ec8fe54399c0b70ab9c4bc40b42defe2716a0d07d2256fefba3a767f8971f4124f2c3cb45736329e9ee3ab62424e3b4b8497d9d206212e8963871a42f7fc08b74a49bfcd8d74d2e198775752a68b70057d73810e20d6baa5c3927906559d4be6dbc88193df669517d2002b1e5060a65ac790d993087fba2e31f338c4f93d066e253ea7388e65cfa5840b872cc2989feb8c0184fedffffdd34e0a4c8b906b2f670315fea1d8c6a93fb3e0845520a2584ec4f10cc756947e2799360aaf4e3f2c4f77f52faaa3915ac396478ca8f6f8e90c37efd365db1d3ec6d5f340033e02a5d27ccf2bcfbbc1d618b389e7e4495892fceef319a75c5fa3df278373c0182b8c5f49f02c53433ac48c4120d99868dff89a42de0c3446f6dccde0943f0f97ed7a00223237eddbe072182cfd892a360691a85875a340adbcb002435bd34456a1335c437e1ca757bc62346bab08f62980b11df787667de646c569bd8ef79ad1bcb1b042b898f30a1311601aff34fe3f94106d90bd024a4cfa370a58080d252aea9ff5c63b61f602aa868f55fa657822ce4a9e096d57806cd7111551e7b7056d8baf88cfa95a3ed22206dcd4255555d24b9115d13769e1229f3916dce51a1afa98427914dad6fde32a49b4ef94fdbf8e9bad9fa35d73d5e279a9a14031da9e8f4b5de829751229e38a908554ef844e6f2e206427bc6c125fdd70552054402224acc1caa5f0c16a32ff443afe58c6470f6df71ab0cecbee3d6f6e23c86fcff95944031ad8c0c4d5168f68354eb7aaf21b9d5f516cca4eaad76b4d333cd44849d7980eba1751dee924c0882888245d7c0f2d06d0215df95abe3f5d5ea47451fb1b44b3ad9ddccaf04e9d418f3e69dfabc8b19f331a5fb07b287a02cbaa817ebe7023b66f99cd6169708f98d5ee037a4f635626149da00d68173133fa16704d5d742b7584e7c92ae5054fb8b98ca94a5d80dd912d0c50b78b058cc7da6f5d3bbae32e326cde52db4957c7a70b1708036a7b90f31a09fe7def6dad588bb82859f6fc94f9d2ce4a96024bb21f3dacc75ead271f36e9f9be63f229e15dde9f917b14a98e95337a266e34e8f90d3445b4a960d47cfb96cbb2b8180ea126dd71090804862bbd7f1fd0797f7f8833046b4518b6f242504afaac369ff245463e288ecad904c17fdc108899fa6cbd73f0cd14c891a26a84edbd20f92b38d89fbfabfbf475979b7c50d05db14c9572cb9e8f8e1ccadb13def67baa1111f72b6b32236d79779942b1b165423d9c6b9a822fb923abb4b511cc1ed54d0e0f162081ec31b147c0f0a6b27992ba57652479759f951f7666de25497d0c4e37012bcab9764884441c0a429de3d59553b1ae16fcd2d9a44b6b4ef38bc319e09d28338ec20f13242d3e551b86c9456be48089e43cbe861da08cc53733033025db02d96cc7712553dccc38d6a8068343ed361430ce3203e4f74d604aa4667ae40780c4120fea195fcf940916e60071a2a0ab42485616627ec896a033cb50dc93a66be92939733645d39802502a89b01cd61a2a82da9b2dacdd2a072525a7887caae9c7ed12a4450d46ed4e64352aee7e9b2c2a7d039e187232f3e38eb62d1fac4beeac03a683fe4f87661eee2eb7c7408f27915f50a9f9ce5f8514e8942e8ba3fd04f7a8cdbef4017d735cb3cbd360a42632cfae491a009f2d56fe0776e3d78c1505a471d81a03f71a81ab81d2e759d74e85ae7d59e7d018300cdda975a83396107c2ba0e297644852bb8f055325908b5a1db7dc64a0028d7390948b30246952c40bb1bdee432ed37b14b84acc1adc6b0ad0429216542a6fb16da9c9f3a4674acef2c2ec0b2d8f3fafda6b92b772c9562d5f586b2d26e22cca4b24fc20e00eef821e489ad40e4ecc65b52baa0689ab6295e22e0856d63a94e30ab7393a2448141ef00b78616a3c98c186b8ac68afcde6b193d2d5115868fe7e1b5a3a0af0dd968699dd415a74972086c92f910dc5fd991bbb76df0801d9170679a86f292953fdd0817ce79d7938b4a7545684c4a4a725ae69b27ba98ad3bc931fedd1a1790459df5f0b6f6df505f504b4e27a58574188c8aa78600067a810b1e5958a885e916af935a119af7d55598fc94f9f6adafa71228c06adc09bcb100d07cd5b142862ae8a703e49b896615a5e64374704c2deb0c7e885275d7352a54a5949f1b7d869037c36ab0c086ee86e7bbba037adc949bafc6d19bfced4c1ca9afecdf765d163667e60ee2a6a404b1f5b1f56bbc5765bf3600c0285496a2bef492afc5ebd46bf86657f5ef5798c3a17511bd15f4fcd68355a2330c9ba655f33e631c15d02d383d57775b5e2bf3aa828927732404a7c938e41d8e23357cce36fb726fceaf1da59a40504e4a0524e57bcaf08c9d2f8e9462a17fb045782cb2605eebe898c2c4d21520f7646c52ffe881aa9d184230c8ff7af85f9dc1f0d866748f8e843989777f38d7774be2ef40ea72f86c0c3c4324f9f10928a94f1b3a93ba4ee94b1d3bde68ee7861a34d46cb4ad388359cb992e74dc98d15", 0x1000, 0x40010, &(0x7f0000000080)={0x2, 0x4e23, @private=0xa010102}, 0x10)
r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x80800, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="30000000010402d6afd3a8b200e5a0f703697354573a0200000000000800000cb01f3100000608e904010008100340000000000a0002000087e50100cdade9000000"], 0x30}}, 0x4044880)
fallocate(r3, 0x78, 0x9, 0xc000)
unshare(0x48020200)
write$binfmt_elf64(r3, &(0x7f0000001380)={{0x7f, 0x45, 0x4c, 0x46, 0x75, 0x81, 0x0, 0x7f, 0x2, 0x3, 0x6, 0x50, 0x155, 0x40, 0x1eb, 0x80000001, 0x100, 0x38, 0x1, 0x4, 0x3f, 0x8000}, [{0x6474e551, 0x7fff, 0x9, 0xae13, 0x7, 0x1f, 0x4, 0x3}, {0x6, 0x6, 0x6, 0xfffffffffffffffe, 0xa895, 0x80000000, 0x100, 0x7f}], "37f78f4fda43878a4bbb19eba29f3b82b8158f8ee10f2794f5d9ba20605baf230c7b01895106ce57bb0e37b1af34bb03ccd4d400d4c062c6ab545a0a18443ee99526c03105eda88d4d59c9697dc4e4069400aa125b572b67278c697ff9716dc7cb22bad76bb5b84804845f13d606f721b49d211a5cd015128f8ae2194c3ea81cb23b8632c3b64939b8281983e2442372583a", ['\x00', '\x00', '\x00']}, 0x442)
read(0xffffffffffffffff, &(0x7f0000000000), 0x1b4000)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x1e, &(0x7f0000001800)="b027e7275208039e9d9e2a52a5fbec2fee6eeafaa8acac62f5afcf1f0edab1e88e3f1e4085e0b391652526100cb6ddcb47b8512afca4af92a39e641fdd3c75dbe765de1b05791bd5c7f627552494b6ce8569367b914db7f912f2ab9d45e90d2a2cd4975e284ddec53c716718555974c84f239d56cc72a0bdd1f7b23ca3e7b7a980e62f3ac705a380935216092c56bd960ec9120ba05089c290fd981f87feef4e565c5f0e594d802511ece856dcc55fd21d26f235233c3e0d4da708149153e3d6c2f38c97d871ebb90ca32365e40e0b", 0xcf)

23:01:37 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:38 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, 0x0, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:38 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:01:38 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:01:38 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b000000", 0x58, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[  914.986696] EXT4-fs (loop3): unsupported inode size: 0
[  914.987516] EXT4-fs (loop3): blocksize: 2048
23:01:38 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', 0x0})

23:01:38 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:38 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:01:38 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b000000", 0x58, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:01:38 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam})

23:01:38 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:01:38 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:38 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:38 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b000000", 0x58, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:01:38 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[  915.405196] EXT4-fs (loop3): unsupported inode size: 0
[  915.406361] EXT4-fs (loop3): blocksize: 2048
23:01:51 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam})

23:01:51 executing program 5:
openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x2000, 0x42)
keyctl$setperm(0x5, 0x0, 0x200)
openat(0xffffffffffffff9c, 0x0, 0x45e3, 0x18f)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfdef)
fallocate(r1, 0x8, 0x0, 0x8000)
connect$inet6(r1, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
open$dir(&(0x7f00000000c0)='./file0\x00', 0x801, 0x10)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000080)=0x9, 0x4)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x204, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
fcntl$setstatus(r3, 0x4, 0xc00)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendmsg$inet6(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="cf", 0xfffffdef}], 0x1}, 0x10044001)
dup2(r2, r3)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x6ff8, @private2={0xfc, 0x2, '\x00', 0x1}, 0xffffffff}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0)

23:01:51 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b00000000", 0x59, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:01:51 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:51 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:01:51 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[  928.933846] EXT4-fs (loop3): unsupported inode size: 0
[  928.934767] EXT4-fs (loop3): blocksize: 2048
23:01:51 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:52 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)=<r1=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r2, r1, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:01:52 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:52 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam})

23:01:52 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b00000000", 0x59, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:01:52 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:01:52 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[  929.077873] EXT4-fs (loop3): unsupported inode size: 0
[  929.078362] EXT4-fs (loop3): blocksize: 2048
23:01:52 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)=<r1=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r2, r1, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[  929.132519] FAULT_INJECTION: forcing a failure.
[  929.132519] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  929.133561] CPU: 1 PID: 7349 Comm: syz-executor.1 Not tainted 5.10.220 #1
[  929.134076] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  929.134695] Call Trace:
[  929.134927]  dump_stack+0x107/0x167
[  929.135208]  should_fail.cold+0x5/0xa
[  929.135526]  _copy_from_user+0x2e/0x1b0
[  929.135831]  sock_do_ioctl+0x153/0x300
[  929.136152]  ? compat_ifr_data_ioctl+0x180/0x180
[  929.136522]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[  929.136955]  ? __sanitizer_cov_trace_switch+0x45/0x80
[  929.137352]  ? do_vfs_ioctl+0x283/0x10d0
[  929.137666]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[  929.138076]  ? generic_block_fiemap+0x60/0x60
[  929.138456]  ? lock_downgrade+0x6d0/0x6d0
[  929.138805]  sock_ioctl+0x3ea/0x700
[  929.139086]  ? dlci_ioctl_set+0x30/0x30
[  929.139421]  ? selinux_file_ioctl+0xb6/0x270
[  929.139759]  ? dlci_ioctl_set+0x30/0x30
[  929.140094]  __x64_sys_ioctl+0x19a/0x210
[  929.140413]  do_syscall_64+0x33/0x40
[  929.140698]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  929.141087] RIP: 0033:0x7f306b5d7b19
[  929.141372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  929.142869] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  929.143454] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
23:01:52 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 1)

23:01:52 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

[  929.143993] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[  929.144771] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[  929.145307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  929.145888] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
23:02:04 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:02:04 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:02:04 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)=<r1=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r2, r1, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:02:04 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:02:04 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 2)

23:02:04 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:02:04 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b00000000", 0x59, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:02:04 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x66, 0x3, 0x6, 0x6, 0x0, 0x1f, 0x2, 0x18, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x2, @perf_config_ext={0x3f, 0x9}, 0x421a1, 0x1, 0x2, 0x9, 0x848, 0x7ff, 0x9, 0x0, 0x2, 0x0, 0xe4c}, 0x0, 0x10, r0, 0x8)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000340)=ANY=[])
r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0)
read(r1, &(0x7f0000000000), 0x1b4000)
openat(r1, &(0x7f0000000100)='./file0\x00', 0x44000, 0x8a)

[  941.694296] FAULT_INJECTION: forcing a failure.
[  941.694296] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  941.695373] CPU: 0 PID: 7365 Comm: syz-executor.1 Not tainted 5.10.220 #1
[  941.695977] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  941.696703] Call Trace:
[  941.696950]  dump_stack+0x107/0x167
[  941.697276]  should_fail.cold+0x5/0xa
[  941.697616]  _copy_from_user+0x2e/0x1b0
[  941.697985]  dev_ethtool+0x181/0x4b00
[  941.698324]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[  941.698786]  ? ethtool_virtdev_set_link_ksettings+0x180/0x180
[  941.699294]  ? find_held_lock+0x2c/0x110
[  941.699661]  ? lock_acquire+0x197/0x470
[  941.700010]  ? dev_ioctl+0x2ad/0xd30
[  941.700348]  ? lock_release+0x680/0x680
[  941.700699]  ? avc_has_extended_perms+0x7f1/0xf40
[  941.701127]  ? __mutex_lock+0x4fe/0x10b0
[  941.701483]  ? dev_ioctl+0x2ad/0xd30
[  941.701809]  ? lock_acquire+0x197/0x470
[  941.702158]  ? find_held_lock+0x2c/0x110
[  941.702524]  ? mutex_lock_io_nested+0xf30/0xf30
[  941.702942]  ? dev_load+0x7b/0x250
[  941.703254]  ? lock_downgrade+0x6d0/0x6d0
[  941.703628]  ? inet6_release+0x70/0x70
[  941.703973]  ? netdev_name_node_lookup_rcu+0x108/0x150
[  941.704431]  dev_ioctl+0x2b8/0xd30
[  941.704750]  sock_do_ioctl+0x17d/0x300
[  941.705088]  ? compat_ifr_data_ioctl+0x180/0x180
[  941.705504]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[  941.706000]  ? __sanitizer_cov_trace_switch+0x45/0x80
[  941.706442]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[  941.706901]  ? generic_block_fiemap+0x60/0x60
[  941.707290]  ? lock_downgrade+0x6d0/0x6d0
[  941.707653]  sock_ioctl+0x3ea/0x700
[  941.707973]  ? dlci_ioctl_set+0x30/0x30
[  941.708332]  ? selinux_file_ioctl+0xb6/0x270
[  941.708727]  ? dlci_ioctl_set+0x30/0x30
[  941.709078]  __x64_sys_ioctl+0x19a/0x210
[  941.709438]  do_syscall_64+0x33/0x40
[  941.709775]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  941.710231] RIP: 0033:0x7f306b5d7b19
[  941.710557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  941.712157] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  941.712823] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[  941.713440] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[  941.714060] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[  941.714684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  941.715299] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
[  941.728732] EXT4-fs (loop3): unsupported inode size: 0
[  941.729216] EXT4-fs (loop3): blocksize: 2048
23:02:04 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 3)

23:02:04 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[  941.771456] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  941.775743] FAT-fs (loop5): bogus number of reserved sectors
[  941.776897] FAT-fs (loop5): Can't find a valid FAT filesystem
23:02:04 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[  941.832180] FAULT_INJECTION: forcing a failure.
[  941.832180] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  941.833200] CPU: 0 PID: 7383 Comm: syz-executor.1 Not tainted 5.10.220 #1
[  941.833764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  941.834451] Call Trace:
[  941.834681]  dump_stack+0x107/0x167
[  941.834988]  should_fail.cold+0x5/0xa
[  941.835312]  _copy_from_user+0x2e/0x1b0
[  941.835654]  dev_ethtool+0x2b80/0x4b00
[  941.835987]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[  941.836428]  ? ethtool_virtdev_set_link_ksettings+0x180/0x180
[  941.836906]  ? find_held_lock+0x2c/0x110
[  941.837250]  ? lock_acquire+0x197/0x470
[  941.837583]  ? dev_ioctl+0x2ad/0xd30
[  941.837892]  ? lock_release+0x680/0x680
[  941.838224]  ? avc_has_extended_perms+0x7f1/0xf40
[  941.838633]  ? __mutex_lock+0x4fe/0x10b0
[  941.838969]  ? dev_ioctl+0x2ad/0xd30
[  941.839280]  ? lock_acquire+0x197/0x470
[  941.839608]  ? find_held_lock+0x2c/0x110
[  941.839948]  ? mutex_lock_io_nested+0xf30/0xf30
[  941.840336]  ? dev_load+0x7b/0x250
[  941.840636]  ? lock_downgrade+0x6d0/0x6d0
[  941.840978]  ? inet6_release+0x70/0x70
[  941.841303]  ? netdev_name_node_lookup_rcu+0x108/0x150
[  941.841739]  dev_ioctl+0x2b8/0xd30
[  941.842047]  sock_do_ioctl+0x17d/0x300
[  941.842369]  ? compat_ifr_data_ioctl+0x180/0x180
[  941.842771]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[  941.843245]  ? __sanitizer_cov_trace_switch+0x45/0x80
[  941.843667]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[  941.844106]  ? generic_block_fiemap+0x60/0x60
[  941.844484]  ? lock_downgrade+0x6d0/0x6d0
[  941.844823]  sock_ioctl+0x3ea/0x700
[  941.845124]  ? dlci_ioctl_set+0x30/0x30
[  941.845452]  ? selinux_file_ioctl+0xb6/0x270
[  941.845817]  ? dlci_ioctl_set+0x30/0x30
[  941.846143]  __x64_sys_ioctl+0x19a/0x210
[  941.846474]  do_syscall_64+0x33/0x40
[  941.846783]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  941.847201] RIP: 0033:0x7f306b5d7b19
[  941.847502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  941.848997] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  941.849626] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[  941.850212] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[  941.850787] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[  941.851366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  941.851945] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
23:02:04 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:02:04 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:02:04 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:02:04 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[  941.902380] FAT-fs (loop5): Unrecognized mount option "@ª
" or missing value
23:02:05 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 4)

23:02:05 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

[  941.943890] FAULT_INJECTION: forcing a failure.
[  941.943890] name failslab, interval 1, probability 0, space 0, times 1
[  941.944930] CPU: 0 PID: 7395 Comm: syz-executor.1 Not tainted 5.10.220 #1
[  941.945473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  941.946130] Call Trace:
[  941.946352]  dump_stack+0x107/0x167
[  941.946647]  should_fail.cold+0x5/0xa
[  941.946962]  ? __get_vm_area_node+0xd4/0x340
[  941.947320]  should_failslab+0x5/0x20
[  941.947628]  kmem_cache_alloc_node_trace+0x59/0x340
[  941.948035]  __get_vm_area_node+0xd4/0x340
[  941.948392]  __vmalloc_node_range+0x13f/0x9e0
[  941.948761]  ? dev_ethtool+0x2bb8/0x4b00
[  941.949091]  ? dev_ethtool+0x2bb8/0x4b00
[  941.949427]  ? __might_fault+0xd3/0x180
[  941.949765]  ? lock_downgrade+0x6d0/0x6d0
[  941.950100]  ? __vmalloc_node+0x110/0x110
[  941.950439]  ? dev_ethtool+0x2bb8/0x4b00
[  941.950772]  __vmalloc_node+0xb5/0x110
[  941.951100]  ? dev_ethtool+0x2bb8/0x4b00
[  941.951434]  dev_ethtool+0x2bb8/0x4b00
[  941.951763]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[  941.952193]  ? ethtool_virtdev_set_link_ksettings+0x180/0x180
[  941.952674]  ? find_held_lock+0x2c/0x110
[  941.953011]  ? lock_acquire+0x197/0x470
[  941.953334]  ? dev_ioctl+0x2ad/0xd30
[  941.953639]  ? lock_release+0x680/0x680
[  941.953968]  ? avc_has_extended_perms+0x7f1/0xf40
[  941.954367]  ? __mutex_lock+0x4fe/0x10b0
[  941.954699]  ? dev_ioctl+0x2ad/0xd30
[  941.955003]  ? lock_acquire+0x197/0x470
[  941.955329]  ? find_held_lock+0x2c/0x110
[  941.955663]  ? mutex_lock_io_nested+0xf30/0xf30
[  941.956037]  ? dev_load+0x7b/0x250
[  941.956334]  ? lock_downgrade+0x6d0/0x6d0
[  941.956669]  ? inet6_release+0x70/0x70
[  941.956991]  ? netdev_name_node_lookup_rcu+0x108/0x150
[  941.957416]  dev_ioctl+0x2b8/0xd30
[  941.957708]  sock_do_ioctl+0x17d/0x300
[  941.958023]  ? compat_ifr_data_ioctl+0x180/0x180
[  941.958414]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[  941.958876]  ? __sanitizer_cov_trace_switch+0x45/0x80
[  941.959295]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[  941.959715]  ? generic_block_fiemap+0x60/0x60
[  941.960075]  ? lock_downgrade+0x6d0/0x6d0
[  941.960418]  sock_ioctl+0x3ea/0x700
[  941.960710]  ? dlci_ioctl_set+0x30/0x30
[  941.961033]  ? selinux_file_ioctl+0xb6/0x270
[  941.961394]  ? dlci_ioctl_set+0x30/0x30
[  941.961716]  __x64_sys_ioctl+0x19a/0x210
[  941.962044]  do_syscall_64+0x33/0x40
[  941.962344]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  941.962759] RIP: 0033:0x7f306b5d7b19
[  941.963062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  941.964567] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  941.965183] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[  941.965752] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[  941.966330] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[  941.966901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  941.967471] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
[  941.968210] syz-executor.1: vmalloc: allocation failure: 232 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0
[  941.969493] CPU: 0 PID: 7395 Comm: syz-executor.1 Not tainted 5.10.220 #1
[  941.970046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  941.970713] Call Trace:
[  941.970929]  dump_stack+0x107/0x167
[  941.971231]  warn_alloc.cold+0x95/0x18a
[  941.971554]  ? zone_watermark_ok_safe+0x260/0x260
[  941.971950]  ? __get_vm_area_node+0xd4/0x340
[  941.972312]  ? __kasan_kmalloc.constprop.0+0xa2/0xd0
[  941.972733]  ? __get_vm_area_node+0x262/0x340
[  941.973104]  __vmalloc_node_range+0x58f/0x9e0
[  941.973465]  ? dev_ethtool+0x2bb8/0x4b00
[  941.973798]  ? __might_fault+0xd3/0x180
[  941.974122]  ? lock_downgrade+0x6d0/0x6d0
[  941.974471]  ? __vmalloc_node+0x110/0x110
[  941.974815]  ? dev_ethtool+0x2bb8/0x4b00
[  941.975141]  __vmalloc_node+0xb5/0x110
[  941.975455]  ? dev_ethtool+0x2bb8/0x4b00
[  941.975781]  dev_ethtool+0x2bb8/0x4b00
[  941.976102]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[  941.976537]  ? ethtool_virtdev_set_link_ksettings+0x180/0x180
[  941.977005]  ? find_held_lock+0x2c/0x110
[  941.977340]  ? lock_acquire+0x197/0x470
[  941.977662]  ? dev_ioctl+0x2ad/0xd30
[  941.977968]  ? lock_release+0x680/0x680
[  941.978295]  ? avc_has_extended_perms+0x7f1/0xf40
[  941.978694]  ? __mutex_lock+0x4fe/0x10b0
[  941.979019]  ? dev_ioctl+0x2ad/0xd30
[  941.979319]  ? lock_acquire+0x197/0x470
[  941.979634]  ? find_held_lock+0x2c/0x110
[  941.979966]  ? mutex_lock_io_nested+0xf30/0xf30
[  941.980345]  ? dev_load+0x7b/0x250
[  941.980636]  ? lock_downgrade+0x6d0/0x6d0
[  941.980974]  ? inet6_release+0x70/0x70
[  941.981294]  ? netdev_name_node_lookup_rcu+0x108/0x150
[  941.981723]  dev_ioctl+0x2b8/0xd30
[  941.982013]  sock_do_ioctl+0x17d/0x300
[  941.982326]  ? compat_ifr_data_ioctl+0x180/0x180
[  941.982712]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[  941.983179]  ? __sanitizer_cov_trace_switch+0x45/0x80
[  941.983597]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[  941.984017]  ? generic_block_fiemap+0x60/0x60
[  941.984387]  ? lock_downgrade+0x6d0/0x6d0
[  941.984723]  sock_ioctl+0x3ea/0x700
[  941.985018]  ? dlci_ioctl_set+0x30/0x30
[  941.985345]  ? selinux_file_ioctl+0xb6/0x270
[  941.985701]  ? dlci_ioctl_set+0x30/0x30
[  941.986023]  __x64_sys_ioctl+0x19a/0x210
[  941.986358]  do_syscall_64+0x33/0x40
[  941.986658]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  941.987074] RIP: 0033:0x7f306b5d7b19
[  941.987375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  941.988861] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  941.989476] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[  941.990051] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[  941.990639] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[  941.991212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  941.991784] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
[  941.992402] Mem-Info:
[  941.992632] active_anon:57 inactive_anon:66211 isolated_anon:0
[  941.992632]  active_file:9058 inactive_file:50289 isolated_file:0
[  941.992632]  unevictable:0 dirty:172 writeback:0
[  941.992632]  slab_reclaimable:8216 slab_unreclaimable:62582
[  941.992632]  mapped:81201 shmem:379 pagetables:1598 bounce:0
[  941.992632]  free:137805 free_pcp:433 free_cma:0
[  941.995181] Node 0 active_anon:228kB inactive_anon:264844kB active_file:36232kB inactive_file:201156kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:324804kB dirty:688kB writeback:0kB shmem:1516kB writeback_tmp:0kB kernel_stack:4608kB all_unreclaimable? no
[  941.997079] Node 0 DMA free:15908kB min:48kB low:60kB high:72kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  941.999177] lowmem_reserve[]: 0 1616 1616 1616
[  941.999587] Node 0 DMA32 free:535312kB min:5116kB low:6768kB high:8420kB reserved_highatomic:0KB active_anon:228kB inactive_anon:264844kB active_file:36232kB inactive_file:201156kB unevictable:0kB writepending:760kB present:2080640kB managed:1660468kB mlocked:0kB pagetables:6392kB bounce:0kB free_pcp:1720kB local_pcp:1364kB free_cma:0kB
[  942.001979] lowmem_reserve[]: 0 0 0 0
[  942.002306] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[  942.003513] Node 0 DMA32: 32*4kB (ME) 226*8kB (UME) 87*16kB (UME) 13*32kB (ME) 56*64kB (UME) 24*128kB (UM) 8*256kB (UM) 9*512kB (UME) 4*1024kB (UME) 3*2048kB (UME) 124*4096kB (M) = 535200kB
[  942.005052] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  942.005747] 22141 total pagecache pages
[  942.006076] 0 pages in swap cache
[  942.006358] Swap cache stats: add 0, delete 0, find 0/0
[  942.006807] Free swap  = 0kB
[  942.007055] Total swap = 0kB
[  942.007311] 524158 pages RAM
[  942.007568] 0 pages HighMem/MovableOnly
[  942.007888] 105064 pages reserved
[  942.063499] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
23:02:19 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:02:19 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:02:19 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:02:19 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:02:19 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x3000004, 0x4010, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x1, 0x0, r0, 0x80, &(0x7f0000000140)=@l2={0x1f, 0x1f, @none, 0xbe8, 0x1}}, 0x4)
connect$inet6(r0, &(0x7f0000000600)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000ec0)=[{{&(0x7f0000000100)={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @private}}, 0x1c, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="141b65fa5ba407901375ca07ba165faa5dd2b132f1f300000000ba7355"], 0x18}}], 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x80000000, @private2={0xfc, 0x2, '\x00', 0x1}, 0x1}, 0x1c)

23:02:19 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x0, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:02:19 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 5)

23:02:19 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[  956.336083] FAULT_INJECTION: forcing a failure.
[  956.336083] name failslab, interval 1, probability 0, space 0, times 0
[  956.337793] CPU: 1 PID: 7428 Comm: syz-executor.1 Not tainted 5.10.220 #1
[  956.338871] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  956.340055] Call Trace:
[  956.340445]  dump_stack+0x107/0x167
[  956.340996]  should_fail.cold+0x5/0xa
[  956.341549]  ? create_object.isra.0+0x3a/0xa20
[  956.342219]  should_failslab+0x5/0x20
[  956.342777]  kmem_cache_alloc+0x5b/0x310
[  956.343376]  create_object.isra.0+0x3a/0xa20
[  956.344016]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  956.344777]  kmem_cache_alloc_node_trace+0x16d/0x340
[  956.345522]  __get_vm_area_node+0xd4/0x340
[  956.346146]  __vmalloc_node_range+0x13f/0x9e0
[  956.346799]  ? dev_ethtool+0x2bb8/0x4b00
[  956.347389]  ? dev_ethtool+0x2bb8/0x4b00
[  956.347980]  ? __might_fault+0xd3/0x180
[  956.348567]  ? lock_downgrade+0x6d0/0x6d0
[  956.349168]  ? __vmalloc_node+0x110/0x110
[  956.349787]  ? dev_ethtool+0x2bb8/0x4b00
[  956.350375]  __vmalloc_node+0xb5/0x110
[  956.350938]  ? dev_ethtool+0x2bb8/0x4b00
[  956.351534]  dev_ethtool+0x2bb8/0x4b00
[  956.352101]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[  956.352876]  ? ethtool_virtdev_set_link_ksettings+0x180/0x180
[  956.353717]  ? find_held_lock+0x2c/0x110
[  956.354317]  ? lock_acquire+0x197/0x470
[  956.354890]  ? dev_ioctl+0x2ad/0xd30
[  956.355435]  ? lock_release+0x680/0x680
[  956.356016]  ? avc_has_extended_perms+0x7f1/0xf40
[  956.356738]  ? __mutex_lock+0x4fe/0x10b0
[  956.357324]  ? dev_ioctl+0x2ad/0xd30
[  956.357867]  ? lock_acquire+0x197/0x470
[  956.358440]  ? find_held_lock+0x2c/0x110
[  956.359026]  ? mutex_lock_io_nested+0xf30/0xf30
[  956.359695]  ? dev_load+0x7b/0x250
[  956.360205]  ? lock_downgrade+0x6d0/0x6d0
[  956.360816]  ? inet6_release+0x70/0x70
[  956.361385]  ? netdev_name_node_lookup_rcu+0x108/0x150
[  956.362147]  dev_ioctl+0x2b8/0xd30
[  956.362663]  sock_do_ioctl+0x17d/0x300
[  956.363219]  ? compat_ifr_data_ioctl+0x180/0x180
[  956.363905]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[  956.364745]  ? __sanitizer_cov_trace_switch+0x45/0x80
[  956.365495]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[  956.366246]  ? generic_block_fiemap+0x60/0x60
[  956.366887]  ? lock_downgrade+0x6d0/0x6d0
[  956.367491]  sock_ioctl+0x3ea/0x700
[  956.368017]  ? dlci_ioctl_set+0x30/0x30
[  956.368603]  ? selinux_file_ioctl+0xb6/0x270
[  956.369246]  ? dlci_ioctl_set+0x30/0x30
[  956.369825]  __x64_sys_ioctl+0x19a/0x210
[  956.370419]  do_syscall_64+0x33/0x40
[  956.370961]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  956.371703] RIP: 0033:0x7f306b5d7b19
[  956.372241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  956.372604] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  956.374835] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  956.376843] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[  956.377858] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[  956.378877] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[  956.379889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  956.380913] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
23:02:19 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:02:19 executing program 5:
mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000200)=@x25, 0x80, 0x0, 0x0, &(0x7f0000000140)=""/23, 0x17}, 0x40012142)
r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x1ed982, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r2, 0x4b40, 0x0)
fsetxattr$trusted_overlay_opaque(r2, &(0x7f00000001c0), &(0x7f0000000380), 0x2, 0x2)
r3 = syz_open_dev$loop(&(0x7f0000000080), 0x0, 0x48042)
ioctl$LOOP_SET_FD(r3, 0x4c00, r1)
sendmsg$unix(r1, &(0x7f0000000440)={&(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000000280)=[{&(0x7f0000000540)="dc82d98e48ee3484652e64c325399ac4cb57893d7845ece86534523aa0330425b256f2a43524c49f4052c7cbbf9044939819cb77969c9f984a247ae87cd95634d2ad97436f3c001da10821a95d9b6e9cf3eac05bb4e0cc3fc8e47a13156c5211ef94479a555c1d88bc0015a3278d0cc5f02de264f826f2deac304a886a9f007db529f39d028c5c0b839446f0fa60a7a3de58009035caa0207ac3aeea8f5915f66c7859f66869da08ad449d6d149b1b85355abbf1ee5939e068fd3ddf90c5964eae21e7f2c557e5814381cb67113c7ade", 0xfd}], 0x1, 0x0, 0x0, 0x80}, 0x20044000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x20, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x22, 0x1, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x100, 0xb91})
sendmsg$nl_generic(r0, 0x0, 0x40010)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$SCSI_IOCTL_PROBE_HOST(r0, 0x5385, &(0x7f00000003c0))
openat(r0, &(0x7f0000000100)='./file0\x00', 0x200, 0x168)
r4 = syz_open_dev$loop(&(0x7f0000000180), 0x0, 0x100)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0)
ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, &(0x7f0000000000))
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000340)=ANY=[@ANYRES64, @ANYRES32=r5, @ANYRESOCT=r4])

23:02:19 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:02:19 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 6)

23:02:19 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x0, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:02:19 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, 0x0)
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:02:19 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:02:19 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[  956.632516] FAULT_INJECTION: forcing a failure.
[  956.632516] name failslab, interval 1, probability 0, space 0, times 0
[  956.634672] CPU: 0 PID: 7451 Comm: syz-executor.1 Not tainted 5.10.220 #1
[  956.635633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  956.636811] Call Trace:
[  956.637196]  dump_stack+0x107/0x167
[  956.637722]  should_fail.cold+0x5/0xa
[  956.638268]  ? alloc_vmap_area+0x148/0x1d10
[  956.638886]  should_failslab+0x5/0x20
[  956.639429]  kmem_cache_alloc_node+0x55/0x330
[  956.640071]  alloc_vmap_area+0x148/0x1d10
[  956.640668]  ? kmem_cache_alloc_node_trace+0x16d/0x340
[  956.641420]  ? mark_held_locks+0x9e/0xe0
[  956.642007]  ? purge_vmap_area_lazy+0xc0/0xc0
[  956.642661]  ? kasan_unpoison_shadow+0x33/0x50
[  956.643312]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  956.644038]  __get_vm_area_node+0x127/0x340
[  956.644665]  __vmalloc_node_range+0x13f/0x9e0
[  956.645310]  ? dev_ethtool+0x2bb8/0x4b00
[  956.645889]  ? dev_ethtool+0x2bb8/0x4b00
[  956.646470]  ? __might_fault+0xd3/0x180
[  956.647041]  ? lock_downgrade+0x6d0/0x6d0
[  956.647636]  ? __vmalloc_node+0x110/0x110
[  956.648237]  ? dev_ethtool+0x2bb8/0x4b00
[  956.648817]  __vmalloc_node+0xb5/0x110
[  956.649371]  ? dev_ethtool+0x2bb8/0x4b00
[  956.649950]  dev_ethtool+0x2bb8/0x4b00
[  956.650508]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[  956.651248]  ? ethtool_virtdev_set_link_ksettings+0x180/0x180
[  956.652067]  ? find_held_lock+0x2c/0x110
[  956.652659]  ? lock_acquire+0x197/0x470
[  956.653213]  ? dev_ioctl+0x2ad/0xd30
[  956.653745]  ? lock_release+0x680/0x680
[  956.654318]  ? avc_has_extended_perms+0x7f1/0xf40
[  956.655009]  ? __mutex_lock+0x4fe/0x10b0
[  956.655580]  ? dev_ioctl+0x2ad/0xd30
[  956.656101]  ? lock_acquire+0x197/0x470
[  956.656665]  ? find_held_lock+0x2c/0x110
[  956.657241]  ? mutex_lock_io_nested+0xf30/0xf30
[  956.657895]  ? dev_load+0x7b/0x250
[  956.658394]  ? lock_downgrade+0x6d0/0x6d0
[  956.658981]  ? inet6_release+0x70/0x70
[  956.659537]  ? netdev_name_node_lookup_rcu+0x108/0x150
[  956.660282]  dev_ioctl+0x2b8/0xd30
[  956.660797]  sock_do_ioctl+0x17d/0x300
[  956.661341]  ? compat_ifr_data_ioctl+0x180/0x180
[  956.662008]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[  956.662809]  ? __sanitizer_cov_trace_switch+0x45/0x80
[  956.663540]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[  956.664273]  ? generic_block_fiemap+0x60/0x60
[  956.664914]  ? lock_downgrade+0x6d0/0x6d0
[  956.665508]  sock_ioctl+0x3ea/0x700
[  956.666025]  ? dlci_ioctl_set+0x30/0x30
[  956.666599]  ? selinux_file_ioctl+0xb6/0x270
[  956.667235]  ? dlci_ioctl_set+0x30/0x30
[  956.667808]  __x64_sys_ioctl+0x19a/0x210
[  956.668392]  do_syscall_64+0x33/0x40
[  956.668926]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  956.669653] RIP: 0033:0x7f306b5d7b19
[  956.670184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  956.672794] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  956.673857] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[  956.674849] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[  956.675838] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[  956.676812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  956.677759] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
[  956.678818] syz-executor.1: vmalloc: allocation failure: 232 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0
[  956.680700] CPU: 0 PID: 7451 Comm: syz-executor.1 Not tainted 5.10.220 #1
[  956.680708] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  956.680713] Call Trace:
[  956.680729]  dump_stack+0x107/0x167
[  956.680748]  warn_alloc.cold+0x95/0x18a
[  956.680768]  ? zone_watermark_ok_safe+0x260/0x260
[  956.680785]  ? slab_free_freelist_hook+0xa9/0x180
[  956.680804]  ? __get_vm_area_node+0x2cf/0x340
[  956.680823]  ? kasan_unpoison_shadow+0x33/0x50
[  956.680847]  ? __get_vm_area_node+0x262/0x340
[  956.680872]  __vmalloc_node_range+0x58f/0x9e0
[  956.680889]  ? dev_ethtool+0x2bb8/0x4b00
[  956.680917]  ? __might_fault+0xd3/0x180
[  956.680933]  ? lock_downgrade+0x6d0/0x6d0
[  956.680950]  ? __vmalloc_node+0x110/0x110
[  956.680977]  ? dev_ethtool+0x2bb8/0x4b00
[  956.680992]  __vmalloc_node+0xb5/0x110
[  956.681008]  ? dev_ethtool+0x2bb8/0x4b00
[  956.681028]  dev_ethtool+0x2bb8/0x4b00
[  956.681051]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[  956.681070]  ? ethtool_virtdev_set_link_ksettings+0x180/0x180
[  956.681084]  ? find_held_lock+0x2c/0x110
[  956.681112]  ? lock_acquire+0x197/0x470
[  956.681125]  ? dev_ioctl+0x2ad/0xd30
[  956.681145]  ? lock_release+0x680/0x680
[  956.681167]  ? avc_has_extended_perms+0x7f1/0xf40
[  956.681198]  ? __mutex_lock+0x4fe/0x10b0
[  956.681214]  ? dev_ioctl+0x2ad/0xd30
[  956.681230]  ? lock_acquire+0x197/0x470
[  956.681245]  ? find_held_lock+0x2c/0x110
[  956.681263]  ? mutex_lock_io_nested+0xf30/0xf30
[  956.681279]  ? dev_load+0x7b/0x250
[  956.681295]  ? lock_downgrade+0x6d0/0x6d0
[  956.681311]  ? inet6_release+0x70/0x70
[  956.681334]  ? netdev_name_node_lookup_rcu+0x108/0x150
[  956.681358]  dev_ioctl+0x2b8/0xd30
[  956.681377]  sock_do_ioctl+0x17d/0x300
[  956.681392]  ? compat_ifr_data_ioctl+0x180/0x180
[  956.681412]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[  956.681427]  ? __sanitizer_cov_trace_switch+0x45/0x80
[  956.681446]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[  956.681462]  ? generic_block_fiemap+0x60/0x60
[  956.681477]  ? lock_downgrade+0x6d0/0x6d0
[  956.681499]  sock_ioctl+0x3ea/0x700
[  956.681515]  ? dlci_ioctl_set+0x30/0x30
[  956.681543]  ? selinux_file_ioctl+0xb6/0x270
[  956.681563]  ? dlci_ioctl_set+0x30/0x30
[  956.681581]  __x64_sys_ioctl+0x19a/0x210
[  956.681599]  do_syscall_64+0x33/0x40
[  956.681623]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  956.681633] RIP: 0033:0x7f306b5d7b19
[  956.681648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  956.714093] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  956.715126] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[  956.716091] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[  956.717050] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[  956.718004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  956.718960] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
[  956.719971] Mem-Info:
[  956.720331] active_anon:57 inactive_anon:65514 isolated_anon:0
[  956.720331]  active_file:9061 inactive_file:50576 isolated_file:0
[  956.720331]  unevictable:0 dirty:365 writeback:0
[  956.720331]  slab_reclaimable:8222 slab_unreclaimable:62621
[  956.720331]  mapped:81227 shmem:379 pagetables:1599 bounce:0
[  956.720331]  free:140738 free_pcp:578 free_cma:0
[  956.724637] Node 0 active_anon:228kB inactive_anon:262056kB active_file:36244kB inactive_file:202304kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:324908kB dirty:1460kB writeback:0kB shmem:1516kB writeback_tmp:0kB kernel_stack:4576kB all_unreclaimable? no
[  956.727822] Node 0 DMA free:15908kB min:48kB low:60kB high:72kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  956.731357] lowmem_reserve[]: 0 1616 1616 1616
[  956.732039] Node 0 DMA32 free:546852kB min:5116kB low:6768kB high:8420kB reserved_highatomic:0KB active_anon:228kB inactive_anon:262056kB active_file:36244kB inactive_file:202304kB unevictable:0kB writepending:1540kB present:2080640kB managed:1660468kB mlocked:0kB pagetables:6396kB bounce:0kB free_pcp:2236kB local_pcp:756kB free_cma:0kB
[  956.736009] lowmem_reserve[]: 0 0 0 0
[  956.736617] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[  956.738570] Node 0 DMA32: 289*4kB (M) 218*8kB (UM) 239*16kB (UME) 45*32kB (UME) 19*64kB (UME) 11*128kB (UM) 6*256kB (UME) 8*512kB (UM) 4*1024kB (UME) 5*2048kB (UME) 126*4096kB (UM) = 546852kB
[  956.741052] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  956.742213] 22193 total pagecache pages
[  956.742766] 0 pages in swap cache
[  956.743224] Swap cache stats: add 0, delete 0, find 0/0
[  956.743976] Free swap  = 0kB
[  956.744417] Total swap = 0kB
[  956.744865] 524158 pages RAM
[  956.745272] 0 pages HighMem/MovableOnly
[  956.745827] 105064 pages reserved
23:02:19 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:02:19 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:02:19 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:02:19 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:02:20 executing program 5:
r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r3, 0x4b40, 0x0)
ioctl$FIBMAP(r3, 0x1, &(0x7f0000000200)=0x7fb)
r4 = fsopen(&(0x7f0000000080)='cpuset\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000300)=ANY=[@ANYBLOB="54e55d8a31e5e16f07fa9540e7199253d83bbc8f4ca6497b723a13a4e7403b9267a87f7d4a047ade846c8328e65fb9b7c491c7b9e8f7bed842dc220db922b854848d2037480435e295cbd1a482ed58935773a4197ec76d48cc0de9504e2e3f40ab6b28ec3ddcfa7477a64d1a549c65c3d871567c331f12c119c15f10cb53e6023f8f8a1c61bb8e8e2399f67f0d4cb35586026a128835876769a2e1cf65b7c67a67cfc7853c48fdfe44e37cdc86ff9bcf9c8586c3bf9c38dba4e9b5613a7761a621f1abeca4f6478e1c140171d65b6bbada9bd8254cdbe009d1824c2e483862ab476b00880700b95b8f", @ANYRESHEX=r1, @ANYRESHEX=r0, @ANYRESDEC=r4, @ANYRES16=r1, @ANYRES32=r2])
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x248e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
flock(r5, 0x6)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x4, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x14e6}, 0x40002, 0x0, 0x0, 0x4, 0x5, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x916f0e0b00d1ab96)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000240)=0x67bb, 0x4)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f0000000100)={0x101, 0x0, 0x0, 'queue0\x00'})
unshare(0x48020200)

[  957.188091] scsi_io_completion_action: 58 callbacks suppressed
[  957.188126] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_SENSE cmd_age=0s
[  957.189928] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[  957.190611] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[  957.191255] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 07 ff c0 00 00 02 00
[  957.192027] print_req_error: 1725 callbacks suppressed
[  957.192040] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  957.193676] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  957.196651] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.197670] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  957.199264] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  957.199324] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.200367] buffer_io_error: 2214 callbacks suppressed
[  957.200375] Buffer I/O error on dev loop0, logical block 2096896, async page read
[  957.201144] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  957.204269] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  957.204328] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.205338] Buffer I/O error on dev loop0, logical block 2096897, async page read
[  957.206129] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  957.208399] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  957.208783] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.209477] Buffer I/O error on dev loop0, logical block 2096898, async page read
[  957.210260] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  957.212567] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  957.212629] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.213623] Buffer I/O error on dev loop0, logical block 2096899, async page read
[  957.215716] Buffer I/O error on dev loop0, logical block 2096900, async page read
[  957.215783] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.217309] Buffer I/O error on dev loop0, logical block 2096901, async page read
[  957.217371] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.218986] Buffer I/O error on dev loop0, logical block 2096902, async page read
[  957.219048] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.220612] Buffer I/O error on dev loop0, logical block 2096903, async page read
[  957.422179] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.423124] Buffer I/O error on dev loop0, logical block 2096896, async page read
[  957.429612] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.430485] Buffer I/O error on dev loop0, logical block 2096897, async page read
[  957.431890] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.433024] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.434171] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.435297] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.436413] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.437597] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.514585] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.516779] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.517794] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.519288] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.520966] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.525053] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.526071] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  957.527624] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:02:34 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 7)

23:02:34 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, 0x0)
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:02:34 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[  971.216160] FAULT_INJECTION: forcing a failure.
[  971.216160] name failslab, interval 1, probability 0, space 0, times 0
[  971.217909] CPU: 1 PID: 7483 Comm: syz-executor.1 Not tainted 5.10.220 #1
[  971.218915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  971.220125] Call Trace:
[  971.220519]  dump_stack+0x107/0x167
[  971.221073]  should_fail.cold+0x5/0xa
[  971.221641]  ? create_object.isra.0+0x3a/0xa20
[  971.222318]  should_failslab+0x5/0x20
[  971.222879]  kmem_cache_alloc+0x5b/0x310
[  971.223478]  ? sock_do_ioctl+0x17d/0x300
[  971.224080]  ? sock_ioctl+0x3ea/0x700
[  971.224650]  create_object.isra.0+0x3a/0xa20
[  971.225323]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  971.226079]  kmem_cache_alloc_node+0x169/0x330
[  971.226766]  alloc_vmap_area+0x148/0x1d10
[  971.227380]  ? kmem_cache_alloc_node_trace+0x16d/0x340
[  971.228159]  ? mark_held_locks+0x9e/0xe0
[  971.228782]  ? purge_vmap_area_lazy+0xc0/0xc0
[  971.229449]  ? kasan_unpoison_shadow+0x33/0x50
[  971.230125]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  971.230881]  __get_vm_area_node+0x127/0x340
[  971.231525]  __vmalloc_node_range+0x13f/0x9e0
[  971.232189]  ? dev_ethtool+0x2bb8/0x4b00
[  971.232812]  ? dev_ethtool+0x2bb8/0x4b00
[  971.233426]  ? __might_fault+0xd3/0x180
[  971.233444]  ? lock_downgrade+0x6d0/0x6d0
[  971.233463]  ? __vmalloc_node+0x110/0x110
[  971.233492]  ? dev_ethtool+0x2bb8/0x4b00
[  971.233508]  __vmalloc_node+0xb5/0x110
[  971.233525]  ? dev_ethtool+0x2bb8/0x4b00
[  971.233547]  dev_ethtool+0x2bb8/0x4b00
[  971.233572]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[  971.233592]  ? ethtool_virtdev_set_link_ksettings+0x180/0x180
[  971.233607]  ? find_held_lock+0x2c/0x110
[  971.233637]  ? lock_acquire+0x197/0x470
23:02:34 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x0, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:02:34 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:02:34 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:02:34 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:02:34 executing program 5:
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)
listen(r0, 0x0)
ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b40, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r1, 0x4b40, 0x0)
syz_open_dev$hiddev(&(0x7f00000014c0), 0x80000000, 0x14000)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r2, 0x4b40, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r3, 0x4b40, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r4, 0x4b40, 0x0)
[  971.233651]  ? dev_ioctl+0x2ad/0xd30
[  971.233673]  ? lock_release+0x680/0x680
[  971.233697]  ? avc_has_extended_perms+0x7f1/0xf40
[  971.233731]  ? __mutex_lock+0x4fe/0x10b0
[  971.233748]  ? dev_ioctl+0x2ad/0xd30
[  971.233765]  ? lock_acquire+0x197/0x470
[  971.233781]  ? find_held_lock+0x2c/0x110
[  971.233800]  ? mutex_lock_io_nested+0xf30/0xf30
sendmsg$unix(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000100)="5105bda1ae6e328dce4947096a65b55a087ecac10f2e90e09a2f02d8c28d1387dd2e065fbbc43be35685449e8c3068a4c3b0426c445cc8ca936855af1a63e59fa4bba6b6ee878551cfb744fd1cf441f89f74b158f17967dcdff49d97938d7b00c1e671029529135d821360a96d84bbd1e4206f1ec6be964f870103410cec46cdd43ade155899ce943c269ea864f6d2d9247c21ca38319df34e81ea4b66fdfa3c01e51a3da5772c902d2377069c848928047ec5ca28474e1c8131ab15c579a4f1ad470e842c11bbe856df0a6cfac3dfabfe032beac76c1fc82c5bc571f2c74aeee121c81d09d593b70269820b1f6a586e4e430892d8aca970fc55", 0xfa}, {&(0x7f0000000200)="ce2dfff7a9d675adb709c869187899a4f142fb3c54595ce135aa6a1580a84cb4a37f3395fe7bf09f5291cab589c33b351ca2ffdaf8cb9a648e449570131b1bf55e7719a72ba63ae0c058bf82696a28bf", 0x50}, {&(0x7f0000000280)="d4e488d75d3802f78ce35c2b3d5786a8a11ef1fc5d6b57eb49631d84f74d453f91889f59f954", 0x26}, {&(0x7f00000002c0)="a5211acc26d83f5e0558b823fba02c1a58a6862e65809e4179535cdcc6e19aa22577ecd6a4377d444c685fa632a5159a9b9b3fe7ccc1d3ae5862", 0x3a}, {&(0x7f00000004c0)="3846518d3443598386c8b78e9a2686b7d671b577b1b96179ce2bf4185996bab379248a37af7023c13d467ac5896833c46a63aba8374b708e97e77467e587b941b138a1b8cabc8380117960f930ad881f3bc585fec6f25cbb88b8cdf484714ed303e4a873eafbe6d23a7a5ee89bc45c6aea722371104322ee605c7d7ebbc445c0dc976517fc81ca2ac8324bc4c90b794bb878c30e97b0e2e0a115386d0ccb9dd3edac5fb6636035d490e82c918536458fc5d140d3ecc691f3b28f266ce0012bee4cf21a4c3bdf110ad4236e98e85b1e353858db7e44ae4b34ca9cefa1719c14ebc634947008c0e91404255ae72f42e36218b152e62393e1189cd6f2f5a559d90d0f850938332fcc63cc82b91f5af7767014bb59b236a1c815556be827ad61e41d065e73b9b8bea6a847a365d22db2308848b54b29e01366f59a62c39c90c199d0b8b8e596f39e496bca98cc8ea48affe5d2de5b19be67400ca816f725c458f4d73cbcf730138c6b01ad3600dc79b18309bb5ac4b3dfe4bec57d387e8ad363307b3216cde9e2030a6ddc417e459cc49ad978de00e7231bec239916755357a1b823bbb5cdde0fe77e10e099be0ee3ba83a69b57c5d750075278d0cd3c85ed676cf0fadb52e91fa06a1026488da25c8053bcb8027cde8770fbb40aaf1b39324cea63cba86cf699390dc24e72c796dc515d6dab499dff98c856803bd809e2bf8c7ae65aa494ae1160eb67c13ef5e4f203c530f959e827bc2a7c11a35d0b5979544b78c64e607bcd03c8a054b47040dfd15c854920b61940e7232647881cb92f0a781223eadbc216b7b79e73deaf2bfc37f43ee5525481d5db6a0b3e78f12edc0142372b236b8f5c17ebc7d460a5924c4b0fcb48f233a9e97506392ca14e5a733364fc2e4692732303a6fc0cf8fe07f206279bdfdebf05345391a15451a963cd55064b111996cba3a79bfe9df910a600e0c1f3e841b394d06ca307c8ad8d4380318d878b44caafd236da8cf32fb5d8494ad157621d4c622c418eca6da3c74867a2402f531d197860529bc4e65573e445ab98a2db8eb703a77b19afd786dfd46279254a1a0bff0060ce9ce768676a8f19041c40b79a778075a2539df6e8aad5e51df1122314a52306cd35503411f6f4b4988984d1a1cda42a1838923d4456e1ddf4bd23b9de90bfd929fc284ba1704cfb136d90c375d0fe55f7cf547466d45485d54504c3ef8b87b0a13e368ef7984b26537157f285d5a231242c4032bd8753f331681629bbacec67901d4ddd92747c0ca3bcadb1797072878af9405ecf958fc98cd7df54c474b2a37ebf5c3a21df4eeecc3bd82a6d325433e4b34415951fd5fef5b7fdb0e071c7203b6d503dc98907f4033a48e150f8a99490fc58c571b9883b79c6036d2f072f6637ae6b0bebe9630d017bb80e54043d934d7534da5ca8cb86fdce5457a96dc6ea258cf9489695c28ee620c1a1dfe24f08b2466cb4a5ec57f686f5161c09839721dfb37ae5848a065638d9aa149ff22c9302813f00504b28419ffb542c3d9866dd37da860505db32333b62696c56de298730aa370155842fd876f9c7355823e15f405f9092694ac6584b063e5dab1747b12db3e1949950129f72cc37a65201a2a6fac581f5a2fe662450b6b236e0d5ecd48bb664d6f94ba38784b5df978d3c872a3e286c1f0dfb92c7bdcabd32a8464a8e0e89fdd52c4fbb4f300367fc96fd8f6c1eab88a4ba276c200ec0fff0e48a5b3c277599f28c23fd3b5900698f74c41bad3b8c0851c479ac8f6314a5e22c343c83f7d903bcb44eb6b8134d8cd2a41fa8e42f4c122eeb02a9ab47f1b7950b3d3e338e2d55a7d6d915f41b6dab066c8fb586e23f399b6a7e35a2c7dd5734686bb0d9b0a9201dadccf2a896682cc72e17527e2fc66894733490d4d942d7e3e4403fe2f7e6b10de4d93dac59857c746c573ef72317139f6be49e34f5b7b062acd99983b3de55793d3f2fe3495d295202cf1d15e67ee8f28a8d05aa29f69dd873f72bbade8d03c54b84dc5be2746f91c7a0ae15d1b30205464547b6f4157955678b917ef9929dd2f46180670cc28eadbe2ff7ebcd4518f56d78760ec088f6edd1392eb4995fdd462b0d1b9d8924eabb9cd0f1eb5a74522b66082fa0f706b1e200e74ba6a67bebd8e65342386643686a56dfd8ba425414249b023c82f4ec78fa05f9528c987361a74ec0019e6245a19807d25e79a0df6a1e31ddcd182f644ffcfe162446823b04ab55f2b9af68ca4b863b98d1e8881cb50c0610daf4244f7681cc6baba0f364a1c43c3eba8ea32d998051ab2b646ef12e47a2a76823cc1a275c57bc60f13e90ccb88cc3da24290cd3b9e644fb79372dc4d903439568bdf372c8452f632097267e383eb3cea4a57e23da71d9d56295659208a07db817bd4be0c66ff127dfc008b4578a761ebeafbb4ad27948ebd2dd8a24061dbabacb6e4b1f3ac405e1249faedab2467f18e8daf82e49ee74df29791a54804492326b533c5bcb9188a57da2be4a4c770a8fb456d79d3f1e871189cf139bf8d3781b0003247611b1a06ee6443f29407357526d865be80ef79465713821171bcebae00f5f62358622620f85ef3ad2f7412e18261998f4c3c019c35fd38b8cc92401811dc40eac78bb771bc9c18bd86a5abcc9ee41b1221ba07550daec06928cc7e6ea02805bc2a5be8fdeba92c4990421b79c8491782093ec0c424330782c3636c265a10180403b25961eab23574a71a6f6ec2cd1eabba0e098ad92e7ffbaf26dce88a8e77c62071bb0bccc49467277e1de2a119c3ac04d1eaee94bf6d3a8203b28aa1475601df7ac12cc9eb1330362464c9e0329979e2109e21bc8a287a1643f4b2941de77d1a240192fbeb67ce09f0520ee14dfc3cd236b3f9e7630a4c49191bfc183cacf2d04cbb0060b1b6ce68f5a53e027c292d23440a88c3b2c5c3597b8e96613f57c48ba472648ffd015674328e9576a34491ed157144e69fa416639ff71cf102cca7af4ab0bc069dbbe63721d663ae8602c78035893325d1ed5af746d973fbddab9ab2715f302e94d4dade04dc8844c4722f4ca781c087e99fde2cae2eed0cbe8e0741ea91053c57e35238128f071ce6c4d077cd4f77ea6c7d863518180ea117c486b880c8b38a1f689c4f731275d2bd581fdb3b247152abe778e141f4a02f62bc49617097e9f27dcc28c34e4164cd420481a033ca78b03cb750d07a5dcb55cf79b60e3506d03b2ee20c0e0180ef0cfc00252427b157cc5244884801dbd38ab60c0893c15921f5e7fe5fb4f08b07e713f14a2a64db682e3954073034a141f4f73e1cc963a22cc2cea060e7b16d0d2400b24c5362f274fc2192596abd65a55aaa69014af5afc91f028458edd438f2625e8ca0a997cbc958f7c76b636eb38663d0dd63e2aa4c67a779d471623ccbf05c518c3c8a2bb7b643a0a64697c9b2ed8e4af7ca8162c87a1f8b86bf424f9fb15e963dda435386d7026500afe4783aa0e35dc19c5c3f4f0c14032a043be0d4a6e2cc29e630cfd5d6524a789158bdd1b29dd879826bb429001a7ef577cafccbbce936f4c5883244cc1cf9f08f9c3f649b84e5561843f9a5a53af5b16e7b3fd92088646b23c417bfeffeab2a8122daea0b7d84c22096ef237e2c50b96c0665f47cfd5e5210ea8ebfede153227063777b3c4f3d15d0c4eb91954331799a2b950e91749e71103d67955ea6eb48b6b4ec74012b1b8dcc606505fe5053ff9c49bccc46f356d74b47feff873c295edd6209d0512f0f515ced54982c7b1fb6306108acc6029cfdf0b7ed23101a6d4d3dfce0d32d2fb42617e0fc9037a355071a89166f2980d2dcd4eff2b7bf09c391ea4f396c90b41b4ded24f41f8d64be5b37d1baebd936e62551c1d56274edf15e215b0564d0849e56dc579ff0046b372556a6254626871ff7b629ed74b0f9ba4d1225f9e9c86b774e46b029478114004c38922b46818249b5cdd593718011b87bf676834e7a384ceb23a48ccb39ff67376a043550ccc8d5949d5bbb50762a03d9aabdfb0613efb997c3917268a26bad8be5cea4ec487e53cec6048f5451d1fa924a0489505450ee547f454437c08d88e746c835db810d2b30b1f421ccd24094ec37ae259046fd0f5f7b1c9120e57f2a8913cdfd01b76520497bb1b8bcc665df26e665025a91bd30a9c7645a19e5debace34ef69fdf72de200898ad3618c6945ae71d7eecbc9d3f9d427ca8fcbd6b19e1c7fce883bceef40bbe774e0cd68853c29be9695315fba045a07fc1e3d19eeb272c05e1705c12200cae1080f4633a5018dbd105912c4617eea8928f257943c70698f61c5ab386ea941819a46f049e614a020a0cccc29ef43d6120d249f85833bbcb7e75b3a313652332be38a532d8477f89027d5f7fea53257f04184cb6ae51f7ba4a789b7ff4ad47f1005d64e859c6c2d18253340613dc46c12bfba249f4783590d89edb9e8b8cc1218870524367bb81a1a21a2415905cf4bc79117afe9330a00e2ad92928da55f1049f9cc8f024891aaec8b492950f48af10e67535df007df69528b6393cf302e40e72ef9b8b0c117717321636b1912bbae60ee90c1c1e058d1f82ea425cf10ab352c26ca16f800106b7e79aed95ace409da93c1d1d48783b6c8ac7335b33eca80501f51f2e57773be06fa1313435755828abdd9846e998bc1c06d38f7293a74e43ca7bd0a16157de6ab8c8ce565f53bc867685b9c464f8415c81eb8ca603101495a7e77fa97d86e15d17bd5c2bbedf9d3e8abbd38ece54b9ceaec56dfc7f0eace881edc635b5153231919e81521366992b2f394d575285e894cf436bb4c2aaf39241a6213a3647b389df90d857e235a3efb6a5523f23adb3221e5f727f0a2e9a5ca782e19dc9ed0ca4ceedb3a672373d22a1cc626eeabfc4877991678197a4c341059dcba52ffa9a296ddbdbc7f4bd84ad962b66ca4649b86e39b90ce46834436d9282bb630256cc90801dbefb22ce702651bd57af86228924396b8b664e8b17cc5f61f8d373179f21d19d11d50864967f696c0f050d124560dfc9af38621775d1a38f4f24b02f472df3f5af49469d7b661e5a47b7630f645e3940f49d45901f940b5743125991220fe3171cdc50176a2c81b61489883ff9a1bb2ec31d5dcfaa7e369a021723cfd266eef7d8325dede9260184456a72258eb1a36739c9b0ccb81ab57639874d773619458c1f95a40681059f6645b6cd72046b612acb199e4468cfc341088fc3aba65349e44761143c868aae3c4e5c82e968b15c5895a2f156a65d28880af80b56dcecacacd1c8bf5c00d600bfc25aecb353a7b35b95b480b0dfad349b4fad35fe53d29fec0a55ea37800b0eba2294a61c67bf3e12b04c9081eeba201e3c69e817dd75af7294dc6ad97c2623a2bff8eb4270e1ad4530e10526b57dae5324cfd62493c8823334b84b1dc5e6c03451011509013f5c982b6e59f1d2979ce8713fc7736ae2d7d82a5f6b863db8d018748b8a850dacc7266240c9081c7c21a0e47c00b4206952ec52f892a5f8565bdee0fbbfefebe94a6e7a7bd99c31b3a1e225a6c24090478a71bd991d7d532ea06f3a9e8f8ec3b7f4d23212a5b8ac28ed0f0fb33dbecf1c28bd5689e93b82f38ba6cfc6d47d6a4528b7e0b67fb125087874620371b52b0a4fedaab9198a71d59665ef6d7df3fb9c2018619473b2fe428c31e9f892a04d23388ba387ea2490965286da735ae9107222026b04747484379df047fc81a2b1369cf1c93273cdb48076828d2719bcaf470716f42c812e2a71b3e", 0x1000}, {&(0x7f0000000300)="3757beecd890d25ae99c44b99151d6b098e82dd818f17acfc8e8b68797ba76367e199815d1b834e3cca282454f487f7524097945e533e78da73429d1ac8fbe7a329b6ef49e90b7ab55f7775e830a5e18e4624f022f224b50018879bd5ab03912af70ddfdee9a7b1095502501de9a998a6369ec9987f0ef3392d015e85e381843fa19eb6df11ae823a1fd53ddf018897e327607a3aebdaa45983b9b98d8dbdf396b6e4593cf0fa4e9458e7268cbdded4390076ce6189a76b75d1a5374bcffd2cd4b40d31283fbe05aaf4b88db8c1e8b77aa71bae5e039541cc42f463d75b069e1ef14c6a6669738f40fb0f3263ec4ccae5fa541d8f22a4ca892a2add08717", 0xfe}], 0x6, &(0x7f0000001500)=[@cred={{0x1c}}], 0x20, 0x4000000}, 0x40004)
r5 = socket$unix(0x1, 0x5, 0x0)
connect$unix(r5, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r6=>0xffffffffffffffff})
r7 = fcntl$dupfd(r6, 0x0, r6)
connect$unix(r7, &(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e)

[  971.233817]  ? dev_load+0x7b/0x250
[  971.233835]  ? lock_downgrade+0x6d0/0x6d0
[  971.233853]  ? inet6_release+0x70/0x70
[  971.233879]  ? netdev_name_node_lookup_rcu+0x108/0x150
23:02:34 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 8)

23:02:34 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[  971.233905]  dev_ioctl+0x2b8/0xd30
[  971.233925]  sock_do_ioctl+0x17d/0x300
[  971.233942]  ? compat_ifr_data_ioctl+0x180/0x180
[  971.233963]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[  971.233980]  ? __sanitizer_cov_trace_switch+0x45/0x80
[  971.234001]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[  971.234019]  ? generic_block_fiemap+0x60/0x60
[  971.234035]  ? lock_downgrade+0x6d0/0x6d0
[  971.234058]  sock_ioctl+0x3ea/0x700
23:02:34 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, 0x0)
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[  971.234075]  ? dlci_ioctl_set+0x30/0x30
[  971.234099]  ? selinux_file_ioctl+0xb6/0x270
[  971.234120]  ? dlci_ioctl_set+0x30/0x30
[  971.234140]  __x64_sys_ioctl+0x19a/0x210
23:02:34 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[  971.234159]  do_syscall_64+0x33/0x40
[  971.234175]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
23:02:34 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[  971.234187] RIP: 0033:0x7f306b5d7b19
[  971.234207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  971.234220] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  971.234240] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[  971.234249] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[  971.234259] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[  971.234268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  971.234279] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
[  971.493859] FAULT_INJECTION: forcing a failure.
[  971.493859] name failslab, interval 1, probability 0, space 0, times 0
[  971.493882] CPU: 0 PID: 7505 Comm: syz-executor.1 Not tainted 5.10.220 #1
[  971.493893] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  971.493899] Call Trace:
[  971.493923]  dump_stack+0x107/0x167
[  971.493943]  should_fail.cold+0x5/0xa
[  971.493964]  ? kmemleak_scan_area+0xa6/0x360
[  971.493986]  should_failslab+0x5/0x20
[  971.494004]  kmem_cache_alloc+0x5b/0x310
[  971.494029]  kmemleak_scan_area+0xa6/0x360
[  971.494052]  alloc_vmap_area+0x171/0x1d10
[  971.494069]  ? kmem_cache_alloc_node_trace+0x16d/0x340
[  971.494095]  ? mark_held_locks+0x9e/0xe0
[  971.494122]  ? purge_vmap_area_lazy+0xc0/0xc0
[  971.494143]  ? kasan_unpoison_shadow+0x33/0x50
[  971.494163]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  971.494186]  __get_vm_area_node+0x127/0x340
[  971.494211]  __vmalloc_node_range+0x13f/0x9e0
[  971.494228]  ? dev_ethtool+0x2bb8/0x4b00
[  971.494245]  ? dev_ethtool+0x2bb8/0x4b00
[  971.494264]  ? __might_fault+0xd3/0x180
[  971.494281]  ? lock_downgrade+0x6d0/0x6d0
[  971.494300]  ? __vmalloc_node+0x110/0x110
[  971.494329]  ? dev_ethtool+0x2bb8/0x4b00
[  971.494345]  __vmalloc_node+0xb5/0x110
[  971.494362]  ? dev_ethtool+0x2bb8/0x4b00
[  971.494384]  dev_ethtool+0x2bb8/0x4b00
[  971.494409]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[  971.494429]  ? ethtool_virtdev_set_link_ksettings+0x180/0x180
[  971.494444]  ? find_held_lock+0x2c/0x110
[  971.494474]  ? lock_acquire+0x197/0x470
[  971.494489]  ? dev_ioctl+0x2ad/0xd30
[  971.494511]  ? lock_release+0x680/0x680
[  971.494543]  ? avc_has_extended_perms+0x7f1/0xf40
[  971.494576]  ? __mutex_lock+0x4fe/0x10b0
[  971.494594]  ? dev_ioctl+0x2ad/0xd30
[  971.494611]  ? lock_acquire+0x197/0x470
[  971.494626]  ? find_held_lock+0x2c/0x110
[  971.494646]  ? mutex_lock_io_nested+0xf30/0xf30
[  971.494663]  ? dev_load+0x7b/0x250
[  971.494681]  ? lock_downgrade+0x6d0/0x6d0
[  971.494699]  ? inet6_release+0x70/0x70
[  971.494725]  ? netdev_name_node_lookup_rcu+0x108/0x150
[  971.494751]  dev_ioctl+0x2b8/0xd30
[  971.494772]  sock_do_ioctl+0x17d/0x300
[  971.494789]  ? compat_ifr_data_ioctl+0x180/0x180
[  971.494811]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[  971.494828]  ? __sanitizer_cov_trace_switch+0x45/0x80
[  971.494848]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[  971.494867]  ? generic_block_fiemap+0x60/0x60
[  971.494883]  ? lock_downgrade+0x6d0/0x6d0
[  971.494906]  sock_ioctl+0x3ea/0x700
[  971.494923]  ? dlci_ioctl_set+0x30/0x30
[  971.494947]  ? selinux_file_ioctl+0xb6/0x270
[  971.494968]  ? dlci_ioctl_set+0x30/0x30
[  971.494988]  __x64_sys_ioctl+0x19a/0x210
[  971.495008]  do_syscall_64+0x33/0x40
[  971.495024]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  971.495036] RIP: 0033:0x7f306b5d7b19
[  971.495052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  971.495061] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  971.495081] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[  971.495090] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[  971.495100] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[  971.495109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  971.495119] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
[  971.495801] kmemleak: Cannot allocate a scan area, scanning the full object
[  971.910743] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  971.911672] print_req_error: 40 callbacks suppressed
[  971.911690] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  971.914068] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  971.914904] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  971.916507] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  971.917359] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  971.918961] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  971.919794] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  971.921417] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  971.922245] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  971.923843] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  971.925400] buffer_io_error: 14 callbacks suppressed
[  971.925412] Buffer I/O error on dev loop0, logical block 2096896, async page read
[  971.927286] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  971.928822] Buffer I/O error on dev loop0, logical block 2096897, async page read
[  971.929966] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  971.931478] Buffer I/O error on dev loop0, logical block 2096898, async page read
[  971.932601] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  971.934125] Buffer I/O error on dev loop0, logical block 2096899, async page read
[  971.935251] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  971.936773] Buffer I/O error on dev loop0, logical block 2096900, async page read
[  971.938013] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  971.938926] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  971.939837] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  971.945626] Buffer I/O error on dev loop0, logical block 2096901, async page read
[  971.946761] Buffer I/O error on dev loop0, logical block 2096902, async page read
[  971.947869] Buffer I/O error on dev loop0, logical block 2096903, async page read
[  971.991584] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  971.992435] Buffer I/O error on dev loop0, logical block 2096896, async page read
[  971.993763] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  971.994615] Buffer I/O error on dev loop0, logical block 2096897, async page read
[  971.995850] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  971.996828] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  971.997817] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  971.998780] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  971.999738] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  972.000707] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:02:47 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x0, 0xffcd, 0x0, 0x0, 0x0)

23:02:47 executing program 5:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xb, @loopback, 0x80000001}, 0x1c)
syz_emit_ethernet(0x85, &(0x7f0000000140)=ANY=[@ANYBLOB="0180c2000000ffffffffffffa6ad3b7c930f04192f360c2c6eeb3148427c26877b9beef408b53ab0ee80ad4a6907ac0d914d0699ed3837db2b5f09f37511dff7167321e20a12799221f55eeadfcd32daf32c33b9db35a154c3abcad056a203baf8abbe49df45f01a6704001cf8624906880f4d0d523f00"/133], 0x0)
syz_emit_ethernet(0x70, &(0x7f0000000040)={@remote, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @val={@void, {0x8100, 0x1, 0x1, 0x1}}, {@x25={0x805, {0x3, 0x14, 0xc8, "bdd1dbc6d28d4decf4d1f41d8567849744f5f68dc4f32154e8434dfd6091f43354e8698f85cf81a679659e86352668bff6dee99e18b07742498292040829eef382989fe4bdea9a0a17cc72802cbee64223f57897bcd09f40af0318"}}}}, &(0x7f00000000c0)={0x0, 0x4, [0x819, 0x4bd, 0xde8, 0x602]})

23:02:47 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:02:47 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 9)

23:02:47 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:02:47 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(0x0, 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:02:47 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:02:47 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:02:47 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x0, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[  984.528028] FAULT_INJECTION: forcing a failure.
[  984.528028] name failslab, interval 1, probability 0, space 0, times 0
[  984.529036] CPU: 0 PID: 7540 Comm: syz-executor.1 Not tainted 5.10.220 #1
[  984.529607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  984.530298] Call Trace:
[  984.530527]  dump_stack+0x107/0x167
[  984.530838]  should_fail.cold+0x5/0xa
[  984.531165]  ? __vmalloc_node_range+0x7a2/0x9e0
[  984.531563]  should_failslab+0x5/0x20
[  984.531891]  __kmalloc_node+0x76/0x420
[  984.532231]  __vmalloc_node_range+0x7a2/0x9e0
[  984.532621]  ? __might_fault+0xd3/0x180
[  984.532966]  ? __vmalloc_node+0x110/0x110
[  984.533323]  ? dev_ethtool+0x2bb8/0x4b00
[  984.533676]  __vmalloc_node+0xb5/0x110
[  984.534009]  ? dev_ethtool+0x2bb8/0x4b00
[  984.534355]  dev_ethtool+0x2bb8/0x4b00
[  984.534699]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[  984.535143]  ? ethtool_virtdev_set_link_ksettings+0x180/0x180
[  984.535633]  ? find_held_lock+0x2c/0x110
[  984.536000]  ? lock_acquire+0x197/0x470
[  984.536341]  ? dev_ioctl+0x2ad/0xd30
[  984.536670]  ? lock_release+0x680/0x680
[  984.537017]  ? avc_has_extended_perms+0x7f1/0xf40
[  984.537432]  ? __mutex_lock+0x4fe/0x10b0
[  984.537778]  ? dev_ioctl+0x2ad/0xd30
[  984.538096]  ? lock_acquire+0x197/0x470
[  984.538428]  ? find_held_lock+0x2c/0x110
[  984.538771]  ? mutex_lock_io_nested+0xf30/0xf30
[  984.539171]  ? dev_load+0x7b/0x250
[  984.539483]  ? lock_downgrade+0x6d0/0x6d0
[  984.539836]  ? inet6_release+0x70/0x70
[  984.540180]  ? netdev_name_node_lookup_rcu+0x108/0x150
[  984.540622]  dev_ioctl+0x2b8/0xd30
[  984.540931]  sock_do_ioctl+0x17d/0x300
[  984.541258]  ? compat_ifr_data_ioctl+0x180/0x180
[  984.541660]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[  984.542135]  ? __sanitizer_cov_trace_switch+0x45/0x80
[  984.542575]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[  984.543017]  ? generic_block_fiemap+0x60/0x60
[  984.543391]  ? lock_downgrade+0x6d0/0x6d0
[  984.543759]  sock_ioctl+0x3ea/0x700
[  984.544063]  ? dlci_ioctl_set+0x30/0x30
[  984.544414]  ? selinux_file_ioctl+0xb6/0x270
[  984.544792]  ? dlci_ioctl_set+0x30/0x30
[  984.545136]  __x64_sys_ioctl+0x19a/0x210
[  984.545474]  do_syscall_64+0x33/0x40
[  984.545788]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  984.546215] RIP: 0033:0x7f306b5d7b19
[  984.546527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  984.548043] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  984.548687] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[  984.549303] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[  984.549893] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[  984.550477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  984.551067] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
[  984.585408] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:02:47 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x28, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid}, @typed={0xc, 0x11, 0x0, 0x0, @u64}]}, 0x28}}, 0x0)
close_range(r1, r0, 0x0)
perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x2}, 0x0, 0x0, 0x0)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0x0)
r3 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, r2)
add_key$keyring(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f0000000200)='keyring\x00', &(0x7f00000004c0)={'syz', 0x1}, &(0x7f0000000540)="18726d0eed55eaa57fc580dc3a0b12e0a5ee08da294ac8119c4c73f93694f2a935d17a81959d084839f846dca8739131e4a9c45c6509af44529537eae3b5a4793a9a0aacfd7a75f2b566b874939829b82a35d20d1985a92c5d7ba971251e89286f64438db33a7f05fb0d1707fd3fa27a56032a79c1d09558fbbfcb2e5f36d3e7e1c749ad35c2064fa087cf6359507a36eb69853e0cdd920cbb7586aedf5a2e5a9a1a6b8d11c08a14918b01d07c92179dfae1ef58835b5fa4be28fbd3b3eac1c9f3cf74fbe25748c55d23902439133eecfafb2e0f", 0xd4, 0xfffffffffffffffa)
add_key$keyring(&(0x7f0000000140), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, r3)
add_key$keyring(&(0x7f0000000740), &(0x7f0000000780)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffa)
sendmsg$NL80211_CMD_REQ_SET_REG(r1, &(0x7f0000000440)={&(0x7f0000000000), 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x3c, 0x0, 0x100, 0x0, 0x25dfdbfe, {}, [@NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'a\x00'}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x11}, @NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'a\x00'}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x41}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'bb\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24004000}, 0x20000010)
getsockopt(0xffffffffffffffff, 0x6, 0x8, &(0x7f0000000880)=""/237, &(0x7f00000006c0)=0xed)
keyctl$revoke(0x3, 0x0)
request_key(&(0x7f0000000340)='rxrpc_s\x00', &(0x7f0000000380)={'syz', 0x1}, &(0x7f0000000480)='bb\x00', r2)
unshare(0x48020200)

23:02:47 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:02:47 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x0, 0xffcd, 0x0, 0x0, 0x0)

23:02:47 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:02:47 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x0, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:02:47 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(0x0, 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[  984.687109] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7546 comm=syz-executor.5
23:02:47 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 10)

[  984.751121] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:02:47 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:02:47 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:02:47 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(0x0, 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:02:47 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x0, 0xffcd, 0x0, 0x0, 0x0)

[  984.842501] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7564 comm=syz-executor.5
[  984.855155] FAULT_INJECTION: forcing a failure.
[  984.855155] name failslab, interval 1, probability 0, space 0, times 0
[  984.856903] CPU: 1 PID: 7567 Comm: syz-executor.1 Not tainted 5.10.220 #1
[  984.857900] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  984.859095] Call Trace:
[  984.859493]  dump_stack+0x107/0x167
[  984.860031]  should_fail.cold+0x5/0xa
[  984.860594]  ? create_object.isra.0+0x3a/0xa20
[  984.861265]  should_failslab+0x5/0x20
[  984.861818]  kmem_cache_alloc+0x5b/0x310
[  984.862416]  create_object.isra.0+0x3a/0xa20
[  984.863063]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[  984.863804]  __kmalloc_node+0x1ae/0x420
[  984.864399]  __vmalloc_node_range+0x7a2/0x9e0
[  984.865064]  ? __might_fault+0xd3/0x180
[  984.865655]  ? __vmalloc_node+0x110/0x110
[  984.866275]  ? dev_ethtool+0x2bb8/0x4b00
[  984.866870]  __vmalloc_node+0xb5/0x110
[  984.867439]  ? dev_ethtool+0x2bb8/0x4b00
[  984.868040]  dev_ethtool+0x2bb8/0x4b00
[  984.868622]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[  984.869406]  ? ethtool_virtdev_set_link_ksettings+0x180/0x180
[  984.870251]  ? find_held_lock+0x2c/0x110
[  984.870859]  ? lock_acquire+0x197/0x470
[  984.871440]  ? dev_ioctl+0x2ad/0xd30
[  984.871993]  ? lock_release+0x680/0x680
[  984.872590]  ? avc_has_extended_perms+0x7f1/0xf40
[  984.873320]  ? __mutex_lock+0x4fe/0x10b0
[  984.873914]  ? dev_ioctl+0x2ad/0xd30
[  984.874460]  ? lock_acquire+0x197/0x470
[  984.875038]  ? find_held_lock+0x2c/0x110
[  984.875632]  ? mutex_lock_io_nested+0xf30/0xf30
[  984.876310]  ? dev_load+0x7b/0x250
[  984.876846]  ? lock_downgrade+0x6d0/0x6d0
[  984.877456]  ? inet6_release+0x70/0x70
[  984.878033]  ? netdev_name_node_lookup_rcu+0x108/0x150
[  984.878809]  dev_ioctl+0x2b8/0xd30
[  984.879338]  sock_do_ioctl+0x17d/0x300
[  984.879905]  ? compat_ifr_data_ioctl+0x180/0x180
[  984.880597]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[  984.881436]  ? __sanitizer_cov_trace_switch+0x45/0x80
[  984.882183]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[  984.882945]  ? generic_block_fiemap+0x60/0x60
[  984.883600]  ? lock_downgrade+0x6d0/0x6d0
[  984.884212]  sock_ioctl+0x3ea/0x700
[  984.884753]  ? dlci_ioctl_set+0x30/0x30
[  984.885343]  ? selinux_file_ioctl+0xb6/0x270
[  984.885990]  ? dlci_ioctl_set+0x30/0x30
[  984.886571]  __x64_sys_ioctl+0x19a/0x210
[  984.887163]  do_syscall_64+0x33/0x40
[  984.887708]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  984.888447] RIP: 0033:0x7f306b5d7b19
[  984.888997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  984.891647] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  984.892753] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[  984.893790] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[  984.894822] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[  984.895851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  984.896886] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
23:02:48 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:02:48 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x0, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[  984.928516] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:02:48 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0x0, 0x0, 0x0, 0x0)

23:02:48 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 11)

[  985.040822] FAULT_INJECTION: forcing a failure.
[  985.040822] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  985.042646] CPU: 1 PID: 7584 Comm: syz-executor.1 Not tainted 5.10.220 #1
[  985.043645] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  985.044850] Call Trace:
[  985.045245]  dump_stack+0x107/0x167
[  985.045782]  should_fail.cold+0x5/0xa
[  985.046342]  __alloc_pages_nodemask+0x182/0x600
[  985.047023]  ? __kmalloc_node+0x1ae/0x420
[  985.047634]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[  985.048511]  ? mark_held_locks+0x9e/0xe0
[  985.049123]  ? trace_hardirqs_on+0x5b/0x180
[  985.049759]  alloc_pages_current+0x187/0x280
[  985.050406]  __vmalloc_node_range+0x60a/0x9e0
[  985.051073]  ? __lockdep_reset_lock+0x180/0x180
[  985.051754]  ? __vmalloc_node+0x110/0x110
[  985.052357]  ? perf_trace_lock+0xac/0x490
[  985.052983]  ? dev_ethtool+0x2bb8/0x4b00
[  985.053577]  __vmalloc_node+0xb5/0x110
[  985.054145]  ? dev_ethtool+0x2bb8/0x4b00
[  985.054744]  dev_ethtool+0x2bb8/0x4b00
[  985.055321]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[  985.056087]  ? ethtool_virtdev_set_link_ksettings+0x180/0x180
[  985.056947]  ? __lockdep_reset_lock+0x180/0x180
[  985.057625]  ? finish_task_switch+0x126/0x5d0
[  985.058273]  ? finish_task_switch+0xef/0x5d0
[  985.058923]  ? lock_acquire+0x197/0x470
[  985.059503]  ? find_held_lock+0x2c/0x110
[  985.060109]  ? __mutex_lock+0x5af/0x10b0
[  985.060706]  ? lock_downgrade+0x6d0/0x6d0
[  985.061325]  ? do_raw_spin_lock+0x121/0x260
[  985.061954]  ? rwlock_bug.part.0+0x90/0x90
[  985.062581]  ? do_raw_spin_unlock+0x4f/0x220
[  985.063222]  ? _raw_spin_unlock+0x1a/0x30
[  985.063824]  ? __mutex_lock+0x5af/0x10b0
[  985.064419]  ? dev_ioctl+0x2ad/0xd30
[  985.064979]  ? mutex_lock_io_nested+0xf30/0xf30
[  985.065657]  ? dev_load+0x7b/0x250
[  985.066181]  ? inet6_release+0x70/0x70
[  985.066766]  ? netdev_name_node_lookup_rcu+0x108/0x150
[  985.067541]  dev_ioctl+0x2b8/0xd30
[  985.068071]  sock_do_ioctl+0x17d/0x300
[  985.068642]  ? compat_ifr_data_ioctl+0x180/0x180
[  985.069351]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[  985.070191]  ? __sanitizer_cov_trace_switch+0x45/0x80
[  985.070950]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[  985.071721]  ? generic_block_fiemap+0x60/0x60
[  985.072380]  ? lock_downgrade+0x6d0/0x6d0
[  985.072997]  sock_ioctl+0x3ea/0x700
[  985.073533]  ? dlci_ioctl_set+0x30/0x30
[  985.074120]  ? selinux_file_ioctl+0xb6/0x270
[  985.074768]  ? dlci_ioctl_set+0x30/0x30
[  985.075354]  __x64_sys_ioctl+0x19a/0x210
[  985.075955]  do_syscall_64+0x33/0x40
[  985.076498]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  985.077254] RIP: 0033:0x7f306b5d7b19
[  985.077813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  985.080484] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  985.081605] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[  985.082645] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[  985.083692] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[  985.084733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  985.085783] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
23:02:48 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[  985.550488] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.551110] print_req_error: 22 callbacks suppressed
[  985.551120] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  985.552406] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  985.552413] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.552434] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  985.554055] buffer_io_error: 6 callbacks suppressed
[  985.554067] Buffer I/O error on dev loop0, logical block 2096896, async page read
[  985.554509] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.556065] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  985.556354] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  985.557451] Buffer I/O error on dev loop0, logical block 2096897, async page read
[  985.557926] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.559427] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  985.560213] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  985.561314] Buffer I/O error on dev loop0, logical block 2096898, async page read
[  985.561788] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.565093] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  985.565576] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  985.565991] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.567450] Buffer I/O error on dev loop0, logical block 2096899, async page read
[  985.567875] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  985.570330] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.570610] Buffer I/O error on dev loop0, logical block 2096900, async page read
[  985.570827] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.571881] Buffer I/O error on dev loop0, logical block 2096901, async page read
[  985.575596] Buffer I/O error on dev loop0, logical block 2096902, async page read
[  985.576750] Buffer I/O error on dev loop0, logical block 2096903, async page read
[  985.623274] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.623787] Buffer I/O error on dev loop0, logical block 2096896, async page read
[  985.624588] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.625057] Buffer I/O error on dev loop0, logical block 2096897, async page read
[  985.628458] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.629090] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.630087] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.630979] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.631501] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.632881] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.678102] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.678743] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.679266] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.680159] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.681170] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.683230] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.683947] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.684463] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.697077] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.697904] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.698429] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.699374] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.700178] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.701346] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.702162] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  985.703083] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.038987] FAULT_INJECTION: forcing a failure.
[  998.038987] name failslab, interval 1, probability 0, space 0, times 0
[  998.040020] CPU: 0 PID: 7599 Comm: syz-executor.1 Not tainted 5.10.220 #1
[  998.040635] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[  998.041539] Call Trace:
[  998.041785]  dump_stack+0x107/0x167
[  998.042117]  should_fail.cold+0x5/0xa
[  998.042462]  ? create_object.isra.0+0x3a/0xa20
[  998.042873]  should_failslab+0x5/0x20
[  998.043218]  kmem_cache_alloc+0x5b/0x310
[  998.043583]  create_object.isra.0+0x3a/0xa20
[  998.043985]  kmemleak_vmalloc+0x49/0x120
[  998.044363]  __vmalloc_node_range+0x574/0x9e0
[  998.044771]  ? __vmalloc_node+0x110/0x110
[  998.045161]  ? dev_ethtool+0x2bb8/0x4b00
[  998.045527]  __vmalloc_node+0xb5/0x110
[  998.045877]  ? dev_ethtool+0x2bb8/0x4b00
[  998.046239]  dev_ethtool+0x2bb8/0x4b00
[  998.046600]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[  998.047075]  ? ethtool_virtdev_set_link_ksettings+0x180/0x180
[  998.047600]  ? find_held_lock+0x2c/0x110
[  998.047970]  ? lock_acquire+0x197/0x470
[  998.048325]  ? dev_ioctl+0x2ad/0xd30
[  998.048663]  ? lock_release+0x680/0x680
[  998.049032]  ? avc_has_extended_perms+0x7f1/0xf40
[  998.049482]  ? __mutex_lock+0x4fe/0x10b0
[  998.049848]  ? dev_ioctl+0x2ad/0xd30
[  998.050188]  ? lock_acquire+0x197/0x470
[  998.050543]  ? find_held_lock+0x2c/0x110
[  998.050905]  ? mutex_lock_io_nested+0xf30/0xf30
[  998.051327]  ? dev_load+0x7b/0x250
[  998.051651]  ? lock_downgrade+0x6d0/0x6d0
[  998.052027]  ? inet6_release+0x70/0x70
[  998.052379]  ? netdev_name_node_lookup_rcu+0x108/0x150
[  998.052849]  dev_ioctl+0x2b8/0xd30
[  998.053180]  sock_do_ioctl+0x17d/0x300
[  998.053535]  ? compat_ifr_data_ioctl+0x180/0x180
[  998.053969]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[  998.054477]  ? __sanitizer_cov_trace_switch+0x45/0x80
[  998.054935]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[  998.055406]  ? generic_block_fiemap+0x60/0x60
[  998.055807]  ? lock_downgrade+0x6d0/0x6d0
[  998.056184]  sock_ioctl+0x3ea/0x700
[  998.056512]  ? dlci_ioctl_set+0x30/0x30
[  998.056873]  ? selinux_file_ioctl+0xb6/0x270
[  998.057273]  ? dlci_ioctl_set+0x30/0x30
[  998.057635]  __x64_sys_ioctl+0x19a/0x210
[  998.057996]  do_syscall_64+0x33/0x40
[  998.058331]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[  998.058790] RIP: 0033:0x7f306b5d7b19
[  998.059126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  998.060759] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  998.061451] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[  998.062092] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[  998.062730] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[  998.063606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  998.064254] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
23:03:01 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:03:01 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0x0, 0x0, 0x0, 0x0)

23:03:01 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x0, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:03:01 executing program 5:
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r1, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$bt_hci(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="011b04ad6d86f01363b5c505fa590900000000f61f00995366abc98b79576d263ca144ef9aaa1680e3a6d74af07c389b9fd983de2ebf900c3630abf8af9a8b3462a4925041c570e11ead90072e7db51219b9a378f251353aecfecd600a5555167df52d7b369edb22e4f048902b66c95436778b19d45f01edd88d325a265418d92e2dbc1763c12abea3018000000000000006e2afb9125249b4f91fbd2f4a7da3bd06bd230fc21a99d676a4cce006b5de773d96bb71b4bb81b80c522b37a7f4136455a6e934e4919addbdb797ac853e51b64ce6ed303eba09eb7d0f9ca950581c83efc23bfc190afb48ba21429b85e67a2c25d31f7ec75da7a5f33ac7db5c3a3135e3520842f19978be722fe131da142465eebdf208976405eb65804e68d38a40560774368647d0cf1713d2c51bc6ae856fd7883f3ce35c161c83f5aabc"], 0x6)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00')
r3 = fsmount(r2, 0x0, 0x88)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat(r3, &(0x7f0000001240)='/proc/self/exe\x00', 0x200, 0x0)
write$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1, @set_cpb={{0x441, 0xb}, {0x8, 0x0, 0x9, 0x998, 0x80, 0x6, 0x8}}}, 0xf)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f00000002c0)={0x0, 0x1, 0x7, 0x2})
write$bt_hci(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="013804009bf4c220c1efc2050006000000ee4700000101000000000000000000000000000031f5e866d9022a05c753d21efd0a8d09a16fc23164bd9b7ac43e676b641f13b895074de5c106286e4a564bc2a1b728819d3294421639caaf9e12ac16b66aa1bd109e484c79ee1fb30349d95244aed78f3aa2b8c95cc695c9647243e1fb44cd867035f03726e41493d000cf022d959eee329e488f68f28cbd9730000000003c4df3d187269647dcbc1340bb5cb8e5051573ffadf6880504c875c6bb59f3d937783be55d55a6754fcb8500dd1853eaecf4f0af9e3e1446562e9d03e408d1ea655783e34d349f69cab76130588f8047c1ffb4c58e75c4b38b80fc608530602fefcca1e8090f2e97d416035cb160bb860230e5e2a84a4e4b97b2c98bbf"], 0x4c)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x163000, 0x0)
unshare(0x40040000)

23:03:01 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:03:01 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:03:01 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 12)

23:03:01 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

[  998.122911] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:03:01 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x0, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:03:01 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0x0, 0x0, 0x0, 0x0)

23:03:01 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[  998.491020] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.491497] print_req_error: 54 callbacks suppressed
[  998.491511] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  998.492822] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  998.493672] buffer_io_error: 22 callbacks suppressed
[  998.493679] Buffer I/O error on dev loop0, logical block 2096896, async page read
[  998.496891] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.497334] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  998.498189] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  998.499024] Buffer I/O error on dev loop0, logical block 2096897, async page read
[  998.500063] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.500495] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  998.501367] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  998.502204] Buffer I/O error on dev loop0, logical block 2096898, async page read
[  998.503165] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.503628] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  998.504456] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  998.505298] Buffer I/O error on dev loop0, logical block 2096899, async page read
[  998.506328] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.506788] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  998.507632] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  998.508447] Buffer I/O error on dev loop0, logical block 2096900, async page read
[  998.509405] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.509900] Buffer I/O error on dev loop0, logical block 2096901, async page read
[  998.510843] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.511296] Buffer I/O error on dev loop0, logical block 2096902, async page read
[  998.512232] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.512711] Buffer I/O error on dev loop0, logical block 2096903, async page read
[  998.567034] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.567537] Buffer I/O error on dev loop0, logical block 2096896, async page read
[  998.569041] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.569497] Buffer I/O error on dev loop0, logical block 2096897, async page read
[  998.570574] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.571270] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.572062] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.572860] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.573387] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  998.574197] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:03:14 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:03:14 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:03:14 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:03:14 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:03:14 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 13)

23:03:14 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x0, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:03:14 executing program 5:
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r1, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$bt_hci(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="011b04ad6d86f01363b5c505fa590900000000f61f00995366abc98b79576d263ca144ef9aaa1680e3a6d74af07c389b9fd983de2ebf900c3630abf8af9a8b3462a4925041c570e11ead90072e7db51219b9a378f251353aecfecd600a5555167df52d7b369edb22e4f048902b66c95436778b19d45f01edd88d325a265418d92e2dbc1763c12abea3018000000000000006e2afb9125249b4f91fbd2f4a7da3bd06bd230fc21a99d676a4cce006b5de773d96bb71b4bb81b80c522b37a7f4136455a6e934e4919addbdb797ac853e51b64ce6ed303eba09eb7d0f9ca950581c83efc23bfc190afb48ba21429b85e67a2c25d31f7ec75da7a5f33ac7db5c3a3135e3520842f19978be722fe131da142465eebdf208976405eb65804e68d38a40560774368647d0cf1713d2c51bc6ae856fd7883f3ce35c161c83f5aabc"], 0x6)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00')
r3 = fsmount(r2, 0x0, 0x88)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat(r3, &(0x7f0000001240)='/proc/self/exe\x00', 0x200, 0x0)
write$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1, @set_cpb={{0x441, 0xb}, {0x8, 0x0, 0x9, 0x998, 0x80, 0x6, 0x8}}}, 0xf)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f00000002c0)={0x0, 0x1, 0x7, 0x2})
write$bt_hci(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="013804009bf4c220c1efc2050006000000ee4700000101000000000000000000000000000031f5e866d9022a05c753d21efd0a8d09a16fc23164bd9b7ac43e676b641f13b895074de5c106286e4a564bc2a1b728819d3294421639caaf9e12ac16b66aa1bd109e484c79ee1fb30349d95244aed78f3aa2b8c95cc695c9647243e1fb44cd867035f03726e41493d000cf022d959eee329e488f68f28cbd9730000000003c4df3d187269647dcbc1340bb5cb8e5051573ffadf6880504c875c6bb59f3d937783be55d55a6754fcb8500dd1853eaecf4f0af9e3e1446562e9d03e408d1ea655783e34d349f69cab76130588f8047c1ffb4c58e75c4b38b80fc608530602fefcca1e8090f2e97d416035cb160bb860230e5e2a84a4e4b97b2c98bbf"], 0x4c)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x163000, 0x0)
unshare(0x40040000)

23:03:14 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 1)

[ 1011.156239] FAULT_INJECTION: forcing a failure.
[ 1011.156239] name failslab, interval 1, probability 0, space 0, times 0
[ 1011.157494] CPU: 1 PID: 7635 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1011.158095] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1011.158834] Call Trace:
[ 1011.159077]  dump_stack+0x107/0x167
[ 1011.159407]  should_fail.cold+0x5/0xa
[ 1011.159761]  should_failslab+0x5/0x20
[ 1011.160102]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1011.160504]  io_submit_sqes+0x6fe6/0x8610
[ 1011.160872]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1011.161318]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1011.161762]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1011.162195]  ? lock_downgrade+0x6d0/0x6d0
[ 1011.162567]  ? find_held_lock+0x2c/0x110
[ 1011.162932]  ? io_submit_sqes+0x8610/0x8610
[ 1011.163319]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1011.163747]  ? wait_for_completion_io+0x270/0x270
[ 1011.164172]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1011.164584]  ? vfs_write+0x354/0xb10
[ 1011.164911]  ? fput_many+0x2f/0x1a0
[ 1011.165240]  ? ksys_write+0x1a9/0x260
[ 1011.165574]  ? __ia32_sys_read+0xb0/0xb0
[ 1011.165940]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1011.166402]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1011.166858]  do_syscall_64+0x33/0x40
[ 1011.167190]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1011.167639] RIP: 0033:0x7fd30c0eeb19
[ 1011.167971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1011.169593] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1011.170265] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1011.170913] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1011.171556] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1011.172188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1011.172816] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1011.202987] FAULT_INJECTION: forcing a failure.
[ 1011.202987] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1011.204033] CPU: 1 PID: 7647 Comm: syz-executor.1 Not tainted 5.10.220 #1
[ 1011.204627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1011.205348] Call Trace:
[ 1011.205582]  dump_stack+0x107/0x167
[ 1011.205904]  should_fail.cold+0x5/0xa
[ 1011.206240]  _copy_to_user+0x2e/0x180
[ 1011.206577]  dev_ethtool+0x2c0b/0x4b00
[ 1011.206923]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1011.207384]  ? ethtool_virtdev_set_link_ksettings+0x180/0x180
[ 1011.207895]  ? find_held_lock+0x2c/0x110
[ 1011.208264]  ? lock_acquire+0x197/0x470
[ 1011.208617]  ? dev_ioctl+0x2ad/0xd30
[ 1011.208946]  ? lock_release+0x680/0x680
[ 1011.209305]  ? avc_has_extended_perms+0x7f1/0xf40
[ 1011.209738]  ? __mutex_lock+0x4fe/0x10b0
[ 1011.210098]  ? dev_ioctl+0x2ad/0xd30
[ 1011.210438]  ? lock_acquire+0x197/0x470
[ 1011.210794]  ? find_held_lock+0x2c/0x110
[ 1011.211153]  ? mutex_lock_io_nested+0xf30/0xf30
[ 1011.211564]  ? dev_load+0x7b/0x250
[ 1011.211882]  ? lock_downgrade+0x6d0/0x6d0
[ 1011.212245]  ? inet6_release+0x70/0x70
[ 1011.212598]  ? netdev_name_node_lookup_rcu+0x108/0x150
[ 1011.213072]  dev_ioctl+0x2b8/0xd30
[ 1011.213394]  sock_do_ioctl+0x17d/0x300
[ 1011.213740]  ? compat_ifr_data_ioctl+0x180/0x180
[ 1011.214165]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[ 1011.214676]  ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1011.215130]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 1011.215587]  ? generic_block_fiemap+0x60/0x60
[ 1011.215982]  ? lock_downgrade+0x6d0/0x6d0
[ 1011.216342]  sock_ioctl+0x3ea/0x700
[ 1011.216663]  ? dlci_ioctl_set+0x30/0x30
[ 1011.217014]  ? selinux_file_ioctl+0xb6/0x270
[ 1011.217408]  ? dlci_ioctl_set+0x30/0x30
[ 1011.217765]  __x64_sys_ioctl+0x19a/0x210
[ 1011.218120]  do_syscall_64+0x33/0x40
[ 1011.218447]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1011.218892] RIP: 0033:0x7f306b5d7b19
[ 1011.219216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1011.220808] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1011.221477] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[ 1011.222096] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[ 1011.222714] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1011.223328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1011.223938] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
[ 1011.248685] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1011.538498] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1011.539359] print_req_error: 22 callbacks suppressed
[ 1011.539378] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1011.541762] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1011.543320] buffer_io_error: 6 callbacks suppressed
[ 1011.543332] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1011.549742] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1011.550578] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1011.552162] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1011.553757] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1011.555576] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1011.556374] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1011.557943] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1011.559478] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1011.561400] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1011.562242] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1011.563794] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1011.565339] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1011.567274] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1011.568104] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1011.569695] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1011.571224] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1011.573033] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1011.574015] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1011.575455] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1011.579585] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1011.580746] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1011.581907] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1025.233890] FAULT_INJECTION: forcing a failure.
[ 1025.233890] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1025.235076] CPU: 0 PID: 7659 Comm: syz-executor.1 Not tainted 5.10.220 #1
[ 1025.235701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1025.236448] Call Trace:
[ 1025.236704]  dump_stack+0x107/0x167
[ 1025.237043]  should_fail.cold+0x5/0xa
[ 1025.237411]  _copy_to_user+0x2e/0x180
[ 1025.237773]  dev_ethtool+0x2c50/0x4b00
[ 1025.238139]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1025.238621]  ? ethtool_virtdev_set_link_ksettings+0x180/0x180
[ 1025.239277]  ? find_held_lock+0x2c/0x110
[ 1025.239671]  ? lock_acquire+0x197/0x470
[ 1025.240119]  ? dev_ioctl+0x2ad/0xd30
[ 1025.240504]  ? lock_release+0x680/0x680
[ 1025.240966]  ? avc_has_extended_perms+0x7f1/0xf40
[ 1025.241470]  ? __mutex_lock+0x4fe/0x10b0
[ 1025.241946]  ? dev_ioctl+0x2ad/0xd30
[ 1025.242317]  ? lock_acquire+0x197/0x470
[ 1025.242773]  ? find_held_lock+0x2c/0x110
[ 1025.243184]  ? mutex_lock_io_nested+0xf30/0xf30
[ 1025.243718]  ? dev_load+0x7b/0x250
[ 1025.244075]  ? lock_downgrade+0x6d0/0x6d0
[ 1025.244562]  ? inet6_release+0x70/0x70
[ 1025.244939]  ? netdev_name_node_lookup_rcu+0x108/0x150
[ 1025.245556]  dev_ioctl+0x2b8/0xd30
[ 1025.245891]  sock_do_ioctl+0x17d/0x300
[ 1025.246336]  ? compat_ifr_data_ioctl+0x180/0x180
[ 1025.246812]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[ 1025.247467]  ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1025.247977]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 1025.248569]  ? generic_block_fiemap+0x60/0x60
[ 1025.249013]  ? lock_downgrade+0x6d0/0x6d0
[ 1025.249498]  sock_ioctl+0x3ea/0x700
[ 1025.249861]  ? dlci_ioctl_set+0x30/0x30
[ 1025.250323]  ? selinux_file_ioctl+0xb6/0x270
[ 1025.250734]  ? dlci_ioctl_set+0x30/0x30
[ 1025.251189]  __x64_sys_ioctl+0x19a/0x210
[ 1025.251569]  do_syscall_64+0x33/0x40
[ 1025.251988]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1025.252452] RIP: 0033:0x7f306b5d7b19
[ 1025.252868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1025.254579] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1025.255431] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[ 1025.256237] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[ 1025.257033] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1025.257846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1025.258662] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
23:03:28 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:03:28 executing program 5:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:03:28 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:03:28 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:03:28 executing program 6:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:03:28 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 2)

23:03:28 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x0)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:03:28 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 14)

[ 1025.270153] FAULT_INJECTION: forcing a failure.
[ 1025.270153] name failslab, interval 1, probability 0, space 0, times 0
[ 1025.271228] CPU: 0 PID: 7670 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1025.271978] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1025.272802] Call Trace:
[ 1025.273103]  dump_stack+0x107/0x167
[ 1025.273456]  should_fail.cold+0x5/0xa
[ 1025.273887]  ? create_object.isra.0+0x3a/0xa20
[ 1025.274336]  should_failslab+0x5/0x20
[ 1025.274768]  kmem_cache_alloc+0x5b/0x310
[ 1025.275145]  create_object.isra.0+0x3a/0xa20
[ 1025.275645]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1025.276153]  kmem_cache_alloc_bulk+0x168/0x320
[ 1025.276680]  io_submit_sqes+0x6fe6/0x8610
[ 1025.277087]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1025.277663]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1025.278121]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1025.278672]  ? lock_downgrade+0x6d0/0x6d0
[ 1025.279085]  ? find_held_lock+0x2c/0x110
[ 1025.279559]  ? io_submit_sqes+0x8610/0x8610
[ 1025.280002]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1025.280553]  ? wait_for_completion_io+0x270/0x270
[ 1025.281049]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1025.281581]  ? vfs_write+0x354/0xb10
[ 1025.281926]  ? fput_many+0x2f/0x1a0
[ 1025.282336]  ? ksys_write+0x1a9/0x260
[ 1025.282696]  ? __ia32_sys_read+0xb0/0xb0
[ 1025.283158]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1025.283680]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1025.284260]  do_syscall_64+0x33/0x40
[ 1025.284628]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1025.285203] RIP: 0033:0x7fd30c0eeb19
[ 1025.285582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1025.287642] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1025.288395] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1025.289059] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1025.289706] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1025.290348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1025.290993] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1025.338726] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:03:28 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:03:28 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:03:28 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 15)

[ 1025.447482] FAULT_INJECTION: forcing a failure.
[ 1025.447482] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1025.447979] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1025.449253] CPU: 1 PID: 7686 Comm: syz-executor.1 Not tainted 5.10.220 #1
[ 1025.451096] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1025.452307] Call Trace:
[ 1025.452711]  dump_stack+0x107/0x167
[ 1025.453252]  should_fail.cold+0x5/0xa
[ 1025.453834]  _copy_to_user+0x2e/0x180
[ 1025.454402]  sock_do_ioctl+0x1c3/0x300
[ 1025.454977]  ? compat_ifr_data_ioctl+0x180/0x180
[ 1025.455679]  ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[ 1025.456522]  ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1025.457293]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 1025.458069]  ? generic_block_fiemap+0x60/0x60
[ 1025.458730]  ? lock_downgrade+0x6d0/0x6d0
[ 1025.459350]  sock_ioctl+0x3ea/0x700
[ 1025.459885]  ? dlci_ioctl_set+0x30/0x30
[ 1025.460483]  ? selinux_file_ioctl+0xb6/0x270
[ 1025.461141]  ? dlci_ioctl_set+0x30/0x30
[ 1025.461760]  __x64_sys_ioctl+0x19a/0x210
[ 1025.462358]  do_syscall_64+0x33/0x40
[ 1025.462909]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1025.463659] RIP: 0033:0x7f306b5d7b19
[ 1025.464211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1025.466903] RSP: 002b:00007f3068b4d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1025.468026] RAX: ffffffffffffffda RBX: 00007f306b6eaf60 RCX: 00007f306b5d7b19
[ 1025.469073] RDX: 00000000200001c0 RSI: 0000000000008946 RDI: 0000000000000003
[ 1025.470120] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1025.471167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1025.472216] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
23:03:28 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:03:28 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 3)

23:03:28 executing program 6:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:03:28 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:03:28 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
mount(&(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='proc\x00', 0x5000, &(0x7f0000000280)='ext4\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
syncfs(0xffffffffffffffff)
write(r2, &(0x7f0000000240)="01", 0x1)
write$P9_RREADLINK(r0, &(0x7f0000000140)=ANY=[], 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r3, 0xffff)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendfile(r0, r1, 0x0, 0x20d315)

23:03:28 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x0)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:03:28 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:03:28 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

[ 1025.630438] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 1025.642211] FAULT_INJECTION: forcing a failure.
[ 1025.642211] name failslab, interval 1, probability 0, space 0, times 0
[ 1025.643939] CPU: 1 PID: 7697 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1025.644942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1025.646158] Call Trace:
[ 1025.646558]  dump_stack+0x107/0x167
[ 1025.647097]  should_fail.cold+0x5/0xa
[ 1025.647292] FAULT_INJECTION: forcing a failure.
[ 1025.647292] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1025.647668]  ? create_object.isra.0+0x3a/0xa20
[ 1025.647723]  should_failslab+0x5/0x20
[ 1025.647746]  kmem_cache_alloc+0x5b/0x310
[ 1025.650667]  ? mark_held_locks+0x9e/0xe0
[ 1025.651260]  create_object.isra.0+0x3a/0xa20
[ 1025.651896]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1025.652630]  kmem_cache_alloc_bulk+0x168/0x320
[ 1025.653303]  io_submit_sqes+0x6fe6/0x8610
[ 1025.653907]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1025.654633]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1025.655355]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1025.656059]  ? lock_downgrade+0x6d0/0x6d0
[ 1025.656655]  ? find_held_lock+0x2c/0x110
[ 1025.657251]  ? io_submit_sqes+0x8610/0x8610
[ 1025.657907]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1025.658611]  ? wait_for_completion_io+0x270/0x270
[ 1025.659308]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1025.659980]  ? vfs_write+0x354/0xb10
[ 1025.660522]  ? fput_many+0x2f/0x1a0
[ 1025.661054]  ? ksys_write+0x1a9/0x260
[ 1025.661617]  ? __ia32_sys_read+0xb0/0xb0
[ 1025.662210]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1025.662963]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1025.663712]  do_syscall_64+0x33/0x40
[ 1025.664265]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1025.665007] RIP: 0033:0x7fd30c0eeb19
[ 1025.665559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1025.668173] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1025.669284] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1025.670314] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1025.671335] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1025.672358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1025.673390] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1025.674444] CPU: 0 PID: 7705 Comm: syz-executor.1 Not tainted 5.10.220 #1
[ 1025.675017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1025.675675] Call Trace:
[ 1025.675897]  dump_stack+0x107/0x167
[ 1025.676197]  should_fail.cold+0x5/0xa
[ 1025.676515]  _copy_to_user+0x2e/0x180
[ 1025.676829]  simple_read_from_buffer+0xcc/0x160
[ 1025.677208]  proc_fail_nth_read+0x198/0x230
[ 1025.677563]  ? proc_sessionid_read+0x230/0x230
[ 1025.677935]  ? security_file_permission+0xb1/0xe0
[ 1025.678326]  ? proc_sessionid_read+0x230/0x230
[ 1025.678695]  vfs_read+0x228/0x620
[ 1025.678978]  ksys_read+0x12d/0x260
[ 1025.679258]  ? vfs_write+0xb10/0xb10
[ 1025.679560]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1025.679979]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1025.680392]  do_syscall_64+0x33/0x40
[ 1025.680695]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1025.681103] RIP: 0033:0x7f306b58a69c
[ 1025.681409] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 1025.682844] RSP: 002b:00007f3068b4d170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1025.683468] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f306b58a69c
[ 1025.684039] RDX: 000000000000000f RSI: 00007f3068b4d1e0 RDI: 0000000000000004
[ 1025.684606] RBP: 00007f3068b4d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1025.685174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1025.685747] R13: 00007ffcffbbcc8f R14: 00007f3068b4d300 R15: 0000000000022000
23:03:28 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}}) (fail_nth: 16)

[ 1025.713808] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1026.217568] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1026.218052] print_req_error: 6 callbacks suppressed
[ 1026.218063] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1026.219339] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1026.220234] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1026.230642] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1026.231091] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1026.233593] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1026.234470] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1026.238896] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1026.239342] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1026.240221] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1026.241094] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1026.242129] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1026.242874] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1026.243775] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1026.244637] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1026.245858] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1026.246303] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1026.247194] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1026.248078] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1026.249038] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1026.249652] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1026.250621] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1026.251105] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1026.252121] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1026.252640] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1026.350063] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1026.350622] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1026.351354] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1026.351903] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1026.352960] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1026.353853] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1026.354696] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1026.355464] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1026.356085] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1026.356989] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:03:41 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:03:41 executing program 6:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:03:41 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 4)

23:03:41 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x0)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:03:41 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:03:41 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:03:41 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x100000, 0x2c, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000100000005000000000004000040000020000000d4f4655fd4f4655f0100ffff53ef010001000000d3f4655f000000000000000001000000000000000b0000000001000008000000d2420100120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e32303232303739373400"/192, 0xc0, 0x400}, {&(0x7f0000010100)="00000000000000000000000076a34e3f63e54dbc8955dd45888f6106010040000c00000000000000d3f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000040000004600000000000000", 0x40, 0x540}, {&(0x7f0000010300)="0300000004000000000000000000000000000000010400"/32, 0x20, 0x640}, {&(0x7f0000010400)="02000000030000000400000016000f000300040000000000000000000f00c5d7", 0x20, 0x800}, {&(0x7f0000010500)="ff030000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000d3f4655fd3f4655fd3f4655f00"/4128, 0x1020, 0x1000}, {&(0x7f0000011600)="ed41000000080000d3f4655fd4f4655fd4f4655f00000000000004004000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x2100}, {&(0x7f0000011700)="20000000945343359453433500000000d3f4655f00"/32, 0x20, 0x2180}, {&(0x7f0000011800)="8081000000180000d3f4655fd3f4655fd3f4655f00000000000001004000000010000800000000000af301000400000000000000000000000300000030000000", 0x40, 0x2200}, {&(0x7f0000011900)="20000000000000000000000000000000d3f4655f00"/32, 0x20, 0x2280}, {&(0x7f0000011a00)="8081000000180000d3f4655fd3f4655fd3f4655f00000000000001004000000010000800000000000af301000400000000000000000000000300000040000000", 0x40, 0x2300}, {&(0x7f0000011b00)="20000000000000000000000000000000d3f4655f00"/32, 0x20, 0x2380}, {&(0x7f0000011c00)="c041000000400000d3f4655fd3f4655fd3f4655f00000000000002004000000000000800000000000af301000400000000000000000000000800000020000000", 0x40, 0x2a00}, {&(0x7f0000011d00)="20000000000000000000000000000000d3f4655f00"/32, 0x20, 0x2a80}, {&(0x7f0000011e00)="ed41000000080000d4f4655fd4f4655fd4f4655f00000000000002004000000000000800030000000af301000400000000000000000000000100000050000000000000000000000000000000000000000000000000000000000000000000000000000000d6b05c9300000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000", 0xa0, 0x2b00}, {&(0x7f0000011f00)="ed8100001a040000d4f4655fd4f4655fd4f4655f00000000000001004000000000000800010000000af3010004000000000000000000000001000000600000000000000000000000000000000000000000000000000000000000000000000000000000000da710e000000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000", 0xa0, 0x2c00}, {&(0x7f0000012000)="ffa1000026000000d4f4655fd4f4655fd4f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3230323230373937342f66696c65302f66696c653000000000000000000000000000000000000000000000d6e8afef00000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000", 0xa0, 0x2d00}, {&(0x7f0000012100)="ed8100000a000000d4f4655fd4f4655fd4f4655f00000000000001004000000000000800010000000af301000400000000000000000000000100000070000000000000000000000000000000000000000000000000000000000000000000000000000000dd8c9f0800000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000000002ea06015400000000000600000000000000786174747231000006014c0000000000060000000000000078617474723200000000000000000000000000000000000000000000000000000000000078617474723200007861747472310000ed81000028230000d4f4655fd4f4655fd4f4655f00000000000002004000000000000800010000000af3010004000000000000000000000005000000800000000000000000000000000000000000000000000000000000000000000000000000000000006a2520c300000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000", 0x1a0, 0x2e00}, {&(0x7f0000012300)="ed81000064000000d4f4655fd4f4655fd4f4655f00000000000001004000000000000800010000000af301000400000000000000000000000100000090000000000000000000000000000000000000000000000000000000000000000000000000000000d9d9ad0100000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000", 0xa0, 0x3000}, {&(0x7f0000012400)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009407090166696c652e636f6c64000000", 0x80, 0x8000}, {&(0x7f0000012500)="0b0000000c0001022e00000002000000f40702022e2e00"/32, 0x20, 0x10000}, {&(0x7f0000012600)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x10800}, {&(0x7f0000012700)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x11000}, {&(0x7f0000012800)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x11800}, {&(0x7f0000012900)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x12000}, {&(0x7f0000012a00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x12800}, {&(0x7f0000012b00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x13000}, {&(0x7f0000012c00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x13800}, {&(0x7f0000012d00)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x18000}, {&(0x7f0000012e00)="0200"/32, 0x20, 0x18400}, {&(0x7f0000012f00)="0300"/32, 0x20, 0x18800}, {&(0x7f0000013000)="0400"/32, 0x20, 0x18c00}, {&(0x7f0000013100)="0500"/32, 0x20, 0x19000}, {&(0x7f0000013200)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000800300"/96, 0x60, 0x19400}, {&(0x7f0000013300)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x20000}, {&(0x7f0000013400)="0200"/32, 0x20, 0x20400}, {&(0x7f0000013500)="0300"/32, 0x20, 0x20800}, {&(0x7f0000013600)="0400"/32, 0x20, 0x20c00}, {&(0x7f0000013700)="0500"/32, 0x20, 0x21000}, {&(0x7f0000013800)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000800300"/96, 0x60, 0x21400}, {&(0x7f0000013900)="0c0000000c0001022e000000020000000c0002022e2e00000d0000001000050166696c65300000000e000000d807050766696c653100"/64, 0x40, 0x28000}, {&(0x7f0000013a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x30000}, {&(0x7f0000013f00)='syzkallers\x00'/32, 0x20, 0x38000}, {&(0x7f0000014000)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x48000}], 0x0, &(0x7f0000014100))
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
recvmsg$unix(r0, &(0x7f0000001800)={&(0x7f0000000080)=@abs, 0x6e, &(0x7f00000017c0)=[{&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000000140)=""/161, 0xa1}, {&(0x7f0000001640)=""/244, 0xf4}, {&(0x7f0000001740)=""/89, 0x59}], 0x4}, 0x10000)

23:03:41 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

[ 1038.796762] FAULT_INJECTION: forcing a failure.
[ 1038.796762] name failslab, interval 1, probability 0, space 0, times 0
[ 1038.797848] CPU: 1 PID: 7731 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1038.798459] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1038.799203] Call Trace:
[ 1038.799450]  dump_stack+0x107/0x167
[ 1038.799783]  should_fail.cold+0x5/0xa
[ 1038.800132]  ? create_object.isra.0+0x3a/0xa20
[ 1038.800543]  should_failslab+0x5/0x20
[ 1038.800888]  kmem_cache_alloc+0x5b/0x310
[ 1038.801260]  ? mark_held_locks+0x9e/0xe0
[ 1038.801646]  create_object.isra.0+0x3a/0xa20
[ 1038.802049]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1038.802513]  kmem_cache_alloc_bulk+0x168/0x320
[ 1038.802932]  io_submit_sqes+0x6fe6/0x8610
[ 1038.803319]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1038.803768]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1038.804220]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1038.804661]  ? lock_downgrade+0x6d0/0x6d0
[ 1038.805036]  ? find_held_lock+0x2c/0x110
[ 1038.805411]  ? io_submit_sqes+0x8610/0x8610
[ 1038.805821]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1038.806257]  ? wait_for_completion_io+0x270/0x270
[ 1038.806694]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1038.807113]  ? vfs_write+0x354/0xb10
[ 1038.807453]  ? fput_many+0x2f/0x1a0
[ 1038.807787]  ? ksys_write+0x1a9/0x260
[ 1038.808137]  ? __ia32_sys_read+0xb0/0xb0
[ 1038.808507]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1038.808985]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1038.809454]  do_syscall_64+0x33/0x40
[ 1038.809790]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1038.810253] RIP: 0033:0x7fd30c0eeb19
[ 1038.810588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1038.812223] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1038.812908] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1038.813550] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1038.814186] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1038.814818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1038.815449] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1038.834367] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
23:03:41 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1038.881046] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:03:42 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:03:42 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x100000, 0x2c, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000100000005000000000004000040000020000000d4f4655fd4f4655f0100ffff53ef010001000000d3f4655f000000000000000001000000000000000b0000000001000008000000d2420100120300000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e32303232303739373400"/192, 0xc0, 0x400}, {&(0x7f0000010100)="00000000000000000000000076a34e3f63e54dbc8955dd45888f6106010040000c00000000000000d3f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000040000004600000000000000", 0x40, 0x540}, {&(0x7f0000010300)="0300000004000000000000000000000000000000010400"/32, 0x20, 0x640}, {&(0x7f0000010400)="02000000030000000400000016000f000300040000000000000000000f00c5d7", 0x20, 0x800}, {&(0x7f0000010500)="ff030000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000d3f4655fd3f4655fd3f4655f00"/4128, 0x1020, 0x1000}, {&(0x7f0000011600)="ed41000000080000d3f4655fd4f4655fd4f4655f00000000000004004000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x2100}, {&(0x7f0000011700)="20000000945343359453433500000000d3f4655f00"/32, 0x20, 0x2180}, {&(0x7f0000011800)="8081000000180000d3f4655fd3f4655fd3f4655f00000000000001004000000010000800000000000af301000400000000000000000000000300000030000000", 0x40, 0x2200}, {&(0x7f0000011900)="20000000000000000000000000000000d3f4655f00"/32, 0x20, 0x2280}, {&(0x7f0000011a00)="8081000000180000d3f4655fd3f4655fd3f4655f00000000000001004000000010000800000000000af301000400000000000000000000000300000040000000", 0x40, 0x2300}, {&(0x7f0000011b00)="20000000000000000000000000000000d3f4655f00"/32, 0x20, 0x2380}, {&(0x7f0000011c00)="c041000000400000d3f4655fd3f4655fd3f4655f00000000000002004000000000000800000000000af301000400000000000000000000000800000020000000", 0x40, 0x2a00}, {&(0x7f0000011d00)="20000000000000000000000000000000d3f4655f00"/32, 0x20, 0x2a80}, {&(0x7f0000011e00)="ed41000000080000d4f4655fd4f4655fd4f4655f00000000000002004000000000000800030000000af301000400000000000000000000000100000050000000000000000000000000000000000000000000000000000000000000000000000000000000d6b05c9300000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000", 0xa0, 0x2b00}, {&(0x7f0000011f00)="ed8100001a040000d4f4655fd4f4655fd4f4655f00000000000001004000000000000800010000000af3010004000000000000000000000001000000600000000000000000000000000000000000000000000000000000000000000000000000000000000da710e000000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000", 0xa0, 0x2c00}, {&(0x7f0000012000)="ffa1000026000000d4f4655fd4f4655fd4f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3230323230373937342f66696c65302f66696c653000000000000000000000000000000000000000000000d6e8afef00000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000", 0xa0, 0x2d00}, {&(0x7f0000012100)="ed8100000a000000d4f4655fd4f4655fd4f4655f00000000000001004000000000000800010000000af301000400000000000000000000000100000070000000000000000000000000000000000000000000000000000000000000000000000000000000dd8c9f0800000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000000002ea06015400000000000600000000000000786174747231000006014c0000000000060000000000000078617474723200000000000000000000000000000000000000000000000000000000000078617474723200007861747472310000ed81000028230000d4f4655fd4f4655fd4f4655f00000000000002004000000000000800010000000af3010004000000000000000000000005000000800000000000000000000000000000000000000000000000000000000000000000000000000000006a2520c300000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000", 0x1a0, 0x2e00}, {&(0x7f0000012300)="ed81000064000000d4f4655fd4f4655fd4f4655f00000000000001004000000000000800010000000af301000400000000000000000000000100000090000000000000000000000000000000000000000000000000000000000000000000000000000000d9d9ad0100000000000000000000000000000000000000000000000020000000945343359453433594534335d4f4655f945343350000000000000000", 0xa0, 0x3000}, {&(0x7f0000012400)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009407090166696c652e636f6c64000000", 0x80, 0x8000}, {&(0x7f0000012500)="0b0000000c0001022e00000002000000f40702022e2e00"/32, 0x20, 0x10000}, {&(0x7f0000012600)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x10800}, {&(0x7f0000012700)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x11000}, {&(0x7f0000012800)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x11800}, {&(0x7f0000012900)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x12000}, {&(0x7f0000012a00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x12800}, {&(0x7f0000012b00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x13000}, {&(0x7f0000012c00)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x13800}, {&(0x7f0000012d00)="111fc0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x18000}, {&(0x7f0000012e00)="0200"/32, 0x20, 0x18400}, {&(0x7f0000012f00)="0300"/32, 0x20, 0x18800}, {&(0x7f0000013000)="0400"/32, 0x20, 0x18c00}, {&(0x7f0000013100)="0500"/32, 0x20, 0x19000}, {&(0x7f0000013200)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000800300"/96, 0x60, 0x19400}, {&(0x7f0000013300)="2719c0d901000000803a0900803a090000000000060000000000000005000000", 0x20, 0x20000}, {&(0x7f0000013400)="0200"/32, 0x20, 0x20400}, {&(0x7f0000013500)="0300"/32, 0x20, 0x20800}, {&(0x7f0000013600)="0400"/32, 0x20, 0x20c00}, {&(0x7f0000013700)="0500"/32, 0x20, 0x21000}, {&(0x7f0000013800)="0000000000000000010000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000800300"/96, 0x60, 0x21400}, {&(0x7f0000013900)="0c0000000c0001022e000000020000000c0002022e2e00000d0000001000050166696c65300000000e000000d807050766696c653100"/64, 0x40, 0x28000}, {&(0x7f0000013a00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x30000}, {&(0x7f0000013f00)='syzkallers\x00'/32, 0x20, 0x38000}, {&(0x7f0000014000)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x48000}], 0x0, &(0x7f0000014100))
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
recvmsg$unix(r0, &(0x7f0000001800)={&(0x7f0000000080)=@abs, 0x6e, &(0x7f00000017c0)=[{&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000000140)=""/161, 0xa1}, {&(0x7f0000001640)=""/244, 0xf4}, {&(0x7f0000001740)=""/89, 0x59}], 0x4}, 0x10000)

23:03:42 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x2, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:03:42 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 5)

23:03:42 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1039.001963] FAULT_INJECTION: forcing a failure.
[ 1039.001963] name failslab, interval 1, probability 0, space 0, times 0
[ 1039.003005] CPU: 1 PID: 7753 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1039.003579] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1039.004265] Call Trace:
[ 1039.004493]  dump_stack+0x107/0x167
[ 1039.004800]  should_fail.cold+0x5/0xa
[ 1039.005124]  ? create_object.isra.0+0x3a/0xa20
[ 1039.005520]  should_failslab+0x5/0x20
[ 1039.005839]  kmem_cache_alloc+0x5b/0x310
[ 1039.006185]  ? mark_held_locks+0x9e/0xe0
[ 1039.006531]  create_object.isra.0+0x3a/0xa20
[ 1039.006905]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1039.007340]  kmem_cache_alloc_bulk+0x168/0x320
[ 1039.007736]  io_submit_sqes+0x6fe6/0x8610
[ 1039.008087]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1039.008505]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1039.008920]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1039.009321]  ? lock_downgrade+0x6d0/0x6d0
[ 1039.009676]  ? find_held_lock+0x2c/0x110
[ 1039.010027]  ? io_submit_sqes+0x8610/0x8610
[ 1039.010401]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1039.010807]  ? wait_for_completion_io+0x270/0x270
[ 1039.011215]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1039.011606]  ? vfs_write+0x354/0xb10
[ 1039.011928]  ? fput_many+0x2f/0x1a0
[ 1039.012236]  ? ksys_write+0x1a9/0x260
[ 1039.012561]  ? __ia32_sys_read+0xb0/0xb0
[ 1039.012906]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1039.013346]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1039.013783]  do_syscall_64+0x33/0x40
[ 1039.014106]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1039.014536] RIP: 0033:0x7fd30c0eeb19
[ 1039.014855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1039.016360] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1039.016999] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1039.017613] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1039.018211] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1039.018811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1039.019400] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:03:42 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:03:42 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x0, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:03:42 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:03:42 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x4b47, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1039.105970] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 1039.142012] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:03:42 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:03:42 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:03:42 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r2 = clone3(&(0x7f0000000140)={0x11060900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r3 = gettid()
kcmp(0x0, r3, 0x6, 0xffffffffffffffff, 0xffffffffffffffff)
tgkill(r2, r3, 0x18)
fcntl$setown(r0, 0x8, r2)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
pwritev(r4, &(0x7f0000000740)=[{&(0x7f0000000140)="43f176e2ed32fc8e59b945cf2ce2f3a5c893b0c9542483bc0b64d1adafdfbfd251cb", 0x22}, {&(0x7f00000001c0)="1e184a7e0bfaf077dd888ff88af51f760f5cce14c82c5239dbc3061c55ea652dfbee1d61486caff99931aa7a72d92b38b3ed1c6205323df2705850b6c2a0383be8676156b5efcb7ba4b5180a9d13fb22a44462820edca0c059", 0xfe97}, {&(0x7f0000000240)="f1574379801273626ba3566dc4c4fae4caf10246fec6f61a215ab7fb02cced2f8ef060f6856ff5b97c5f18860d772db0b7697def2c6436b4d46c2e4e8185c481e91541431c7536d382c3e6212676441380f2029577dff82575bee546fa759af1404f14abf040812aded1447291a78c5405c96813886ee537b44eb0e11c2868d4c78ba7e3b76f1191b46fd9c3d7d9cb370c3ea3905c8a9a1f5c30d1c1ac74b38b3e90221a3da753ed0200115920434a482efc2863c828d0e192ff02d9ff0a3b0230a73abd751df10d1f75da8de2df5de554efff39bc804e0aa62566577732ec85facec1838bbb35d5042555a15e2658f78ea5ad9acd2a24c62955286709", 0xfd}, {&(0x7f0000000340)="45aac75bc129a51895d63c6fa2b63d825988b8de43cc0a7c3acede47a386a2824404", 0x22}, {&(0x7f0000000380)="411433e2d6d7422a6396eed23f6852a56177ba19b3a0e0a5c9bed0466b741aa4cebc8de485eab055437de59c3eb13c59b6b1efbc23dea0b323a101b3a5cd8d7c7be9a559944a22906d5ba2ea7a099f1bea7c374610fa363093019d9fc23c3980d31a34c46762b20e3d16286cd858ae1ab643b379967446253eecc830fa5babd4d71c89f1a1da87d0d3d714", 0x8b}, {&(0x7f0000000440)="9826bc3e65b37522b2607a72d21f9d8b469b104b70f2874a339e2079db235c57f0f6c851a6b0bdecbe3a05224f5b36dd32364bda08507652484b1dfa8035c322e60648c79aa6b2d534603178242386ffcbb218a830c01acd06f0984ea2186520d7b88f3d6e44e80f1733a9d2936cbeb5b4cd612e52e8e9c877794d00145b703db242a8a419661fc9479a7a19588e0b7b50ba06b82daae52f4595bed45ce3428d185f0650ca6a8546438db6416f3cdfb7324ecd181c931391a365ae076bf2b6ebcb5473950aff11904def", 0xca}, {&(0x7f0000000540)="924b718f0e11a4f9975e9707ae5e44b9061cb2689db688eea0f2b5e438d3be003dae1c75235189c6765fb79bbd69526cbb338fd28bccfc9247d6e7d5fd6bc417646c18bbd9a7e61c37f7e7b459eccf789c87b014b48148ffbea269675c06f54167cb400e60085906158a81c498063c2e8dffc639bcd16b36382137ffbdffa9381058de608e5936c99ab80bf678aa79a7204be9c7f483f93b30c2f4cd112b9b7f4a522396f4aa9d5de31e76f2f6908e26836bf871341b6bd5784f4140aa65d3fae31df3c86d787ea83fbbc0286ef372a8fe3ba5497bdecce283d24d389baee01906aa9d4f41041fe6a0", 0xe9}, {&(0x7f00000007c0)="f9cb389bf7f4befbfe584953eb715b342907314c6ff10b770d68a778e1d653bab0856b6f29fb9d16f186ccbeac383e3cd16d2e8a247a37563759446c748aa30b27b5b95a3eefea752bd54046e955006bbe5e6b051289c10c4e7471562691f97843580daf926d0b34a655df2c2d322e18475b896f3ad8c031e7cfb50d67215578a4722f6219c0795ac4a4bbd39c8ad1a60384cf6d28e9aa9b10d85a5cd713a908d3951301a5dbf1051cccbfe93fbc6a6b71eb7d9944ac9185d840f3ecc37af692ee8a06bedba143195e45504e1ad0ddb1f718e0ea5d609d2fbd0e24bb4bcb978c5da4e508be0604fa11", 0xe9}], 0x8, 0x0, 0x0)
copy_file_range(r1, 0x0, r0, 0x0, 0x10001, 0x0)

23:03:42 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1039.624665] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1039.625169] print_req_error: 22 callbacks suppressed
[ 1039.625179] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1039.626521] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1039.626953] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1039.627843] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1039.628275] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1039.629163] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1039.629627] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1039.630520] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1039.630954] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1039.631857] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1039.632297] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1039.633188] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1039.633649] blk_update_request: I/O error, dev sr0, sector 2096902 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1039.634545] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1039.634978] blk_update_request: I/O error, dev sr0, sector 2096903 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1039.635882] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1039.636742] buffer_io_error: 6 callbacks suppressed
[ 1039.636748] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1039.637784] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1039.638632] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1039.639237] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1039.639862] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1039.640464] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1039.641087] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1039.641722] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1039.642335] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1039.680248] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1039.680792] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1039.683265] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1039.683756] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1039.684431] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1039.685262] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1039.686069] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1039.686876] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1039.687405] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1039.688212] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:03:55 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x0, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:03:55 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:03:55 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/../file0\x00', 0x2200, 0x40)
mount$9p_unix(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x53000, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x300020, &(0x7f0000001880))
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000000)={0x0, 0xffffffffffffffff})
r0 = clone3(&(0x7f0000000140)={0x11060900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = gettid()
kcmp(0x0, r1, 0x6, 0xffffffffffffffff, 0xffffffffffffffff)
tgkill(r0, r1, 0x18)
getresuid(&(0x7f0000000680)=<r2=>0x0, &(0x7f00000006c0), &(0x7f0000000700))
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f00000000c0)='cpu.pressure\x00', 0x2, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000280)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000600)=[{&(0x7f00000001c0)="9d286944f34e7d7c2a2e57d169bc1b1f061e43b467480294c719edb7e2e149de5cfc2599b3444ffb91e6208a64a1ed91ea3b0adfd8e5b6ac74", 0x39}, {&(0x7f0000000300)="622e7d176512906ed9dd1f86b086d7028baba92986416a9b7d2399b6de7d05ad0c866b126db11b66254d97c98af311976204ce125d32469afe1d2ecc3bf73ee51f50f95dcb95579139fb36ac58149dea3475f790ca41b7dd081c4227b86e2405a9a906e6049a240ca5", 0x69}, {&(0x7f00000003c0)="9ad06593ef1e3ca2ceca8ddf35c80a0c9b7d6c2f86ac71892abc38e52403a37a2075d7cbd06fa07a6cdbce7a64de9cec9b8254ca060f8152a7cd99c526186604527162a6ef50c220e8c5d6e4fd16821f29e63c10ac35c4e796953048df0f7dc6970d35fcee58b89cb9b3748126c58ce1f09cef36281f403678fe5ca0d0e773c7347c1990070fe9ffa1d8c49a32e5cb88839173cd916916ecdb994c6c4211f62c06491f1d6b3769e5e1d3dbf19da793b847d9699a6362cedc6fc71d3f8a5ba04de893e76d799131cb1d43f30d744a59f8c390b478cd7585992bb3569a13440b30fa1599cf193b59c03ff15aeafdb326", 0xef}, {&(0x7f00000004c0)="590828e78e438697253b0a2ac4527ea68fa378f34e9f30378ce518d36931379e3d3fddea86b85aa7f2ee197770a2393fb5d15b5902ea05db5a1f476f7c9a145fefe090a312a39982eb13d88656e44d50569baa4d61a07ea35173063a00549523f0baa8e95c00", 0x66}, {&(0x7f0000000540)="d926e8c9f26a4de7801ec8c4de4345e895fcc9a0fc7176d27ee8d3eea9768a8fb26dea2e85884f81daca7ce6701796c82060bf40faef55e5d0cd4d9d289ef627d0c691ec5bd892b8c1fb85d41b98a173dae7b21dcb1415a37b0b9070060d4a17cf3f1a23bde69eabd2567e81d4fab27b84888cef6766d64aca4ec26f8dc843dca652c345eadee31b1819ba0770d436922f", 0x91}], 0x5, &(0x7f0000000740)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xffffffffffffffff, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2, 0xee00}}}], 0x40, 0x4}, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r3, 0x4b40, 0x0)
r4 = eventfd(0x3ff)
kcmp(0x0, r1, 0x1, r3, r4)
open(&(0x7f0000000040)='./file0\x00', 0x456742, 0x189)

23:03:55 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 6)

23:03:55 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:03:55 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x4b49, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:03:55 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:03:55 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:03:55 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1052.849660] EXT4-fs (sda): Unrecognized mount option "trans=fd" or missing value
[ 1052.863364] FAULT_INJECTION: forcing a failure.
[ 1052.863364] name failslab, interval 1, probability 0, space 0, times 0
[ 1052.864362] CPU: 0 PID: 7793 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1052.864950] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1052.865702] Call Trace:
[ 1052.865952]  dump_stack+0x107/0x167
[ 1052.866284]  should_fail.cold+0x5/0xa
[ 1052.866634]  ? create_object.isra.0+0x3a/0xa20
[ 1052.867045]  should_failslab+0x5/0x20
[ 1052.867396]  kmem_cache_alloc+0x5b/0x310
[ 1052.867764]  ? mark_held_locks+0x9e/0xe0
[ 1052.868133]  create_object.isra.0+0x3a/0xa20
[ 1052.868509]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1052.868954]  kmem_cache_alloc_bulk+0x168/0x320
[ 1052.869358]  io_submit_sqes+0x6fe6/0x8610
[ 1052.869736]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1052.870172]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1052.870601]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1052.871025]  ? lock_downgrade+0x6d0/0x6d0
[ 1052.871393]  ? find_held_lock+0x2c/0x110
[ 1052.871754]  ? io_submit_sqes+0x8610/0x8610
[ 1052.872142]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1052.872572]  ? wait_for_completion_io+0x270/0x270
[ 1052.873003]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1052.873407]  ? vfs_write+0x354/0xb10
[ 1052.873755]  ? fput_many+0x2f/0x1a0
[ 1052.874073]  ? ksys_write+0x1a9/0x260
[ 1052.874407]  ? __ia32_sys_read+0xb0/0xb0
[ 1052.874771]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1052.875229]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1052.875671]  do_syscall_64+0x33/0x40
[ 1052.875992]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1052.876434] RIP: 0033:0x7fd30c0eeb19
[ 1052.876775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1052.878352] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1052.879027] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1052.879641] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1052.880260] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1052.880884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1052.881510] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:03:56 executing program 5:
openat(0xffffffffffffff9c, 0x0, 0x105142, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0)
read(r0, &(0x7f0000000000), 0x1b4000)
r1 = inotify_init1(0x80000)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/fib_triestat\x00')
preadv(r2, &(0x7f0000002400)=[{&(0x7f0000000440)=""/213, 0xd5}], 0x1, 0x0, 0x0)
r3 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f00000000c0)=0x7bf9, 0x4)
sendmmsg$inet(r3, &(0x7f0000000c00)=[{{0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000180)='0', 0x1}], 0x1}}], 0x1, 0x0)
ppoll(&(0x7f0000000040)=[{r3}], 0x1, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e21, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f00000000c0)=0x7bf9, 0x4)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000c00)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="2f13fd7e01cb8678d7408bb3b9fbded79a82e14ced8429ef965d03997cb5a2c8dd0926be362722aea261c0e1b37b6d78866310be3aee90374714328147eda2c9986a4e3fe73df5f4918e979fcfce0cadc560fec7e71c6691f85001d1790a1cf4c9590a33aad2e4c1173cdb335ae39573704c42e1cbf28c77cc8de43d427ea5045f84002f7a861dee8698f2df11ca254c3bfec1e75a6327cd2b8c8b0bed9af12c8bd9d266126b43c0df829b0b7ca135d5211aa461f1", 0xb5}, {&(0x7f00000002c0)="37f203299624a8e5f719b504b7dce200815e5056aab10928489a4b02c3d1802e5e4ad9dda41b780ac00b7fcfa08e429c8e5d8b3f358dbb5b687299d313f264283e57cd533052223f1f2486cd38b9292d56635e29fb01b1165421f4325344a827d00b7a0d67b79ce6ccfc7838a309f4a39f0dc4d0053bfc8e19033aadba63b5846999d1ef482a74067fbd88d28da28b97cd4b0d399af4d281d612e37faa79c3e3597552992feae6b89184fdc760b9eba701ac116304b159c1dcaae240efa96f56e60371cb6914474a89cd31eced0051e54186278450c5c81bb2608687dcf3", 0xde}, {&(0x7f0000000100)="6f18e4db10c8caad1f1b4570c88b10", 0xf}], 0x3}}], 0x1, 0x0)

23:03:56 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x5411, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:03:56 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1052.936066] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:03:56 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:03:56 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:03:56 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x541b, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:03:56 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1053.418361] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1053.419288] print_req_error: 22 callbacks suppressed
[ 1053.419305] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.421693] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.421745] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1053.422665] buffer_io_error: 6 callbacks suppressed
[ 1053.422673] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1053.423452] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.426561] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.426625] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1053.427450] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1053.428307] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.430558] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.430774] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1053.431444] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1053.432307] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.434561] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.434622] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1053.435454] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1053.436313] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.438571] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1053.438626] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1053.439407] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1053.440295] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1053.440826] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1053.441692] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1053.442248] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1053.443628] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:04:09 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 7)

23:04:09 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

[ 1066.074418] FAULT_INJECTION: forcing a failure.
23:04:09 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x100000f, 0x1f012, r0, 0x0)

[ 1066.074418] name failslab, interval 1, probability 0, space 0, times 0
[ 1066.075528] CPU: 1 PID: 7840 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1066.076072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1066.076669] Call Trace:
[ 1066.076873]  dump_stack+0x107/0x167
[ 1066.077172]  should_fail.cold+0x5/0xa
[ 1066.077457]  ? create_object.isra.0+0x3a/0xa20
[ 1066.077840]  should_failslab+0x5/0x20
[ 1066.078147]  kmem_cache_alloc+0x5b/0x310
[ 1066.078477]  ? mark_held_locks+0x9e/0xe0
[ 1066.078806]  create_object.isra.0+0x3a/0xa20
[ 1066.079162]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1066.079549]  kmem_cache_alloc_bulk+0x168/0x320
[ 1066.079923]  io_submit_sqes+0x6fe6/0x8610
[ 1066.080235]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1066.080641]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1066.081039]  __do_sys_io_uring_enter+0x6b5/0x18c0
23:04:09 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x5421, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1066.081442]  ? lock_downgrade+0x6d0/0x6d0
[ 1066.081843]  ? find_held_lock+0x2c/0x110
[ 1066.082181]  ? io_submit_sqes+0x8610/0x8610
[ 1066.082538]  ? __mutex_unlock_slowpath+0xe1/0x600
23:04:09 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1066.082930]  ? wait_for_completion_io+0x270/0x270
[ 1066.083435]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1066.083817]  ? vfs_write+0x354/0xb10
[ 1066.084118]  ? fput_many+0x2f/0x1a0
[ 1066.084396]  ? ksys_write+0x1a9/0x260
[ 1066.084701]  ? __ia32_sys_read+0xb0/0xb0
[ 1066.085009]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1066.085434]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1066.085820]  do_syscall_64+0x33/0x40
[ 1066.086118]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1066.086490] RIP: 0033:0x7fd30c0eeb19
[ 1066.086793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1066.088121] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1066.088677] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1066.089244] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1066.089772] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1066.090287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1066.090813] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:04:09 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:04:09 executing program 5:
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open_by_handle_at(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000002000000483600000000000000000000008000000000000000000000e0874314619d90f982484a38566e3a5a92adc61ab8278db0f777ae7f9164de99e25f66cb19b219ab41952f98583bcfc22f14ee796acfa3d105bdded091af22acf343eff1a5bfc109e89bef7576b8f3c23cf1c3df8a394ebf35b5af777e6fc9a5d86e8888f7ffbd0742e4892b6b1cda437282083659b28d6b5adf4525d7bf"], 0x0)

[ 1066.562935] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1066.563406] print_req_error: 6 callbacks suppressed
[ 1066.563417] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1066.564651] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1066.564693] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1066.565053] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1066.566688] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1066.567455] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1066.568691] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1066.568908] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1066.570432] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1066.571218] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1066.572351] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1066.572666] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1066.572744] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1066.574206] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1066.574950] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1066.575042] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1066.577800] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1066.578118] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1066.579351] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1066.580141] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1066.581226] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1066.581659] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1066.583388] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1066.584555] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1066.585694] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:04:21 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x5450, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:04:21 executing program 5:
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open_by_handle_at(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000002000000483600000000000000000000008000000000000000000000e0874314619d90f982484a38566e3a5a92adc61ab8278db0f777ae7f9164de99e25f66cb19b219ab41952f98583bcfc22f14ee796acfa3d105bdded091af22acf343eff1a5bfc109e89bef7576b8f3c23cf1c3df8a394ebf35b5af777e6fc9a5d86e8888f7ffbd0742e4892b6b1cda437282083659b28d6b5adf4525d7bf"], 0x0)

23:04:21 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:04:21 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:04:21 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:04:21 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x0, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:04:21 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 8)

23:04:21 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1078.630440] FAULT_INJECTION: forcing a failure.
[ 1078.630440] name failslab, interval 1, probability 0, space 0, times 0
[ 1078.632209] CPU: 0 PID: 7875 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1078.633197] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1078.634386] Call Trace:
[ 1078.634780]  dump_stack+0x107/0x167
[ 1078.635298]  should_fail.cold+0x5/0xa
[ 1078.635841]  ? create_object.isra.0+0x3a/0xa20
[ 1078.636487]  should_failslab+0x5/0x20
[ 1078.637024]  kmem_cache_alloc+0x5b/0x310
[ 1078.637600]  ? mark_held_locks+0x9e/0xe0
[ 1078.638182]  create_object.isra.0+0x3a/0xa20
[ 1078.638812]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1078.639560]  kmem_cache_alloc_bulk+0x168/0x320
[ 1078.640233]  io_submit_sqes+0x6fe6/0x8610
[ 1078.640844]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1078.641568]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1078.642296]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1078.642992]  ? lock_downgrade+0x6d0/0x6d0
[ 1078.643590]  ? find_held_lock+0x2c/0x110
[ 1078.644182]  ? io_submit_sqes+0x8610/0x8610
[ 1078.644823]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1078.645529]  ? wait_for_completion_io+0x270/0x270
[ 1078.646257]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1078.646939]  ? vfs_write+0x354/0xb10
[ 1078.647485]  ? fput_many+0x2f/0x1a0
[ 1078.648016]  ? ksys_write+0x1a9/0x260
[ 1078.648565]  ? __ia32_sys_read+0xb0/0xb0
[ 1078.649154]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1078.649913]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1078.650674]  do_syscall_64+0x33/0x40
[ 1078.651204]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1078.651936] RIP: 0033:0x7fd30c0eeb19
[ 1078.652488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1078.655160] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1078.656250] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1078.657272] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1078.658299] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1078.659326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1078.660346] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:04:21 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:04:21 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:04:21 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x5451, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1078.732716] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:04:21 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:04:21 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, 0x0, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:04:22 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 9)

23:04:22 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x0, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:04:22 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x5452, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1078.966778] FAULT_INJECTION: forcing a failure.
[ 1078.966778] name failslab, interval 1, probability 0, space 0, times 0
[ 1078.969294] CPU: 0 PID: 7895 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1078.970293] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1078.971486] Call Trace:
[ 1078.971877]  dump_stack+0x107/0x167
[ 1078.972406]  should_fail.cold+0x5/0xa
[ 1078.972959]  ? create_object.isra.0+0x3a/0xa20
[ 1078.973629]  should_failslab+0x5/0x20
[ 1078.974193]  kmem_cache_alloc+0x5b/0x310
[ 1078.974785]  ? mark_held_locks+0x9e/0xe0
[ 1078.975376]  create_object.isra.0+0x3a/0xa20
[ 1078.976009]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1078.976747]  kmem_cache_alloc_bulk+0x168/0x320
[ 1078.977409]  io_submit_sqes+0x6fe6/0x8610
[ 1078.978015]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1078.978737]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1078.979458]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1078.980158]  ? lock_downgrade+0x6d0/0x6d0
[ 1078.980756]  ? find_held_lock+0x2c/0x110
[ 1078.981344]  ? io_submit_sqes+0x8610/0x8610
[ 1078.981987]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1078.982687]  ? wait_for_completion_io+0x270/0x270
[ 1078.983381]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1078.984045]  ? vfs_write+0x354/0xb10
[ 1078.984586]  ? fput_many+0x2f/0x1a0
[ 1078.985110]  ? ksys_write+0x1a9/0x260
[ 1078.985660]  ? __ia32_sys_read+0xb0/0xb0
[ 1078.986254]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1078.987002]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1078.987743]  do_syscall_64+0x33/0x40
[ 1078.988278]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1078.989006] RIP: 0033:0x7fd30c0eeb19
[ 1078.989540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1078.992139] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1078.993225] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1078.994254] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1078.995267] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1078.996281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1078.997294] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:04:22 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:04:22 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

[ 1079.530704] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1079.531549] print_req_error: 6 callbacks suppressed
[ 1079.531567] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1079.533793] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1079.534583] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1079.536108] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1079.536881] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1079.538424] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1079.539202] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1079.540727] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1079.541472] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1079.542993] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1079.544456] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1079.545541] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1079.547002] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1079.548081] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1079.549538] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1079.550623] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1079.552068] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1079.553143] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1079.554596] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1079.555828] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1079.556730] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1079.557595] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1079.559384] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1079.560456] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1079.561547] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1079.625077] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1079.626362] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1079.626407] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1079.628041] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1079.628091] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1079.629715] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1079.630585] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1079.631402] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1079.632244] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1079.633095] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:04:36 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x0, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:04:36 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1092.967215] FAULT_INJECTION: forcing a failure.
[ 1092.967215] name failslab, interval 1, probability 0, space 0, times 0
[ 1092.968158] CPU: 1 PID: 7919 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1092.968704] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1092.969358] Call Trace:
[ 1092.969578]  dump_stack+0x107/0x167
[ 1092.969869]  should_fail.cold+0x5/0xa
[ 1092.970189]  ? io_issue_sqe+0x2492/0x77b0
[ 1092.970525]  should_failslab+0x5/0x20
[ 1092.970834]  kmem_cache_alloc_trace+0x55/0x320
[ 1092.971381]  io_issue_sqe+0x2492/0x77b0
23:04:36 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:04:36 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 10)

23:04:36 executing program 5:
creat(0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000240)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f00000000c0)=ANY=[])
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x400, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, @perf_bp={&(0x7f0000000000), 0x2}, 0x40406, 0x0, 0x5, 0x0, 0x4, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000300)={0x16, 0x17, 0x2, {0xfffffffffffffeaa, './file0'}}, 0x16)
write$binfmt_script(r0, &(0x7f0000000340)={'#! ', './file0', [{0x20, 'vfat\x00'}, {0x20, '!:@-.'}, {}, {0x20, '^'}, {0x20, 'vfat\x00'}, {}], 0xa, "22f405217b73322b1ea972fb8cc64010eb41c0c6704ec8e27e6e10f4475fa2fa7ead1be85e8479df7bd2df71b220e69a7908fb0df53c5d13a03f103744796dd9d8edbb8d7b138f826fb45fdb1b6bf923a42b763ac5ee04d12a49619659ca3c3091"}, 0x82)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r2, 0x4b40, 0x0)
fstat(r2, &(0x7f0000000400))
pwrite64(r1, &(0x7f00000000c0)="04", 0x1, 0x3ff03)

23:04:36 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x5460, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:04:36 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:04:36 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1092.971740]  ? io_connect+0x610/0x610
[ 1092.972146]  ? lock_acquire+0x197/0x470
[ 1092.972482]  ? find_held_lock+0x2c/0x110
[ 1092.972789]  ? xa_load+0x12d/0x2c0
[ 1092.973072]  ? lock_downgrade+0x6d0/0x6d0
[ 1092.973385]  __io_queue_sqe+0x90/0x9d0
[ 1092.973671]  ? xa_load+0x156/0x2c0
[ 1092.973955]  ? io_issue_sqe+0x77b0/0x77b0
[ 1092.974276]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1092.974625]  io_submit_sqes+0x44aa/0x8610
[ 1092.974947]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1092.975311]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1092.975667]  ? lock_downgrade+0x6d0/0x6d0
[ 1092.975969]  ? find_held_lock+0x2c/0x110
[ 1092.976273]  ? io_submit_sqes+0x8610/0x8610
[ 1092.976625]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1092.976984]  ? wait_for_completion_io+0x270/0x270
[ 1092.977368]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1092.977714]  ? vfs_write+0x354/0xb10
[ 1092.978012]  ? fput_many+0x2f/0x1a0
[ 1092.978292]  ? ksys_write+0x1a9/0x260
[ 1092.978573]  ? __ia32_sys_read+0xb0/0xb0
[ 1092.978898]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1092.979282]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1092.979661]  do_syscall_64+0x33/0x40
[ 1092.979934]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1092.980341] RIP: 0033:0x7fd30c0eeb19
[ 1092.980636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1092.982085] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1092.982689] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1092.983248] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1092.983803] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1092.984364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1092.984925] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:04:36 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8901, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1093.045732] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:04:36 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:04:36 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:04:36 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:04:36 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 11)

23:04:36 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8902, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1093.224488] FAULT_INJECTION: forcing a failure.
[ 1093.224488] name failslab, interval 1, probability 0, space 0, times 0
[ 1093.225462] CPU: 1 PID: 7946 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1093.226012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1093.226682] Call Trace:
[ 1093.226903]  dump_stack+0x107/0x167
[ 1093.227198]  should_fail.cold+0x5/0xa
[ 1093.227508]  ? create_object.isra.0+0x3a/0xa20
[ 1093.227877]  should_failslab+0x5/0x20
[ 1093.228184]  kmem_cache_alloc+0x5b/0x310
[ 1093.228516]  create_object.isra.0+0x3a/0xa20
[ 1093.228868]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1093.229282]  kmem_cache_alloc_trace+0x151/0x320
[ 1093.229668]  io_issue_sqe+0x2492/0x77b0
[ 1093.229996]  ? io_connect+0x610/0x610
[ 1093.230312]  ? lock_acquire+0x197/0x470
[ 1093.230630]  ? find_held_lock+0x2c/0x110
[ 1093.230962]  ? xa_load+0x12d/0x2c0
[ 1093.231252]  ? lock_downgrade+0x6d0/0x6d0
[ 1093.231592]  __io_queue_sqe+0x90/0x9d0
[ 1093.231908]  ? xa_load+0x156/0x2c0
[ 1093.232196]  ? io_issue_sqe+0x77b0/0x77b0
[ 1093.232538]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1093.232922]  io_submit_sqes+0x44aa/0x8610
[ 1093.233277]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1093.233682]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1093.234080]  ? lock_downgrade+0x6d0/0x6d0
[ 1093.234413]  ? find_held_lock+0x2c/0x110
[ 1093.234743]  ? io_submit_sqes+0x8610/0x8610
[ 1093.235098]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1093.235493]  ? wait_for_completion_io+0x270/0x270
[ 1093.235885]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1093.236256]  ? vfs_write+0x354/0xb10
[ 1093.236559]  ? fput_many+0x2f/0x1a0
[ 1093.236855]  ? ksys_write+0x1a9/0x260
[ 1093.237167]  ? __ia32_sys_read+0xb0/0xb0
[ 1093.237498]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1093.237919]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1093.238346]  do_syscall_64+0x33/0x40
[ 1093.238656]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1093.239061] RIP: 0033:0x7fd30c0eeb19
[ 1093.239360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1093.240835] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1093.241436] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1093.242006] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1093.242588] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1093.243160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1093.243735] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1093.939120] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1093.941105] print_req_error: 22 callbacks suppressed
[ 1093.941124] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1093.943478] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1093.945026] buffer_io_error: 6 callbacks suppressed
[ 1093.945038] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1093.947062] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1093.948074] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1093.949743] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1093.951304] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1093.952662] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1093.953448] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1093.955031] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1093.956560] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1093.957902] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1093.958725] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1093.960365] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1093.961193] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1093.962859] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1093.963683] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1093.965322] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1093.966154] blk_update_request: I/O error, dev sr0, sector 2096902 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1093.967704] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1093.968864] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1093.969997] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1093.971128] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1093.972410] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1093.973271] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1093.998182] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1093.999079] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1093.999136] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1094.000661] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1094.000725] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1094.002252] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1094.003163] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1094.004088] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1094.005002] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1094.005923] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:04:49 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:04:49 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000000280)=<r2=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:04:49 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 12)

23:04:49 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x0, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:04:49 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:04:49 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:04:49 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000200), r0)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_ADD_IFACE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x34, r1, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}, @IEEE802154_ATTR_HW_ADDR={0xc}]}, 0x34}}, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x50, 0x0, 0x200, 0x70bd2a, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_SECCTX={0x31, 0x7, 'system_u:object_r:systemd_tmpfiles_exec_t:s0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x20004c85}, 0x880)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000280), r0)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r2, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f0000000700)=ANY=[@ANYBLOB="f3ffffb3871a41c28c09f1e8", @ANYRES16=r4, @ANYBLOB="02012dbd7000fbdbdf25060000001400030000000000000000000000ffffac1414bb14000300ff010000000000000000000000000001140002000000000000000000000000000000000014000300ff01000000000000000000000000000114000300000000000000000000000000000000002900070073797374656d5f753a6f626a6563745f723a6e65747574696c735f657865635f743a73300000000014000300fe8000000000000000000000000000aa080004006401010208000400ac1414aa2a000700753a6f626a6563745f723a6170705f646174615f66696c653a73303a633531322c63373638000000"], 0xf4}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$NLBL_UNLABEL_C_LIST(r3, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x8c, r4, 0x100, 0x70bd29, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0xa}}, @NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:removable_device_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vlan1\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000e2cbd7000fddbdf252800000008000200", @ANYRES32=0x0, @ANYBLOB="06000400a1aa00000c0005000201aaaaaaaaaaaa0c0005000605feffffffffff0a0001007770616e300000000c0005000200aaaaaaeaaaaa"], 0x54}, 0x1, 0x0, 0x0, 0x48050}, 0x4)

23:04:49 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8903, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1106.259857] FAULT_INJECTION: forcing a failure.
[ 1106.259857] name failslab, interval 1, probability 0, space 0, times 0
[ 1106.260871] CPU: 1 PID: 7968 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1106.261417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1106.262149] Call Trace:
[ 1106.262414]  dump_stack+0x107/0x167
[ 1106.262756]  should_fail.cold+0x5/0xa
[ 1106.263093]  ? create_object.isra.0+0x3a/0xa20
[ 1106.263521]  should_failslab+0x5/0x20
[ 1106.263874]  kmem_cache_alloc+0x5b/0x310
[ 1106.264253]  create_object.isra.0+0x3a/0xa20
[ 1106.264643]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1106.265084]  __kmalloc_node+0x1ae/0x420
[ 1106.265438]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1106.265877]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 1106.266289]  kmem_cache_alloc_bulk+0x182/0x320
[ 1106.266682]  io_submit_sqes+0x6fe6/0x8610
[ 1106.267014]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1106.267417]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1106.267813]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1106.268200]  ? lock_downgrade+0x6d0/0x6d0
[ 1106.268529]  ? find_held_lock+0x2c/0x110
[ 1106.268856]  ? io_submit_sqes+0x8610/0x8610
[ 1106.269209]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1106.269595]  ? wait_for_completion_io+0x270/0x270
[ 1106.269980]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1106.270354]  ? vfs_write+0x354/0xb10
[ 1106.270652]  ? fput_many+0x2f/0x1a0
[ 1106.270964]  ? ksys_write+0x1a9/0x260
[ 1106.271287]  ? __ia32_sys_read+0xb0/0xb0
[ 1106.271617]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1106.272029]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1106.272469]  do_syscall_64+0x33/0x40
[ 1106.272770]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1106.273177] RIP: 0033:0x7fd30c0eeb19
[ 1106.273474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1106.274905] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1106.275510] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1106.276068] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1106.276631] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1106.277188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1106.277746] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:04:49 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000000280)=<r2=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:04:49 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8904, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1106.307638] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:04:49 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:04:49 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:04:49 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8906, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:04:49 executing program 5:
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4)
pkey_mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x2000001, 0xffffffffffffffff)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r1, 0x4b40, 0x0)
fchmod(r1, 0x0)
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x42, &(0x7f0000000000)={0x77359400}, 0x10)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000080)={0x0, 0x1, 0x6, @broadcast}, 0x10)
r2 = pkey_alloc(0x0, 0x2)
pkey_mprotect(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x100000b, r2)

23:04:49 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x0, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:04:49 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:04:49 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000000280)=<r2=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1106.558625] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1107.196171] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1107.197085] print_req_error: 22 callbacks suppressed
[ 1107.197103] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1107.199439] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1107.199521] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1107.200293] buffer_io_error: 6 callbacks suppressed
[ 1107.200300] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1107.201080] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1107.204077] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1107.204137] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1107.204855] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1107.207405] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1107.208982] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1107.209067] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1107.209771] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1107.211931] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1107.213513] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1107.213572] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1107.214286] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1107.215086] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1107.217151] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1107.217213] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1107.217947] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1107.219889] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1107.219957] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1107.221328] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1107.221528] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1107.223058] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:05:03 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8907, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:05:03 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x0, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:05:03 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x0, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:05:03 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:05:03 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:05:03 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:05:03 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 13)

[ 1119.971677] FAULT_INJECTION: forcing a failure.
[ 1119.971677] name failslab, interval 1, probability 0, space 0, times 0
[ 1119.973291] CPU: 0 PID: 8022 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1119.974242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1119.975388] Call Trace:
[ 1119.975769]  dump_stack+0x107/0x167
[ 1119.976280]  should_fail.cold+0x5/0xa
[ 1119.976817]  ? create_object.isra.0+0x3a/0xa20
[ 1119.977454]  should_failslab+0x5/0x20
[ 1119.977990]  kmem_cache_alloc+0x5b/0x310
[ 1119.978565]  create_object.isra.0+0x3a/0xa20
[ 1119.979177]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1119.979886]  kmem_cache_alloc_trace+0x151/0x320
[ 1119.980548]  io_issue_sqe+0x2492/0x77b0
[ 1119.981129]  ? io_connect+0x610/0x610
[ 1119.981658]  ? lock_acquire+0x197/0x470
[ 1119.982216]  ? find_held_lock+0x2c/0x110
[ 1119.982806]  ? xa_load+0x12d/0x2c0
[ 1119.983312]  ? lock_downgrade+0x6d0/0x6d0
[ 1119.983898]  __io_queue_sqe+0x90/0x9d0
[ 1119.984431]  ? xa_load+0x156/0x2c0
[ 1119.984931]  ? io_issue_sqe+0x77b0/0x77b0
[ 1119.985515]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1119.986196]  io_submit_sqes+0x44aa/0x8610
[ 1119.986811]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1119.987499]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1119.988169]  ? lock_downgrade+0x6d0/0x6d0
[ 1119.988743]  ? find_held_lock+0x2c/0x110
[ 1119.989312]  ? io_submit_sqes+0x8610/0x8610
[ 1119.989923]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1119.990610]  ? wait_for_completion_io+0x270/0x270
[ 1119.991281]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1119.991919]  ? vfs_write+0x354/0xb10
[ 1119.992453]  ? fput_many+0x2f/0x1a0
[ 1119.992963]  ? ksys_write+0x1a9/0x260
[ 1119.993492]  ? __ia32_sys_read+0xb0/0xb0
[ 1119.994059]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1119.994801]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1119.995528]  do_syscall_64+0x33/0x40
[ 1119.996054]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1119.996765] RIP: 0033:0x7fd30c0eeb19
[ 1119.997294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1119.999803] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1120.000870] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1120.001867] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1120.002871] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1120.003856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1120.004836] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:05:03 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901e"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:05:03 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x890b, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:05:03 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:05:03 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1120.146308] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1120.149050] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
23:05:03 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:05:03 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:05:03 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x890c, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:05:03 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x0, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[ 1120.340356] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 1121.131836] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1121.132667] print_req_error: 6 callbacks suppressed
[ 1121.132685] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1121.134930] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1121.134978] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1121.136535] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1121.137278] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1121.139857] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1121.139903] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1121.141457] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1121.142212] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1121.144831] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1121.144877] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1121.146452] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1121.147201] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1121.149792] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1121.149840] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1121.151400] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1121.152150] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1121.154765] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1121.154813] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1121.156332] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1121.158067] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1121.158362] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1121.159545] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1121.160807] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1121.162122] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:05:17 executing program 5:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x9b0a, 0x0, 0x5, "f369f114297ed04cc731bdca0d00"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000001c0)={'hsr0\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r1 = socket$inet(0x2, 0xa, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_WRITE_FIXED={0x5, 0x2, 0x4000, @fd, 0xdf3, 0x9, 0x7ade, 0x3, 0xf4dfce42e1b6846d, {0x9}}, 0x7fffffff)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_RECVMSG={0xa, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000700)={&(0x7f0000000480), 0x80, &(0x7f00000005c0), 0x0, &(0x7f0000000600)=""/243, 0xf3}, 0x0, 0x40000141, 0x1, {0x2}}, 0x5)
flock(0xffffffffffffffff, 0x3)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = syz_io_uring_setup(0x7dad, &(0x7f0000000140), &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))
io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000740)=ANY=[@ANYBLOB="1000000000000015fa000000459915e9d6c834ede9d6b0fcd7c5a914574cfe215171fe14a89997940425f3b6cd15390a304b91f30f6c381ae82eb45cb87fce0c4523c04fe2b0db6ec0d16b74c764a78b5d46275962e7d60daaa3cd9b177cd86306f3ba1fd5f713210d3bf3b165061195a0f334be86820dd0d65041a59386c0cd0e53e98e2ac84dced2fcbd64d13e3bea01e1b4ba53e5694101f006577634c87eb593d54000cfea455e57c6825c503b0abae5c37384daf3a01dd21c430f8d00b74fb46c6b35a0437540871852434ad290626cda512161a3c4640141952b38ac1a7e95dcaede6d27c609955f0abf8f624e48b4964aa8c14f073abb53f19c7b83c12a0efd132481dcf3067be82ec428cd11ac586609503764077a92922d9ca95a50a61e4bcc11c2e77f9a8af22567a5d381947ec5cb7f5b77530fc70e40b5e00db9252908da6d773cb4ad536089ca54ffc6676371b6646e7091404da059de0bd887e29a001d7565a364b31c1ff107b6c91768e3656f085678f5a8a9491499c342a13c6db6dba886b2bdf229d612cb05348f8cd7ba6f169175f2a2e3213421c1bdb0", @ANYRES32, @ANYRES64, @ANYRES32])
getsockopt$ARPT_SO_GET_ENTRIES(r1, 0x0, 0x61, &(0x7f0000000540)=ANY=[@ANYBLOB="66696c7465720000000000000000000000000000000000000000000000000000d80000005443340aa1c37e12f97564443b143ce18d96eff57b8ff0f95f4de4e8e53dc0fea2400b6fb584ecf3b950eb9a288858f950e914b8dd4b923cda595181651eec1f00000002ec8fc7662644852a85942b146cb811ca0af4bdd49e590d365808b8331d20857ccc7b59dec4e41d9d1c1deff54bca93347a7629d3837a1fbfa9d8cd0c8a59e1f2d1cff97b90097f1c0060099369de4d13f6a9ad5e0bf2fe727edbe23ecaa8b28e86103b5e3df1b0bab427f722eff925a47589ef57cb9d9fa56f1a90e400e7392c76b4f092a4888bffa8a34a6062d9c9c071860cd5d2dc1c6eb219c036be2a72a8baa9ab25e5e16562d3e3b1e37813d83d32033dbedba5a15f64723850d64f3bd5b1a90582f6f12f5b3d7d181f394ab1d7f3000000000000000000"], &(0x7f0000000040)=0xfc)
r3 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x4)
ppoll(&(0x7f0000000080)=[{r2, 0x60}, {r1, 0x400}, {0xffffffffffffffff, 0x1}, {r3, 0xca12}], 0x4, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f0000000100)={[0x7a]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup3(r1, r0, 0x0)
perf_event_open(&(0x7f0000000200)={0x3, 0x80, 0x0, 0x8, 0x7, 0x65, 0x0, 0x2, 0x1040, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3, 0x2, @perf_config_ext={0x8001, 0x1}, 0x51000, 0x2, 0x9, 0x8, 0x5, 0x20, 0x4, 0x0, 0x5c9, 0x0, 0x3832}, 0x0, 0x2, 0xffffffffffffffff, 0xa)

23:05:17 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, 0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:05:17 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, 0x0, 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:05:17 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901e"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:05:17 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 14)

23:05:17 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x0, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:05:17 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8910, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:05:17 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1134.467107] FAULT_INJECTION: forcing a failure.
[ 1134.467107] name failslab, interval 1, probability 0, space 0, times 0
[ 1134.469920] CPU: 1 PID: 8083 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1134.470915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1134.472101] Call Trace:
[ 1134.472489]  dump_stack+0x107/0x167
[ 1134.473025]  should_fail.cold+0x5/0xa
[ 1134.473585]  ? io_issue_sqe+0x2492/0x77b0
[ 1134.474189]  should_failslab+0x5/0x20
[ 1134.474749]  kmem_cache_alloc_trace+0x55/0x320
[ 1134.475421]  io_issue_sqe+0x2492/0x77b0
[ 1134.476018]  ? io_connect+0x610/0x610
[ 1134.476579]  ? lock_acquire+0x197/0x470
[ 1134.477164]  ? find_held_lock+0x2c/0x110
[ 1134.477766]  ? xa_load+0x12d/0x2c0
[ 1134.478281]  ? lock_downgrade+0x6d0/0x6d0
[ 1134.478906]  __io_queue_sqe+0x90/0x9d0
[ 1134.479476]  ? xa_load+0x156/0x2c0
[ 1134.480001]  ? io_issue_sqe+0x77b0/0x77b0
[ 1134.480622]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1134.481316]  io_submit_sqes+0x44aa/0x8610
[ 1134.481949]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1134.482690]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1134.483397]  ? lock_downgrade+0x6d0/0x6d0
[ 1134.483999]  ? find_held_lock+0x2c/0x110
[ 1134.484598]  ? io_submit_sqes+0x8610/0x8610
[ 1134.485246]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1134.485956]  ? wait_for_completion_io+0x270/0x270
[ 1134.486679]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1134.487353]  ? vfs_write+0x354/0xb10
[ 1134.487907]  ? fput_many+0x2f/0x1a0
[ 1134.488434]  ? ksys_write+0x1a9/0x260
[ 1134.488987]  ? __ia32_sys_read+0xb0/0xb0
[ 1134.489592]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1134.490352]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1134.491104]  do_syscall_64+0x33/0x40
[ 1134.491658]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1134.492384] RIP: 0033:0x7fd30c0eeb19
[ 1134.492926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1134.495537] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1134.496640] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1134.497661] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1134.498695] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1134.499721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1134.500747] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:05:17 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:05:17 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8911, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:05:17 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, 0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1134.589130] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:05:17 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, 0x0, 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:05:17 executing program 5:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f00000000c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r2 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f0000000040)='ramfs\x00', 0x0, r2)
close(r0)

23:05:17 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:05:17 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, 0x0, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:05:17 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8912, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:05:17 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, 0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:05:17 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 15)

23:05:17 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901e"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

[ 1134.865696] FAULT_INJECTION: forcing a failure.
[ 1134.865696] name failslab, interval 1, probability 0, space 0, times 0
[ 1134.867841] CPU: 0 PID: 8118 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1134.869123] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1134.870659] Call Trace:
[ 1134.871157]  dump_stack+0x107/0x167
[ 1134.871806] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1134.872955]  should_fail.cold+0x5/0xa
[ 1134.873653]  ? create_object.isra.0+0x3a/0xa20
[ 1134.874312]  should_failslab+0x5/0x20
[ 1134.875023]  kmem_cache_alloc+0x5b/0x310
[ 1134.875617]  create_object.isra.0+0x3a/0xa20
[ 1134.876283]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1134.877006]  kmem_cache_alloc_trace+0x151/0x320
[ 1134.877665]  io_issue_sqe+0x2492/0x77b0
[ 1134.878254]  ? io_connect+0x610/0x610
[ 1134.878814]  ? lock_acquire+0x197/0x470
[ 1134.879382]  ? find_held_lock+0x2c/0x110
[ 1134.879967]  ? xa_load+0x12d/0x2c0
[ 1134.880475]  ? lock_downgrade+0x6d0/0x6d0
[ 1134.881078]  __io_queue_sqe+0x90/0x9d0
[ 1134.881634]  ? xa_load+0x156/0x2c0
[ 1134.882285]  ? io_issue_sqe+0x77b0/0x77b0
[ 1134.882897]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1134.883750]  io_submit_sqes+0x44aa/0x8610
[ 1134.884378]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1134.885089]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1134.885974]  ? lock_downgrade+0x6d0/0x6d0
[ 1134.886635]  ? find_held_lock+0x2c/0x110
[ 1134.887368]  ? io_submit_sqes+0x8610/0x8610
[ 1134.887995]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1134.888683]  ? wait_for_completion_io+0x270/0x270
[ 1134.889380]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1134.890042]  ? vfs_write+0x354/0xb10
[ 1134.890595]  ? fput_many+0x2f/0x1a0
[ 1134.891121]  ? ksys_write+0x1a9/0x260
[ 1134.891672]  ? __ia32_sys_read+0xb0/0xb0
[ 1134.892259]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1134.893006]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1134.893941]  do_syscall_64+0x33/0x40
[ 1134.894478]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1134.895216] RIP: 0033:0x7fd30c0eeb19
[ 1134.895891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1134.898458] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1134.899897] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1134.900894] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1134.901900] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1134.902911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1134.903916] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:05:18 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, 0x0, 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:05:18 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8913, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:05:18 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, 0x0, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1135.687167] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1135.688021] print_req_error: 6 callbacks suppressed
[ 1135.688040] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1135.690559] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1135.692508] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1135.702663] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1135.703714] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1135.706119] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1135.708087] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1135.710196] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1135.711866] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1135.713321] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1135.715215] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1135.717223] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1135.718355] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1135.720321] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1135.722215] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1135.724254] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1135.725543] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1135.728095] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1135.729107] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1135.732264] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1135.733431] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1135.734921] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1135.736188] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1135.738216] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1135.742648] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1135.767242] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1135.768337] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1135.770280] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1135.771403] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1135.773127] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1135.774703] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1135.776340] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1135.777344] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1135.778844] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1135.779855] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:05:32 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:05:32 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:05:32 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, 0x0, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:05:32 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa2"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:05:32 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8914, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:05:32 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:05:32 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:05:32 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 16)

[ 1149.513029] FAULT_INJECTION: forcing a failure.
[ 1149.513029] name failslab, interval 1, probability 0, space 0, times 0
[ 1149.514163] CPU: 1 PID: 8145 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1149.514790] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1149.515539] Call Trace:
[ 1149.515787]  dump_stack+0x107/0x167
[ 1149.516121]  should_fail.cold+0x5/0xa
[ 1149.516473]  ? io_issue_sqe+0x2492/0x77b0
[ 1149.516854]  should_failslab+0x5/0x20
[ 1149.517209]  kmem_cache_alloc_trace+0x55/0x320
[ 1149.517632]  io_issue_sqe+0x2492/0x77b0
[ 1149.518008]  ? io_connect+0x610/0x610
[ 1149.518356]  ? lock_acquire+0x197/0x470
[ 1149.518728]  ? find_held_lock+0x2c/0x110
[ 1149.519103]  ? xa_load+0x12d/0x2c0
[ 1149.519428]  ? lock_downgrade+0x6d0/0x6d0
[ 1149.519808]  __io_queue_sqe+0x90/0x9d0
[ 1149.520166]  ? xa_load+0x156/0x2c0
[ 1149.520495]  ? io_issue_sqe+0x77b0/0x77b0
[ 1149.520878]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1149.521312]  io_submit_sqes+0x44aa/0x8610
[ 1149.521717]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1149.522171]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1149.522614]  ? lock_downgrade+0x6d0/0x6d0
[ 1149.523000]  ? find_held_lock+0x2c/0x110
[ 1149.523378]  ? io_submit_sqes+0x8610/0x8610
[ 1149.523780]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1149.524226]  ? wait_for_completion_io+0x270/0x270
[ 1149.524672]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1149.525100]  ? vfs_write+0x354/0xb10
[ 1149.525444]  ? fput_many+0x2f/0x1a0
[ 1149.525781]  ? ksys_write+0x1a9/0x260
[ 1149.526133]  ? __ia32_sys_read+0xb0/0xb0
[ 1149.526508]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1149.526994]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1149.527466]  do_syscall_64+0x33/0x40
[ 1149.527809]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1149.528275] RIP: 0033:0x7fd30c0eeb19
[ 1149.528617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1149.530277] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1149.530983] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1149.531625] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1149.532267] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1149.532911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1149.533553] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1149.576835] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:05:32 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:05:32 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1149.629709] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 1150.112421] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1150.113333] print_req_error: 22 callbacks suppressed
[ 1150.113351] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1150.115731] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1150.117276] buffer_io_error: 6 callbacks suppressed
[ 1150.117288] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1150.123665] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1150.124462] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1150.126054] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1150.127617] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1150.129383] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1150.130229] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1150.131779] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1150.133302] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1150.135123] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1150.136753] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1150.138817] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1150.140338] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1150.142277] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1150.143116] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1150.145222] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1150.146055] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1150.147706] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1150.148579] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1150.148617] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1150.150584] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1150.151593] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1150.152795] Buffer I/O error on dev loop0, logical block 2096901, async page read
23:05:48 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:05:48 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b0000000002", 0x94, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffdffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000000080)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYRESHEX])
chdir(&(0x7f0000000700)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000140), 0xc080, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
pwritev(r2, &(0x7f0000000680)=[{&(0x7f00000002c0)="32aa7d967225e58f31cfee8d001c62d6f12ba7f4af1f52048545ee1b34d003c16a89f1eaf43b52f27e973e9f1046d213dc751b6f1fc0bf827a323fe71555b7c688d98ae2d2e71755c9eceedc5d79b70689e3f91801e26fd09334a30b00cace9b12c816b67a21111d2cd2e1c3258b5751d604faa2e5877816f4e27cb692cc6dacd58133cd6f1af1f26afa564e08f0114a72fdf0cdea5bdfb1c655d27ff71cbef9cdfa50bae77b273dcd8564532419caad191ef99edb19a5dc13ba7f4f888a539eccb4b2906d5d1239d92d755bdcf0ffc89522dd0f73b88bfe99f7a0e71edc7a18129ceda4797ecc0e1b6fe54539", 0xed}, {&(0x7f0000000180)="73b104f6735523ae1705821a31df0355ce895790ea0b32031c1f80f9f6d9ce8022a3f4df612a301d4ef886faa9", 0x2d}, {&(0x7f00000003c0)="fc67e9275a7e4bf4f524bc1b8d08516afbd5a2385440734139bcf65d056080c5e1c78d3cabbb2c16d937a791e5f9378bb07cf181a04e5c5c727749fc951d79c82d5f0a897e1ca7747b2e9ac96b4e39a08cb2ea07f19200c7b178473084bad585fceb0b4e4990ef4019", 0x69}, {&(0x7f0000000440)="a49db763ac48601a165bbc840a0ec5c777990b8ccb948987b3443261c00f387fa0d1d44aea73cd3b6ad3a55da01f79ce21aa7625e43fe3376e7e84ec6fd216dbf97d8709c898a200537577b47871cccefda9ab5017acbcd1f844b0ded14ffd56143c1ceb0449bc70cd2f388f6d574a758bb04d586813b0967feaa72f0b299c4ef0af81b75ae7fe8b62bfb8425e7467174a050f0e8e48e7220d082b14c92b5bcf36a25d4f1e2af5519ad4a1f792d51801ee627ee0be9b2ffc", 0xb8}, {&(0x7f0000000500)="0e5d5bf7551c821a457645fa01ed9637b4462bc81a2417e76a362d1263a686dd8e2c61054a19f8f36af4d554baa9d1202db9694ace9a6e10a4297e9cde4243857e5fef18587657cdb1fa175a2a0f08136a735958920d5b64403d372b33022eb08671f9eb23402ea09570c5ac8a692214c596641b39496e6ce612", 0x7a}, {&(0x7f0000000580)="5d7cf0d22f82e39f5a79fb4c2adee2c9bee69578ceeb89a9a7662a5c8afc66121b4467e1aecebfd5be0ff41d4d077aa72cd7f67634a4cff572d235e9e65404a3ebf46c0514d2aa6f", 0x48}, {&(0x7f0000000600)="677762b18bb024c6bae98b7924d8444d4d6b0c786ce974f8926fd4d0430749cea5316b575bda9906c40b691379abb0ba6fec0bcf6fcf67e2bd66781a52d77c90f191c291a251648b9213e07528341fd8e8ceced6e50c1f9a54d4c725bef4", 0x5e}], 0x7, 0x2, 0x20)
ftruncate(r2, 0x10002)
sendfile(r0, r1, 0x0, 0x20d315)

23:05:48 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:05:48 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:05:48 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8916, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:05:48 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:05:48 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 17)

23:05:48 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa2"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

[ 1165.256921] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:05:48 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8918, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:05:48 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1165.272440] FAULT_INJECTION: forcing a failure.
[ 1165.272440] name failslab, interval 1, probability 0, space 0, times 0
[ 1165.274210] CPU: 1 PID: 8190 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1165.275217] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1165.276045] EXT4-fs (loop5): Unrecognized mount option "ÿÿ" or missing value
[ 1165.276408] Call Trace:
[ 1165.276433]  dump_stack+0x107/0x167
[ 1165.276455]  should_fail.cold+0x5/0xa
[ 1165.278560]  ? create_object.isra.0+0x3a/0xa20
[ 1165.279243]  should_failslab+0x5/0x20
[ 1165.279804]  kmem_cache_alloc+0x5b/0x310
[ 1165.280400]  create_object.isra.0+0x3a/0xa20
[ 1165.281037]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1165.281780]  kmem_cache_alloc_trace+0x151/0x320
[ 1165.282466]  io_issue_sqe+0x2492/0x77b0
[ 1165.283078]  ? io_connect+0x610/0x610
[ 1165.283645]  ? lock_acquire+0x197/0x470
[ 1165.284228]  ? find_held_lock+0x2c/0x110
[ 1165.284830]  ? xa_load+0x12d/0x2c0
[ 1165.285355]  ? lock_downgrade+0x6d0/0x6d0
[ 1165.285970]  __io_queue_sqe+0x90/0x9d0
[ 1165.286544]  ? xa_load+0x156/0x2c0
[ 1165.287072]  ? io_issue_sqe+0x77b0/0x77b0
[ 1165.287695]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1165.288382]  io_submit_sqes+0x44aa/0x8610
[ 1165.289023]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1165.289737]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1165.290439]  ? lock_downgrade+0x6d0/0x6d0
[ 1165.291058]  ? find_held_lock+0x2c/0x110
[ 1165.291653]  ? io_submit_sqes+0x8610/0x8610
[ 1165.292296]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1165.292998]  ? wait_for_completion_io+0x270/0x270
[ 1165.293703]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1165.294385]  ? vfs_write+0x354/0xb10
[ 1165.294945]  ? fput_many+0x2f/0x1a0
[ 1165.295476]  ? ksys_write+0x1a9/0x260
[ 1165.296039]  ? __ia32_sys_read+0xb0/0xb0
[ 1165.296631]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1165.297392]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1165.298154]  do_syscall_64+0x33/0x40
[ 1165.298696]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1165.299459] RIP: 0033:0x7fd30c0eeb19
[ 1165.300001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1165.302637] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1165.303761] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1165.304799] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1165.305833] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1165.306876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1165.307913] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:05:48 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x891d, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:05:48 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1165.417761] EXT4-fs (loop5): Unrecognized mount option "ÿÿ" or missing value
23:05:48 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 18)

23:05:48 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:05:48 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x0)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1165.486556] FAULT_INJECTION: forcing a failure.
[ 1165.486556] name failslab, interval 1, probability 0, space 0, times 0
[ 1165.487569] CPU: 0 PID: 8210 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1165.488140] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1165.488837] Call Trace:
[ 1165.489064]  dump_stack+0x107/0x167
[ 1165.489374]  should_fail.cold+0x5/0xa
[ 1165.489703]  ? create_object.isra.0+0x3a/0xa20
[ 1165.490088]  should_failslab+0x5/0x20
[ 1165.490403]  kmem_cache_alloc+0x5b/0x310
[ 1165.490746]  create_object.isra.0+0x3a/0xa20
[ 1165.491131]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1165.491561]  kmem_cache_alloc_trace+0x151/0x320
[ 1165.491958]  io_issue_sqe+0x2492/0x77b0
[ 1165.492303]  ? io_connect+0x610/0x610
[ 1165.492623]  ? lock_acquire+0x197/0x470
[ 1165.492957]  ? find_held_lock+0x2c/0x110
[ 1165.493305]  ? xa_load+0x12d/0x2c0
[ 1165.493610]  ? lock_downgrade+0x6d0/0x6d0
[ 1165.493964]  __io_queue_sqe+0x90/0x9d0
[ 1165.494294]  ? xa_load+0x156/0x2c0
[ 1165.494601]  ? io_issue_sqe+0x77b0/0x77b0
[ 1165.494963]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1165.495359]  io_submit_sqes+0x44aa/0x8610
[ 1165.495723]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1165.496145]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1165.496555]  ? lock_downgrade+0x6d0/0x6d0
[ 1165.496903]  ? find_held_lock+0x2c/0x110
[ 1165.497245]  ? io_submit_sqes+0x8610/0x8610
[ 1165.497611]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1165.498024]  ? wait_for_completion_io+0x270/0x270
[ 1165.498429]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1165.498818]  ? vfs_write+0x354/0xb10
[ 1165.499133]  ? fput_many+0x2f/0x1a0
[ 1165.499437]  ? ksys_write+0x1a9/0x260
[ 1165.499758]  ? __ia32_sys_read+0xb0/0xb0
[ 1165.500104]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1165.500540]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1165.500977]  do_syscall_64+0x33/0x40
[ 1165.501288]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1165.501713] RIP: 0033:0x7fd30c0eeb19
[ 1165.502025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1165.503558] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1165.504191] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1165.504787] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1165.505374] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1165.505960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1165.506545] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:05:48 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x891e, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:05:48 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:05:48 executing program 5:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:05:48 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:05:48 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa2"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:05:48 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x0)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1165.667930] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1166.198210] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1166.198751] print_req_error: 6 callbacks suppressed
[ 1166.198761] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1166.200092] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1166.200957] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1166.209544] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1166.209981] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1166.210873] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1166.211725] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1166.214340] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1166.214830] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1166.215713] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1166.216576] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1166.217672] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1166.218106] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1166.218996] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1166.219849] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1166.221082] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1166.221547] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1166.222397] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1166.223254] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1166.224301] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1166.224800] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1166.225831] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1166.226286] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1166.227253] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1166.227841] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1166.277354] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1166.278438] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1166.282745] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1166.283255] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1166.283265] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1166.283331] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1166.285373] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1166.286103] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1166.286617] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1166.287113] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1178.101764] FAULT_INJECTION: forcing a failure.
[ 1178.101764] name failslab, interval 1, probability 0, space 0, times 0
[ 1178.102755] CPU: 1 PID: 8247 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1178.103306] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1178.103979] Call Trace:
[ 1178.104200]  dump_stack+0x107/0x167
[ 1178.104496]  should_fail.cold+0x5/0xa
[ 1178.104808]  ? create_object.isra.0+0x3a/0xa20
[ 1178.105178]  should_failslab+0x5/0x20
[ 1178.105488]  kmem_cache_alloc+0x5b/0x310
[ 1178.105822]  create_object.isra.0+0x3a/0xa20
[ 1178.106180]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1178.106590]  kmem_cache_alloc_trace+0x151/0x320
[ 1178.106963]  io_issue_sqe+0x2492/0x77b0
[ 1178.107303]  ? io_connect+0x610/0x610
[ 1178.107615]  ? lock_acquire+0x197/0x470
[ 1178.107936]  ? find_held_lock+0x2c/0x110
[ 1178.108267]  ? xa_load+0x12d/0x2c0
[ 1178.108553]  ? lock_downgrade+0x6d0/0x6d0
[ 1178.108889]  __io_queue_sqe+0x90/0x9d0
[ 1178.109197]  ? xa_load+0x156/0x2c0
[ 1178.109487]  ? io_issue_sqe+0x77b0/0x77b0
[ 1178.109820]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1178.110210]  io_submit_sqes+0x44aa/0x8610
[ 1178.110562]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1178.110953]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1178.111349]  ? lock_downgrade+0x6d0/0x6d0
[ 1178.111681]  ? find_held_lock+0x2c/0x110
[ 1178.112016]  ? io_submit_sqes+0x8610/0x8610
[ 1178.112370]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1178.112761]  ? wait_for_completion_io+0x270/0x270
[ 1178.113152]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1178.113529]  ? vfs_write+0x354/0xb10
[ 1178.113826]  ? fput_many+0x2f/0x1a0
[ 1178.114117]  ? ksys_write+0x1a9/0x260
[ 1178.114421]  ? __ia32_sys_read+0xb0/0xb0
[ 1178.114752]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1178.115171]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1178.115579]  do_syscall_64+0x33/0x40
[ 1178.115882]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
23:06:01 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 19)

23:06:01 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b2"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:06:01 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f00000003c0)={{0x1, 0x1, 0x18, <r1=>r0, {0x9}}, './file0\x00'})
fcntl$dupfd(r0, 0x0, r1)
r2 = socket$netlink(0x10, 0x3, 0xf)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r0, 0x0, r2)
openat(r3, 0x0, 0x0, 0x1a0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
mount$9p_rdma(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x1008814, &(0x7f0000000100)={'trans=rdma,', {'port', 0x3d, 0x4e24}, 0x2c, {[{@sq}, {@timeout={'timeout', 0x3d, 0x8}}, {@common=@version_u}, {@sq={'sq', 0x3d, 0x7}}, {@rq={'rq', 0x3d, 0x1}}, {@timeout={'timeout', 0x3d, 0x8000}}, {@rq={'rq', 0x3d, 0x8}}, {@rq={'rq', 0x3d, 0x7}}], [{@mask={'mask', 0x3d, 'MAY_EXEC'}}]}})
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000002c0)={'ip6_vti0\x00', &(0x7f0000000240)={'ip6_vti0\x00', 0x0, 0x29, 0x2, 0x0, 0x0, 0x44, @private2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8, 0x700, 0x20, 0x6}})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000300)='./file0\x00', 0x81, 0x2, &(0x7f0000000340)=[{&(0x7f0000000400)="beb9a87c9c9e07f65014b0eda60325d5f8044159118df99396bbaf2e65d8b5d732cfcd5a39a4c561f8c83bdf6fc403012652f64d1a7cb9eb6e57e281925159158019c72e9783d9eb58eb6a78743956cc97a7aac8f7ce99c4e31932ab69a0d23c94f47389419c1def66186a350e5573b01e42cf925f535eecb78403050f793324eca24835f8fcc73e50fa3effc8f59827387835db4a5e60dca39263cf", 0x9c, 0x6}, {&(0x7f00000004c0)="603b346c189a0741ddb189aaa0070ed01e19ac1e5d3b6bdb97d6650f5f0c855e61f84f0024cf1aa2a56dde342c302086fdedeb6863828f082dfa451452a620892358069faddf2116a90ed9ccbbd8134d2128104942d83ec21261dce1d1e7edcc9668279602ac7ce4fe32fbebb28313be4c68910b0d0b22bf1f7dfc618d4c5bb6cc093554b37d2234d307aa2503433f483a43", 0x92, 0x8}], 0x10000, &(0x7f0000000580)={[{@huge_within_size}, {@mode={'mode', 0x3d, 0x5}}, {@size={'size', 0x3d, [0x6b, 0x32, 0x74, 0x2d, 0x6b, 0x30, 0x31, 0x74]}}, {}, {@mpol={'mpol', 0x3d, {'interleave', '=relative', @void}}}, {@gid={'gid', 0x3d, 0xee00}}, {@huge_advise}], [{@obj_user={'obj_user', 0x3d, '--^\xc7'}}, {@appraise_type}, {@smackfsfloor={'smackfsfloor', 0x3d, 'timeout'}}, {@hash}, {@fsname}]})
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r4, 0x4b40, 0x0)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r5, 0x4b40, 0x0)
sendfile(r2, r5, 0x0, 0x5)

23:06:01 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:06:01 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1178.116285] RIP: 0033:0x7fd30c0eeb19
23:06:01 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x891f, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:06:01 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x0)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:06:01 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1178.116713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1178.118328] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1178.118943] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1178.119517] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1178.120084] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1178.120655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1178.121210] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1178.141256] tmpfs: Unsupported parameter 'huge'
[ 1178.154489] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1178.166117] 9pnet: Could not find request transport: rdma
[ 1178.228237] tmpfs: Unsupported parameter 'huge'
[ 1178.570573] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1178.571451] print_req_error: 22 callbacks suppressed
[ 1178.572278] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1178.573862] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1178.573922] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1178.574797] buffer_io_error: 6 callbacks suppressed
[ 1178.574812] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1178.575632] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1178.578631] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1178.578693] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1178.579491] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1178.581365] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1178.582941] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1178.583133] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1178.583808] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1178.585734] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1178.587308] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1178.587377] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1178.588178] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1178.590129] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1178.591707] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1178.591772] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1178.592574] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1178.594491] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1178.594557] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1178.595977] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1178.596895] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1178.597775] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:06:14 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:06:14 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:06:14 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:06:14 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b2"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:06:14 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8920, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:06:14 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 20)

23:06:14 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b2"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:06:14 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[ 1191.415860] FAULT_INJECTION: forcing a failure.
[ 1191.415860] name failslab, interval 1, probability 0, space 0, times 0
[ 1191.417607] CPU: 1 PID: 8283 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1191.418614] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1191.419844] Call Trace:
[ 1191.420237]  dump_stack+0x107/0x167
[ 1191.420776]  should_fail.cold+0x5/0xa
[ 1191.421336]  ? io_issue_sqe+0x2492/0x77b0
[ 1191.421960]  should_failslab+0x5/0x20
[ 1191.422525]  kmem_cache_alloc_trace+0x55/0x320
[ 1191.423217]  io_issue_sqe+0x2492/0x77b0
[ 1191.423816]  ? io_connect+0x610/0x610
[ 1191.424384]  ? lock_acquire+0x197/0x470
[ 1191.424978]  ? find_held_lock+0x2c/0x110
[ 1191.425582]  ? xa_load+0x12d/0x2c0
[ 1191.426106]  ? lock_downgrade+0x6d0/0x6d0
[ 1191.426734]  __io_queue_sqe+0x90/0x9d0
[ 1191.427313]  ? xa_load+0x156/0x2c0
[ 1191.427835]  ? io_issue_sqe+0x77b0/0x77b0
[ 1191.428453]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1191.429161]  io_submit_sqes+0x44aa/0x8610
[ 1191.429810]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1191.430540]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1191.431258]  ? lock_downgrade+0x6d0/0x6d0
[ 1191.431864]  ? find_held_lock+0x2c/0x110
[ 1191.432468]  ? io_submit_sqes+0x8610/0x8610
[ 1191.433113]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1191.433823]  ? wait_for_completion_io+0x270/0x270
[ 1191.434538]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1191.435230]  ? vfs_write+0x354/0xb10
[ 1191.435777]  ? fput_many+0x2f/0x1a0
[ 1191.436318]  ? ksys_write+0x1a9/0x260
[ 1191.436883]  ? __ia32_sys_read+0xb0/0xb0
[ 1191.437485]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1191.438249]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1191.439008]  do_syscall_64+0x33/0x40
[ 1191.439568]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1191.440314] RIP: 0033:0x7fd30c0eeb19
[ 1191.440864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1191.443551] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1191.444681] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1191.445721] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1191.446756] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1191.447797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1191.448831] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:06:14 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8921, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:06:14 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1191.499271] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:06:14 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8922, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:06:14 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:06:14 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:06:14 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[ 1191.671241] wlan1: mtu greater than device maximum
23:06:14 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 21)

23:06:14 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8923, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:06:14 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1191.762006] FAULT_INJECTION: forcing a failure.
[ 1191.762006] name failslab, interval 1, probability 0, space 0, times 0
[ 1191.763716] CPU: 0 PID: 8306 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1191.764722] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1191.765941] Call Trace:
[ 1191.766346]  dump_stack+0x107/0x167
[ 1191.766888]  should_fail.cold+0x5/0xa
[ 1191.767463]  ? io_issue_sqe+0x2492/0x77b0
[ 1191.768080]  should_failslab+0x5/0x20
[ 1191.768643]  kmem_cache_alloc_trace+0x55/0x320
[ 1191.769321]  io_issue_sqe+0x2492/0x77b0
[ 1191.769927]  ? io_connect+0x610/0x610
[ 1191.770495]  ? lock_acquire+0x197/0x470
[ 1191.771085]  ? find_held_lock+0x2c/0x110
[ 1191.771698]  ? xa_load+0x12d/0x2c0
[ 1191.772225]  ? lock_downgrade+0x6d0/0x6d0
[ 1191.772849]  __io_queue_sqe+0x90/0x9d0
[ 1191.773425]  ? xa_load+0x156/0x2c0
[ 1191.773949]  ? io_issue_sqe+0x77b0/0x77b0
[ 1191.774564]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1191.775281]  io_submit_sqes+0x44aa/0x8610
[ 1191.775922]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1191.776652]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1191.777381]  ? lock_downgrade+0x6d0/0x6d0
[ 1191.777990]  ? find_held_lock+0x2c/0x110
[ 1191.778598]  ? io_submit_sqes+0x8610/0x8610
[ 1191.779249]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1191.779971]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1191.780748]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1191.781536]  ? trace_hardirqs_on+0x5b/0x180
[ 1191.782169]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1191.782969]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1191.783738]  do_syscall_64+0x33/0x40
[ 1191.784284]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1191.785035] RIP: 0033:0x7fd30c0eeb19
[ 1191.785588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1191.788277] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1191.789393] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1191.790437] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1191.791486] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1191.792525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1191.793571] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:06:14 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x80000001, 0x2}, 0x2b1, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x0, 0x0, 0x101}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000a80)='/sys/kernel/notes', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
sendfile(r1, r0, 0x0, 0x1)

23:06:14 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:06:14 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b2"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

[ 1191.920589] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1192.570873] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1192.572491] print_req_error: 6 callbacks suppressed
[ 1192.572508] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1192.574434] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1192.574479] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1192.574511] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1192.575991] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1192.576705] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1192.578083] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1192.578946] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1192.579665] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1192.583102] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1192.583481] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1192.584602] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1192.585217] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1192.587521] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1192.587562] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1192.588970] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1192.589618] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1192.591891] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1192.591925] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1192.593344] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1192.594053] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1192.595231] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1192.595727] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1192.596690] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1192.598329] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1192.685800] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1192.686537] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1192.686559] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1192.688218] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1192.688255] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1192.689930] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1192.690642] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1192.691324] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1192.692036] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1192.692749] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:06:27 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8924, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:06:27 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b4"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:06:27 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)=<r2=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:06:27 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 22)

23:06:27 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:06:27 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:06:27 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, 0x0, 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:06:27 executing program 5:
openat$sr(0xffffffffffffff9c, &(0x7f0000000240), 0x40080, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x80, &(0x7f00000000c0)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}}, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0)
read(r1, &(0x7f0000000000), 0x1b4000)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x8010, r1, 0x8000000)
syz_io_uring_setup(0x1c, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000ff2000/0xc000)=nil, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = socket$inet(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000500)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f00000000c0)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}}, 0x0)
r5 = syz_io_uring_complete(r2)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x501041, 0x101)
r6 = dup3(0xffffffffffffffff, r5, 0x80000)
ioctl$CDROMREADMODE1(r6, 0x530d, &(0x7f0000000280)={0x1, 0x48, 0x0, 0x20, 0x81, 0x6})

[ 1204.839210] FAULT_INJECTION: forcing a failure.
[ 1204.839210] name failslab, interval 1, probability 0, space 0, times 0
[ 1204.840301] CPU: 1 PID: 8344 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1204.840905] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1204.841611] Call Trace:
[ 1204.841846]  dump_stack+0x107/0x167
[ 1204.842161]  should_fail.cold+0x5/0xa
[ 1204.842493]  ? io_issue_sqe+0x2492/0x77b0
[ 1204.842856]  should_failslab+0x5/0x20
[ 1204.843192]  kmem_cache_alloc_trace+0x55/0x320
[ 1204.843603]  io_issue_sqe+0x2492/0x77b0
[ 1204.843963]  ? io_connect+0x610/0x610
[ 1204.844296]  ? lock_acquire+0x197/0x470
[ 1204.844637]  ? find_held_lock+0x2c/0x110
[ 1204.844985]  ? xa_load+0x12d/0x2c0
[ 1204.845292]  ? lock_downgrade+0x6d0/0x6d0
[ 1204.845659]  __io_queue_sqe+0x90/0x9d0
[ 1204.845997]  ? xa_load+0x156/0x2c0
[ 1204.846305]  ? io_issue_sqe+0x77b0/0x77b0
[ 1204.846669]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1204.847071]  io_submit_sqes+0x44aa/0x8610
[ 1204.847455]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1204.847893]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1204.848315]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1204.848763]  ? io_submit_sqes+0x8610/0x8610
[ 1204.849139]  ? _raw_spin_unlock_irq+0x1f/0x30
[ 1204.849535]  ? finish_task_switch+0x126/0x5d0
[ 1204.849916]  ? finish_task_switch+0xef/0x5d0
[ 1204.850291]  ? __switch_to+0x572/0xf70
[ 1204.850622]  ? __switch_to_asm+0x3a/0x60
[ 1204.850971]  ? __switch_to_asm+0x34/0x60
[ 1204.851339]  ? __schedule+0x82c/0x1ea0
[ 1204.851852]  ? io_schedule_timeout+0x140/0x140
[ 1204.852362]  ? copy_kernel_to_fpregs+0x9e/0xe0
[ 1204.852754]  ? trace_event_raw_event_x86_fpu+0x390/0x390
[ 1204.853217]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1204.853666]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1204.854103]  do_syscall_64+0x33/0x40
[ 1204.854422]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1204.854859] RIP: 0033:0x7fd30c0eeb19
[ 1204.855177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1204.856735] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1204.857382] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1204.857983] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1204.858576] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1204.859185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1204.859803] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:06:27 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)=<r2=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1204.903509] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:06:28 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:06:28 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8927, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:06:28 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, 0x0, 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:06:28 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 23)

[ 1204.989928] FAULT_INJECTION: forcing a failure.
[ 1204.989928] name failslab, interval 1, probability 0, space 0, times 0
[ 1204.990973] CPU: 1 PID: 8363 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1204.991536] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1204.992202] Call Trace:
[ 1204.992427]  dump_stack+0x107/0x167
[ 1204.992728]  should_fail.cold+0x5/0xa
[ 1204.993039]  ? create_object.isra.0+0x3a/0xa20
[ 1204.993419]  should_failslab+0x5/0x20
[ 1204.993731]  kmem_cache_alloc+0x5b/0x310
[ 1204.994059]  create_object.isra.0+0x3a/0xa20
[ 1204.994437]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1204.994842]  kmem_cache_alloc_trace+0x151/0x320
[ 1204.995218]  io_issue_sqe+0x2492/0x77b0
[ 1204.995563]  ? io_connect+0x610/0x610
[ 1204.995872]  ? lock_acquire+0x197/0x470
[ 1204.996196]  ? find_held_lock+0x2c/0x110
[ 1204.996533]  ? xa_load+0x12d/0x2c0
[ 1204.996823]  ? lock_downgrade+0x6d0/0x6d0
[ 1204.997163]  __io_queue_sqe+0x90/0x9d0
[ 1204.997480]  ? xa_load+0x156/0x2c0
[ 1204.997766]  ? io_issue_sqe+0x77b0/0x77b0
[ 1204.998103]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1204.998496]  io_submit_sqes+0x44aa/0x8610
[ 1204.998859]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1204.999264]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1204.999662]  ? lock_downgrade+0x6d0/0x6d0
[ 1204.999996]  ? find_held_lock+0x2c/0x110
[ 1205.000328]  ? io_submit_sqes+0x8610/0x8610
[ 1205.000688]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1205.001077]  ? wait_for_completion_io+0x270/0x270
[ 1205.001474]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1205.001848]  ? vfs_write+0x354/0xb10
[ 1205.002152]  ? fput_many+0x2f/0x1a0
[ 1205.002454]  ? ksys_write+0x1a9/0x260
[ 1205.002762]  ? __ia32_sys_read+0xb0/0xb0
[ 1205.003097]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1205.003532]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1205.003951]  do_syscall_64+0x33/0x40
[ 1205.004254]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1205.004662] RIP: 0033:0x7fd30c0eeb19
[ 1205.004964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1205.006429] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1205.007035] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1205.007606] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1205.008183] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1205.008746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1205.009322] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:06:28 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8929, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:06:28 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)=<r2=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:06:28 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:06:28 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b4"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:06:28 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:06:28 executing program 5:
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f00000000c0)=0xff, 0x4)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wg2\x00'})
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000001500)={0x7, "820c9ca1ee6e6419dcc3b3ae943cd9fcffb7ba1a6ea1b5b00c4887ee97c59fe5072a5571aacf0bf7ca9c1740aaff289a573cb2d5b72ec1a0e6334d5eee5a43e957cbb4b3702d53fbf02d075fb1c29f0788c5d56dcf4df5f56143b7eb0b2d963a8dbd68299834be69d3ede5c1590e6d04d517f014a6786fcaa60e4eef80e4fbe7196c9fd40ab478a57e8a19bca43b215f99b9bb97ab7042a85c68dbf523665ed0a5f83185f39fadc125914ce141cc87960bfc68c6983a5a0f263d702eb312c4ddd8d3edb9ec43a47048bf5c8b210135091db09801cb1ee294db15ea540a3d9f66e7c4dedf62944cebbe03a9a781723673168aa8fb2a23e3247288d3d8b8bf058ff80d8c33ee7ee852ef15b4380c8164cba8856c4fce334f35bd48494a0cd9c28209b186b0eb010b3571726bb1f564bd5a54223415a0e901798683285ce106d11e4db17db9af647d5cdb34a7d4549e5a9f597237a255619b8f00cb9a10e61073524d026d40c32751a27a07ec79f685891e56842bab3b8d68dd1c2aa405d7fd8aaf01905e19e3890aa3ead404c9fe4994897f4d8c6133133c7a364081d61e1809b3e80ea98710b34c5c3cfe6168ed0ebffa6f0cf82c8e79cab9b3288f0a292e0b57d87984cd9469115caefb03b026ac6a9aa2c89e84c62c83faf23b3f1f0370404cbcc7292633036ffabcfeb0866dd386e9cd09c0d562c26bb18fa615590acc8ff9"})
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x30, 0x10, 0x409, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @nested={0x4}, @nested={0x10, 0x4, 0x0, 0x1, [@typed={0xc, 0x7d, 0x0, 0x0, @u64}]}]}, 0x30}}, 0x0)
sendfile(0xffffffffffffffff, r1, &(0x7f0000001980)=0x10000000000001, 0x1f)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), 0xffffffffffffffff)
r2 = socket$packet(0x11, 0x3, 0x300)
write$P9_RREAD(0xffffffffffffffff, &(0x7f0000002e40)=ANY=[@ANYRESHEX=r2], 0x100b)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f00000014c0)='./file0/file0\x00', 0x7, 0x1, &(0x7f0000000340)=[{&(0x7f0000000180)="1d23de7449ee513d0fbbb59dcf0b1bbac60fe6674c12730f11d2e4a1e5f805fa4b51984ac5bc8ca2939f684ddf22e6602e5bd13a291e12eb168fd3a24106088d1c278eafb335beb6e01629099e679c512f7219aa2f120c110a54e373ea9d3aaeb23dde64ff57", 0x66, 0x101}], 0x54041, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f6a6f6c6965742c646d6f64653d3078303030303030303030303030303030322c6d61703d6e6f726d616c2c756e686964652c6f76657272696465726f636b7065726d2c6d65617375a4d7ea30"])
readv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/4089, 0xff9}], 0x1)
getresuid(&(0x7f0000000680)=<r3=>0x0, &(0x7f00000006c0), &(0x7f0000000700))
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000280)=@file={0x0, './file1\x00'}, 0x6e, &(0x7f0000000600)=[{&(0x7f00000001c0)="9d286944f34e7d7c2a2e57d169bc1b1f061e43b467480294c719edb7e2e149de5cfc2599b3444ffb91e6208a64a1ed91ea3b0adfd8e5b6ac74", 0x39}, {&(0x7f0000000300)="622e7d176512906ed9dd1f86b086d7028baba92986416a9b7d2399b6de7d05ad0c866b126db11b66254d97c98af311976204ce125d32469afe1d2ecc3bf73ee51f50f95dcb95579139fb36ac58149dea3475f790ca41b7dd081c4227b86e2405a9a906e6049a240ca5", 0x69}, {&(0x7f00000003c0)="9ad06593ef1e3ca2ceca8ddf35c80a0c9b7d6c2f86ac71892abc38e52403a37a2075d7cbd06fa07a6cdbce7a64de9cec9b8254ca060f8152a7cd99c526186604527162a6ef50c220e8c5d6e4fd16821f29e63c10ac35c4e796953048df0f7dc6970d35fcee58b89cb9b3748126c58ce1f09cef36281f403678fe5ca0d0e773c7347c1990070fe9ffa1d8c49a32e5cb88839173cd916916ecdb994c6c4211f62c06491f1d6b3769e5e1d3dbf19da793b847d9699a6362cedc6fc71d3f8a5ba04de893e76d799131cb1d43f30d744a59f8c390b478cd7585992bb3569a13440b30fa1599cf193b59c03ff15aeafdb326", 0xef}, {&(0x7f00000004c0)="590828e78e438697253b0a2ac4527ea68fa378f34e9f30378ce518d36931379e3d3fddea86b85aa7f2ee197770a2393fb5d15b5902ea05db5a1f476f7c9a145fefe090a312a39982eb13d88656e44d50569baa4d61a07ea35173063a00549523f0baa8e95c00", 0x66}, {&(0x7f0000000540)="d926e8c9f26a4de7801ec8c4de4345e895fcc9a0fc7176d27ee8d3eea9768a8fb26dea2e85884f81daca7ce6701796c82060bf40faef55e5d0cd4d9d289ef627d0c691ec5bd892b8c1fb85d41b98a173dae7b21dcb1415a37b0b9070060d4a17cf3f1a23bde69eabd2567e81d4fab27b84888cef6766d64aca4ec26f8dc843dca652c345eadee31b1819ba0770d436922f", 0x91}], 0x5, &(0x7f0000000740)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r3, 0xee00}}}], 0x40, 0x4}, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./file0/file0\x00', 0x9, 0x3, &(0x7f0000001800)=[{&(0x7f0000001740)="c129120e2ed0c2dae2448790c75e5d735e85c2a364183bccc8f0d079719c07226afd1a3e88933a24c640fdc7f91253120f4aef4974bd12a2985cd2b07cc95db798d359e03124f3e2e7af45773e2008c10e2833f6064c42a2f77038800e8a3be7c74bbf2a90f5b1c826ec8ec41fcafd455a7b906c925945158ba4a6aa2c7efde95718691c10393b9e5f16385c1e961a421ee9db7757eff3", 0x97, 0x100000000}, {&(0x7f00000002c0)="0b8c0f1a0cc06d593ac19e4e8909a59babd5975cf0bada4aedba2491973b0818499b9c508b248a016197ddd61b1789942acf9cc4cf4c5cc83548aab9f7bb6aa0106f85899b5998a4996974da245787f8d6e4434a473c8317a07f470de6e2ce2e8e30d23bc2e61c95", 0x68, 0x80000001}, {&(0x7f0000001e00)="3cacde65a8047938f8ae19e5bdf86069983f5fed1f2f7eae2018e9b031e713362a7ee9d6ed90686704e9ff5b69a89d2bf9ab78bcce280a27e17441a044aacf78fb26cae648b8a90fb943ce6a44ba4a00d58b0a7f409629c89043e14f838c0330a73da2089792e2fea4e43b515a59b5be899f60793685aaf9525b71fb2819e65d8e7d2b502cd828f01203ab8f392d3de16dd3d36147c50aeafdfc880ff9671adf807c13471c5a85a1936749392e21a160adcc267b48503e85c74ce6540df01ea453f55a81f5f0ea4e9b37f7e872a99fcea2540e1e882183a675d0d7da129df226433e8ff26bbab257252879f4cf8e56e402a60461c213ca591198b206e803a01020508b41f974df5119323da1d7c67636d20fdb2e5d61bbae9974ab905c9ac4c30a1d44705df422b7c9e58d97bab0834a75d66914e1ed6e6e356568aee14a0d7a2f0ed234d23214a7db06eaf380dc6cf88b09549ba8229bee974a0a2cc8b819d0c379f022ba0c5f199909b47e56a6f7014ae6c63643bc5822fc6cdd4da56c6900aed3131e8cd81e06cb03d83b58dfb1bab66faf50440ebfd7368942cb97fa3c661463d91fa4eabd7b227d0a134be02e659fab0c08f9e481722f57861337737b1df11a5f80c15edce22b71796551f648360d700593bc934f0086f7568e03b4c889a91aabfe122ad054b355b899557ba97f365d4a4f5fc4f573f674b2829a6b3a2b7b5e96be3b0d00857da22fed0f004d3cad70dcb0cbfbd6772fef4e552a6cf145d396df288b26970459526c66fbfdab334893b89e08018d8c2ca309e41eb286678ec01ea598f88deeb6424b4a7d0fd83e4c6bd0b8506706d8421ff86c7cee28a8a5696efda0225a939cb030c8252821b10f22670f5238bb7f3282bae66669dc218034bcb3c6ab235d0bfcc747f5429762ab278fe2469700ff7a0da31de52858ade18155f709ed1e791a04f38686e1fb11f21fe219b6ceb34dbe04cc8e9f4f10d6a342b4a49bdbe325566ba9e16dec3205bc529395066b572e3e9d6ca17e3853d7b439c1316ce484620431868fbc4195355c7c7cf3c31d15cd513c65b2006f5b29fb49a466aae56688db3fade0a43ccbe7f8a2dadf0e7992c7d163f63dde2da5a13107f1d1a1b64971ae27d8c1ffc93a949ae1b5674a0ecd0cd4302c7f04ed23ee71d7862458ba59b3b5a598d9727497890e9222e1b962519e866849344e1e20f88fd8acc92c30b91f0b7fc1cf33f324fab78098cc5e5bd1f30847418c62e9eb2cce5393c40375f08464bf197497e9b352f8e9489ea1351a59c273aaa99203bdc7717d5c62145a3fdc06650024f95121e3b6361cfe19a4dbb5c32531bc3f9fb1be8be2419d2515e84c577383233496505bbc6978f761f4fee09234b84f4dd6ece0d8cf70206d2471233217d8c58130f20a46638a05402cbcbaeb46fc1e8af8a7aa99359c20dd8098374b5c4fb0922ed5fbd508529e4b2b5796e06253e4532059bd0157229b3dea5cbe384ac947332763b311379aae64f0b7cf6904b5dc75c753e3af46e0c7911a6381628dc982faad6d594bbc27e6e84d2e502867283244ada013e8a5505deeb9e7cf41b65658359c5acd686b8878c503a7e80f59d5eb3c2538f89196a823f3f65f2a4575ad3d890d1c33c087f19cc691011c276ea438271e514212168fe0962e24d09b0ebe28b96b4209324135acca1a3381fcfed27d1221fac64c2533bc2174387765f4ed56e46050c1e1f2f193d6e0951ace1159e98c10b7d08f781d3fa384510adc5a7cae92e539980768b2b6b76e24ec31d534beedd9ddd48b9c5b94f25ea5d7bfdfcd83ff850a99c97b4f52ee90cd573c18eaefffa305783d89aded792f51ae018a43c1d18525160f95ed290795199b5ba5ec477f87ff17ecd3690793e853bb00f093711d0bfdaf602b39a3e5a7e8b5bec73fcaf256d768a3f023d1cc4ed60990d647cc6f109498b5c3855fd78081b93237f33586da3d8cd45a3c292e0e74560fe81ad4b576b9d2da47fef231c002345b72f4b22badfc8e0b46ab4a572045b6c1c04717acbea760d434f74842e8cdab39e5420d46d964d1e2de0b62dd833a3e01bdce0670371cb146e4f29218f26740bea7815040d08d1f1574b7f508c765fadae885f0d34062b0bad716be74bddd147e87030eb24facaa1563cbc611f64a2b5132f92d100ebc930aa79b7538cd1369fcf09b0c22b143957c0b197568d6dc25cabf3b1e8550ffc1e2b6810ee1770fe3e2bad99198be65fee67fb55b4d78b84bb2346a6d777292457b77d8a93350a33e02fd0e1d6ac4b696e5fd4b16247ddf33110e78d2f9c751ac71f58e6efc23e5b76be3ba9bedc8cd95f0d85ec249343fba03fb7e275dea8d4fc46f09a11ae5ddde5ac5c4909b085a6818ba0f900d954264c125f5ef5f9807484a322d949885706d1ee9f28cc44dd190062592e6022ab70e618f3e77a9a1a6cc3d6a57d065856b4a98d6a80a2ba92fae48ef08e588771dadb56ce40a5e5d044da707117d870ae38d687f20ad0e258275c649b8aded998d79233dafbc79f558dfec4b1095e14477462924af0c4f0ad509b93d64bce97045785dea47806d737325886e9fef56fdf1ab3623a9c82f3d218f3afff624923381ec3e5e696c76d1566d6798366cc97265e921e6f2584654461de2d60bcb07d927621ecf800ea3745e7f12344f3aa7f2d51b4cfbfd7876fe408f351ee3089d4ed1e641afa58c2013dedd2bde01655763cf9b5fef43feae5c027a222d769c8a6da1deceee36e19c99b8ba94525ef437f54a002c01efe7453701aa386e03f9e26f8f004365b6629d58e687538b846a6783e3ea4554c5c452e72e7b277a9486dedadb7b32b3aa5e81e57c0af546e239a68aac7820aa1e0fb85aeb0f945252689eccc1a54db096cd6cb68557aabe91fb95ba44c65e654af696ddc73abdf7adee181c827803f72a20446bbc1beeabd07caf51b10320de3a8750fa93889a3f63a8b6bbf8cc93bc147c0891eedb6751bd6ae170470073416d1bbb237c6cd0325f4763139db61b1b14036702e851c57d4b44991a422353badba3bfe70ada8b2baab81183179fdb881a83c975bf2246b72cc480ad32b4a01b403d4b8612c45de0394fde10af82cfca5cbb7140a27df1fbd7aaec2daca3dcdc0ca1a6522f9eb7e069827216295b0ea5d3e8af97e372a0c7dc001dc826fbe4fe00a32a6aeed75fb24dce9fa63de7e6c47b22aedf37f2ea301caf6bbcb83641f7444667db4e95c404d7f0cee8ef6d9e159a7ea7bfa23641c1e6eaee0f3adf8f403d5a1a3e468b7c3da493264cc8a5569dddf4973daa04a515c8137384661b4eac0255ca741a050bf69158f4cdff677004e998e554483a90abbdebb29a48604bb36923a18b07b4241ffeaa036fea6a3d23fee710140269b7e1c8418cda59c7dacb27630d3c0ca28f2a3a35b5de93a00d9a3a4916320c92482a1b00b6022e4dc3845049c1ea05f9213cdbbff8029970130987b70fa2f4795d934d03c243f9d069c222a310b85e8454fdc6df831490cb725ceaaf1505d242d3071a1075473176570b1e49e6ef26199183d07a4eefae67aa8a8b21b7094819b56117a5326f419dd729c32a7eb0595a2061cda61d0d9a872577d9e0df1f96e2e722f90ee619e81c6e8dfddfb5a869dba445bbc9597e0f7e4546a2dab300c59a1600a80c1709360efa1c6130dcc6b8d27f3a9ba6ee4f0099cff90a833a467e0f4cee3037e3a0461f118e14a1f2d064dc8de2145bb774409511e180d6d926e2b173b61a9465483649d0871a94c5d74fc06065cfe05d0f535dbf05ec6ccec958fb4d5fa6ea8666e2b47f48228b43a9bba6d1acd2d2bbaecec20ad80059dbafc56c4adfa7bc303f020db2802543da8c0ec4acbcdbb0165ffa15eb7dc589a6f8092302a0415ffac637e3854effaa9720df5d6d7dc02b938ce70dfe718ee7bfa5116dd0bd48502781a34e83ebc7d6a8c9cea5faefb0f6b5e1f1116734e4346b202e4b55f80bbad4cab0766332187f320fbe4ec250a56b240f74f6c14275ac77991b0aa28145d8918079f47d46eacc44a2d7254c64cf47b255f11dd3763e0f0f13b8a3039bea0763a7854191133f715f89dc421423deff1fd20ee435ab0dbb619507a59e74cc036af253cfd54e3c9b1420b25eee184a40e02eed8de6ae7cb2d16fdcf5d529794265c42aa209c15ab7e0e8ce63f1dfb79bb785cd52b868e007e08be44b528f97856d040f1a7673fba1e4e264ea8c498aab2c1aaa3f31b0673657ddf5c5a674fe678b7027d5e113e0d3c5b29b984d3dd5f63d8d66457ebf9716dda3b22887897d762ec2daaa914fba50d1c49f33a9ab7d4052c1f1b6580aa2d6789c422b3848f2723aafb15ad48ad7f4eccaa582481bd78fce649523d34ee22e8404519256dd601ab25686cb02df8c5c9b9eb3ac8e72fb94c740e7247e0868a1d68cbb8d86640901b6f4f3c94696a1bdc0686ed904d0410814fe2eabb96af31f91f56bc3650d31c41808ef7d71328bc364ca70abea593e26817a7099157728ef9cd9bbc95f9624624a173ce8a947de58788a425b2f71d06791655ef99b134595fe5ef81a5222169a3cfda5dee1cc0ad3d84468712d66ea4ff9ad9920fbf64ad5c8c793d8a0a7ddf0f363637ac74b452c0ea69d562b75555c76decee6dace7faf9d1eade9f8f4275c5c1f41e58ea14adbbf984a84d45a5c3924fd85e48292a995ff9631e9125068ad8054cea4377d4d7c628761efe814f809d234c49dd89a137dedf6eda722897ad15506481a71d3f8794e6461bf0f1608f4a69a63853d91c64b01ac0b836ad7c323156a8e6b0f46df106aa432b67c365bbee2a8065afd2bcb0cddeeb3c3d1108b16d2c47592ddd2ea262e4f432d140a7955d48dfeb0bfe7df025d7fd5132d3031cfa6fb6feedfff446d9274ff072d2fded7b73c34105ee857ed6c312d45f61a78330e17a7ef0ddb85a41edaa10d3d3121366d4ae1db8aee886b68dfea06e5fa6955424d7d6f6e38925ef57b2582f0eae8be1ee1f0492943fd179cea9b737fa4b8bb20a181d7a8358560976c829fc8b090dee22a71fa4e6fa82b67a3e49d136cdfc93d3417fb587e348e776480bd329dfb95c72a9400549fb4a559574d0763e67c847af90aa6b0b86ed930888e3be4f880b85fbb4cc6da09e9d51d018de9498d8c37b78144f5d4f8e19810a0e0b42fe71815e50721e776b11c57adadd06afe6ea9956e9402dae4d41fb7d78371fcdea99f597b68e748e0bf006e2a80e1990a75242cac5a5800904c437aa1102c638529c4f8108e1feef647a11bfa4e01856c373094cbaa057ba6ffa51856da0b321538228c313dc2605900fa169a8a9e061a6ff53a3e5cc8520d15b2ed36d98bd4602321ebd0b3e692e696282e37b0448519154c32d55bc99a90079c75a1df46cbe44f0c4a207f9b1debeecb84be9087d4c1df4accdb870952c75942816fcf151104febcd876d75412f2a253fd550b3c21640f8deef82ba55b4b9accc24bf7ad787db842f26348e0e57430670bf7dd7187300b54ddd7a1a1da6725e5a96e67866243a5c7b1343c65c7887e8de12e428af2059895986ab4ab5865c42e7fde0f9cb97ff7787bca3231db75f8520daec52a9385597bf460c383591cd9384fd38c40f1b0136acbc610df969157984527ac94963b494dda639ff92e34d5580bc02c047dbcc7f6133cd10502a6710c83060a9edc43a04ff551a6cfa03243272966deb8b31194c5cac73d0d883aec180f6c0becb90591f3c8e63fa1c6922b03baa236b871", 0x1000, 0xe8a}], 0x80, &(0x7f0000001880)={[{@iocharset={'iocharset', 0x3d, 'cp1250'}}, {@uni_xlateno}, {@numtail}], [{@smackfsroot={'smackfsroot', 0x3d, 'wg2\x00'}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@fowner_lt}, {@defcontext={'defcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'nl802154\x00'}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@dont_measure}, {@fowner_gt={'fowner>', r3}}, {@smackfstransmute={'smackfstransmute', 0x3d, '.'}}, {@func={'func', 0x3d, 'FILE_CHECK'}}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0)

[ 1205.170918] netlink: 'syz-executor.5': attribute type 4 has an invalid length.
[ 1205.294958] netlink: 'syz-executor.5': attribute type 4 has an invalid length.
[ 1205.611555] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1205.612507] print_req_error: 22 callbacks suppressed
[ 1205.612526] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1205.614844] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1205.614899] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1205.615765] buffer_io_error: 6 callbacks suppressed
[ 1205.615773] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1205.618470] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1205.620081] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1205.620148] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1205.620922] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1205.622917] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1205.624538] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1205.624628] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1205.625370] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1205.626208] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1205.628395] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1205.628490] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1205.629223] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1205.630045] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1205.632228] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1205.632295] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1205.633067] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1205.635081] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1205.635150] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1205.636664] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1205.636673] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1205.638186] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1205.704156] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1205.705126] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1205.705187] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1205.706677] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1205.706746] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1205.708244] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1205.709197] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1205.710143] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1205.711095] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1205.712056] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:06:41 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:06:41 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, 0x0, 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:06:41 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b4"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

[ 1218.854680] FAULT_INJECTION: forcing a failure.
[ 1218.854680] name failslab, interval 1, probability 0, space 0, times 0
[ 1218.856399] CPU: 1 PID: 8401 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1218.857387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1218.858586] Call Trace:
[ 1218.858980]  dump_stack+0x107/0x167
[ 1218.859536]  should_fail.cold+0x5/0xa
[ 1218.860096]  ? io_issue_sqe+0x2492/0x77b0
[ 1218.860707]  should_failslab+0x5/0x20
[ 1218.861270]  kmem_cache_alloc_trace+0x55/0x320
[ 1218.861940]  io_issue_sqe+0x2492/0x77b0
[ 1218.862539]  ? io_connect+0x610/0x610
[ 1218.863100]  ? lock_acquire+0x197/0x470
[ 1218.863683]  ? find_held_lock+0x2c/0x110
[ 1218.864278]  ? xa_load+0x12d/0x2c0
[ 1218.864800]  ? lock_downgrade+0x6d0/0x6d0
[ 1218.865414]  __io_queue_sqe+0x90/0x9d0
[ 1218.865981]  ? xa_load+0x156/0x2c0
[ 1218.866498]  ? io_issue_sqe+0x77b0/0x77b0
[ 1218.867110]  ? kmem_cache_alloc_bulk+0x182/0x320
23:06:41 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b4"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:06:41 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8930, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:06:41 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280))
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:06:41 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:06:41 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 24)

23:06:41 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1218.867812]  io_submit_sqes+0x44aa/0x8610
[ 1218.868766]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1218.869491]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1218.870191]  ? lock_downgrade+0x6d0/0x6d0
[ 1218.870787]  ? find_held_lock+0x2c/0x110
[ 1218.871381]  ? io_submit_sqes+0x8610/0x8610
[ 1218.872029]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1218.872730]  ? wait_for_completion_io+0x270/0x270
[ 1218.873426]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1218.874096]  ? vfs_write+0x354/0xb10
[ 1218.874634]  ? fput_many+0x2f/0x1a0
[ 1218.875162]  ? ksys_write+0x1a9/0x260
[ 1218.875721]  ? __ia32_sys_read+0xb0/0xb0
[ 1218.876311]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1218.877067]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1218.877814]  do_syscall_64+0x33/0x40
[ 1218.878354]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1218.879093] RIP: 0033:0x7fd30c0eeb19
[ 1218.879643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
23:06:41 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1218.882262] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1218.883491] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1218.884512] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1218.885528] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1218.886544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1218.887568] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1218.946539] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1219.230054] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1219.230581] print_req_error: 22 callbacks suppressed
[ 1219.230592] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1219.231908] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1219.232765] buffer_io_error: 6 callbacks suppressed
[ 1219.232772] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1219.241123] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1219.241584] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1219.242459] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1219.243293] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1219.247078] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1219.247545] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1219.248395] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1219.249252] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1219.250818] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1219.251262] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1219.252142] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1219.252991] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1219.253752] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1219.254187] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1219.255058] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1219.255912] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1219.257200] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1219.257687] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1219.258433] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1219.258913] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1219.259664] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1219.260119] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:06:54 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:06:54 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:06:54 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280))
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:06:54 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:06:54 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8932, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:06:54 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:06:54 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 25)

23:06:54 executing program 5:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4801}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0xffff)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8800000)
lseek(0xffffffffffffffff, 0x0, 0x3)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
creat(0x0, 0x183)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4000006})
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x4c20, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat(r1, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x100000001)
r3 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
open$dir(&(0x7f0000000080)='./file1\x00', 0x204000, 0x1)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f00000000c0)=ANY=[@ANYBLOB="01bc02000000a22a474755b800496d2ff300", @ANYRES32=r3, @ANYBLOB="00c91fcaae1524d2000000000000002e"])
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000100)}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r3, 0x8000000)

[ 1231.865174] FAULT_INJECTION: forcing a failure.
[ 1231.865174] name failslab, interval 1, probability 0, space 0, times 0
[ 1231.866231] CPU: 1 PID: 8430 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1231.866853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1231.867602] Call Trace:
[ 1231.867846]  dump_stack+0x107/0x167
[ 1231.868179]  should_fail.cold+0x5/0xa
[ 1231.868528]  ? create_object.isra.0+0x3a/0xa20
[ 1231.868941]  should_failslab+0x5/0x20
[ 1231.869281]  kmem_cache_alloc+0x5b/0x310
[ 1231.869647]  create_object.isra.0+0x3a/0xa20
[ 1231.870042]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1231.870502]  kmem_cache_alloc_trace+0x151/0x320
[ 1231.870923]  io_issue_sqe+0x2492/0x77b0
[ 1231.871293]  ? io_connect+0x610/0x610
[ 1231.871645]  ? lock_acquire+0x197/0x470
[ 1231.872002]  ? find_held_lock+0x2c/0x110
[ 1231.872373]  ? xa_load+0x12d/0x2c0
[ 1231.872695]  ? lock_downgrade+0x6d0/0x6d0
[ 1231.873073]  __io_queue_sqe+0x90/0x9d0
[ 1231.873423]  ? xa_load+0x156/0x2c0
[ 1231.873746]  ? io_issue_sqe+0x77b0/0x77b0
[ 1231.874125]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1231.874553]  io_submit_sqes+0x44aa/0x8610
[ 1231.874944]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1231.875388]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1231.875827]  ? lock_downgrade+0x6d0/0x6d0
[ 1231.876196]  ? find_held_lock+0x2c/0x110
[ 1231.876567]  ? io_submit_sqes+0x8610/0x8610
[ 1231.876961]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1231.877392]  ? wait_for_completion_io+0x270/0x270
[ 1231.877826]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1231.878241]  ? vfs_write+0x354/0xb10
[ 1231.878576]  ? fput_many+0x2f/0x1a0
[ 1231.878905]  ? ksys_write+0x1a9/0x260
[ 1231.879247]  ? __ia32_sys_read+0xb0/0xb0
[ 1231.879626]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1231.880097]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1231.880561]  do_syscall_64+0x33/0x40
[ 1231.880896]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1231.881353] RIP: 0033:0x7fd30c0eeb19
[ 1231.881689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1231.883323] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1231.884007] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1231.884640] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1231.885271] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1231.885912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1231.886545] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1231.933101] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:06:55 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x0, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:06:55 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:06:55 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 26)

23:06:55 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8933, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1232.036045] FAULT_INJECTION: forcing a failure.
[ 1232.036045] name failslab, interval 1, probability 0, space 0, times 0
[ 1232.037063] CPU: 1 PID: 8450 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1232.037636] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1232.038326] Call Trace:
[ 1232.038559]  dump_stack+0x107/0x167
[ 1232.038870]  should_fail.cold+0x5/0xa
[ 1232.039193]  should_failslab+0x5/0x20
[ 1232.039509]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1232.039903]  io_submit_sqes+0x6fe6/0x8610
[ 1232.040269]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1232.040684]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1232.041088]  ? lock_downgrade+0x6d0/0x6d0
[ 1232.041436]  ? find_held_lock+0x2c/0x110
[ 1232.041778]  ? io_submit_sqes+0x8610/0x8610
[ 1232.042142]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1232.042543]  ? wait_for_completion_io+0x270/0x270
[ 1232.042943]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1232.043329]  ? vfs_write+0x354/0xb10
[ 1232.043664]  ? fput_many+0x2f/0x1a0
[ 1232.043969]  ? ksys_write+0x1a9/0x260
[ 1232.044303]  ? __ia32_sys_read+0xb0/0xb0
[ 1232.044642]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1232.045075]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1232.045512]  do_syscall_64+0x33/0x40
[ 1232.045823]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1232.046254] RIP: 0033:0x7fd30c0eeb19
[ 1232.046572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1232.048107] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1232.048751] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1232.049345] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1232.049937] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1232.050533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1232.051127] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:06:55 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x10, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x72}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
sendmsg$AUDIT_MAKE_EQUIV(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)={0x28, 0x3f7, 0x200, 0x70bd29, 0x25dfdbff, {0x7, 0x7, './file1', './file1'}, ["", "", "", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}})

23:06:55 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:06:55 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280))
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:06:55 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8936, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1232.134256] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1232.665965] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1232.666863] print_req_error: 6 callbacks suppressed
[ 1232.666881] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1232.669183] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1232.670702] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1232.678639] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1232.679409] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1232.681000] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1232.682506] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1232.684364] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1232.685352] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1232.686905] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1232.688399] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1232.690216] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1232.691134] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1232.692703] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1232.694195] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1232.696808] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1232.697604] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1232.699152] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1232.700667] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1232.702311] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1232.703757] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1232.704690] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1232.708505] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1232.709620] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1232.710739] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1232.742997] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1232.743924] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1232.743982] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1232.745481] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1232.745548] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1232.746988] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1232.747903] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1232.748794] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1232.749690] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1232.750579] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:07:10 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x0, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:07:10 executing program 5:
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000680)={0x2, 0x0, @local}, 0x10)
close(0xffffffffffffffff)

23:07:10 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:07:10 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:07:10 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:07:10 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8937, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:07:10 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 27)

[ 1247.434792] FAULT_INJECTION: forcing a failure.
[ 1247.434792] name failslab, interval 1, probability 0, space 0, times 0
[ 1247.435862] CPU: 0 PID: 8480 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1247.436488] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1247.437236] Call Trace:
[ 1247.437483]  dump_stack+0x107/0x167
[ 1247.437816]  should_fail.cold+0x5/0xa
[ 1247.438163]  ? create_object.isra.0+0x3a/0xa20
[ 1247.438574]  ? create_object.isra.0+0x3a/0xa20
[ 1247.438996]  should_failslab+0x5/0x20
[ 1247.439347]  kmem_cache_alloc+0x5b/0x310
[ 1247.439723]  create_object.isra.0+0x3a/0xa20
[ 1247.440140]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1247.440604]  kmem_cache_alloc_bulk+0x168/0x320
[ 1247.441032]  io_submit_sqes+0x6fe6/0x8610
[ 1247.441429]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1247.441878]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1247.442332]  ? lock_downgrade+0x6d0/0x6d0
[ 1247.442704]  ? find_held_lock+0x2c/0x110
[ 1247.443090]  ? io_submit_sqes+0x8610/0x8610
[ 1247.443488]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1247.443932]  ? wait_for_completion_io+0x270/0x270
[ 1247.444371]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1247.444801]  ? vfs_write+0x354/0xb10
[ 1247.445139]  ? fput_many+0x2f/0x1a0
[ 1247.445473]  ? ksys_write+0x1a9/0x260
[ 1247.445820]  ? __ia32_sys_read+0xb0/0xb0
[ 1247.446201]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1247.446680]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1247.447162]  do_syscall_64+0x33/0x40
[ 1247.447506]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1247.448002] RIP: 0033:0x7fd30c0eeb19
[ 1247.448344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1247.450045] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1247.450738] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1247.451381] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1247.452033] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1247.452692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1247.453332] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:07:10 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r0 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, 0x0, 0x6)
ioctl$FIOCLEX(r0, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:07:10 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8940, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:07:10 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:07:10 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1247.530206] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:07:10 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x0, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:07:10 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x543, 0x0)
r1 = clone3(&(0x7f0000000140)={0x11060900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r2 = gettid()
kcmp(0x0, r2, 0x6, 0xffffffffffffffff, 0xffffffffffffffff)
tgkill(r1, r2, 0x18)
kcmp(0xffffffffffffffff, r1, 0x1, r0, r0)
close(r0)
r3 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
r4 = epoll_create1(0x0)
r5 = clone3(&(0x7f0000000140)={0x11060900, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r6 = gettid()
kcmp(0x0, r6, 0x6, 0xffffffffffffffff, 0xffffffffffffffff)
tgkill(r5, r6, 0x18)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0xdf4}}, './file1\x00'})
getresuid(&(0x7f0000000680)=<r7=>0x0, &(0x7f0000000200), &(0x7f00000000c0)=<r8=>0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000280)=@file={0x0, './file1\x00'}, 0x6e, &(0x7f0000000600)=[{&(0x7f00000001c0)="9d286944f34e7def0a2e57d169bc1b1f061e43b467480294c719edb7e2e149de5cfc2599b3444ffb91e6208a64a1ed91ea3b0adfd8e5b6ac74", 0x39}, {&(0x7f0000000300)="622e7d176512906ed9dd1f86b086d7028baba92986416a9b7d2399b6de7d05ad0c866b126db11b66254d97c98af311976204ce125d32469afe1d2ecc3bf73ee51f50f95dcb95579139fb36ac58149dea3475f790ca41b7dd081c4227b86e2405a9a906e6049a240ca5", 0x69}, {&(0x7f00000003c0)="9ad06593ef1e3ca2ceca8ddf35c80a0c9b7d6c2f86ac71892abc38e52403a37a2075d7cbd06fa07a6cdbce7a64de9cec9b8254ca060f8152a7cd99c526186604527162a6ef50c220e8c5d6e4fd16821f29e63c10ac35c4e796953048df0f7dc6970d35fcee58b89cb9b3748126c58ce1f09cef36281f403678fe5ca0d0e773c7347c1990070fe9ffa1d8c49a32e5cb88839173cd916916ecdb994c6c4211f62c06491f1d6b3769e5e1d3dbf19da793b847d9699a6362cedc6fc71d3f8a5ba04de893e76d799131cb1d43f30d744a59f8c390b478cd7585992bb3569a13440b30fa1599cf193b59c03ff15aeafdb326", 0xef}, {&(0x7f00000004c0)="590828e78e438697253b0a2ac4527ea68fa378f34e9f30378ce518d36931379e3d3fddea86b85aa7f2ee197770a2393fb5d15b5902ea05db5a1f476f7c9a145fefe090a312a39982eb13d88656e44d50569baa4d61a07ea35173063a00549523f0baa8e95c00", 0x66}, {&(0x7f00000007c0)="d926e8c9f26a4de7801ec8c4de4345e895fcc9a0fc7176d27ee8d3eea9768a8fb26dea2e85884f81daca7ce6701796c82060bf40faef55e5d0cd4d9d289ef627d0c691ec5bd892b8c1fb85d41b98a173dae7b21dcb1415a37b0b9070060d4a17cf3f1a23bde69eabd2567e81d4fab27b84888cef6766d64aca4ec26f8dc843dca652c345eadee31b1819ba0770d436922f", 0x91}], 0x5, &(0x7f0000000740)=[@cred={{0x1c, 0x1, 0x2, {r6, 0xffffffffffffffff, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r7, 0xee00}}}], 0x40, 0x4}, 0x0)
r9 = dup3(r3, r3, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000300), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r9, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',rootcontext=root,dont_measure,dont_hash,dont_appraise,uid=', @ANYRESDEC=r8, @ANYBLOB="2c6f626a5f747970653d6366b9afe3f3bf070000006e111b6d410186c5f8ffffffbfda6f2c7569643e", @ANYRESDEC=r8, @ANYBLOB="898a"])

23:07:10 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

[ 1247.667950] 9pnet: Insufficient options for proto=fd
23:07:10 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:07:10 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 28)

23:07:10 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:07:10 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8941, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:07:10 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r0 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, 0x0, 0x6)
ioctl$FIOCLEX(r0, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[ 1247.725256] FAULT_INJECTION: forcing a failure.
[ 1247.725256] name failslab, interval 1, probability 0, space 0, times 0
[ 1247.726632] CPU: 1 PID: 8523 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1247.727374] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1247.728259] Call Trace:
[ 1247.728552]  dump_stack+0x107/0x167
[ 1247.728946]  should_fail.cold+0x5/0xa
[ 1247.729358]  ? create_object.isra.0+0x3a/0xa20
[ 1247.729850]  should_failslab+0x5/0x20
[ 1247.730259]  kmem_cache_alloc+0x5b/0x310
[ 1247.730709]  create_object.isra.0+0x3a/0xa20
[ 1247.731178]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1247.731729]  kmem_cache_alloc_bulk+0x168/0x320
[ 1247.732232]  io_submit_sqes+0x6fe6/0x8610
[ 1247.732705]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1247.733241]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1247.733784]  ? lock_downgrade+0x6d0/0x6d0
[ 1247.734228]  ? find_held_lock+0x2c/0x110
[ 1247.734685]  ? io_submit_sqes+0x8610/0x8610
[ 1247.735156]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1247.735681]  ? wait_for_completion_io+0x270/0x270
[ 1247.736208]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1247.736707]  ? vfs_write+0x354/0xb10
[ 1247.737114]  ? fput_many+0x2f/0x1a0
[ 1247.737511]  ? ksys_write+0x1a9/0x260
[ 1247.737921]  ? __ia32_sys_read+0xb0/0xb0
[ 1247.738375]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1247.738936]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1247.739488]  do_syscall_64+0x33/0x40
[ 1247.739897]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1247.740456] RIP: 0033:0x7fd30c0eeb19
[ 1247.740863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1247.742816] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1247.743666] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1247.744540] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1247.745316] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1247.746092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1247.746862] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:07:10 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:07:10 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:07:10 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r0 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, 0x0, 0x6)
ioctl$FIOCLEX(r0, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[ 1247.791152] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1247.840959] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 1248.182129] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1248.182646] print_req_error: 22 callbacks suppressed
[ 1248.182657] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1248.183959] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1248.184792] buffer_io_error: 6 callbacks suppressed
[ 1248.184799] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1248.188095] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1248.188543] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1248.189359] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1248.190180] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1248.190861] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1248.191290] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1248.192138] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1248.192971] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1248.193644] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1248.194068] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1248.195538] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1248.196360] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1248.221594] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1248.222006] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1248.222984] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1248.223405] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1248.224329] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1248.224852] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1248.227486] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1248.228099] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1248.228737] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1248.229331] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1248.279109] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1248.280159] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1248.280988] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1248.281474] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1248.282175] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1248.283342] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1248.283887] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1248.284399] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1248.284991] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1248.285551] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:07:24 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:07:24 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:07:24 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r0 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, 0x0, 0x6)
ioctl$FIOCLEX(r0, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:07:24 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8942, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:07:24 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:07:24 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 29)

23:07:24 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:07:24 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r1=>0x0})
setsockopt$inet_group_source_req(r0, 0x0, 0x4, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x34}}, 0x10)
setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000180)={0x9, {{0x2, 0x4e21, @rand_addr=0x64010100}}}, 0x88)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000080)={@multicast2, @dev={0xac, 0x14, 0x14, 0x41}, @remote}, 0xc)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100), 0x4)
openat(r0, &(0x7f00000000c0)='./file0\x00', 0xb562795162161417, 0xaceec20e5b383186)
r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0)
read(r3, &(0x7f0000000000), 0x1b4000)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_MESH_CONFIG(r3, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="135300010008000300"/18, @ANYRES32=r4, @ANYBLOB="0c009900400000000400000008000300", @ANYRES32=r1, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB="1400238006000d000900000006001000090000000c009900ff0f00001800000008000300", @ANYRES32=r1, @ANYBLOB], 0x60}, 0x1, 0x0, 0x0, 0x10}, 0x20009001)

[ 1261.524487] FAULT_INJECTION: forcing a failure.
[ 1261.524487] name failslab, interval 1, probability 0, space 0, times 0
[ 1261.526588] CPU: 0 PID: 8567 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1261.527782] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1261.529221] Call Trace:
[ 1261.529706]  dump_stack+0x107/0x167
[ 1261.530383]  should_fail.cold+0x5/0xa
[ 1261.531144]  ? create_object.isra.0+0x3a/0xa20
[ 1261.531957]  should_failslab+0x5/0x20
[ 1261.532647]  kmem_cache_alloc+0x5b/0x310
[ 1261.533365]  ? mark_held_locks+0x9e/0xe0
[ 1261.534078]  create_object.isra.0+0x3a/0xa20
[ 1261.534837]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1261.535726]  kmem_cache_alloc_bulk+0x168/0x320
[ 1261.536542]  io_submit_sqes+0x6fe6/0x8610
[ 1261.537309]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1261.538201]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1261.539040]  ? lock_downgrade+0x6d0/0x6d0
[ 1261.539789]  ? find_held_lock+0x2c/0x110
[ 1261.540516]  ? io_submit_sqes+0x8610/0x8610
[ 1261.541300]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1261.542145]  ? wait_for_completion_io+0x270/0x270
[ 1261.543016]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1261.543815]  ? vfs_write+0x354/0xb10
[ 1261.544490]  ? fput_many+0x2f/0x1a0
[ 1261.545081]  ? ksys_write+0x1a9/0x260
[ 1261.545643]  ? __ia32_sys_read+0xb0/0xb0
[ 1261.546234]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1261.547006]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1261.547735]  do_syscall_64+0x33/0x40
[ 1261.548297]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1261.549021] RIP: 0033:0x7fd30c0eeb19
[ 1261.549568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1261.552143] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1261.553256] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1261.554297] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1261.555337] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1261.556380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1261.557419] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:07:24 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8943, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1261.563395] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:07:24 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:07:24 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:07:24 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1261.671767] mac80211_hwsim hwsim5 wlan1: refused to change device tx_queue_len
23:07:24 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 30)

23:07:24 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:07:24 executing program 5:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:07:24 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:07:24 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1261.762895] FAULT_INJECTION: forcing a failure.
[ 1261.762895] name failslab, interval 1, probability 0, space 0, times 0
[ 1261.763941] CPU: 1 PID: 8587 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1261.764488] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1261.765144] Call Trace:
[ 1261.765363]  dump_stack+0x107/0x167
[ 1261.765655]  should_fail.cold+0x5/0xa
[ 1261.765962]  ? create_object.isra.0+0x3a/0xa20
[ 1261.766331]  should_failslab+0x5/0x20
[ 1261.766633]  kmem_cache_alloc+0x5b/0x310
[ 1261.766958]  ? mark_held_locks+0x9e/0xe0
[ 1261.767283]  create_object.isra.0+0x3a/0xa20
[ 1261.767629]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1261.768041]  kmem_cache_alloc_bulk+0x168/0x320
[ 1261.768411]  io_submit_sqes+0x6fe6/0x8610
[ 1261.768755]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1261.769147]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1261.769527]  ? lock_downgrade+0x6d0/0x6d0
[ 1261.769852]  ? find_held_lock+0x2c/0x110
[ 1261.770184]  ? io_submit_sqes+0x8610/0x8610
[ 1261.770533]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1261.770920]  ? wait_for_completion_io+0x270/0x270
[ 1261.771304]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1261.771673]  ? vfs_write+0x354/0xb10
[ 1261.771984]  ? fput_many+0x2f/0x1a0
[ 1261.772272]  ? ksys_write+0x1a9/0x260
[ 1261.772578]  ? __ia32_sys_read+0xb0/0xb0
[ 1261.772903]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1261.773328]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1261.773736]  do_syscall_64+0x33/0x40
[ 1261.774050]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1261.774450] RIP: 0033:0x7fd30c0eeb19
[ 1261.774748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1261.776178] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1261.776776] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1261.777334] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1261.777885] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1261.778446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1261.779007] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1262.128536] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1262.129043] print_req_error: 22 callbacks suppressed
[ 1262.129054] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1262.130369] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1262.130818] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1262.131693] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1262.132128] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1262.133001] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1262.133447] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1262.134316] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1262.134758] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1262.135626] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1262.136063] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1262.136938] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1262.137375] blk_update_request: I/O error, dev sr0, sector 2096902 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1262.138251] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1262.138696] blk_update_request: I/O error, dev sr0, sector 2096903 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1262.139560] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1262.140388] buffer_io_error: 6 callbacks suppressed
[ 1262.140395] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1262.141401] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1262.142235] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1262.142843] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1262.143462] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1262.144070] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1262.144687] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1262.145288] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1262.145904] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1262.176454] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1262.176925] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1262.177732] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1262.178188] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1262.178927] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1262.179474] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1262.180067] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1262.180680] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1262.181199] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1262.181798] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:07:38 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:07:38 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8947, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:07:38 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:07:38 executing program 5:
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=ANY=[@ANYBLOB="b8000000130001000000000000000000ffffffff000000000000000000000000ff02000000000000000000000000000100000000000000000a00403c00000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c5b1eb06befb0f92bc7d7d6a2df263541104e57989d40473f453661c4e19af2cdf658d93c1d7b92f58c2051026748f86277a9743e9bd7f8283424c2ae53c101a65da2bdcaabd05f69bff012d2b4e9ab210e6e724305f9d6a59f1f6fa6f4bf12323ade51808d1e1a23c8375929c244ccfb099011db4d5ec75303e3823c324d2b669645ac1db7f54054f5977744a12b8fe11682eb89a7b2b138516b41cad2c6f16133b09eba02643b1deb003bad2cad476e0593e2e68ff0f50"], 0xb8}}, 0x0)
r1 = pidfd_open(0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000180)={r1, 0x0, 0x800, 0x2})
r2 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x7, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/packet\x00')
dup3(r3, r2, 0x0)
syz_io_uring_setup(0x5606, &(0x7f0000000040)={0x0, 0xef33, 0x0, 0x3, 0x256, 0x0, r3}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000100))
syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe2(&(0x7f0000000540)={<r6=>0xffffffffffffffff}, 0x0)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000280)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd, 0x11aa7d53, &(0x7f0000000400)="fd5b8f80afe333e7302b6557a3f9b7837d9f43ec2048b74a29799a5ad38ed07801eeaf9ec02d6f0ee624e84e3cd4968b5ccba49ee7de9862c343c684d98eafa37e5d1034a6f2332e1f33d0884bdc1fd7f3dd50c590183c91f46d19df20c431f8ee417a7bd5b801d418e94f348e", 0x6d, 0x12, 0x1, {0x0, r7}}, 0x6)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001480)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000480)="a86b250a0b673d58e647d59aa3ed1ce829f488df1b605168be3b4565051bc04aa6713448cf73a670e9ec210605032f05ca6acb0da7fec68dd53250af6a048bc360359cd1cb2de0b474278c0bf7939208fe49442fae2a4c67f092053db682aef034c592981849e226a8d3163f0eb99952a89e3fcb3cb3fc809626a09380ec9683b29838473ac8f631fc9779557e75851df910a6a77858c1f68629a16c76fc077223f2cfe70758efb50f7c1a05d2723db625a4ecabada70e5ccc83a4f41149b5edb74e09e265e299511435baa459e0aa5cd752f1fa8d6e8fc69748e8fee543011540e4c64164964080d5b8939783516aa486afe3440d4219eb52e204a9b5a2683f76686c2262a5aa76081304305b713b08d6fb8f9d60102888f12cce73bd619d0f9db59daab98bfce53bce107a48c7008511663cfca06af0898fcc2c1e045f1bdcd608c52fa12f52737810a4bdcef4b12e9a0eba82b22f7fcc2f328c03b00f796f2a7af07292cce2ff2bd6c0ea18298aa5551c0e3f52e2785fca169338d6be171506ddfb25970d435da36a51ee54c2158c6dfa67896601f4c389a431bae999b429641b8f47143e339940169699b8f9345d2df361ca4e0bf20c8c01d5c9610fb34e16ea9aa531fb785f62cccec66537a9d1411f6be290b998aa618077483eea143dcd00e9ae4be179834eed71a6710a0314f4dfb4dc1a4652dbcfd613b56adceeaddc76bdd4b53f6a3cac0acfd03fc6a3120fc2bcd37b20a221cd63712021b95d6c5c0d1bca39a556a0ffddbd4c5801b6e5a9b401bcdade9a5eaf48e09b966c3eb58e2ded8106a28c9204f394c01928c556acd0c6aae81e4e3856c622214132cc5a9abf18c5eaef88661405cc30f0cdf8a264b2590cd2e335a13a703bc506d97430168a64deb2f852624cec1d993c05c3e17fd2eba3235d9b188ff419bbf2e08676c109cc33b747b668ea16af294e7ca2b373a94a3e7160a6232c46544c1b67e96822c08c7a1431329be0a341e483fb615ced56b5d6592d7b0f8502604eb2fcba5c6a7a66a5ab86ea9542dbd6f5bec4070e4d73a762070dd800adef5ae8a2797c2607c4c7bc350afb6257e9dce527a8931451c8216b7bc39c36c051fee01af5b45b6019a421b51472b6578707ca00cb1635bf4e08a938c96ceee8e8dca38f5a16f7c96ff565521b5f6f1742df63ec0011c5647272fac4208dde74089c496281683bbf18f3284f9395574b5bf77d937c3ba3562a5d79d613787992e3798a918ddd9558015c1398cfc970704aeb848d065e869753870448a381e22e780b22f857e29aea44018dd276d1132934b1e8b0a30e20847c8b7e633614e59a77196039c7eccc2d641cdc0b545fd2faed306d76a60c3f8431ffde5d8c90fdb273dc17a29a106839e87b4de39c8b1f79d7f0b511c8882757d203cda79f4a733a7395c08f72ed6c29ddbbbca13aa71817448812e1d6d6aa1a698f16c7281788632db33df5daf6a9ffec6d5367f422fe038e176417c3c7f57acbfc35db4ebed337ced045b51509e335a9fc538bb24dbadc5a8e4dad926e0bd77d4c10aba5f72e452bf74940dbaeed3b2247273a2e5d3ae944d9dc10069377fe7cec6e49f2b463babd7b1837f0e997b172f4971e2db378575030d28b4872864a59be37f2332e79b951e681f0cbbbedb385d48da7d53586d5c239244abeae8e6ab1efeaab21af28d94b55f21a7dfda8e09d42756eec9c28ea67a7092e316a507f8770efc040f5994335b23646ebd722c9e810b2d6afeedce9cf0d181d667c903a258b9faa7eb51a149293e295983e4a302305bb145d08348aea9ce33c31266016731b2c1d475ed35e6b91a47acb3ff86aa6e3a348f9c3f72ba51136395737e3ffb5c2c680e303a80063ddc960d2203170e171a7bbc5e401ae0ec48e09bd235757dd0b036064b2faaa364230c62ab976d09f39821aa7074f1822101ff1d3f0ffb55d8ec3ebd6651d8ce724f3d2c462f490a39da182bba80bebc2877ce44d25a8e5ba1b2c608b1b9b6033f3c02ca23f3cf63fbe105251a246bc98b4d28202912060258099ae35b4aa8e720c9ca6b2fa6ea75dda3f7d4178fb83d0c9e86f552153d33e161889e7652f0c64f139970bc7c252db9b09bf8ab166e42eba3f3ca5716e7651ed585658921c55f4f20570ff0067d43cb25e157c91df4fc57b4386a4b9c3c6bca269f12842a2aba34bd5ab28fe54c4335026807c1a59c08fd8084a860bc32a6a85402fd8f6766b07bcb4d149bf70cc7b02a6630b037c7ff118ef92e9fa770373ae184606391f7444ce5301f7294c341299ad3d077dc93f334924079dd4d4df5fb501aa312f6b7dcc5f06fae87defeb23b0f6b70dd468aca34b3cb799badcbf8cd879f0418fe0d9bb083c92ed315b51e10da7dead45f8f6ee81a1539bae17b9434f6ab54a80e871b3e2f5ae30efcd42a84dbac70c6f9dee684e1ca33a2af8ea93cc233131a433b8ffe901d958edd2c5c7d535453c5fbd7f3d367d810a91111c10128d3ced036bb7cab0aa0bf89325f44bdf942e8bde68df8f193cc41e8e6b18c4265e7fc5a46b2ba4b896c0844d9960093211558e512d0a53ad790716797ddb3522106776165d8e73c51ef321a9d4ac3a1d5bf01db5e045781fda1a4ddafa96581aad251926170f12d3ad87d0342b9b092fc2754e3ac30911280b84285740c0503fb6f59cdbdc34d0d7c4ef46953f7bc203fdfb6e285a108e03995d31cc7da4aeea31d9bab5d5cb896dac0fd7ca2abd3033943ed5423def9d4a12fab54489385de56e0b91a8f02e381f48cc0c117fb6f3c56a11bc99980a82d3d4c99f30a52bd16b38902d29fb84125b20e0052eba9b88354edfda3d8ff6407bcd4efe01d38ce1f336c061d8bff072fd6220c1468850db2065dfdf33bf036c9d33ad9d18f34a74e48dc9e2356ddaeb2bbfefbe8c36c8f203a39ff8c0273bf48d28ebe1d820d87721bbf8bbbd5e91fc8c4584ced9cb58773fe19a19dcfb8b48b302c3659020269a9373b4823a0bd5377e8fda1bb4ae3649b73029b6f875dd8a5659514093fbe83e7220ebb8f1e66755e6d334837c1c731077c0330ff59c6b0dd8224bfa0ac0a9000332d6f2e49361cd43d4e31da299f8a6544d3ddd3635c6e378ff960a4ecd9e6c497a9a78f4b781bdf04c092402799cd10a2276895ae723785c26e5a0e1f0de6cf5709c402816646a88cdbc468e1cc8dbc722466595d59fd04f12ba9be2ee47730125906ebb164bfe7d0eba805a53b59a88d2e40659ceae721450fdcfd800cba045d6af5fc8a473e6614c649d6a5b9c982fab9a397f23d62907cff91ab676c9941635d5442c792624f56681d9b49de7aeac67f758783c9bc87a0e4f16e0f5dc6b047ccf9d8494c53cf3befb568a856b052fc1ff93eb199aee7442ae6986cc735ca737f6cd22231a962017dd9edaf4041a4fc8af3de6fc3915ceede9ad0058529620de374a6c8410312bcc44f4cfb7fac75cf3508cd22a0c81a75e21bd1738f11353796764f446489a91ffd0ca35ead7cd2fbec8d43cfec8aac975746164c3cadb8800bf51658fb8fb3c4c6d7be05cb3e16af0dfc59b38a56803e6fe88c432cbb20da1dcfc3a605f0c7c5fe984c5a01e7b073ffad3acaab4961077c4ff0a92b19a0894648df78806cdbae05d0f4e8ff3910b579348f8d32646ba2beb9542962c07d0bfd9c3350436314ae8d428d552ffffe3f50f12d422b9a2f1446582ac417fdbe56dc8cf1768af982b9bcf969e30d0fdd1e35b035d8800636fa15c134ad4f94f92f9a43401c505c5ad64003b9f4ebf77ff472fb6f45d18a7be0cf9b5beb26b26d648836c9b78f8c65a53bcc27959cf9178bbf71445f8cdc334ef31d414f5518e3a10768a97a7628a118279d66b4d81a9447d3060d9d2d09ef4e34063c51d284aee1a77babba353ae7dfdf8f07dd7d3419bbb0fb5eed19c911d8747773b8a5cb71441e2c459fc05e83ce603a021bdd91f004a7e13310144d70c13693852640c67f5a2b8ef8a2e67a5e21a9bc679a664bcbd7f1dbe751a0063f49f803eff2dfbe801a798bb5f5c3eaf14767179b10b71f42a16256e99d5d586440484b6161cc600247464ca29202036b0acc5bfd662dc08adc974219dc6dac3e9286aa8966ad116d3814324a8d06e62afd33ec76ee66d29fb2d332458d7ee0d94a77eb7b269e3d6acd48c5c2f1b820e0d40e6ae53a561188dcda0fba9364073d4aa699cb856c5d30d47587ba80b34c1822f45bb597ffa814f39a462a33195d7ccbfecffa3dfaa29e03a4a5384f469f1b6d2821a57ca3877129d575db6f5b9219c67abf949d06ef41fd3057b39fe02c85d627c162e3651b8ab64cdb5ee657ead475ea41ad913d02d9968af7359799bd6d7dcdd9e2229313b26be77f4ed53d8301b567bff8a4381ecbc7cd1834e2d163db0611b619bb30f66d9e16c34f304c4429512ff36ac7cbe7f9507135fcff8e252e52d8949573498ce3f1f471075ddb631ad74accf5187fce49d11576ba9a49395a34637b8388afbdc6e66ca3bf8cf17288d9a68805d9bee3de9d4f169298f0939f569cf5309b168c7cbbce7607ee9bd745372c393efd3804686559db86458cf6b0ea44008cd895396b7694ab603a96ea462de428f9053cf8d7af46ea627a9f7433cccfb8b4e6256a97010f13fb09c9b28fdaf8840cdc3f00ec0960af2d6afbb1374592a24521861e6af17e74b7307c237b78f36910c80c48cc922ee655d51ef8f2fc03410685bbc15aacac888452a188fb91740a3bc4b731f569e7932984102552e1447f9d75d841da8cb32bf54ebbf33c5f7d856ebf76b23a7bca5c630f9ed012998b321f3869cbfca131a446014d0ee654e66dbad639c8e70f80fd23edd83984b493b2675b644b964bad0cc86aa088735248537e63472fd8407212997367e2b9fff141a8ccf8f18540e428a3efe154d3d7a20e570cfb18d3b2f8710809f1f6e21183299f5cbdc2e0ffa773b7e3f1cb894784dd6739f9f2617fa8ef386720b1e78a0a6b176fd7dcabaae18c77d16b68ceaba83adf53238027efc6c215a33aba968e35ddce62edc7ddc6092b329162290bddef6e27a18ec6f2d08938f56a8c84466fc4b9011070114c56d849297f328bc4f1bc0d7ef12849c4ff51d4c7cae1bce613b32986ef4c386bdaefc2f2751629fbdd90d90c94652a4f0ae476cbe57b31d96420d078c3caf16877472942bafa6345fcdb38d34c4b33527798674befceaa8cb43ec8905df9fc34ce7ecfd26160d9eeec749c569f7a30036353d1ffa9ce8b8e9508520ebf59a4cdef13b152d5c78133e9f35c0974a4e251f676e12832150fa7ac6c3771a099df1ad833ffcee36d1cde2cde88321f1b07940666621e012d5bfffcc3185606e7b0e8de13586c29e9b99b8e121034d643b669eab174156864facf6b90e8d5f5ef904be655deb0a17a7fe1c2b764daf677462d37918f70cf8823034fde7c36cceaea3d878be9738c54c2a23a98cdce4e0947c083413ab3b8f3664884aa70e3a45bcf4ad4134cee918d7197ee97cff5b5e02831cc7a1d2dfe365d7f8e7fe60a82b2c01bbd7fabb73808e6aacccd31a8751c8793876dacfe51b3ed6f593dd1ce8f1d95e00f002cc9fd78ba4bf0be7a9d478fff662c619853e286c3cb235c02123ee154bcc68f4920ab9d0adafc1a770185618410984b76c0e1b5ea1acf2c02946330918383aaccf26540fb649e1a271dbb7970de9bc567ed971ce1c161ef35d3966ab14331133eccce89a0ae4850417b9d36c0015af0bcdbc40ca3a98ccfbadd2dd", 0x1000, 0x40000002, 0x3, {0x0, r7}}, 0x8)
openat(r3, &(0x7f0000000000)='./file1/file0\x00', 0x141e40, 0x182)
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f00000001c0))
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0)

23:07:38 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:07:38 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:07:38 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:07:38 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 31)

[ 1275.161058] FAULT_INJECTION: forcing a failure.
[ 1275.161058] name failslab, interval 1, probability 0, space 0, times 0
[ 1275.162691] CPU: 1 PID: 8612 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1275.163621] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1275.164730] Call Trace:
[ 1275.165088]  dump_stack+0x107/0x167
[ 1275.165576]  should_fail.cold+0x5/0xa
[ 1275.166083]  ? create_object.isra.0+0x3a/0xa20
[ 1275.166692]  should_failslab+0x5/0x20
[ 1275.167198]  kmem_cache_alloc+0x5b/0x310
[ 1275.167742]  ? mark_held_locks+0x9e/0xe0
[ 1275.168294]  create_object.isra.0+0x3a/0xa20
[ 1275.168884]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1275.169571]  kmem_cache_alloc_bulk+0x168/0x320
[ 1275.170194]  io_submit_sqes+0x6fe6/0x8610
[ 1275.170796]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1275.171475]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1275.172144]  ? lock_downgrade+0x6d0/0x6d0
[ 1275.172708]  ? find_held_lock+0x2c/0x110
[ 1275.173268]  ? io_submit_sqes+0x8610/0x8610
[ 1275.173868]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1275.174537]  ? wait_for_completion_io+0x270/0x270
[ 1275.175193]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1275.175831]  ? vfs_write+0x354/0xb10
[ 1275.176348]  ? fput_many+0x2f/0x1a0
[ 1275.176849]  ? ksys_write+0x1a9/0x260
[ 1275.177367]  ? __ia32_sys_read+0xb0/0xb0
[ 1275.177930]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1275.178640]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1275.179342]  do_syscall_64+0x33/0x40
[ 1275.179849]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1275.180546] RIP: 0033:0x7fd30c0eeb19
[ 1275.181060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1275.183528] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1275.184566] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1275.185526] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1275.186481] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1275.187448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1275.188416] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:07:38 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8948, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:07:38 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)=<r2=>0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:07:38 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8949, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1275.271922] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:07:38 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:07:38 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:07:38 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:07:38 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:07:38 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)=<r2=>0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1275.956840] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1275.957643] print_req_error: 22 callbacks suppressed
[ 1275.957661] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1275.959786] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1275.961186] buffer_io_error: 6 callbacks suppressed
[ 1275.961197] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1275.976368] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1275.977120] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1275.978538] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1275.979920] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1275.981547] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1275.982261] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1275.983724] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1275.983760] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1275.985305] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1275.985988] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1275.988492] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1275.988512] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1275.990036] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1275.990736] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1275.993188] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1275.993236] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1275.994759] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1275.995942] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1275.996605] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1275.997296] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1275.998305] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1276.000106] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:07:51 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 32)

23:07:51 executing program 5:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8947, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:07:51 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:07:51 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1288.555167] FAULT_INJECTION: forcing a failure.
[ 1288.555167] name failslab, interval 1, probability 0, space 0, times 0
[ 1288.556290] CPU: 1 PID: 8654 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1288.557021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1288.557750] Call Trace:
[ 1288.558001]  dump_stack+0x107/0x167
[ 1288.558396]  should_fail.cold+0x5/0xa
[ 1288.558813]  ? create_object.isra.0+0x3a/0xa20
[ 1288.559314]  should_failslab+0x5/0x20
[ 1288.559724]  kmem_cache_alloc+0x5b/0x310
[ 1288.560169]  ? mark_held_locks+0x9e/0xe0
[ 1288.560620]  create_object.isra.0+0x3a/0xa20
[ 1288.561099]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1288.561660]  kmem_cache_alloc_bulk+0x168/0x320
[ 1288.562166]  io_submit_sqes+0x6fe6/0x8610
[ 1288.562586]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1288.563134]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1288.563655]  ? lock_downgrade+0x6d0/0x6d0
[ 1288.564100]  ? find_held_lock+0x2c/0x110
[ 1288.564561]  ? io_submit_sqes+0x8610/0x8610
[ 1288.565031]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1288.565553]  ? wait_for_completion_io+0x270/0x270
[ 1288.566070]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1288.566565]  ? vfs_write+0x354/0xb10
[ 1288.566968]  ? fput_many+0x2f/0x1a0
[ 1288.567366]  ? ksys_write+0x1a9/0x260
[ 1288.567732]  ? __ia32_sys_read+0xb0/0xb0
[ 1288.568170]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1288.568741]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1288.569295]  do_syscall_64+0x33/0x40
[ 1288.569698]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1288.570255] RIP: 0033:0x7fd30c0eeb19
[ 1288.570587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1288.572562] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1288.573372] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1288.573999] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1288.574753] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1288.575388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1288.576151] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:07:51 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:07:51 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x0, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:07:51 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280)=<r2=>0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:07:51 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x894c, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:07:51 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4ea0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x1000}, 0x4)
ptrace$getregset(0x4204, 0x0, 0x6, &(0x7f0000000240)={&(0x7f00000001c0)=""/91, 0x5b})
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r2, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000010000003800000058710500000000000000f1daea2d97174edeaa140050a29df69ce3802b4041e1756411d5a1c1a9314b4fa1227ee345b532ec7d16e263a41c4fcdd9c24928a883e3a064cd20e31e6d05a3d2c40b90f4680d86223ad4c722546ccbe375baede4fd001bad5c85a31b008370feb9ac00603efd4728ca8457cec49477258c192b0e2b40395620de006d5c21ff1c708e73db0772b4555a6963733f0104000046da9a01580d8c30d9294cf9af3de2381b28365425", @ANYRESDEC, @ANYRES64])
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000000ac0)={0x9, [], 0x0, "46dacd8396fe92"})
readv(0xffffffffffffffff, &(0x7f0000000800)=[{&(0x7f0000000480)=""/164, 0xa4}, {&(0x7f0000000580)=""/160, 0xa0}, {&(0x7f0000000280)=""/9, 0x9}, {&(0x7f00000002c0)=""/8, 0x8}, {&(0x7f0000000680)=""/217, 0xd9}, {&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000000780)=""/125, 0x7d}], 0x7)
sendmsg$inet6(r2, 0x0, 0x0)
socket$inet(0xa, 0x3, 0xff)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0)

[ 1288.631544] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:07:51 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280))
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1288.941081] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1288.941689] print_req_error: 6 callbacks suppressed
[ 1288.941703] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1288.943076] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1288.944128] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1288.945017] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1288.945569] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1288.946614] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1288.947653] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1288.948509] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1288.949034] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1288.950080] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1288.951116] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1288.951962] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1288.952523] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1288.953583] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1288.954619] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1288.955456] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1288.955979] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1288.957088] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1288.957628] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1288.958732] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1288.959340] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1288.962453] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1288.963200] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1288.963966] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1288.964721] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:08:04 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8970, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:08:04 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:08:04 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 33)

23:08:04 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r4, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1301.811489] FAULT_INJECTION: forcing a failure.
[ 1301.811489] name failslab, interval 1, probability 0, space 0, times 0
[ 1301.813095] CPU: 0 PID: 8688 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1301.814041] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1301.815182] Call Trace:
[ 1301.815554]  dump_stack+0x107/0x167
[ 1301.816068]  should_fail.cold+0x5/0xa
[ 1301.816616]  ? create_object.isra.0+0x3a/0xa20
[ 1301.817255]  should_failslab+0x5/0x20
[ 1301.817788]  kmem_cache_alloc+0x5b/0x310
[ 1301.818357]  ? mark_held_locks+0x9e/0xe0
[ 1301.818931]  create_object.isra.0+0x3a/0xa20
[ 1301.819544]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1301.820285]  kmem_cache_alloc_bulk+0x168/0x320
[ 1301.821037]  io_submit_sqes+0x6fe6/0x8610
[ 1301.821651]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1301.822347]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1301.823026]  ? lock_downgrade+0x6d0/0x6d0
[ 1301.823600]  ? find_held_lock+0x2c/0x110
[ 1301.824165]  ? io_submit_sqes+0x8610/0x8610
[ 1301.824793]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1301.825468]  ? wait_for_completion_io+0x270/0x270
[ 1301.826146]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1301.826818]  ? vfs_write+0x354/0xb10
[ 1301.827343]  ? fput_many+0x2f/0x1a0
[ 1301.827857]  ? ksys_write+0x1a9/0x260
[ 1301.828400]  ? __ia32_sys_read+0xb0/0xb0
[ 1301.828977]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1301.829705]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1301.830422]  do_syscall_64+0x33/0x40
[ 1301.830939]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1301.831641] RIP: 0033:0x7fd30c0eeb19
[ 1301.832160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1301.834771] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1301.835831] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1301.836849] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1301.837865] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1301.838881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1301.839896] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:08:04 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x0, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:08:04 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x0, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:08:04 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280))
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:08:04 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:08:04 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280))
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r3, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1301.904060] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1301.904477] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
23:08:05 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, 0x0, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:08:05 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8971, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:08:05 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:08:05 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 34)

23:08:05 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:08:05 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:08:05 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x0, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[ 1302.078605] FAULT_INJECTION: forcing a failure.
[ 1302.078605] name failslab, interval 1, probability 0, space 0, times 0
[ 1302.080245] CPU: 0 PID: 8721 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1302.081237] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1302.082425] Call Trace:
[ 1302.082818]  dump_stack+0x107/0x167
[ 1302.083347]  should_fail.cold+0x5/0xa
[ 1302.083902]  ? create_object.isra.0+0x3a/0xa20
[ 1302.084577]  should_failslab+0x5/0x20
[ 1302.085128]  kmem_cache_alloc+0x5b/0x310
[ 1302.085719]  ? mark_held_locks+0x9e/0xe0
[ 1302.086311]  create_object.isra.0+0x3a/0xa20
[ 1302.086947]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1302.087663]  kmem_cache_alloc_bulk+0x168/0x320
[ 1302.088333]  io_submit_sqes+0x6fe6/0x8610
[ 1302.088963]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1302.089683]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1302.090365]  ? lock_downgrade+0x6d0/0x6d0
[ 1302.090962]  ? find_held_lock+0x2c/0x110
[ 1302.091545]  ? io_submit_sqes+0x8610/0x8610
[ 1302.092182]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1302.092872]  ? wait_for_completion_io+0x270/0x270
[ 1302.093576]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1302.094228]  ? vfs_write+0x354/0xb10
[ 1302.094771]  ? fput_many+0x2f/0x1a0
[ 1302.095291]  ? ksys_write+0x1a9/0x260
[ 1302.095848]  ? __ia32_sys_read+0xb0/0xb0
[ 1302.096435]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1302.097190]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1302.097914]  do_syscall_64+0x33/0x40
[ 1302.098456]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1302.099170] RIP: 0033:0x7fd30c0eeb19
[ 1302.099711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1302.102270] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1302.103365] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1302.104359] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1302.105362] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1302.106370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1302.107375] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1302.163626] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1302.522378] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1302.522880] print_req_error: 6 callbacks suppressed
[ 1302.522891] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1302.524189] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1302.524195] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1302.524217] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1302.525785] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1302.526224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1302.527754] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1302.528245] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1302.528995] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1302.529853] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1302.531363] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1302.531892] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1302.532660] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1302.533522] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1302.535000] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1302.535556] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1302.536287] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1302.537193] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1302.540247] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1302.541147] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1302.541645] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1302.544076] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1302.545225] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1302.546368] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1302.547493] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1302.604092] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1302.604810] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1302.605513] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1302.605977] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1302.606980] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1302.607679] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1302.608453] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1302.609204] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1302.610616] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1302.611134] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:08:18 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 35)

23:08:18 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:08:18 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:08:18 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, 0x0, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:08:18 executing program 5:
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000b00), 0xffffffffffffffff)
syz_mount_image$msdos(0x0, &(0x7f0000001bc0)='./file0\x00', 0x100000000, 0x9, &(0x7f0000004040)=[{&(0x7f0000001c00)="a7b8a99052924c9c9d17e8a6a727adf8efa12ee4aeddc59e996528ea03b9f89d51cb62210061d53f216f290110d53510fa406580917327a7c79940589915b9e82798fc10d0acd992edad5701b70315922c133953d5ea38cee80f54e57a69d3291f45da9453729185391f3c30b572a02edab33961fc30a86b092b58d283370f1c79ce37393a7378d57bdd85f11ce3253ad618616023efc81cdced1fa73aac3033618bd3905f218f8f82014e9ae98834f5df5c3e1024a80d0c0b5784a7ac0ad71709ee9a3340a0788395370993cb14af916d5561895b8174396b8be7ef16e4c376d67f5cc11ba718cb5abbc11de902d7e7c441ef0446c8b2e11906feccb5f4cfd3f07a7994a96a2c2cbd5be4d7979cc5f419e4a1727ddbda759416be88163c10147aeb9b995cc6577c8269d1ac4fbe5702e76ae334a17c30ff06f9b4faacb44697705377fb0f291873eb224e4be2157432a9d752fd00efb774ede95b90f93a024add266f608e8abf3ad82fe1675841f1f4d2842ffd14c27116428724eb01dce380b28f94344bb5c5e0da84e7dc3b4287eac57c2cd579c09c9fb6605794e14f7a52d00bbf92cb4b786752cf0b79e797741f5129e1cb42a6d3c2e4496fc74f3b3d4d28ba6f2148fd2d44706a20808c96c4ae2ad488c60fcb926f13463a9e25f61562ee02e462c8cc7a6ddb7edb088c9b68b33b8208b2c64d0df18ebcc0ecbf02815bf68d4f329646e0a234dbd7df250a6d9a0914e2ea0032476782cf41923cb9f6188f66e787ed15d6c700f3069217f98286de0c5bdd38b7db2fb6640733918828090e922fd2f9ae672ef897bb7c59698e37bf9c64c63355e7e0e9432f09b48cc21bea5268a58f4c8b558bd58f02b8a632f1eb0c0a1d3d5328599f0119e52050de43bf35a52f5eea0192866c8834c137edddc0170f26a8735d8c7a1bdd80f1f42bae83c18cfc8252538a4c0d610e97f7e2a6660a5e957c03196177a6b586e3bbc193652bbd353dd32b0de2217a253aef6a1700621b6b52f168376fc93da3b79cb33d7c610ec23a88a00e4c993857824b30ec7b4f63085291e9575bfa2515b4bdcfca3f0f1368d455dc8ff3dd57aa75f4f761b8359e74daa352ebfab88284eafd227788a348228b78b6dd9f8c630ca7eb4a646ef0ef4308624e4252e7e21c77da6f59053ace7784508235ea7782f035686fec4bfe96769bac8f8035f6647070283c7fb238300d315f81a53cce1ac7a67a80dcff8cc5e5806ac1206c4a5ea53ec8bbaddd86a666e394d0abc371ad69a47853c6aea36947ac8fea088c3a6735e908ce5d3038131f4fc1e648afc966bf966527d485d6be8cec3ac74073a79d5b499941bfcdd56aed1f3c3df291580e0dc8d5b093189429d2f7aeea6e94070c7c021d701ca69497672117d142bb56a578e63e8778baa9378882d727576ea42d19a6fd9e01f73be12e53caf93b2666740dad29dc20f321da550ea818c1d963a4a6e5b2411f1b2757e67107e8c3561a380f1aaeac4c4c106957ed1ee8c923d92b8803bd4e38665253b80f83d029c02def6fb8e08eabdc0ded95c4914211f2aa6441f2b7c4667a9a302dbc7b4ec45b0dd68a7bddc346939423314078c604747d6157809d931042e714b3fa5731c11372dd759fc14e99ba3964de1dbfc4870fcba43ef1cc826158de7563f513bde2a047b7c09e77408efa95fe467437a2d08cded31b4c59811227ed7b4ed9788f531503aa55017b8b2dcbd7f3a7414896dcf3aa3e2f5da61970c8bdc488bdf94171db1d3bceb3effb3034b6ba3fda7ea44c5d99d7966d11ec0a3946a6badad5617464d0b2c41089a4040b56d05e316d2b70e2dced57c96ebd424cb15618293ab5fbe25488df964fca41823793aad7da3e578c93bef0abcdec29ae5ad3a4e08e2c35625b30add434a9ca88ca5ba54af8db2b24e643a42c87aacdbaef76c1eba12135ee4955d935ea187c9c180f0ad10f66497dde91c0879d544be9dcb6aeaaf6566590d88a0843cb010100322a1d15499984a9f68f544f0e1b53d489b0e82fa0f5aeff91bbd9a761b9cd5fef54100f8593f2d904b827e9dbf6f2c72aa22fa5f6dcde9ea7a57996cd35819fecd3fcb89a98fb9d73a9e91dbc2968b4713ed73c11f3594ea114e2a8b16cc71331057017a702cdac425325d6824c2b6847d50901c1c75315c4596efc95e572e0f8d392f4a215d51c022bfb5e524871da7643f09a6f5fbcc9f0e9b52d7901d5d675834ec714a94902efd08afc066c71d6199eb4c2a91dfaae310ca42e3246a6d2e5e2557b07e69bd98f75d7ab7236a10569f8af6f4334029298f4f1ce08a79eee954584690362fb9993f03a8c770933a3f3ff8112b9d2bd64b6edac6f34eaa05c5334a4cc92c0793fbb618dc69104685453ea3aa1e6735ab298654735ddbaf761c11e757a71b1e75963d3ae906cc83468901d118c5e49efffaf8f3305ac218986ea5be3a86cfa505cffff251729dd7868b39fcd53ea5cac6e7be948aa6c56e3a118505c9600980324f2e005af2a12c5a58994fa83d48aa2156303f19c161046c0678e4940a3915431e8e0a5c77ea70d605c46ad0a83f52bd9c6572d77e97f1449cd1d8439314c53670720475c46e9ca939afd4048088684673ebd847af737a0279159793366f57b9486c87ab51b3d7fed799fbd2bdd7c4a6c8b5486604f7741f8d6c82a1c9bb316de80f0bd5f8b4bf44f44ae6fbf1eff444f2172878a56b98c6b369dd75b51115e5122a699795b5d98fb2ff71433f8c722d56f6935c2705c8c32aff835337c119741f63d91cfdfab75e7d78209169ca79f31ae3d0998a9e8644c779aee21f3a7c6ce917016d15af80b663d9805dafed28b29e60842f1182bddaa93d1b517ed6e05a3fdd03857c6bf2a6c52017ffd8bae9795e0cc886768f772b5fa99a48017c763a7cd8beccd9208d7716396343f1d822ffbd6627673fcff46fa3358fe47a37f939e83b075eaa152348688a55a962d8a9af57be9c8f8c90dfdfc980b14e84ad632c6ba639307c723a0e8fc9a5a3afab90b3fedf4c50f9b8d1e78c10c945f41b3984d9787b2d9a9c151b83cc662997c587c07c7351d3661602169d3927583696802331fac6e8df6c78fa50aeb5f80784cbf905dc6d4ccc002307ede85731c1994a0b24b4714a7f81261f62b5e6878677fa43035e70c9a777d990a2c5cec0c7897403221e8c980a2dd8c574bf8ada8f3b00c7cbc3de04bbbfb555e9ae165989a7711468a74ced4f5817f3195cd729b8a48219e0845051611bd21eb8ac77cf0ae7308fb698f5df42f9c5f03d20c2602c907c71336019099ee1c8ec2cd473ea03a6edf2efafc79a0507467fa9a01abe9a450ee0e88cc5be14085f44cd6e43b5a2e30af8dd68199f20b8eb38691928ee972eceb96caac00a9180ee4077646dbfecc4eebf32092bb43b7a8ee7abf6e1618556c8c5fa5c5ff9b59be0b1fd5c1ff94e6d0c084270f9264202bf3bc6713db7e0aedcf41f1a42666c597ef20fe831ec576f3e04558d87bf00940efa91e9cb0509864002c06d2a8641f3a0a37be567b032c7e5d2420f24797e56bcddeb99b1c0a0cbde662a4a973203a2e48c3f52353feb952012e2255b73ca854f68456ae155e5fbd4d81afbf363e3081b42f29ca01eead218918dc9a14e4c287a4f86e94dd18984ea4b638722807dd93e9d69dc02d19aa90d558844dd2ea92fa82cb5bd3213d72c597c5363ded92cb2e1ffbcb50189957a9f3ebdec02321a16af2464e55e2c709c6c6905a5ee902ea7e44ae1f3513a6b1d594b921b77992b2f07f489eaa85f980fb4ac2569706b742fda321d2beb6ba97e80b10101aafa1ee8d4593c430572c1f80c53c6eef075b721d278bc77cfc25553db48aa584abed89657febbb58be187f8133cd391de7177e27b8b1b5b2fcf10331b198b4b9ab522570f246fe21eff75ca886255a3e29a8f707d4a0712e1f85730ff1060e133669e8c9d452ae54a3cc4b78e25ff4f721773ed8d2d50acaca2ef2006f99c8c4672e509277e08e9243696d5251bfffe8348b625b92d1555aa156b0d981c69f02f3cbe469eb35cf4b6820c9b60c929564988ee6e8591cadc06bbbb5830c21390511e2144b60b5c83deca2e17948fb31e4d735dfc3567d0eca46903a11c12f1fb753189f498116ba4538dcae78e9cabab15168ae41b24c8fdd4bbf67602a45bed037572caaf73d227ea75a0a85f793dc6bfcf026e2da1c78008b865dce0e9bbd07e212ea25a3b91e56666e1240d37e36a52ec3fb6d6df63197568a676a755360f4609fc06ca2771fccca515e9091565db45404103090c808feb5d5c81c2cad34eca349d4ebc43cb44cad29734350e2ab3579fb01d8ead2d6cc1a1ac02bbe3b3770e82ab72e82f072ba1a6393f22d766b712886685bca353609966fe7cb7672b1467f1af72f394b6c7165ad13963b266f12232efa2d2ce05823492273cbe42fe74ca040e2dc6cafcbc31eca790205bce070434164c87a897fca2c99c36b91249546c999bd83bcc411ebe2dfdfdfc8faa247be30ac88201fd7e75fe26c84d06d178d9ce362310d0d1fb11abd84fe256082ac6303854ca5c38e3a17ff04fd71d654008c9e5a182828715ac7944d235e68faa709cc902ed4c2ee31fd1744a6faf436b038e1b37bb50ba0b790d786b22ccceb66aca39c638d7435d687623a69a0a1710d55439155c454f8602ad4568d589a9d3b481566fc778cb8b072026628cdf5665623026180c3a52a95e5999bf3f9f8581f8766526fdf37a36eac1e94448be12f16c34df75ba2c8562601f2176ef1d1b0dbef7721ccd0aa7a8cf7d8bc049d4a3aa67c0cf7ce7fdb34fcef949a552ad92708c3de19b4b2767996f111cbe89ccd80489e94d3dba9091bc2339aec152a910ccad22bf54f55111eb24192b861a567fd9613a39a97beef6a40082899791666d1af1b82cbbb4ebace8b6ccf41911f5f65948f774fe5016e007adcf9784df9a3ba2c366b61b19536f2b8eb01a60f537e204dbfa91611458e08260eab8f2d71b4a68718e62266c845e9ec77f737b0f8eb9c23bed94d94a1b0f2dc3191e831fd7d0c6efd7c256c713c5583e687a2642916a2804e333b09b595e21f1e84433aa7049b951a1f70ce77f53d81204c0311475aedb9be48d2f4e7fe046dc00baf259be896841bd37e8723aac60cfcc90f441c25be5324c362e50884f727b66b1c0de64880b3a27de4e1a056a74f16afc05990624a0f337b0c9ba5243194f98404f85e073fa8ce07f09d11df12b2311b656388dcd88ce4c95b2f9ac283845f5529f487157920c40dd0c6771712b3627bf37ea9fdb371f0fd5f386b197eed55e5d2464d00cfa9d5f340ca6f81382d13a0640a718ee983c6f3ef1d75a622d498cbe06f09f5c6de7d6c3136301c7667097b2f609a8841436b7b182f74e8f604aafcf55d117b97ff274326f2572fea0adc358f5a07527d980c58944d94e3971c1833ab01cd23beab4cde610fcca3c7e036622b3d2eddb4d376ce9a26da17adcd59a6ff30dd33c1995c5bab60691dd58bd0fa754fc70df6ebc7ad2942dc1b0af1e0525768deb96106698bbfda72c13469291c93ea034d9fa3b603fea887cbeb8ce8b2a3b951e982d27586eaecd34893deb38ec98fd98e1d02f6c6629266680514a44989563438b7c70406952bda144e7b5c1c59c73fc1bcf52dbcdc50a2ac130248fcd11e57d00677500ab212afe5af6ffe21ce6e14cd496e3ea9cfe9d38b446bc700b68e9b7e59bbafbb42442f94586467512c86d6068bd9821804f0", 0xfff, 0x87}, {&(0x7f0000002c00), 0x0, 0x8}, {&(0x7f0000002c80)="39a494756f55e052ed6c563aef9ee2b9c327d2759dc44d0bd9ecc3eb133ea2411a487bd2ebd8b654e962b36578701239d6744d863d2d7401deb38da57cf28cdb8b67ec9eafd13c04e6792a400fbf755e72119d7ca649fb2ab209566281a2e03af25da55737e17aa9f402192d75537618762e47e1c8e63d76872d633e6a740b3e850aebdc06b218b8b99045b49c4f2750e752df7c07384ebefb84209d4379dd295a256f", 0xa3, 0x7}, {0x0, 0x0, 0xfff}, {&(0x7f0000002e00)="2179632d8daf632b6270b9254892d6e4dc55c2a74b037456c0dc4979a0cabf2d37be92f3bb93566cded9c1ae4acefae2bf10839777223c0f451a36c5f1542d75d5135884755845540cc3a281291b3b97bbcca3786e49f02d330c371f8830d82dea171547a7", 0x65, 0xffffffff}, {&(0x7f0000002e80)="054dbd1ff6fb7370a2f400e937ba13290bc2867a8604537f1f4e07ee77bfbb1f93ce764501ed965e91dd068039b2eabec59c9aadd0abdf81daf0f3ecc2fea026c3692bbf3410f542fd70f65727be331c996c766823047215bb81e97e425237e30cc1dd46b69c5a7c712bf1bcc0b971916f563709d0381a74534caa8d13b940e9c6803f7bd07e4eed63c4c6ff9b365b403998d80bb69aed998d329bfbc0b0b3403628d278b453cb6f68265334e557e9959db0d19f41d6e5ee458e9e3bae3451571ea88feb230a63cecd2ce12b5ffedbbecfd9954db5008a04fdc87631b8e5962d5914eeff536844eab6b866aa3f49cb2445eda0112e241a4e84e28ad9646e0003d9cd3003458b9b1e77718ed5cc69fa62638c7a205d616f7eaf28feebc53e6d2be2c453cb2e22547bd006a1e66b7ef809de8e5396e345677487ec037622b91b1a870e43cd87e6380066f5a734856b9727e42cd18ab44bf73a87a46381d6f8658f51e86ca4b4174a3e04a508829e056674b65d7d0371dcd1724cbafeb9640b1a3a3f8f11267142eb93f216e647d590b5a6bf022c52ae95c8bb75b0c100ad1a4daaf75ebd5c905bd71a1f1bce4f5dd9e7e957ec417cfdccf73dc8f084a0e272a27b3b5089ee3f5fabbeeee255471f9ef4b5de6d0641669579bfa8b32b98550146fa13230fb1ba15dd83fa6413b79018c9d0937a8e522ce117a71619291fcf88dba109214363b97a288fa445bfd4520439bf30108bc3f6001ff18a554b4f841637f544239cfeb8d583ab8ef44234b1b7929ba0b7d8ab50a47b99cfdcc94467949a33a19a5bf60f518f57a2baf93b95abeaf348712658152f453460f4e04848aa599c74a14bc78527bc9a2e888d9b3cea217051d763f2a807976a8d0b947f415925fa432ca27ef1073a6250523a376c4fcadfd7d93de1d251c3c683e503a84576b7790feac26163a3d8c62b6b08e8bfe037e7166ec7e0610370929b089910a294bcf4aa3533f81958496869baac4559540411d27359592659d4ff0a986f68015f87ba351de9d6c0b583dc846eb3c7cfb1418092eb2fc64ca8ae6bb69660d468435900f865f242a5f85180ce694d0f77b91d7952dac084399e686d1e43806e08a45c5867c0fcaecd5aceec1e6c81aa4e5fd507ceda7152fe42d981730425fb1a47e4ecaf8fb62c13948f31513687098d32b9df2041ab8a1b2a9f133a2c935daa95aec3c079746be4b04dbca6eecaadb1430dbd29efc2a928f4a66bc22c7453d9a9160335a5a39115fc8267702ef2fffe3a63048896c385c4587cc14e54c95df1886951ee1ba7c5c70b512abc2b1a8914dd9d9ba5e07476ac5ade5f6a8feddfe0247088d083127bf8ac417538a48b3816080973512738a4d4eaca952368731151748e43a1e39aca9b12edc616f0df44f9b70647bd6270976b8970f98d456f60e21d5b39df5048c02124c2ce8685e5bdad502db0ed3ae2f00f9c361970520a3082193458c9dbc800e4e55c564f738ba00dfc593ac66d0262444719779f4a04d6ab955ae82bde8c2b67dcc6d4e587bbb614e41878663de1e30d2b3ca64b7b55569169d4c20163a4650443b94458fa01e562e455dfd44c3c6b6c03a2d811f13e4ec4e93852e0c5ed7b7eaba0345f0561250a6c44b7bb0e51f336909652443a725993986d049ee48cd2d753b01e7b478f5e09db7bb2c21473bcf50c40b21f9c7363336d7a113df0a8fa9d68f50ce8f82a29c90295c1603375ba838f16cf81cd23cc913b034c9ff4a62aab0f4d1be85ea0e0601b54651ddfc56c1b5fd970ac199925bab13015317fc3d33b43509c65952d2e40190572a7a630aac392b75ed7209587526a44d7e52033fc485805a0d41d976384862b07cc2235ef59b9e467eebedc8d0094b78f58af44c217c7239de55211d488ed16edd45aa4d8d316477d6b465b24fa6de510dd588086dc5eab0a0f998acc10afe2279cc1e8de046db0d787d969098abe3cbca0d0fa09c53aefc144929b8cae99f0072c5218ecbd582c143885017c6cef58f446713a6488c5c2e888cb44008c4c788e464a6ea7fc7766ea4b0fa539f4b89f3c2b377f586d43c8e6a0e94a25a6412aa3000099d0ef43d4b8395c4b04d3df05cb6703c48ab706f687fd73cc2206f5408be2637a6a8227d19c6fb1bb9168ca6c4281c4a48d786d8a959cc6a2ad02584cd5f6a6f5702e19a3bb2b52740d53b1a2d5f5ba2229560508ef026258ac905bdd96ff1ec407e712ed2808482ee8d812c9cdeb66edd101467ffa57ce03d54407db75f1c847b04c88c1b1e255b2f3f2e427f53d1d1bc6fd96e4ce0250030974271ed24bc0488f2312781c5c1ac90ce64508ac0265c2ccc460c3004a127a7606e3f80329a2333f51deb28f0b4969472208821be5b97d80c8842d129cf43b16608467be3127554790c46b0d63de22d669610f79f2ebaf72ebb6bbbee54cf5071d4997748867a2eb5b101bd9d7df380e0edf930b69ee7b187c8f7733bd9a8156701896c1d9b8f7fb1b4d593bc170cd60ba74fade6f6f3552bd32464ce4ff10c46de47c2f56f4819a99b81fa9320f29d61a7c6a8ac69ea093d823258bb3567c3d0fe97202086b75a5b86cd489bc262eeae793a87d8ba6487017342ed586a8288f042c78e7acb0d30931dab72c13f0f3be86751c0df5b59c83f39c2426461084f30df757ce9c6ec7de58b4f5bbee98d85574b9fe04f37ebc91e728b24c39f47d4d92114cd4cf38541c85a8c8b2bf269f7b0bbe7250b36e654b07757c98e11c1ef13438f557768a9251960f029858f818358345954517b1ae31a63bce7ba6edab32854c88ac3bdac9b3df9b8d42984f567fc65a063744837167264ad1606c736ce6a7ffe6c05d81da3970a9a4b0b9bf16ee45c80cdd33131d80c0dd36e20606705aad33024028dd1732c9241d915c8938047d0c20a766d64deedd629ec0937c35d017451f6b8a606f8fd7acdb5ee7fe5a501d15b5da06cdf62cabaff3d2fd894835df271f8be00611cb98e8d19d87423a9159716ff9ac513d4b77bb6f53f3b69df516d34b13b4eb25ca9c97574f78ba1ed8a4afcc4c89be971de460a4f81d464469b1514ffe23b786a4a4d451bb9468dd56605cdf373abd09556305a31f81c2fce482e7346419fa1eb1d3c8265fed940f10d65b2e327491508fe87bde05e95c018d5da217e0056040d1441e582b956ffa91778df88b11fda78e14a39cd85512c55c62be5e2fda78c3c246d8dadcaad5ba8eee2a1bcc79db02a2bd9ebc40a5f5d57772ad873e05885bad452ceb99c029dddabbbcacf52bd85002e984e302dd5191564e1581a90e09c2a8fef93c76a0cb8a44afab5188590578ec1f4fe099f96954cb68b4d68e92fec8117a04eab543cbea03aada068ffb1658cffdde35b59d9707a775d6a0c6ee2debd7039764a1631d8cb872805d11b2557efeeec2230aa6f5f82ec217b2d5b8fe634f89b8ea611f4c302cfd59cfdba46c289dd8d2aad763bdf8e182d8448ce80dc63a301a32b710748083599ff52919b67e114ef7ee6c6f71881c072d2acaa03b70a843dd36cc9ec2b276465ba60b5ec2f128faf66b921f13bd8da3c462c8c365192d37dc565bfff48dd11bd50f119d3fc3ca37c270bcf8c8c6efc6e48191560c2d99b2c0361438be2b59bc08f29fefb3ba01e913a891876c5b62264468e8d0f58c309e76c77b5233d157b1544dc62d8070e9f3cf59a8ea0cb13244966caf0a343ee996c4ff995810579a94759109a2af7e89efb1e7f1bbb4269737ad1a2f6d124821f31a6f913fd59b84b4967d079c3b1bc939a257f71e99eda4fe91ebe87122e555abca210b090145164377f1b9a2ae2b0ffe7d8be8ea678210541de5afe1b637c085aa70311a9d4e5152f1d2f0dd26593ef6a06e256dad6a9756a4b2a9143e811ba9a54767278d4a2dccd47ab38938585409e7d65412e22c63c8965ac9c2e56695fc4bb2fffbfc691de982fb9d85cdbb7c33dafcd71dfcd90fb84f39290cbcf097935d225e5008d89d4af516f523a79b161490c51f713a4b88fbd4e9f8ff3085fe20413f3e0182fdd3f01fcf7ae57783a0d33a4f1c8d179033160f84273ef042b7c1cdab037da59aa05d5f63e58b0cd7fc875204a48f2e87ca481bb39692fe5cc3b6da4aa71a988ee254e3a24607bd1531a6d61d4de3d12cea9935408c115fe41ac27519f8c3a9dd9d4f501a45edea0e05a48b641b745eccadca1a0684b76bc0a614e932ceb4d56b2cea5bace0c53985349fbb600dc82145c328f3b8c11dc9fd5dd55b42d243fa66dc18b4b664ff923c6fddccb0ee5c1fbb0c457ea932b2ed87e20df449f5a1420f29bd9771ff35eb823f68a72315bdf3deecf62e0ee3aa4c08eb9765920c4b9e7f32aeae7852df8ace3e8e81c991d0d925e0ca75bfb7309350def44b5d64e223b091e3a1df48bbf15880f58bd35f51be0fa19753e793dffea5ba7d29954f111be9ab092620226602bb79793289a3cc44946184def1baf2b8a58abdbd663c63ba8743d23bbba34a4c0045d75e6bd21476fbb526bccb723c94edb3a86d526f80b429dd3ee6fb6d0c8248d7e91b1d030475dc2134bbff24792cd3a4c9a425bd2bcbf960235c24a93336f4af57fbdbee83db6ca2d9058a19f20e5b794f0e4c9fe364a6fa5aa5fa54fd399237002d53606b309e656d049c2786e5e8e73affd7baefa135ff8336384ce1defc866098dd345d23536446a34753b56dab08ead9d93db30b4430dec81eec09048afe8c058b00bab536d5d761578d9160a577e4d6e8f11f1a06f1b5442948ef89e759c6caa06f470e8778283e6ba22d228755cba78bce5cbbdbf92393f06d609b7ad8957900b34bea2ba1fa42502cde57994ed79c91daaca5e1df569bd414618dceba1a82ddd877ae428218bc34bbd3d04a2087179c6c54114aecd4f637b1eabf34c1eef88ae08710e840ecc20d3a5e4f390aa4941f9ba99f15398197a18a3150285af7cd49b4ebb395417cd6f2b6a790faaa89a2a3f68711bdc0867c4b92d7084001506d5b2f710f4f3f309a320cb4e15354ad1925160a49ceedb58849891195ea8d739e1b4b18bb4f001a8abbefb7a184117092679209c8503dbff3830d8d3ba24ac34ae6a25ff9cf6c23968a3cb507615f59ced8cefa20914e898dc65720cdd0834495c44510db264b705f77db35776cf54e0fbf41b25637450f9a3da18db062f0fdefbc48c13aa8d12732779bb96887123e27854c52cb1dda4f73952fb6ac9628cfa12d61b3d185ab55165305a8b16cc20578e7bffb27402624f704efac2c5040ab5b76ee2b64b2e13fbc8a17af907ab2eb84489bfb70bcf1660ce4743c19c9b33d2d38ebdf3e019a1872519343d7dae5175e0aac6e72f7687c38793d", 0xee0, 0x1f}, {&(0x7f0000003e80)="ccdbd94f3466668ec7065dd18f66c6c9a11fed994a3fde13de3f31817b4d46faad5499494ff5db7e2157d97fb04108fc2b36f2a78ddce47e5bea055eb5405bd9564523c4452a9f68c99ceb7bb2c3398dce863b889bafc7e2279628a89d68686f3746f5353d9863fa3e436e5ff5be4de5b6427b716b647a2eb1837b97af788c6923738e1d2482d48801a3c0e1f099226094d62a8201ff21f360de6810c3fda329a205339a685995bbfb855a424ce7998505c7b002a13127e174247f0ba47fec0c52d88408eccae2533a3ca737b138895ea401622bc8e6ef6f61fe36427d2fbbb6166c736e89f130648cd5976d", 0xec}, {&(0x7f0000003f80)="28a09f7a5d8e", 0x6, 0x670e}, {&(0x7f0000003fc0)="cbb369c10d722e29957ed4a9bd41e634a8a37f577a448a0a7a4505ca3b3860ebdd83b6edc4578f8c28bcb9f115d0d1c28cf88254f460cef467ae8ac40fb344961503aa3a4459a83b9124f6c6e36c4fcc84b99b21060cb698dc4e1ff9d02ff0355e65ac1dda", 0x65, 0x4}], 0x2, &(0x7f0000004140)={[{@dots}, {@fat=@dos1xfloppy}, {@fat=@flush}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@smackfsdef={'smackfsdef', 0x3d, 'y\x00'}}, {@pcr={'pcr', 0x3d, 0x13}}, {@smackfshat={'smackfshat', 0x3d, '!['}}, {@uid_lt}, {@appraise_type}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}]})
setxattr$system_posix_acl(&(0x7f0000004280)='./file1/file0\x00', &(0x7f00000042c0)='system.posix_acl_access\x00', &(0x7f00000043c0)={{}, {0x1, 0x5}, [], {}, [{0x8, 0x3}, {0x8, 0x5}, {}, {0x8, 0x3}, {0x8, 0x4}, {0x8, 0xb, 0xffffffffffffffff}, {0x8, 0x6}], {0x10, 0x6}, {0x20, 0x2}}, 0x5c, 0x1)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x234003, 0x0)
openat(r0, &(0x7f0000000040)='./file0\x00', 0x200801, 0x2)

23:08:18 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8980, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:08:18 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:08:18 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1315.411402] FAULT_INJECTION: forcing a failure.
[ 1315.411402] name failslab, interval 1, probability 0, space 0, times 0
[ 1315.413110] CPU: 0 PID: 8738 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1315.414066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1315.415222] Call Trace:
[ 1315.415599]  dump_stack+0x107/0x167
[ 1315.416116]  should_fail.cold+0x5/0xa
[ 1315.416668]  ? io_issue_sqe+0x2492/0x77b0
[ 1315.417255]  should_failslab+0x5/0x20
[ 1315.417794]  kmem_cache_alloc_trace+0x55/0x320
[ 1315.418446]  io_issue_sqe+0x2492/0x77b0
[ 1315.419024]  ? io_connect+0x610/0x610
[ 1315.419573]  ? lock_acquire+0x197/0x470
[ 1315.420131]  ? find_held_lock+0x2c/0x110
[ 1315.420733]  ? xa_load+0x12d/0x2c0
[ 1315.421238]  ? lock_downgrade+0x6d0/0x6d0
[ 1315.421859]  __io_queue_sqe+0x90/0x9d0
[ 1315.422418]  ? xa_load+0x156/0x2c0
[ 1315.422938]  ? io_issue_sqe+0x77b0/0x77b0
[ 1315.423532]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1315.424235]  io_submit_sqes+0x44aa/0x8610
[ 1315.424869]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1315.425603]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1315.426285]  ? lock_downgrade+0x6d0/0x6d0
[ 1315.426869]  ? find_held_lock+0x2c/0x110
[ 1315.427446]  ? io_submit_sqes+0x8610/0x8610
[ 1315.428065]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1315.428758]  ? wait_for_completion_io+0x270/0x270
[ 1315.429441]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1315.430100]  ? vfs_write+0x354/0xb10
[ 1315.430627]  ? fput_many+0x2f/0x1a0
[ 1315.431141]  ? ksys_write+0x1a9/0x260
[ 1315.431679]  ? __ia32_sys_read+0xb0/0xb0
[ 1315.432261]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1315.432995]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1315.433723]  do_syscall_64+0x33/0x40
[ 1315.434248]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1315.434970] RIP: 0033:0x7fd30c0eeb19
[ 1315.435495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1315.438039] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1315.439152] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1315.440152] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1315.441145] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1315.442149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1315.443148] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:08:18 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 36)

23:08:18 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1315.509241] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:08:18 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:08:18 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/if_inet6\x00')

23:08:18 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, 0x0, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:08:18 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:08:18 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:08:18 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8981, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1315.661872] FAULT_INJECTION: forcing a failure.
[ 1315.661872] name failslab, interval 1, probability 0, space 0, times 0
[ 1315.662816] CPU: 1 PID: 8776 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1315.663348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1315.664003] Call Trace:
[ 1315.664221]  dump_stack+0x107/0x167
[ 1315.664521]  should_fail.cold+0x5/0xa
[ 1315.664832]  ? create_object.isra.0+0x3a/0xa20
[ 1315.665196]  should_failslab+0x5/0x20
[ 1315.665498]  kmem_cache_alloc+0x5b/0x310
[ 1315.665827]  ? mark_held_locks+0x9e/0xe0
[ 1315.666154]  create_object.isra.0+0x3a/0xa20
[ 1315.666501]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1315.666907]  kmem_cache_alloc_bulk+0x168/0x320
[ 1315.667281]  io_submit_sqes+0x6fe6/0x8610
[ 1315.667625]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1315.668016]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1315.668397]  ? lock_downgrade+0x6d0/0x6d0
[ 1315.668738]  ? find_held_lock+0x2c/0x110
[ 1315.669065]  ? io_submit_sqes+0x8610/0x8610
[ 1315.669416]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1315.669802]  ? wait_for_completion_io+0x270/0x270
[ 1315.670192]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1315.670556]  ? vfs_write+0x354/0xb10
[ 1315.670850]  ? fput_many+0x2f/0x1a0
[ 1315.671138]  ? ksys_write+0x1a9/0x260
[ 1315.671443]  ? __ia32_sys_read+0xb0/0xb0
[ 1315.671768]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1315.672179]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1315.672595]  do_syscall_64+0x33/0x40
[ 1315.672891]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1315.673300] RIP: 0033:0x7fd30c0eeb19
[ 1315.673598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1315.675041] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1315.675642] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1315.676209] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1315.676773] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1315.677333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1315.677899] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1315.686087] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:08:18 executing program 5:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x1000000, 0x4)
r1 = syz_io_uring_setup(0x3763, &(0x7f00000001c0), &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000002a40)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000100)=@IORING_OP_READ=@pass_buffer={0x16, 0x1ce96a1d274dcb2e, 0x0, @fd_index, 0x0, 0x0}, 0x0)
io_uring_enter(r1, 0x76d3, 0x0, 0x0, 0x0, 0x0)
sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000180)=@qipcrtr={0x2a, 0x1, 0x3fff}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000200)="020300000013890000004c435ce0f87181858c75fee2e2e9818e5a65e027ed753d49d8fcb2a18956fd475167c74900c9f170abcef15a2646cc6bc18bc7ea42b0a819b9aa6d6e0a40de161036b057c609c453dcc0193484715e01a3cf7350060000007a6365dbffdfe98717e7ebe77c36cec6bce2ec8f103a63900770d3e65bceb99a05540bc374fa63951f3f5e61d7f3b8f42a0c424f365c06a2c48ceeb861cac60d331d245222b91db0251200a4f2cc23aee7fd9a8b8685a8a04640058f40daac729ebcd40ce8bfcd656d6026a9f2f3b9cd45a5025fa08711865a", 0xdb}, {&(0x7f0000002500)="ac62de50be9150cecb9519feef8aaefe2e318345b124699ae9b420222c5d8b3a256f911da3e62781ddc19355864186fdca40a01c749a2e21023119a234c0870ecbebc3d845ae8d1413e9569178836a211be2064c1058da5bfe94b2eb55dc5e7c04b6d551a2b8a66b616a1f560a814f1104507dc4aaeec0664ac5033f1f6f93878f5ac86eaee7c577754b20bc67739e8ba0c36c71cf67d48fc48d634216bd157bbe1b8538be4354afdc9de93d7b50411766e773b656ec9e9fa28d0bfa23ad3848946811c51e47d83849586641a1ffcd53ea8ecbc0127f3a0358867b3f5596486f17bbc224c0c2d3026f55788b76bb00afb1aa130af0e592f309cbe4be262dd282614e2cf1feb35ec5b620910aa89d5046dce6c4bdc56e736e6e57f2ff1d5dcc08ac0dd637a2320c32859ff091ba48f1a7b86a9920cc976933f636d898392ffd2fd412b31ebff14fda3ef1cec5dfb280b5f2b0618fb8403c5f45fbbbd996963066290fd546db1e785b1b86d0b7e726ef4dca1b4fe43b8cd7eb5fe1e46b4ee4a930d0fc27c99dd3de35699fbdc46fc8ef26e5ca0e48b3552e3cd03dffcdde3937fa5708e189b268f4fd87ee7fb58a5050bb1adb8ca7639c047059dfbddfc1de09ba07f1c8b59b71c9f9b906bd22e7eb1584debc753740d08afd8ad9dfae5d229e26beca1fa2f5023dcc846ddcc99460b8e798c51e9ac9ce21e53156dd09ef8e74fa17861580d64b46d79c985dfc3b0c7dd7938f891458f11b7d407c3ced632e7f4723eda9ee1ad17fcb917824181c9cd727b90b6c60145ff9bbb7ae96168ac5ae059bd3458d29c7a8ad489dd24f4478e6a5fee88acca552fce511a5b3c1610bf82d18d1011f21080e08f45ffaaa6345955f98ad55876a44b8620f3ba8fd14726114bc5c38f2ca630db5acf3366aacd5e2737071189c63ccf5e1678241f185f7d7ba11a9a353f6406a412626cf7750485b52dd5d55f2e18cc4f29239d9d492e9cd5472ef2c2f5f090766da7836c86010ef0e0b85b573a35bd713bebd46dd917b72a4dea62a241e0647ff49aa954622fcae3fe92b3bef09ca920259e7aff386aadc77031efddcde1d7efe831a94595a30a5dae28b3c6b6d74ebe964a79280a973541140a454a75c302a65d6a7bedeec31816ad6efaebb6d55d4d7520db879af640ceee27b302d23e76168102f390cd28b7460afaedd3572bbbab1792c5bf87c17fa47f42ad9897f0318b206a2b05c5fb252d514dd8ec68e94777d5fe75e1808304e416c6fe4f8b977773e0100cc6345051a1a7f567c058a349604ec858b709aaa04b686238fd88db3a734d2364821a305acca6b73385b9332a0af3de1ff650d81af8462b3a3301059e8df7962f0c1fb8136986fc2d468bb37f46747bfe385ac0a40c00a324e5347819141b37b81b5a680a1586feceede794d43183d4878738059f70547cab4ed57fdc719f0d99d3a43d766f75290c56078e28ed7dd40fa563763ebadccab40d8dd366ea4f022c97a6cbff833ceb5db9577e62eb43eb5551b018b574034f691a4beab2159442fd64cda674ca4b40115f9fc45cd92beee39299a46858ce7c52eb480b9935649d6289704faee8ed77d3f317a9b81582f4390148bdef975c2bdcca9980d6008f583ff7bb4df58074dd9cff957b2332fec97175728f40ab5edc5e3a6cd32e2dea2bed4d0e8804f039e11f0342b8999b8da86f7a92d9b33c59b6c925964a23a950e388c63aaa2e14731b73a0e75c9bbf81a216005335d96f3f4a8b59fccc8eda15a7e2a905a8f7db13223cfb2203c63f9c4f46d06ac7d3bb3011340e41ee38f693f0cc0c9bcdcabd4629dbc967a1bf05953caad2f23112bd8e77fbf256a8049695014085b662771f632821fe333b44a2c6136ff5af5df64d6d9f9d9fa9bbfe6775fd4fb7717b0ca416c6fe59b6e51ad7b40f4225df6b7df4fc3b2ddf3177a4350ad5347935a4020681724309c296ba2f7fedc57d20b590c2e322b259b62a4005700ed227c460c49d06571783afe6ce5b316aefdafdfc0ce3b827d06f3e0b91b445f26a4e9e29d54ba63cbfa566287e45b0bfdb751e7e3c8442d789a6f38443ca05b8ae3565c7f7147a32a3320eedc1f9a7c6d519494f8e44db616aff485ec07bdf8e784a50b4d77164971ae3fd362cdd926e5eec43a5f4604d5c2fc5c66c771352f0c16110c5947a7263a6ed417be93cd4b3f71cd4b6c600e8706cdcdf062fb69bc448ba9b15aa99b9abbe87a5c5fe791283399b565a7e77c2981d56665c5f6fda8e3eca6db9737d3c3c8d75347dfd823bfd7487cd10eb5120c205c3d98366a9e54de2e65345cae32e0881356d6a6522190a8a97ff745edec1357fc0dd2970f9219c856c391038cdbe40ec19d8290583f0c550823089d4d7dc6f61637e520c52ae2ecfad8172c65823c98770238ae4cd932994f3f3068293c7f927f7a0ff5de2e323395bc4cd6719fc26caa140ab99d6be4eb9e6e3556f533046fd3cb2e4fe4151d7ce90574ecff3127860f07a7b81cf455103fad99160364db2d187b71b6416f98fbb5d6448a62e415c5f728e6ff7f4bbb27b643ad401fe313b994d3765254a205d8a21c702cb392c5c2144297ac5a168b1c49bf06474d9e444f5bb4434a00410f52c3f445e3591aa0f833f5a2c8bebaf216ea9923164b39e604acf636d649172f7fa104587de218afc9b7d759898fbe68020d52775f3595b19fae7dd71f0fa235990310a6693c206f323b30c21dc371c919234ba2f5da66d4be085d5d6807b71308cd20d3d2dfbaedac918588939b061f044af18ff67c28351a8c8e7c7bfefa2d7a2da97f50d04160b02ea8e6b2ecdd0a8a06a0165804a3cbe7080cb90b109d580668e47b7f265aa57daad2381402fbc31b2bc9c5432882ae2d79f0c0c2fc7b1af9f9214aeed0662fd5837a0356114c6d4f4d9db90cce905daf342f6c23a0dad59e7d12c31e88c20d47d983af96ecd00f566d3715557a6aa975b6992f9e6953fd10c2540d7d5d9710f28f2e1611232727fe16fe548be72edc9d559abd14fdedc60928f6f36bbd727455d8c4b5c9a39556a14ded70b98b6a1f7c96a73954f34c02f4acbeac20fbd0519a1a0adcbeb037d5ce4e69b78ee566a14499a0f6b91b6c54b5bffee3dac99d2eac11503c358cc78f5b849e2e89e5ebdb4ae92abbf332f0e44d6a7e4e3e295cb048706334cf9c8ea2d6f924ef6d3de4995cbe013ff64505a5604d98a3a233e9b28c858a9c124a1cf261297082c8fded50bcb58ff2fe3ee5e8bef343f52bc6641b252fb29e0d9c2f156a392989742a50f9af50936fe1844480020c99732aab91fc07c43fe8098e84c5740cb368b8528d32e11208d294ab0a4df85ce2241486a1f0b87d5d524b93bf633cbd5b6a10e238c4286d00e45780bb22ddd45b88b670fcf3d3c53c993c5fb9147c4dd637124fd12b09294f16096ba96df9bebe19244c512c33bf2d53946a7f694bb3b206fabf3f20ac4e5d54dc00c08a99c3934c10a8865ed53a3b68b4730d833e4fe3142f13b0a2dba24826854dbb473160dd1b11a294b4922142b44bb19af3f2a0e1de84d3dbfb5ec547834471d127a6e6a08d2c8dac17d48d811f03670f1ec8acf08d7e0808a7bae9e2f3a4ca5d24c081fd426282ea99e2413e238e045ee932b083397153fb7ea8b4ac2d9c07c9aa4214b87a5ab68a01275736465cbe8ece86a322f278ce777905137e4af8a6e78a2d5987338f13f80bdcb34a1cd58f6f2579c222254c9735ce6aa93e1f4fc7aeb95d5e084a3b76120e48a27157f6a3ee0b707a8e685746cdac2802315f39173558928f10f4bfd55c18058cd8e502da7b00da31d313948ff5c6e3cdeeccbde7688f2ba0c0306391cf32afdb656e780428bea198171e333f8423b46ff85066a23a16ab35424fd2a187067a9f5712ca1aa35d941ed096a67cc1114b395b97a797b48f9fb14c02d95424751569a206347b47a0760f9e2f73922ff1b075833a3a70bbc4dec68fca571b37b4b80b26177f6c5ab8a95eaf87284d5d35830dfd32557fe9ac54b0ffc163cd0443ef0be97bca2baa9fa3670425b83e4fe7c029962d8b6264ee1c1e46c526618103fe90b09095149948b49edc50307c63b5c06ca6485bba772d19bcb74debb1b35bfe1c474bbc7fdc19f287e87c748c70c15edb1253db3b24f01809edb914e943d47067ea3bedbddcaa6546f7c9474d083d2b0e5f6d900d27745cbc55e899367fae44411f3a607c4ba54d860bd0129c56f7a0b0bfbdef34260593fc21cd8e303258e8f00934af20b7b663816c549ea3cd902fc9b6617d74889d1b5338f5e2f7a8f5d1798def012700004351b747c11975d1c473be7e07f405e0630a5bafd7f9f1042cecde38ad47f3fa13c1dbbedd08be12570032ac643bb38b18867ac12abc02f056c5c148e4f073dc4c358e83943ec96309378f2dec9c53508644f430b365562475414899949b812c9b0cacc5ce2e083bede083555af23959c9b1e13ed31b1646f6ff90354db9a4aadd9cf528a0e7305b10ab4ae45285291e2dab024233ff8d971895216e116a0aaa933afb65888b6248e7eeb2e2e1d4480a03ed7986dc4058e4f1752a34fd0032a0367ee2a27fcf05ea5782616f010e36a90455d1464724ab9e9a1107b661dd40967f226478145cdc5b5a1a4f434be4794a4674762c2afbbcd31d08afb93bf97563ceee66cc84d8be8cc2bf454ad76ab62ca103811bd8904b24ac29e237822fb3a7797a298eee5c1ca574243c45dae85e9f2f5610ad60650e38b1ae12fcc7089948a9e91d203debce4d29b25c69e0987f128e993768d8b9b3dfccab3ec3a9343cca5f247368c2e2570699f97b820a505f5ff22ad604e105e3c14713f803c1b5abe3b87839098b31509953f331e5b43765f85add5d58f6a42a1f67f9261510fd24cd8531d1ba8182e74dc1afc3add0765926c9daff22c7098e60d9987f47f77b1dfca8e03eaa033ff5195197be86ef742d4b5ceecbce53332a03079fcd1deedd272830ecd246d3b7e50979ad64e3f285ce58a06ddb786258304cc344553d01288ede913d3dbe7a3238e7e17c7540c6636ed21f24d60002048602cde1faa5c7220f04b3acd494b82f88ebd46ce7d26ba93546a39a48b8bf21b504967e59eb65929fc2219cabaf512ef63e02670f90714fa6b49be1df0018e6e09fc6b7a15e90e199c36445e0f8814d8b77528b2945b7af15a0d4bad44b61b3e783f2783129cafd4b7321cee9b40c9f173bc279bf5c3e7540c46a323a63c58e21a75f143c15d62714b22ee960f197c0073356f72613b1634dab117a628420d8a75d8f0949584851a2f433769fcd51cf457c415cedda3a31d5e6ae8a1e11c51986ec18e2cc0c40931e0be752176cb5838f3aae528420a217fc55d3332f0546604ffe9f9b1b764dfc2f61929cd36404c4a1183b75273712493392cc0ac419fed2172a5d0cb07240f803a55102c656d007", 0xf1f}, {&(0x7f0000000040)="a3351f399cc974e9618048d5c29e80af3aafd021e655030e1eab28db5b7b1d462179f5c48855df03cfce2c800a8624055b199302a7bb4dc760e13147a02fee6204be0170a5b222262a88ca2bdc54d84ef32a056f00000000000000", 0x5b}, {&(0x7f0000000300)="3c6afabcaef5e3c35bac33ad83b7dfbdd6768a998076e057505033e0b4fa6ea7127fcdc01ef8c7cd0d38ebebdf436de5b9b732588d375143aa1ee4dd8e745d15e9", 0x41}], 0x4}, 0x880)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x2}, 0x4)

[ 1316.119074] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1316.119585] print_req_error: 22 callbacks suppressed
[ 1316.119595] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1316.120862] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1316.121723] buffer_io_error: 6 callbacks suppressed
[ 1316.121730] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1316.125582] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1316.126013] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1316.127674] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1316.128511] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1316.129613] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1316.130041] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1316.130883] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1316.131720] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1316.132706] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1316.133139] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1316.134005] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1316.134827] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1316.135818] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1316.136243] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1316.137093] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1316.137925] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1316.145527] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1316.145979] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1316.147057] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1316.147536] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1316.148526] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1316.148987] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1316.187527] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1316.188028] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1316.188034] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1316.188101] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1316.189202] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1316.189617] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1316.191359] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1316.191859] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1316.192334] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1316.192845] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:08:37 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8982, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:08:37 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:08:37 executing program 5:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:08:37 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:08:37 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:08:37 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:08:37 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 37)

23:08:37 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1334.399821] FAULT_INJECTION: forcing a failure.
[ 1334.399821] name failslab, interval 1, probability 0, space 0, times 0
[ 1334.401434] CPU: 0 PID: 8806 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1334.402361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1334.403481] Call Trace:
[ 1334.403853]  dump_stack+0x107/0x167
[ 1334.404354]  should_fail.cold+0x5/0xa
[ 1334.404896]  ? io_issue_sqe+0x2492/0x77b0
[ 1334.405476]  should_failslab+0x5/0x20
[ 1334.405996]  kmem_cache_alloc_trace+0x55/0x320
[ 1334.406635]  io_issue_sqe+0x2492/0x77b0
[ 1334.407195]  ? io_connect+0x610/0x610
[ 1334.407722]  ? lock_acquire+0x197/0x470
[ 1334.408265]  ? find_held_lock+0x2c/0x110
[ 1334.408842]  ? xa_load+0x12d/0x2c0
[ 1334.409339]  ? lock_downgrade+0x6d0/0x6d0
[ 1334.409916]  __io_queue_sqe+0x90/0x9d0
[ 1334.410455]  ? xa_load+0x156/0x2c0
[ 1334.410951]  ? io_issue_sqe+0x77b0/0x77b0
[ 1334.411532]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1334.412165]  io_submit_sqes+0x44aa/0x8610
[ 1334.412776]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1334.413442]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1334.414093]  ? lock_downgrade+0x6d0/0x6d0
[ 1334.414654]  ? find_held_lock+0x2c/0x110
[ 1334.415207]  ? io_submit_sqes+0x8610/0x8610
[ 1334.415801]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1334.416452]  ? wait_for_completion_io+0x270/0x270
[ 1334.417113]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1334.417734]  ? vfs_write+0x354/0xb10
[ 1334.418236]  ? fput_many+0x2f/0x1a0
[ 1334.418738]  ? ksys_write+0x1a9/0x260
[ 1334.419246]  ? __ia32_sys_read+0xb0/0xb0
[ 1334.419796]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1334.420494]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1334.421191]  do_syscall_64+0x33/0x40
[ 1334.421692]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1334.422371] RIP: 0033:0x7fd30c0eeb19
[ 1334.422874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1334.425295] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1334.426301] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1334.427242] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1334.428187] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1334.429134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1334.430073] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:08:37 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:08:37 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8983, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1334.466215] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:08:37 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:08:37 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0x0, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:08:37 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 38)

23:08:37 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:08:37 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1334.587974] FAULT_INJECTION: forcing a failure.
[ 1334.587974] name failslab, interval 1, probability 0, space 0, times 0
[ 1334.589642] CPU: 0 PID: 8827 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1334.590545] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1334.591641] Call Trace:
[ 1334.592010]  dump_stack+0x107/0x167
[ 1334.592501]  should_fail.cold+0x5/0xa
[ 1334.593020]  ? io_issue_sqe+0x2492/0x77b0
[ 1334.593582]  should_failslab+0x5/0x20
[ 1334.594092]  kmem_cache_alloc_trace+0x55/0x320
[ 1334.594707]  io_issue_sqe+0x2492/0x77b0
[ 1334.595255]  ? io_connect+0x610/0x610
[ 1334.595794]  ? lock_acquire+0x197/0x470
[ 1334.596323]  ? find_held_lock+0x2c/0x110
[ 1334.596896]  ? xa_load+0x12d/0x2c0
[ 1334.597380]  ? lock_downgrade+0x6d0/0x6d0
[ 1334.597960]  __io_queue_sqe+0x90/0x9d0
[ 1334.598490]  ? xa_load+0x156/0x2c0
[ 1334.598976]  ? io_issue_sqe+0x77b0/0x77b0
[ 1334.599541]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1334.600197]  io_submit_sqes+0x44aa/0x8610
[ 1334.600795]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1334.601479]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1334.602128]  ? lock_downgrade+0x6d0/0x6d0
[ 1334.602693]  ? find_held_lock+0x2c/0x110
[ 1334.603238]  ? io_submit_sqes+0x8610/0x8610
[ 1334.603844]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1334.604498]  ? wait_for_completion_io+0x270/0x270
23:08:37 executing program 5:
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="de5bdf2d5de1c50000000000000000bd039ed101bcd83b6fb14f0cb376b94d1cfc0900000000000000c6feb4a5c6807119d8bd00"/67, @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6f"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x0, 0x0, '\x00', [{0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x800, 0x0, 0x400000000000000, 0x0, 0x0, 0x4}]})
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000001)
flock(0xffffffffffffffff, 0x4)
write(0xffffffffffffffff, &(0x7f0000000180)="dd8975d9d2eb389518e6d5ece8f722e079e9ec8f10122e84986aee763238801c2419", 0x22)
fsconfig$FSCONFIG_SET_PATH(r0, 0x3, &(0x7f00000010c0)='-*{^]%:\x00', &(0x7f0000001100)='./file1\x00', 0xffffffffffffffff)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
getdents64(r3, &(0x7f0000001400)=""/53, 0x35)
fcntl$getown(0xffffffffffffffff, 0x9)
lseek(r2, 0x2, 0x4)
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x20100, 0x0)
setxattr$security_selinux(&(0x7f0000000280)='./file0\x00', &(0x7f0000000400), &(0x7f0000000440)='system_u:object_r:fonts_cache_t:s0\x00', 0x23, 0x2)
r4 = dup2(r2, r2)
ioctl$AUTOFS_IOC_EXPIRE(r4, 0x810c9365, &(0x7f00000002c0)={{0x1, 0x20}, 0x100, './file0\x00'})
unshare(0x48020200)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r1, 0x80286722, &(0x7f0000000140)={&(0x7f0000001e00)=""/4096, 0x1000, 0x1, 0xe4})

23:08:37 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8990, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1334.605175]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1334.605912]  ? vfs_write+0x354/0xb10
[ 1334.606419]  ? fput_many+0x2f/0x1a0
[ 1334.606904]  ? ksys_write+0x1a9/0x260
[ 1334.607429]  ? __ia32_sys_read+0xb0/0xb0
[ 1334.607976]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1334.608693]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1334.609386]  do_syscall_64+0x33/0x40
[ 1334.609900]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1334.610584] RIP: 0033:0x7fd30c0eeb19
[ 1334.611099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1334.613520] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1334.614549] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1334.615524] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1334.616500] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1334.617476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1334.618447] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:08:37 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0x0, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:08:37 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:08:37 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:08:37 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:08:37 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8992, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:08:37 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:08:37 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:08:37 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8993, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:08:37 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(0x0, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:08:37 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0x0, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:08:37 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8994, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1334.903467] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1335.214036] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1335.214564] print_req_error: 22 callbacks suppressed
[ 1335.214575] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1335.215853] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1335.216691] buffer_io_error: 6 callbacks suppressed
[ 1335.216698] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1335.221702] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1335.222141] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1335.223006] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1335.223845] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1335.224603] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1335.225042] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1335.225903] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1335.226737] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1335.227497] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1335.227926] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1335.228780] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1335.229610] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1335.230358] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1335.230821] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1335.231663] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1335.232499] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1335.233246] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1335.233738] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1335.234488] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1335.234937] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1335.235683] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1335.238675] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1335.394176] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1335.394743] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1335.398547] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1335.399001] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1335.402476] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1335.403001] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1335.403815] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1335.404338] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1335.405217] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1335.406009] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:08:50 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 39)

23:08:50 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:08:50 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:08:50 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(0x0, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:08:50 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:08:50 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8995, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:08:50 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, 0x0, 0x0, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:08:50 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

[ 1347.581794] FAULT_INJECTION: forcing a failure.
[ 1347.581794] name failslab, interval 1, probability 0, space 0, times 0
[ 1347.582904] CPU: 0 PID: 8879 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1347.583557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1347.584335] Call Trace:
[ 1347.584587]  dump_stack+0x107/0x167
[ 1347.584928]  should_fail.cold+0x5/0xa
[ 1347.585307]  ? io_issue_sqe+0x2492/0x77b0
[ 1347.585714]  should_failslab+0x5/0x20
[ 1347.586084]  kmem_cache_alloc_trace+0x55/0x320
[ 1347.586517]  io_issue_sqe+0x2492/0x77b0
[ 1347.586905]  ? io_connect+0x610/0x610
[ 1347.587265]  ? lock_acquire+0x197/0x470
[ 1347.587636]  ? find_held_lock+0x2c/0x110
[ 1347.588002]  ? xa_load+0x12d/0x2c0
[ 1347.588336]  ? lock_downgrade+0x6d0/0x6d0
[ 1347.588716]  __io_queue_sqe+0x90/0x9d0
[ 1347.589092]  ? xa_load+0x156/0x2c0
[ 1347.589407]  ? io_issue_sqe+0x77b0/0x77b0
[ 1347.589802]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1347.590256]  io_submit_sqes+0x44aa/0x8610
[ 1347.590669]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1347.591135]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1347.591561]  ? lock_downgrade+0x6d0/0x6d0
[ 1347.591948]  ? find_held_lock+0x2c/0x110
[ 1347.592316]  ? io_submit_sqes+0x8610/0x8610
[ 1347.592732]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1347.593194]  ? wait_for_completion_io+0x270/0x270
[ 1347.593653]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1347.594092]  ? vfs_write+0x354/0xb10
[ 1347.594445]  ? fput_many+0x2f/0x1a0
[ 1347.594789]  ? ksys_write+0x1a9/0x260
[ 1347.595148]  ? __ia32_sys_read+0xb0/0xb0
[ 1347.595510]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1347.595999]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1347.596452]  do_syscall_64+0x33/0x40
[ 1347.596805]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1347.597259] RIP: 0033:0x7fd30c0eeb19
[ 1347.597612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1347.599309] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1347.600020] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1347.600637] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1347.601308] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1347.601928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1347.602589] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1347.651260] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:08:50 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x89a0, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:08:50 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(0x0, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:08:50 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 40)

23:08:50 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1347.794107] FAULT_INJECTION: forcing a failure.
[ 1347.794107] name failslab, interval 1, probability 0, space 0, times 0
[ 1347.795244] CPU: 0 PID: 8904 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1347.795844] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1347.796517] Call Trace:
[ 1347.796756]  dump_stack+0x107/0x167
[ 1347.797071]  should_fail.cold+0x5/0xa
[ 1347.797387]  ? create_object.isra.0+0x3a/0xa20
[ 1347.797792]  should_failslab+0x5/0x20
[ 1347.798130]  kmem_cache_alloc+0x5b/0x310
[ 1347.798472]  create_object.isra.0+0x3a/0xa20
[ 1347.798837]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1347.799256]  kmem_cache_alloc_trace+0x151/0x320
[ 1347.799644]  io_issue_sqe+0x2492/0x77b0
[ 1347.799982]  ? io_connect+0x610/0x610
[ 1347.800299]  ? lock_acquire+0x197/0x470
[ 1347.800649]  ? find_held_lock+0x2c/0x110
[ 1347.800998]  ? xa_load+0x12d/0x2c0
[ 1347.801315]  ? lock_downgrade+0x6d0/0x6d0
[ 1347.801663]  __io_queue_sqe+0x90/0x9d0
[ 1347.802008]  ? xa_load+0x156/0x2c0
[ 1347.802304]  ? io_issue_sqe+0x77b0/0x77b0
[ 1347.802675]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1347.803094]  io_submit_sqes+0x44aa/0x8610
[ 1347.803463]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1347.803867]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1347.804292]  ? lock_downgrade+0x6d0/0x6d0
[ 1347.804642]  ? find_held_lock+0x2c/0x110
[ 1347.805009]  ? io_submit_sqes+0x8610/0x8610
[ 1347.805381]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1347.805778]  ? wait_for_completion_io+0x270/0x270
[ 1347.806210]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1347.806618]  ? vfs_write+0x354/0xb10
[ 1347.806945]  ? fput_many+0x2f/0x1a0
[ 1347.807267]  ? ksys_write+0x1a9/0x260
[ 1347.807604]  ? __ia32_sys_read+0xb0/0xb0
[ 1347.807965]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1347.808424]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1347.808878]  do_syscall_64+0x33/0x40
[ 1347.809214]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1347.809664] RIP: 0033:0x7fd30c0eeb19
[ 1347.809991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1347.811583] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1347.812238] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1347.812860] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1347.813531] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1347.814150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1347.814765] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1348.191130] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1348.192043] print_req_error: 22 callbacks suppressed
[ 1348.192061] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.194464] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.194523] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1348.195334] buffer_io_error: 6 callbacks suppressed
[ 1348.195342] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1348.196144] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.199154] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.199217] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1348.199986] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1348.201905] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.203483] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.203588] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1348.204273] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1348.205114] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.207198] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.207262] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1348.208028] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1348.209952] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.211527] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1348.211588] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1348.212309] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1348.213212] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1348.213710] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1348.214563] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1348.215014] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1348.216350] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1348.246341] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1348.247230] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1348.247292] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1348.248708] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1348.248773] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1348.250227] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1348.251158] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1348.252083] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1348.253034] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1348.253960] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:09:04 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 41)

23:09:04 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB, @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:09:04 executing program 5:
socket$netlink(0x10, 0x3, 0x0)
connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000180)={0x24, @short={0x2, 0x0, 0xaaa3}}, 0xfffffffffffffe5a)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8914, &(0x7f0000000140)={'lo\x00'})
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x1a1001, 0x0)
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x100100, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$bt_hci_HCI_FILTER(r1, 0x0, 0x2, &(0x7f00000000c0)={0x0, [0x10000, 0xb], 0x6}, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'lo\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffb, 0xfffffffffffffffc}, 0x6, 0x0, 0x1004, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8914, &(0x7f0000000140)={'lo\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3a97}}, './file0\x00'})

23:09:04 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:09:04 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, 0x0, 0x0, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:09:04 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:09:04 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1361.225202] FAULT_INJECTION: forcing a failure.
[ 1361.225202] name failslab, interval 1, probability 0, space 0, times 0
[ 1361.226859] CPU: 0 PID: 8918 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1361.228426] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1361.228433] Call Trace:
[ 1361.228458]  dump_stack+0x107/0x167
[ 1361.228478]  should_fail.cold+0x5/0xa
[ 1361.228498]  ? io_issue_sqe+0x2492/0x77b0
[ 1361.228520]  should_failslab+0x5/0x20
[ 1361.228538]  kmem_cache_alloc_trace+0x55/0x320
[ 1361.228562]  io_issue_sqe+0x2492/0x77b0
[ 1361.228599]  ? io_connect+0x610/0x610
[ 1361.228620]  ? lock_acquire+0x197/0x470
23:09:04 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x89a1, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1361.228636]  ? find_held_lock+0x2c/0x110
[ 1361.228659]  ? xa_load+0x12d/0x2c0
[ 1361.228677]  ? lock_downgrade+0x6d0/0x6d0
[ 1361.228706]  __io_queue_sqe+0x90/0x9d0
[ 1361.228725]  ? xa_load+0x156/0x2c0
[ 1361.228743]  ? io_issue_sqe+0x77b0/0x77b0
[ 1361.228770]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1361.228794]  io_submit_sqes+0x44aa/0x8610
[ 1361.228844]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1361.228860]  __do_sys_io_uring_enter+0x6b5/0x18c0
23:09:04 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:09:04 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1361.228883]  ? lock_downgrade+0x6d0/0x6d0
23:09:04 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x89a2, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1361.228898]  ? find_held_lock+0x2c/0x110
[ 1361.228921]  ? io_submit_sqes+0x8610/0x8610
[ 1361.228949]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1361.228972]  ? wait_for_completion_io+0x270/0x270
[ 1361.228994]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1361.229010]  ? vfs_write+0x354/0xb10
[ 1361.229028]  ? fput_many+0x2f/0x1a0
[ 1361.229058]  ? ksys_write+0x1a9/0x260
[ 1361.229076]  ? __ia32_sys_read+0xb0/0xb0
[ 1361.229099]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1361.229117]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1361.229137]  do_syscall_64+0x33/0x40
[ 1361.229154]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
23:09:04 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 42)

[ 1361.229166] RIP: 0033:0x7fd30c0eeb19
[ 1361.229184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1361.229194] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1361.229213] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
23:09:04 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x89a3, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1361.229223] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1361.229233] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1361.229243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1361.229254] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1361.291939] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1361.454178] FAULT_INJECTION: forcing a failure.
[ 1361.454178] name failslab, interval 1, probability 0, space 0, times 0
[ 1361.456031] CPU: 0 PID: 8945 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1361.457067] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1361.458318] Call Trace:
[ 1361.458725]  dump_stack+0x107/0x167
[ 1361.459278]  should_fail.cold+0x5/0xa
[ 1361.459857]  ? io_issue_sqe+0x2492/0x77b0
[ 1361.460485]  should_failslab+0x5/0x20
[ 1361.461068]  kmem_cache_alloc_trace+0x55/0x320
[ 1361.461772]  io_issue_sqe+0x2492/0x77b0
[ 1361.462396]  ? io_connect+0x610/0x610
[ 1361.462976]  ? lock_acquire+0x197/0x470
[ 1361.463575]  ? find_held_lock+0x2c/0x110
[ 1361.464202]  ? xa_load+0x12d/0x2c0
[ 1361.464743]  ? lock_downgrade+0x6d0/0x6d0
[ 1361.465394]  __io_queue_sqe+0x90/0x9d0
[ 1361.465983]  ? xa_load+0x156/0x2c0
[ 1361.466525]  ? io_issue_sqe+0x77b0/0x77b0
[ 1361.467166]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1361.467889]  io_submit_sqes+0x44aa/0x8610
[ 1361.468562]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1361.469329]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1361.470062]  ? lock_downgrade+0x6d0/0x6d0
[ 1361.470688]  ? find_held_lock+0x2c/0x110
[ 1361.471307]  ? io_submit_sqes+0x8610/0x8610
[ 1361.471978]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1361.472716]  ? wait_for_completion_io+0x270/0x270
[ 1361.473455]  ? rcu_read_lock_any_held+0x75/0xa0
23:09:04 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1361.474156]  ? vfs_write+0x354/0xb10
[ 1361.474836]  ? fput_many+0x2f/0x1a0
[ 1361.475387]  ? ksys_write+0x1a9/0x260
[ 1361.475962]  ? __ia32_sys_read+0xb0/0xb0
[ 1361.476578]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1361.477375]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1361.478152]  do_syscall_64+0x33/0x40
[ 1361.478717]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1361.479489] RIP: 0033:0x7fd30c0eeb19
23:09:04 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100)}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1361.480053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1361.482855] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1361.484005] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1361.485089] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1361.486158] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1361.487220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1361.488297] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1361.910585] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1361.912600] print_req_error: 22 callbacks suppressed
[ 1361.912619] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1361.914952] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1361.914994] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1361.916615] buffer_io_error: 6 callbacks suppressed
[ 1361.916628] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1361.917439] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1361.920923] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1361.920970] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1361.922581] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1361.923366] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1361.926120] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1361.926194] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1361.927774] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1361.928591] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1361.931777] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1361.931897] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1361.932628] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1361.934201] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1361.935851] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1361.937732] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1361.939508] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1361.939544] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1361.940698] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1361.943004] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1361.943043] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1361.949486] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1362.052324] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1362.053239] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1362.060356] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1362.061248] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1362.065604] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1362.066609] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1362.067624] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1362.069750] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1362.070782] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1362.071708] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:09:21 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, 0x0, 0x0, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:09:21 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 43)

23:09:21 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x89b0, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:09:21 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:09:21 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, 0x0, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:09:21 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB, @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:09:22 executing program 5:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x20}, {0x6}]})
ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000080)={0x7fff, 0x9, 0x7})

23:09:22 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 1)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1379.007083] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:09:22 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1379.015223] FAULT_INJECTION: forcing a failure.
[ 1379.015223] name failslab, interval 1, probability 0, space 0, times 0
[ 1379.016899] CPU: 0 PID: 8975 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1379.017879] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1379.019051] Call Trace:
[ 1379.019440]  dump_stack+0x107/0x167
[ 1379.019968]  should_fail.cold+0x5/0xa
[ 1379.020525]  ? io_issue_sqe+0x2492/0x77b0
[ 1379.021121]  should_failslab+0x5/0x20
[ 1379.021675]  kmem_cache_alloc_trace+0x55/0x320
[ 1379.022334]  io_issue_sqe+0x2492/0x77b0
[ 1379.022927]  ? io_connect+0x610/0x610
[ 1379.023479]  ? lock_acquire+0x197/0x470
[ 1379.024045]  ? find_held_lock+0x2c/0x110
[ 1379.024633]  ? xa_load+0x12d/0x2c0
[ 1379.025144]  ? lock_downgrade+0x6d0/0x6d0
[ 1379.025752]  __io_queue_sqe+0x90/0x9d0
[ 1379.026310]  ? xa_load+0x156/0x2c0
[ 1379.026819]  ? io_issue_sqe+0x77b0/0x77b0
[ 1379.027421]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1379.028097]  io_submit_sqes+0x44aa/0x8610
[ 1379.028723]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1379.029441]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1379.030132]  ? lock_downgrade+0x6d0/0x6d0
[ 1379.030724]  ? find_held_lock+0x2c/0x110
[ 1379.031309]  ? io_submit_sqes+0x8610/0x8610
[ 1379.031937]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1379.032631]  ? wait_for_completion_io+0x270/0x270
[ 1379.033326]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1379.033981]  ? vfs_write+0x354/0xb10
[ 1379.034512]  ? fput_many+0x2f/0x1a0
[ 1379.035031]  ? ksys_write+0x1a9/0x260
[ 1379.035577]  ? __ia32_sys_read+0xb0/0xb0
[ 1379.036160]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1379.036905]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1379.037648]  do_syscall_64+0x33/0x40
[ 1379.038177]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1379.038907] RIP: 0033:0x7fd30c0eeb19
[ 1379.039444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1379.042032] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1379.043107] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1379.044119] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1379.045124] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1379.046144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1379.047154] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1379.089752] kauditd_printk_skb: 22 callbacks suppressed
[ 1379.089770] audit: type=1326 audit(1719875362.188:111): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=8965 comm="syz-executor.5" exe="/syz-executor.5" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffa85b4fb19 code=0x0
[ 1379.102087] FAULT_INJECTION: forcing a failure.
[ 1379.102087] name failslab, interval 1, probability 0, space 0, times 0
[ 1379.105796] CPU: 1 PID: 8978 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1379.106785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1379.107970] Call Trace:
[ 1379.108373]  dump_stack+0x107/0x167
[ 1379.109011]  should_fail.cold+0x5/0xa
[ 1379.109723]  should_failslab+0x5/0x20
[ 1379.110285]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1379.111133]  io_submit_sqes+0x6fe6/0x8610
[ 1379.111741]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1379.112501]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1379.113291]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1379.113983]  ? lock_downgrade+0x6d0/0x6d0
[ 1379.114730]  ? find_held_lock+0x2c/0x110
[ 1379.115354]  ? io_submit_sqes+0x8610/0x8610
[ 1379.116035]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1379.116722]  ? wait_for_completion_io+0x270/0x270
[ 1379.117414]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1379.118077]  ? vfs_write+0x354/0xb10
[ 1379.118609]  ? fput_many+0x2f/0x1a0
[ 1379.119131]  ? ksys_write+0x1a9/0x260
[ 1379.119822]  ? __ia32_sys_read+0xb0/0xb0
[ 1379.120434]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1379.121381]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1379.122117]  do_syscall_64+0x33/0x40
[ 1379.122643]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1379.123363] RIP: 0033:0x7f7e6ceffb19
[ 1379.123891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1379.126482] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1379.127558] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1379.128560] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1379.129571] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1379.130568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1379.131566] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
23:09:22 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x40049409, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:09:22 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, 0x0, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:09:22 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xac1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='maps\x00')
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x200000d4)
pread64(r0, &(0x7f0000003600)=""/4107, 0x100b, 0x0)
mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x1)
mount(&(0x7f0000000180)=ANY=[@ANYBLOB="bed716987b050f6cd0e8442bea41aeecd3fda43e37550703bdd9797cfb39042a12e621a2e45432e624c1b558e9b9"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='vfat\x00', 0x0, 0x0)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r1=>0x0, <r2=>0x0})
r3 = syz_mount_image$ext4(&(0x7f0000001480)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x6, 0x1, &(0x7f0000000100)=[{&(0x7f0000001280)="6063f5f02f2048a0b05046f3ddd1193e22716ceb436b89fa223184f06d237974c341a45c9188af56d06abdb28ee20aa460f6168fb01a2f8d942e259d6ec57153213d09841b0fe8de6d2f5849c89f", 0x4e, 0x74}], 0x180011, &(0x7f00000016c0)=ANY=[@ANYBLOB='journal_async_commit,grpquota,dioread_lock,barrier=0x0800000000000002,init_itable,resuid=', @ANYRESHEX, @ANYBLOB="2c636f6e746578743d73797361646d5f752c6f626a5f747970653d2a2d2f835d2c7569643e", @ANYRESDEC=r1, @ANYBLOB=',euid>', @ANYRESDEC=0xee00, @ANYBLOB=', ', @ANYRES16=0x0, @ANYBLOB="bb27f336b6f36c8769cc7207b52ecaa310b75d8b55d59261aeb4a4050909e428b8bb9304ea9711e800aef36b52fbf423beb1822355b92002c83a83886e9afcc86df7f56156cff16c577998e192bffffc390ab122bc242a69bbb7f458e56f7add2dee67414746a21cb98033c174903fc44fdf2d4630e4a690307c64770243b29f7f0c7fd17bbf4708f85a7cd5ee15333aed4f9dd12ef9dc24c16f396c055f0423ccb0f4fb1896153c55473e381155e3d15fb68b3ab8ee"])
ftruncate(r3, 0x8)
r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000240)=0x1064, 0x4)
r5 = dup2(0xffffffffffffffff, r3)
pipe(&(0x7f0000001340))
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r4, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r6=>r0, {0x4}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0xc018937b, &(0x7f0000001200)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r6, @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="5243017523"])
ioctl$SG_EMULATED_HOST(r4, 0x127c, &(0x7f0000000000))
r7 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r4, 0xc018937d, &(0x7f0000001300)=ANY=[@ANYBLOB="460600050000000000000000", @ANYRES32=r5, @ANYBLOB="00800000000000002e2f66696c653000"])
ioctl$PIO_UNIMAPCLR(r7, 0x4b40, 0x0)
sendfile(r7, r6, &(0x7f0000001240)=0x5, 0x3)

23:09:22 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x0, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:09:22 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x40086602, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:09:22 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1379.306531] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:09:22 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, 0x0, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:09:22 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000016c0)={0x0, {{0x2, 0x0, @local}}, {{0x2, 0x0, @dev}}}, 0x200017c8)
openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYBLOB="c87d4206e56056afb5b82d4712743a81e55c415a5f7c7b5cd7c981c62de350237ced1b11caadeddce9b6a856d3f1fbae977a8c463eedd0bdffb2523c91adc52a37"])
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7fffffff}, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x51)
syz_open_dev$rtc(&(0x7f0000000040), 0xffffffffffffff06, 0x400800)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000340)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd_index=0x7, 0x0, 0x0, 0xdf}, 0x5)
openat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x0, 0x110)
getdents64(r0, &(0x7f0000000880)=""/4096, 0x1000)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x2, 0x3, 0x0, 0x0, 0x1, '`\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0xfffffffc})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
flock(r2, 0x0)
io_uring_setup(0x4, &(0x7f00000000c0)={0x0, 0x0, 0x20, 0x1, 0x1cf})
bind$packet(0xffffffffffffffff, &(0x7f0000000580)={0x11, 0x11, 0x0, 0x1, 0x0, 0x6, @local}, 0xb)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd, 0x0, 0x0}, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

23:09:22 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 44)

23:09:22 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1379.490930] FAULT_INJECTION: forcing a failure.
[ 1379.490930] name failslab, interval 1, probability 0, space 0, times 0
[ 1379.492584] CPU: 0 PID: 9010 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1379.493564] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1379.494741] Call Trace:
[ 1379.495133]  dump_stack+0x107/0x167
[ 1379.495664]  should_fail.cold+0x5/0xa
[ 1379.496225]  ? create_object.isra.0+0x3a/0xa20
[ 1379.496892]  should_failslab+0x5/0x20
[ 1379.497444]  kmem_cache_alloc+0x5b/0x310
[ 1379.498023]  create_object.isra.0+0x3a/0xa20
[ 1379.498647]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1379.499360]  kmem_cache_alloc_trace+0x151/0x320
[ 1379.500018]  io_issue_sqe+0x2492/0x77b0
[ 1379.500605]  ? io_connect+0x610/0x610
[ 1379.501146]  ? lock_acquire+0x197/0x470
[ 1379.501718]  ? find_held_lock+0x2c/0x110
[ 1379.502293]  ? xa_load+0x12d/0x2c0
[ 1379.502794]  ? lock_downgrade+0x6d0/0x6d0
[ 1379.503387]  __io_queue_sqe+0x90/0x9d0
[ 1379.503939]  ? xa_load+0x156/0x2c0
[ 1379.504439]  ? io_issue_sqe+0x77b0/0x77b0
[ 1379.505028]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1379.505741]  io_submit_sqes+0x44aa/0x8610
[ 1379.506359]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1379.507053]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1379.507740]  ? lock_downgrade+0x6d0/0x6d0
[ 1379.508321]  ? find_held_lock+0x2c/0x110
[ 1379.508901]  ? io_submit_sqes+0x8610/0x8610
[ 1379.509534]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1379.510210]  ? wait_for_completion_io+0x270/0x270
[ 1379.510898]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1379.511550]  ? vfs_write+0x354/0xb10
[ 1379.512082]  ? fput_many+0x2f/0x1a0
[ 1379.512603]  ? ksys_write+0x1a9/0x260
[ 1379.513135]  ? __ia32_sys_read+0xb0/0xb0
[ 1379.513717]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1379.514459]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1379.515181]  do_syscall_64+0x33/0x40
[ 1379.515701]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1379.516415] RIP: 0033:0x7fd30c0eeb19
[ 1379.516941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1379.519490] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1379.520558] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1379.521563] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1379.522565] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1379.523580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1379.523591] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1380.117102] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1380.118146] print_req_error: 22 callbacks suppressed
[ 1380.118168] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1380.121540] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1380.121597] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1380.122859] buffer_io_error: 6 callbacks suppressed
[ 1380.122878] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1380.123803] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1380.128693] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1380.128764] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1380.129981] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1380.132340] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1380.134136] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1380.134285] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1380.135401] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1380.137936] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1380.139705] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1380.139777] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1380.140938] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1380.143108] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1380.144905] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1380.144977] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1380.146183] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1380.148472] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1380.148564] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1380.150356] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1380.150707] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1380.152221] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1380.208757] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1380.209810] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1380.209878] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1380.212355] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1380.212466] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1380.214204] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1380.215220] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1380.216232] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1380.217256] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1380.218269] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:09:35 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:09:35 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x40087602, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:09:35 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB, @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:09:35 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 2)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:09:35 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x0, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:09:35 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:09:35 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 45)

23:09:35 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)={0x0, 0x0, 0x5})
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x911802, 0x140)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0)
r2 = openat$hpet(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640))
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={<r3=>0x0, <r4=>0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"})
ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f0000001140)={0x40, 0x7e, "425b6a548b50b187aff2cf1f188714dbec136010ba74bd9515979b5944980a006b23273ea21855e546ef8b91af6a6cbe27130f0c8fef0a0d53bd8ff5400c42cf781e0a94239e8b003e8dfc351f9df197ad5e5e5cbf5225e12dd6439a2f145fd0efe208e6c647c1b3fac537e9590dbde4ef432980c499f2026a59fbd6bdf5"})
r5 = mq_open(&(0x7f0000005c00)='-@\x00', 0x42, 0x0, 0x0)
mq_timedsend(r5, 0x0, 0x0, 0x0, &(0x7f0000000040))
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000007640)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r6=>0x0}, {}, {}, {}, {}, {}, {<r7=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r8=>0x0}, {<r9=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r10=>0x0}, {<r11=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r12=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {0x0, <r13=>0x0}, {}, {}, {}, {}, {}, {0x0, <r14=>0x0}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r15=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r16=>0x0}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r17=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {<r18=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r19=>0x0}], 0x4, "9755154351ac9a"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640)={0x0, ""/256, <r20=>0x0})
mq_timedsend(r5, &(0x7f0000001e00)="3cd52ed97c9e213909d730166b17123f3294a3353d43c2bda33f8b46124feb3e574cb78ff55dae93c1d80f8b1b571caa5d0f953fdc20af7c2907f40c853111e5a4a6405dfd6510e2573f0cd5a14f722a746315bf5955d6443a167b62e37e70e67059a451add17b0ba3a4967e37a184c25fd56c25f32d2c08713830771e190d3e72e360fbae6eb7f69da7ae1b7575584eb3aad405c2e0cecf7c57c725e35199b38412b21fb229249cb5214590ea9c200b689ed99433fbbb389404f04d726fe19ef657f8896380c769f15ede2ebc816773d5730db7acb1828fbcdffc4da713e0944bca7028c47238c1aace7879fca945a836e4ff365b155de4a6b5e69df15c57c8c84a27359b026401b2d2ebb22fc4727115b803cbed672e1c10421e53aecb9848432f39231a6fe45af05a49d7f66593d188b01763da10fbe076c0103b005492008157072857ecefae4dfd561229bd8ecf19e938d25a4315e343c5ffc67c1810af17fff3e930e390dc021b8a020e9ad5750cbdb6ac2406d580f35c6776feba23704f457eb3c9e481a38ae02519b5561493b3a5a22682f0622f55b91bf3fe3b6eeb0b411767b39cf41b6ea7f7606bbbf59f038ed99313e9185bafa0f1fb0d7f8f854025afe6eb498d49d00f869ed3d4abccfb90d70f1dd88a92a1f6c2a1f62238ff8733e3b25225fe919598664429606c6ba859544fe0de3a9f18ed8fdd5e9ce15ab80c870a454b550e5fe805396bf4ed72b627314fad05b74a500135c9bb1b297b170356d42c9983c3275dc8c95a5a198f3b896c712d4c44d66ee10f29d4d71df5484c473cdcd107d66ded8e5219a066b00f45faca7ccbde009031f583819cffcba547c3b5707c7c1eba73dc6ade8f584244ba35302df2a0341c8e629d52fad82cc1c34dac09d39a975902e883ce1b648080e5855ad37961abaa7eecab4ac63cb839f4039f8b93d2ba6e618ebc437166e24e210171bc8ae12f31e90adadfdba265f9a8df86648ff4bcff451f289c9142ef5bac4ba3131852ff820087a5b7e1131eb05c8c857dd4cf2839501138174f70eca95c39a59220f47be95cbe4996c214f17e5a790679057bf0c05e7d79797fa74af891a0bb050183e9124f3677a94c92e3caaeb095d0746fa8a82e30f14b228fffee24ba0385ae2940a223aa6fdd3bee655aabb131e4660eefa4e65a0cd2197f54d94783a2513ab6ae8c548b7fae70692ffa367a95cde0cd90d37be42547f30d1583a913b11c9f998d60d8c78a3677d79c717dde50a0124d918e66655902e6cb60ddd82727bc05b31057693ee9d7601be6d8870edc47c328afa800911568d99655a271c65de3a07616806e280bd453217ee2420b32544c67e34bbcec1874b450af23af54048d3a10e71967bc1ee3c0029235d95f158895bbdddfa81a3cfbcc74c7c352820f75e00324e154441074853b7c2dc1c3ed42873c6323e0bd29058b62187f57ee8def92612a91b1598af90904e770a8788c05934b54f998ed0a4b54198e74a1bdcd6e5a07109f6bd0271384211633d2d70c28843fbed80968d3cf49a697bfaffb92101e0626dc34c4b9a8b47438606152c9eea6481597918ef7739be21f562c86289b842b1d9208459f41716f2518da7d3f4ba062c0ea28a221e44f071325deef0c9ce5e8bb729e8f393020db13ad241503f9c4dc21fee5bc58893e112a2bd2528aa825c3b8e19d8312b268a43c9c662737da60bf318a5cd9069a2d96653818733825f5808371ad593f124ce11272705b5dd827d269ea01ea8a3948418278ba34338fea40665bcb5365033785adbbc7f20ea2489a728670108781da688a9d2f327f7723b76e4d2dba9c05a8f15bc05fdd521ce44e606fb0daf61c3cf96094bc4c8ca55892cd55803da5ec5f72c9ea01273ba23d834061b1a4e7778470cb726d78692d1d00291b9753fe96e43b24f239b575978b0fc6855aae3e384fff6dca011d58ca718f5a64ce083744057fadce07c1569c0a2dd34cc2f990c2d0705d4ad2dd03ed74e005e495987f5dd3b561bfd610d372abd48da2cdaa6253b074b55a30c7663daf7268768a656ac8f36d0c61a6671f6b75b69634c5c3cb06bf7d28e5b01743d673ed200a51e70f7d72c908e21769144a72870fead7075c25ddadbfeb9a9818638c3829d329eac2eb542f190986977bf6b79ae967ede1bc3e998d271f8225d5ae195e1be0ae7be5dba2584bcda86187ccde07022a3a462f505557140b14646b8d2ccb67c82bcfbeb71ece2f3af3d2d522613571766fbc39716026361c6d109d1ca6616495a5c1186cb2009e8d365abaf16a81230ad8c05889f9fcbb7ce0c6a507f9b5a078dfe5a7483d376f16428d23eb15c688f252d8548b5d94f34f8cd430b1a31bcc3e1ce90d14e3e7a33021df06882d32b90e4c6968c8046a7410bb6920f278d1b1c166875217c8e8d417adf9b50c85c509fa0581d906ab12c339e7ce03a49693489e7965043c75e5950363f062e43933d848ac73cb5f8585eee7d22305f9332df9ad7a11377c01f15ae3009d92dc3fae370f8f817400fd7f5aeb5b103fa1ba707b86ebff9324e2d52a8d46baff356e4be977bab515127107916440e1867c4d6279b08479597b3268c98566723c935f96b569b2b60807f8a046ea6e2761c062c7913dc9d4bf71f60ee2fd0e7bb3e5b718e8d4a62c43f2d53d9ecdbfb6d1dea8d8ce51c574c5007a55bd1a5933e3895659255153d501e3419ecb2c63cf337b7de31b0830f7c5b4fe267ef576c7776d34e47c7ee204609284af5a10a88b0d2488574d50614b004c04285cadc63001ac023f570b6fa4c0a21635b2d53405c4279ce02ad7033cc5df8559e1cafb3e6b0dd169df0a980a27d5acd32f68e166ddd6c43e186de12bd09f14e644c5f7a696b1cec0cfc757dc64e8f0b64c8bab66db414fa724c175fa49676d0ae100537b7cb55751a54149b60653a20bbbdaa58a9172228e553a5ec93387db79eaa9cd542cf8035d4c50b7e09e3728f153641e7fd5c9cb8969df5374a25d3611aacc81ea1d195a4b2f7e1f861259fe1d2d6422e32acd44d2f996508c07e54b200a472e4782b0e5aa030898f4c51b578f60d17fc5c01055be225120118c20b171d8bffe38f194b0ef598ac5696825da3442eb0513e31dcf997a213ffb711392223c906b637c77a5ac612611b9d4f949bfa43d746b38fa61a2b736f116edfeda864cf56357f0d9ed25d27cb057c8227379a86d9f2bf00f289ea8fcf4a61f0bbc50045047e7ef0b097e4c65d749f4d40a89f6ff2e17990e837f81364faaf32cd0c5cdf9846173610759a22a424e00f57a3143c8cf561f12489ff01fa64ef27c39370e1eca076ecaa6fbd701ad2a29b80cca60bdccd34e5f26fd0ac661ef5da02883d55401b05b15770399f960c8749fdc90fc06ddc18bd88ad6d21a7db3aaf52e28ab741f211898192d4ab34b659e79eddd844a28b5c3d0125f5b8781f270f7832114c744bc5820a60b28d408291884c0f85b47e660f8545c412c235e85da5e33bd315067b9f89a36b76e204e82ee465031f0fc463d42254f73fe269bd7ba4f4f06dafe7057f58f5387f40b0bf3fa2e9ca6b2afc496d26ebd092e0373750cc649f16e1e35179825f3a51d8b015539a4ba1661addc540c776257ceadb0d795f8fd6737bc302fc39b4dda8bf0db0f4d0a62839b02ff488810413131a566082d864e5bfc3e073a63f17b28aa8929cd239f50689fef85a8de3308be69b82d7eca3d9e5190586362841d1ff6c562a3c6d74e57750e80baddf2aabd9cc40ff3aa30e2a9be9150815977e3292f171cd184074d00e90251ffb0943b276e67a87d7eed7af3d886519f54aec72d5eb01268202999e8d78532461a8524aa0fea7c49aa864f956bc4dd31047a529f8bbf4ba971ded87c6121533491863d6d2f4dbeac566839675a781f43c9ed27d0527c961a60f212deafd75ac331674b4e76d9151c9813aca07565b1e8b52a835d1693f36cdb9be6fa8cdd7431183467be6dc75c867268cbc7f7a6cd1059ccb123c47de06785d1deb8a2a4ab286929253e05107d07c80d2790af78fe59f022763514ade2fd2f2aa0fff6c99c6af7498c9024259f2f49d8e0f054b9e7d774b4e7b1552340012153d4c79451be6ffc71079da12c140d97f3a813256e93e22e3ff9045fc6075df39fab13ed8661a6a06bc083194ebe6bc40040840f08cd586d7a3a36fe7015d3a636f94553955325eeb3d5c538251202c6c1521cbe2b87e3a22ffd2744094a44be4a63e09271a29fbddc042872a53dfe54670d0028d640754c2aa06ab7e299244bcf5517eca5a0d50799ff872bdafe888a587633f3771c161c520e56764ae13e351dd4a4fbbc4c12e00986c58a3af279473acfa42cdd442d2ab36a1f2c8e15df74b9b9fdb7f4ed0a527e1b2522ea18b822d420e493a114031ef87dad32101c7002f7aacd435e3c952c5edf7f6317215709f673926e15feb3021c3d31adaf27f468ed93f65201963ce3ec173f8003d417961a503bfe5181ed3397bfe1299107235aa1562baf276ddc6b3e802a35042d0f8a79ee06102c8e9b0a92e7e92da2788c8e6450a924fe8d7637a183f9a0b69e949ee3d54bd5abf9b6a90bd3cb8a9bc9d8d91418c72b3fe665d54dec99eb53fcf474a0f42171e2f3fb16a00633408f77c205a168f70379d5f10988510ed2605f1811c5c22d9e3e44f483cfc65e373e431eb224414db926be369c40fd1e40f2938cc484b33f69d8ee518c33a91284d6e3635720b731c68011d6b467219a6deb3b6c47ae211375d738b6f77a4f6ea2b80579aa34b3d0bced65466b6946f386482db484af971f33f546f2c0b0bcf6135784fcf3f0f1006fe34617e86adbabf80935995d34b48b9d1f12ef089510dbbd616a59e875d3f3e0aa7aea1758d6c5f2a699d031823205a4ad815efee17395d817015c392a79e4d0ac9686e596220b0ecdd2c1646e54a5630cd6022b1f52d81de0b7c0e772ab6a9c931bf527b0a874f79fa860cc82283d36be2114a4ce514b60f2b1ef941fb4e1a8d2899467d6231f82fefa3bc2462677ffd1d2436b44bf4f7fe734064f0a0b16c3f16332a85895ff84494009e00440ff7940096065996741278b3652d6286545b10c77ab2e905c1bb8c2d538ca6521df0707f55e0054d2d87d060f863c9cc50db915ac404ff6017a48a04190d12168a647d803819879c0bc3e688663d1585493dc800727fb4775473005d0cc37c3941dddb31071cb5389083a0ee8aa5317326c7f8a29646e24bb32c6d6198d2e095a6694f5ad98e3940608d60e169cc7dc507564e043aebdde61d7adf96f0a52adbde8f9ce5f99a323c8cfbb35c23baef865a6a6f949b9ee425ed2dbf1f74eda38aea9bb1e814f8de792d106ffc2030223aed765a49a8c5225f986508d023b698226c40e366e93264fbf51c2fa8a889f13ef4b768c480ae4ef3d5f061d7cd2ea2456e0c2bca80c3e7b23209a4d221a1df8cc6b3e5fa6dead523253952380abf2ca49d628a4078e4c34c49caa2f84dbd9325c2459dcf8ffe65163a438dc1f204cfeca634cfd0a2f0f165539b88bbff3b4136f21cd050ea0c2959701aed2f44be88498bd6ccad2935aa459f91e146928eceef45a9dee8ac5d9ecedf6f3757a3058742aa743b74020dfbd925deacc4fc4c1e1d91653f93b190229888c5103c29a4b5ffc836babd2035e79d5742e32f663fa44ad2ccb40e547037ecfc1d8f1cf1f70638302c6b8e8524ffe1e1b33464ae0c4ad2b8f53350998a864ac84789fd0f48534295285e6", 0x1000, 0x5, &(0x7f0000000000)={0x0, 0x3938700})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000000140)={0x0, [{}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r11}, {}, {0x0, r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {r12}, {}, {}, {}, {}, {}, {}, {}, {r20}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r18}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r19}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}, {}, {}, {}, {}, {}, {}, {0x0, r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}], 0x7f, "9656c75f04ba4d"})
lseek(r1, 0x0, 0x2)
r21 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
openat(r2, 0x0, 0x480c1, 0x186)
copy_file_range(r21, 0x0, r1, 0x0, 0x200f5ef, 0x0)

23:09:35 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1392.586066] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1392.593097] FAULT_INJECTION: forcing a failure.
[ 1392.593097] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1392.595134] CPU: 0 PID: 9032 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1392.596090] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1392.597237] Call Trace:
[ 1392.597630]  dump_stack+0x107/0x167
[ 1392.598148]  should_fail.cold+0x5/0xa
[ 1392.598690]  __alloc_pages_nodemask+0x182/0x600
[ 1392.599347]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1392.600219]  alloc_pages_current+0x187/0x280
[ 1392.600836]  allocate_slab+0x26f/0x380
[ 1392.601433]  ___slab_alloc+0x470/0x700
[ 1392.602009]  ? io_submit_sqes+0x6fe6/0x8610
[ 1392.602638]  ? kmem_cache_alloc_bulk+0x1ec/0x320
[ 1392.603307]  kmem_cache_alloc_bulk+0x1ec/0x320
[ 1392.603971]  io_submit_sqes+0x6fe6/0x8610
[ 1392.604559]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1392.605275]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1392.606011]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1392.606719]  ? lock_downgrade+0x6d0/0x6d0
[ 1392.607318]  ? find_held_lock+0x2c/0x110
[ 1392.607899]  ? io_submit_sqes+0x8610/0x8610
[ 1392.608516]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1392.609197]  ? wait_for_completion_io+0x270/0x270
[ 1392.609887]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1392.610543]  ? vfs_write+0x354/0xb10
[ 1392.611078]  ? fput_many+0x2f/0x1a0
[ 1392.611599]  ? ksys_write+0x1a9/0x260
[ 1392.612144]  ? __ia32_sys_read+0xb0/0xb0
[ 1392.612771]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1392.613552]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1392.614283]  do_syscall_64+0x33/0x40
[ 1392.614822]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1392.615544] RIP: 0033:0x7f7e6ceffb19
[ 1392.616082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1392.618663] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1392.619740] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1392.620733] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1392.621732] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1392.622728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1392.623722] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1392.633897] FAULT_INJECTION: forcing a failure.
[ 1392.633897] name failslab, interval 1, probability 0, space 0, times 0
[ 1392.634990] CPU: 1 PID: 9040 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1392.635611] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1392.636354] Call Trace:
[ 1392.636613]  dump_stack+0x107/0x167
[ 1392.636958]  should_fail.cold+0x5/0xa
[ 1392.637319]  ? io_issue_sqe+0x2492/0x77b0
[ 1392.637720]  should_failslab+0x5/0x20
[ 1392.638049]  kmem_cache_alloc_trace+0x55/0x320
[ 1392.638446]  io_issue_sqe+0x2492/0x77b0
[ 1392.638801]  ? io_connect+0x610/0x610
[ 1392.639132]  ? lock_acquire+0x197/0x470
[ 1392.639477]  ? find_held_lock+0x2c/0x110
[ 1392.639826]  ? xa_load+0x12d/0x2c0
[ 1392.640130]  ? lock_downgrade+0x6d0/0x6d0
[ 1392.640490]  __io_queue_sqe+0x90/0x9d0
[ 1392.640825]  ? xa_load+0x156/0x2c0
[ 1392.641128]  ? io_issue_sqe+0x77b0/0x77b0
[ 1392.641503]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1392.641912]  io_submit_sqes+0x44aa/0x8610
[ 1392.642280]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1392.642707]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1392.643119]  ? lock_downgrade+0x6d0/0x6d0
[ 1392.643474]  ? find_held_lock+0x2c/0x110
[ 1392.643828]  ? io_submit_sqes+0x8610/0x8610
[ 1392.644205]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1392.644616]  ? wait_for_completion_io+0x270/0x270
[ 1392.645032]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1392.645440]  ? vfs_write+0x354/0xb10
[ 1392.645761]  ? fput_many+0x2f/0x1a0
[ 1392.646076]  ? ksys_write+0x1a9/0x260
[ 1392.646408]  ? __ia32_sys_read+0xb0/0xb0
[ 1392.646757]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1392.647205]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1392.647641]  do_syscall_64+0x33/0x40
[ 1392.647965]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1392.648399] RIP: 0033:0x7fd30c0eeb19
[ 1392.648721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1392.650281] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1392.650935] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1392.651551] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1392.652160] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1392.652763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1392.653382] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:09:35 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:09:35 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x4020940d, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:09:35 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x0, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:09:35 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 3)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:09:35 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1392.770016] FAULT_INJECTION: forcing a failure.
[ 1392.770016] name failslab, interval 1, probability 0, space 0, times 0
[ 1392.771067] CPU: 1 PID: 9058 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1392.771617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1392.772279] Call Trace:
[ 1392.772500]  dump_stack+0x107/0x167
[ 1392.772796]  should_fail.cold+0x5/0xa
[ 1392.773105]  ? create_object.isra.0+0x3a/0xa20
[ 1392.773485]  should_failslab+0x5/0x20
[ 1392.773792]  kmem_cache_alloc+0x5b/0x310
[ 1392.774126]  create_object.isra.0+0x3a/0xa20
[ 1392.774481]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1392.774907]  kmem_cache_alloc_bulk+0x168/0x320
[ 1392.775293]  io_submit_sqes+0x6fe6/0x8610
[ 1392.775652]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1392.776079]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1392.776501]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1392.776919]  ? lock_downgrade+0x6d0/0x6d0
[ 1392.777259]  ? find_held_lock+0x2c/0x110
[ 1392.777617]  ? io_submit_sqes+0x8610/0x8610
[ 1392.777987]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1392.778388]  ? wait_for_completion_io+0x270/0x270
[ 1392.778793]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1392.779183]  ? vfs_write+0x354/0xb10
[ 1392.779493]  ? fput_many+0x2f/0x1a0
[ 1392.779802]  ? ksys_write+0x1a9/0x260
[ 1392.780129]  ? __ia32_sys_read+0xb0/0xb0
[ 1392.780477]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1392.780915]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1392.781340]  do_syscall_64+0x33/0x40
[ 1392.781668]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1392.782084] RIP: 0033:0x7f7e6ceffb19
[ 1392.782408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1392.783889] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1392.784504] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1392.785084] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1392.785667] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1392.786243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1392.786824] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
23:09:35 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x80086601, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:09:35 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)={0x0, 0x0, 0x5})
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x911802, 0x140)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0)
r2 = openat$hpet(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640))
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={<r3=>0x0, <r4=>0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"})
ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f0000001140)={0x40, 0x7e, "425b6a548b50b187aff2cf1f188714dbec136010ba74bd9515979b5944980a006b23273ea21855e546ef8b91af6a6cbe27130f0c8fef0a0d53bd8ff5400c42cf781e0a94239e8b003e8dfc351f9df197ad5e5e5cbf5225e12dd6439a2f145fd0efe208e6c647c1b3fac537e9590dbde4ef432980c499f2026a59fbd6bdf5"})
r5 = mq_open(&(0x7f0000005c00)='-@\x00', 0x42, 0x0, 0x0)
mq_timedsend(r5, 0x0, 0x0, 0x0, &(0x7f0000000040))
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000007640)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r6=>0x0}, {}, {}, {}, {}, {}, {<r7=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r8=>0x0}, {<r9=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r10=>0x0}, {<r11=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r12=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {0x0, <r13=>0x0}, {}, {}, {}, {}, {}, {0x0, <r14=>0x0}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r15=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r16=>0x0}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r17=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {<r18=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r19=>0x0}], 0x4, "9755154351ac9a"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640)={0x0, ""/256, <r20=>0x0})
mq_timedsend(r5, &(0x7f0000001e00)="3cd52ed97c9e213909d730166b17123f3294a3353d43c2bda33f8b46124feb3e574cb78ff55dae93c1d80f8b1b571caa5d0f953fdc20af7c2907f40c853111e5a4a6405dfd6510e2573f0cd5a14f722a746315bf5955d6443a167b62e37e70e67059a451add17b0ba3a4967e37a184c25fd56c25f32d2c08713830771e190d3e72e360fbae6eb7f69da7ae1b7575584eb3aad405c2e0cecf7c57c725e35199b38412b21fb229249cb5214590ea9c200b689ed99433fbbb389404f04d726fe19ef657f8896380c769f15ede2ebc816773d5730db7acb1828fbcdffc4da713e0944bca7028c47238c1aace7879fca945a836e4ff365b155de4a6b5e69df15c57c8c84a27359b026401b2d2ebb22fc4727115b803cbed672e1c10421e53aecb9848432f39231a6fe45af05a49d7f66593d188b01763da10fbe076c0103b005492008157072857ecefae4dfd561229bd8ecf19e938d25a4315e343c5ffc67c1810af17fff3e930e390dc021b8a020e9ad5750cbdb6ac2406d580f35c6776feba23704f457eb3c9e481a38ae02519b5561493b3a5a22682f0622f55b91bf3fe3b6eeb0b411767b39cf41b6ea7f7606bbbf59f038ed99313e9185bafa0f1fb0d7f8f854025afe6eb498d49d00f869ed3d4abccfb90d70f1dd88a92a1f6c2a1f62238ff8733e3b25225fe919598664429606c6ba859544fe0de3a9f18ed8fdd5e9ce15ab80c870a454b550e5fe805396bf4ed72b627314fad05b74a500135c9bb1b297b170356d42c9983c3275dc8c95a5a198f3b896c712d4c44d66ee10f29d4d71df5484c473cdcd107d66ded8e5219a066b00f45faca7ccbde009031f583819cffcba547c3b5707c7c1eba73dc6ade8f584244ba35302df2a0341c8e629d52fad82cc1c34dac09d39a975902e883ce1b648080e5855ad37961abaa7eecab4ac63cb839f4039f8b93d2ba6e618ebc437166e24e210171bc8ae12f31e90adadfdba265f9a8df86648ff4bcff451f289c9142ef5bac4ba3131852ff820087a5b7e1131eb05c8c857dd4cf2839501138174f70eca95c39a59220f47be95cbe4996c214f17e5a790679057bf0c05e7d79797fa74af891a0bb050183e9124f3677a94c92e3caaeb095d0746fa8a82e30f14b228fffee24ba0385ae2940a223aa6fdd3bee655aabb131e4660eefa4e65a0cd2197f54d94783a2513ab6ae8c548b7fae70692ffa367a95cde0cd90d37be42547f30d1583a913b11c9f998d60d8c78a3677d79c717dde50a0124d918e66655902e6cb60ddd82727bc05b31057693ee9d7601be6d8870edc47c328afa800911568d99655a271c65de3a07616806e280bd453217ee2420b32544c67e34bbcec1874b450af23af54048d3a10e71967bc1ee3c0029235d95f158895bbdddfa81a3cfbcc74c7c352820f75e00324e154441074853b7c2dc1c3ed42873c6323e0bd29058b62187f57ee8def92612a91b1598af90904e770a8788c05934b54f998ed0a4b54198e74a1bdcd6e5a07109f6bd0271384211633d2d70c28843fbed80968d3cf49a697bfaffb92101e0626dc34c4b9a8b47438606152c9eea6481597918ef7739be21f562c86289b842b1d9208459f41716f2518da7d3f4ba062c0ea28a221e44f071325deef0c9ce5e8bb729e8f393020db13ad241503f9c4dc21fee5bc58893e112a2bd2528aa825c3b8e19d8312b268a43c9c662737da60bf318a5cd9069a2d96653818733825f5808371ad593f124ce11272705b5dd827d269ea01ea8a3948418278ba34338fea40665bcb5365033785adbbc7f20ea2489a728670108781da688a9d2f327f7723b76e4d2dba9c05a8f15bc05fdd521ce44e606fb0daf61c3cf96094bc4c8ca55892cd55803da5ec5f72c9ea01273ba23d834061b1a4e7778470cb726d78692d1d00291b9753fe96e43b24f239b575978b0fc6855aae3e384fff6dca011d58ca718f5a64ce083744057fadce07c1569c0a2dd34cc2f990c2d0705d4ad2dd03ed74e005e495987f5dd3b561bfd610d372abd48da2cdaa6253b074b55a30c7663daf7268768a656ac8f36d0c61a6671f6b75b69634c5c3cb06bf7d28e5b01743d673ed200a51e70f7d72c908e21769144a72870fead7075c25ddadbfeb9a9818638c3829d329eac2eb542f190986977bf6b79ae967ede1bc3e998d271f8225d5ae195e1be0ae7be5dba2584bcda86187ccde07022a3a462f505557140b14646b8d2ccb67c82bcfbeb71ece2f3af3d2d522613571766fbc39716026361c6d109d1ca6616495a5c1186cb2009e8d365abaf16a81230ad8c05889f9fcbb7ce0c6a507f9b5a078dfe5a7483d376f16428d23eb15c688f252d8548b5d94f34f8cd430b1a31bcc3e1ce90d14e3e7a33021df06882d32b90e4c6968c8046a7410bb6920f278d1b1c166875217c8e8d417adf9b50c85c509fa0581d906ab12c339e7ce03a49693489e7965043c75e5950363f062e43933d848ac73cb5f8585eee7d22305f9332df9ad7a11377c01f15ae3009d92dc3fae370f8f817400fd7f5aeb5b103fa1ba707b86ebff9324e2d52a8d46baff356e4be977bab515127107916440e1867c4d6279b08479597b3268c98566723c935f96b569b2b60807f8a046ea6e2761c062c7913dc9d4bf71f60ee2fd0e7bb3e5b718e8d4a62c43f2d53d9ecdbfb6d1dea8d8ce51c574c5007a55bd1a5933e3895659255153d501e3419ecb2c63cf337b7de31b0830f7c5b4fe267ef576c7776d34e47c7ee204609284af5a10a88b0d2488574d50614b004c04285cadc63001ac023f570b6fa4c0a21635b2d53405c4279ce02ad7033cc5df8559e1cafb3e6b0dd169df0a980a27d5acd32f68e166ddd6c43e186de12bd09f14e644c5f7a696b1cec0cfc757dc64e8f0b64c8bab66db414fa724c175fa49676d0ae100537b7cb55751a54149b60653a20bbbdaa58a9172228e553a5ec93387db79eaa9cd542cf8035d4c50b7e09e3728f153641e7fd5c9cb8969df5374a25d3611aacc81ea1d195a4b2f7e1f861259fe1d2d6422e32acd44d2f996508c07e54b200a472e4782b0e5aa030898f4c51b578f60d17fc5c01055be225120118c20b171d8bffe38f194b0ef598ac5696825da3442eb0513e31dcf997a213ffb711392223c906b637c77a5ac612611b9d4f949bfa43d746b38fa61a2b736f116edfeda864cf56357f0d9ed25d27cb057c8227379a86d9f2bf00f289ea8fcf4a61f0bbc50045047e7ef0b097e4c65d749f4d40a89f6ff2e17990e837f81364faaf32cd0c5cdf9846173610759a22a424e00f57a3143c8cf561f12489ff01fa64ef27c39370e1eca076ecaa6fbd701ad2a29b80cca60bdccd34e5f26fd0ac661ef5da02883d55401b05b15770399f960c8749fdc90fc06ddc18bd88ad6d21a7db3aaf52e28ab741f211898192d4ab34b659e79eddd844a28b5c3d0125f5b8781f270f7832114c744bc5820a60b28d408291884c0f85b47e660f8545c412c235e85da5e33bd315067b9f89a36b76e204e82ee465031f0fc463d42254f73fe269bd7ba4f4f06dafe7057f58f5387f40b0bf3fa2e9ca6b2afc496d26ebd092e0373750cc649f16e1e35179825f3a51d8b015539a4ba1661addc540c776257ceadb0d795f8fd6737bc302fc39b4dda8bf0db0f4d0a62839b02ff488810413131a566082d864e5bfc3e073a63f17b28aa8929cd239f50689fef85a8de3308be69b82d7eca3d9e5190586362841d1ff6c562a3c6d74e57750e80baddf2aabd9cc40ff3aa30e2a9be9150815977e3292f171cd184074d00e90251ffb0943b276e67a87d7eed7af3d886519f54aec72d5eb01268202999e8d78532461a8524aa0fea7c49aa864f956bc4dd31047a529f8bbf4ba971ded87c6121533491863d6d2f4dbeac566839675a781f43c9ed27d0527c961a60f212deafd75ac331674b4e76d9151c9813aca07565b1e8b52a835d1693f36cdb9be6fa8cdd7431183467be6dc75c867268cbc7f7a6cd1059ccb123c47de06785d1deb8a2a4ab286929253e05107d07c80d2790af78fe59f022763514ade2fd2f2aa0fff6c99c6af7498c9024259f2f49d8e0f054b9e7d774b4e7b1552340012153d4c79451be6ffc71079da12c140d97f3a813256e93e22e3ff9045fc6075df39fab13ed8661a6a06bc083194ebe6bc40040840f08cd586d7a3a36fe7015d3a636f94553955325eeb3d5c538251202c6c1521cbe2b87e3a22ffd2744094a44be4a63e09271a29fbddc042872a53dfe54670d0028d640754c2aa06ab7e299244bcf5517eca5a0d50799ff872bdafe888a587633f3771c161c520e56764ae13e351dd4a4fbbc4c12e00986c58a3af279473acfa42cdd442d2ab36a1f2c8e15df74b9b9fdb7f4ed0a527e1b2522ea18b822d420e493a114031ef87dad32101c7002f7aacd435e3c952c5edf7f6317215709f673926e15feb3021c3d31adaf27f468ed93f65201963ce3ec173f8003d417961a503bfe5181ed3397bfe1299107235aa1562baf276ddc6b3e802a35042d0f8a79ee06102c8e9b0a92e7e92da2788c8e6450a924fe8d7637a183f9a0b69e949ee3d54bd5abf9b6a90bd3cb8a9bc9d8d91418c72b3fe665d54dec99eb53fcf474a0f42171e2f3fb16a00633408f77c205a168f70379d5f10988510ed2605f1811c5c22d9e3e44f483cfc65e373e431eb224414db926be369c40fd1e40f2938cc484b33f69d8ee518c33a91284d6e3635720b731c68011d6b467219a6deb3b6c47ae211375d738b6f77a4f6ea2b80579aa34b3d0bced65466b6946f386482db484af971f33f546f2c0b0bcf6135784fcf3f0f1006fe34617e86adbabf80935995d34b48b9d1f12ef089510dbbd616a59e875d3f3e0aa7aea1758d6c5f2a699d031823205a4ad815efee17395d817015c392a79e4d0ac9686e596220b0ecdd2c1646e54a5630cd6022b1f52d81de0b7c0e772ab6a9c931bf527b0a874f79fa860cc82283d36be2114a4ce514b60f2b1ef941fb4e1a8d2899467d6231f82fefa3bc2462677ffd1d2436b44bf4f7fe734064f0a0b16c3f16332a85895ff84494009e00440ff7940096065996741278b3652d6286545b10c77ab2e905c1bb8c2d538ca6521df0707f55e0054d2d87d060f863c9cc50db915ac404ff6017a48a04190d12168a647d803819879c0bc3e688663d1585493dc800727fb4775473005d0cc37c3941dddb31071cb5389083a0ee8aa5317326c7f8a29646e24bb32c6d6198d2e095a6694f5ad98e3940608d60e169cc7dc507564e043aebdde61d7adf96f0a52adbde8f9ce5f99a323c8cfbb35c23baef865a6a6f949b9ee425ed2dbf1f74eda38aea9bb1e814f8de792d106ffc2030223aed765a49a8c5225f986508d023b698226c40e366e93264fbf51c2fa8a889f13ef4b768c480ae4ef3d5f061d7cd2ea2456e0c2bca80c3e7b23209a4d221a1df8cc6b3e5fa6dead523253952380abf2ca49d628a4078e4c34c49caa2f84dbd9325c2459dcf8ffe65163a438dc1f204cfeca634cfd0a2f0f165539b88bbff3b4136f21cd050ea0c2959701aed2f44be88498bd6ccad2935aa459f91e146928eceef45a9dee8ac5d9ecedf6f3757a3058742aa743b74020dfbd925deacc4fc4c1e1d91653f93b190229888c5103c29a4b5ffc836babd2035e79d5742e32f663fa44ad2ccb40e547037ecfc1d8f1cf1f70638302c6b8e8524ffe1e1b33464ae0c4ad2b8f53350998a864ac84789fd0f48534295285e6", 0x1000, 0x5, &(0x7f0000000000)={0x0, 0x3938700})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000000140)={0x0, [{}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r11}, {}, {0x0, r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {r12}, {}, {}, {}, {}, {}, {}, {}, {r20}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r18}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r19}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}, {}, {}, {}, {}, {}, {}, {0x0, r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r17}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}], 0x7f, "9656c75f04ba4d"})
lseek(r1, 0x0, 0x2)
r21 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
openat(r2, 0x0, 0x480c1, 0x186)
copy_file_range(r21, 0x0, r1, 0x0, 0x200f5ef, 0x0)

23:09:35 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:09:35 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1392.924908] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1393.252429] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1393.252916] print_req_error: 22 callbacks suppressed
[ 1393.252927] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1393.254250] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1393.255088] buffer_io_error: 6 callbacks suppressed
[ 1393.255096] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1393.270917] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1393.271359] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1393.272223] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1393.273068] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1393.277010] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1393.277485] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1393.278327] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1393.279177] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1393.281491] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1393.281932] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1393.282789] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1393.283634] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1393.284606] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1393.285043] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1393.285917] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1393.286766] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1393.287760] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1393.288222] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1393.289169] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1393.289671] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1393.290703] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1393.291157] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:09:51 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc81", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:09:51 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:09:51 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x80087601, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:09:51 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 4)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:09:51 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 46)

23:09:51 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r0 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2}, 0x6)
ioctl$FIOCLEX(r0, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:09:51 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x0, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:09:51 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1408.115256] FAULT_INJECTION: forcing a failure.
[ 1408.115256] name failslab, interval 1, probability 0, space 0, times 0
[ 1408.116985] CPU: 0 PID: 9086 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1408.117989] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1408.119193] Call Trace:
[ 1408.119593]  dump_stack+0x107/0x167
[ 1408.120131]  should_fail.cold+0x5/0xa
[ 1408.120696]  ? create_object.isra.0+0x3a/0xa20
[ 1408.121370]  should_failslab+0x5/0x20
[ 1408.121935]  kmem_cache_alloc+0x5b/0x310
[ 1408.122542]  create_object.isra.0+0x3a/0xa20
[ 1408.123193]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1408.123947]  kmem_cache_alloc_trace+0x151/0x320
[ 1408.124638]  io_issue_sqe+0x2492/0x77b0
[ 1408.125245]  ? io_connect+0x610/0x610
[ 1408.125826]  ? lock_acquire+0x197/0x470
[ 1408.126180] FAULT_INJECTION: forcing a failure.
[ 1408.126180] name failslab, interval 1, probability 0, space 0, times 0
[ 1408.126406]  ? find_held_lock+0x2c/0x110
[ 1408.126430]  ? xa_load+0x12d/0x2c0
[ 1408.126456]  ? lock_downgrade+0x6d0/0x6d0
[ 1408.129795]  __io_queue_sqe+0x90/0x9d0
[ 1408.130367]  ? xa_load+0x156/0x2c0
[ 1408.130892]  ? io_issue_sqe+0x77b0/0x77b0
[ 1408.131521]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1408.132217]  io_submit_sqes+0x44aa/0x8610
[ 1408.132861]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1408.133598]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1408.134310]  ? lock_downgrade+0x6d0/0x6d0
[ 1408.134918]  ? find_held_lock+0x2c/0x110
[ 1408.135518]  ? io_submit_sqes+0x8610/0x8610
[ 1408.136161]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1408.136875]  ? wait_for_completion_io+0x270/0x270
[ 1408.137594]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1408.138271]  ? vfs_write+0x354/0xb10
[ 1408.138821]  ? fput_many+0x2f/0x1a0
[ 1408.139356]  ? ksys_write+0x1a9/0x260
[ 1408.139919]  ? __ia32_sys_read+0xb0/0xb0
[ 1408.140518]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1408.141287]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1408.142049]  do_syscall_64+0x33/0x40
[ 1408.142595]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1408.143342] RIP: 0033:0x7fd30c0eeb19
[ 1408.143894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1408.146557] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1408.147668] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1408.148708] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1408.149749] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1408.150788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1408.151823] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1408.152893] CPU: 1 PID: 9081 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1408.153909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1408.155109] Call Trace:
[ 1408.155507]  dump_stack+0x107/0x167
[ 1408.156040]  should_fail.cold+0x5/0xa
[ 1408.156603]  ? create_object.isra.0+0x3a/0xa20
[ 1408.157274]  should_failslab+0x5/0x20
[ 1408.157838]  kmem_cache_alloc+0x5b/0x310
[ 1408.158440]  ? mark_held_locks+0x9e/0xe0
[ 1408.159039]  create_object.isra.0+0x3a/0xa20
[ 1408.159685]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1408.160432]  kmem_cache_alloc_bulk+0x168/0x320
[ 1408.161108]  io_submit_sqes+0x6fe6/0x8610
[ 1408.161724]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1408.162456]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1408.163185]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1408.163892]  ? lock_downgrade+0x6d0/0x6d0
[ 1408.164498]  ? find_held_lock+0x2c/0x110
[ 1408.165097]  ? io_submit_sqes+0x8610/0x8610
[ 1408.165748]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1408.166454]  ? wait_for_completion_io+0x270/0x270
[ 1408.167164]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1408.167837]  ? vfs_write+0x354/0xb10
[ 1408.168384]  ? fput_many+0x2f/0x1a0
[ 1408.168917]  ? ksys_write+0x1a9/0x260
[ 1408.169482]  ? __ia32_sys_read+0xb0/0xb0
[ 1408.170090]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1408.170855]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1408.171610]  do_syscall_64+0x33/0x40
[ 1408.172156]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1408.172897] RIP: 0033:0x7f7e6ceffb19
[ 1408.173439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1408.176081] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1408.177185] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1408.178225] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1408.179252] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1408.180280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1408.181307] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
23:09:51 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x80108906, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1408.291318] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1408.295265] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
23:09:51 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 5)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:09:51 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x80108907, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:09:51 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x0)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:09:51 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:09:51 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 47)

23:09:51 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r0 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2}, 0x6)
ioctl$FIOCLEX(r0, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:09:51 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x0)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1408.453601] FAULT_INJECTION: forcing a failure.
[ 1408.453601] name failslab, interval 1, probability 0, space 0, times 0
[ 1408.454781] CPU: 0 PID: 9115 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1408.455381] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1408.456123] Call Trace:
[ 1408.456378]  dump_stack+0x107/0x167
[ 1408.456724]  should_fail.cold+0x5/0xa
[ 1408.457087]  ? create_object.isra.0+0x3a/0xa20
[ 1408.457518]  should_failslab+0x5/0x20
[ 1408.457879]  kmem_cache_alloc+0x5b/0x310
[ 1408.458260]  ? mark_held_locks+0x9e/0xe0
[ 1408.458637]  create_object.isra.0+0x3a/0xa20
[ 1408.459026]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1408.459481]  kmem_cache_alloc_bulk+0x168/0x320
[ 1408.459889]  io_submit_sqes+0x6fe6/0x8610
[ 1408.460256]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1408.460697]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1408.461137]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1408.461564]  ? lock_downgrade+0x6d0/0x6d0
[ 1408.461938]  ? find_held_lock+0x2c/0x110
[ 1408.462300]  ? io_submit_sqes+0x8610/0x8610
[ 1408.462688]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1408.463117]  ? wait_for_completion_io+0x270/0x270
[ 1408.463546]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1408.463952]  ? vfs_write+0x354/0xb10
[ 1408.464282]  ? fput_many+0x2f/0x1a0
[ 1408.464605]  ? ksys_write+0x1a9/0x260
[ 1408.464946]  ? __ia32_sys_read+0xb0/0xb0
[ 1408.465316]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1408.465788]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1408.466239]  do_syscall_64+0x33/0x40
[ 1408.466564]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1408.467016] RIP: 0033:0x7f7e6ceffb19
[ 1408.467345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1408.468957] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1408.469637] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1408.470258] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1408.470896] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1408.471527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1408.472151] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1408.481409] FAULT_INJECTION: forcing a failure.
[ 1408.481409] name failslab, interval 1, probability 0, space 0, times 0
[ 1408.482505] CPU: 0 PID: 9122 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1408.483113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1408.483858] Call Trace:
[ 1408.484108]  dump_stack+0x107/0x167
[ 1408.484448]  should_fail.cold+0x5/0xa
[ 1408.484800]  ? create_object.isra.0+0x3a/0xa20
[ 1408.485221]  should_failslab+0x5/0x20
[ 1408.485563]  kmem_cache_alloc+0x5b/0x310
[ 1408.485935]  create_object.isra.0+0x3a/0xa20
[ 1408.486319]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1408.486764]  kmem_cache_alloc_trace+0x151/0x320
[ 1408.487176]  io_issue_sqe+0x2492/0x77b0
[ 1408.487534]  ? io_connect+0x610/0x610
[ 1408.487865]  ? lock_acquire+0x197/0x470
[ 1408.488211]  ? find_held_lock+0x2c/0x110
[ 1408.488570]  ? xa_load+0x12d/0x2c0
[ 1408.488875]  ? lock_downgrade+0x6d0/0x6d0
[ 1408.489244]  __io_queue_sqe+0x90/0x9d0
[ 1408.489597]  ? xa_load+0x156/0x2c0
[ 1408.489909]  ? io_issue_sqe+0x77b0/0x77b0
[ 1408.490275]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1408.490694]  io_submit_sqes+0x44aa/0x8610
[ 1408.491073]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1408.491503]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1408.491922]  ? lock_downgrade+0x6d0/0x6d0
[ 1408.492288]  ? find_held_lock+0x2c/0x110
[ 1408.492643]  ? io_submit_sqes+0x8610/0x8610
[ 1408.493024]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1408.493447]  ? wait_for_completion_io+0x270/0x270
[ 1408.493878]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1408.494286]  ? vfs_write+0x354/0xb10
[ 1408.494610]  ? fput_many+0x2f/0x1a0
[ 1408.494927]  ? ksys_write+0x1a9/0x260
[ 1408.495258]  ? __ia32_sys_read+0xb0/0xb0
[ 1408.495618]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1408.496073]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1408.496524]  do_syscall_64+0x33/0x40
[ 1408.496850]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1408.497298] RIP: 0033:0x7fd30c0eeb19
[ 1408.497635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1408.499222] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1408.499876] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1408.500492] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1408.501103] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1408.501715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1408.502328] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1408.546181] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1408.898328] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1408.899223] print_req_error: 6 callbacks suppressed
[ 1408.899242] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1408.903641] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1408.905211] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1408.917545] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1408.918367] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1408.920001] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1408.921549] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1408.922961] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1408.923825] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1408.925417] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1408.926969] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1408.928431] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1408.929227] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1408.930814] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1408.932362] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1408.933783] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1408.934648] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1408.936486] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1408.937283] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1408.939064] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1408.940150] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1408.943435] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1408.944593] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1408.945764] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1408.946904] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1409.012581] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1409.013575] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1409.014554] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1409.015455] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1409.016327] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1409.017229] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1409.018171] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1409.019079] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1409.019945] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1409.021117] Buffer I/O error on dev loop0, logical block 2096897, async page read
23:10:04 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x0, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:10:04 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc81", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:10:04 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 6)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:10:04 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 48)

23:10:04 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0xc0045878, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:10:04 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:10:04 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x0)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:10:04 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r0 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2}, 0x6)
ioctl$FIOCLEX(r0, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:10:04 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

[ 1421.335747] FAULT_INJECTION: forcing a failure.
[ 1421.335747] name failslab, interval 1, probability 0, space 0, times 0
[ 1421.337757] CPU: 0 PID: 9138 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1421.338262] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1421.338744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1421.338752] Call Trace:
[ 1421.338775]  dump_stack+0x107/0x167
[ 1421.338796]  should_fail.cold+0x5/0xa
[ 1421.342097]  ? create_object.isra.0+0x3a/0xa20
[ 1421.342777]  should_failslab+0x5/0x20
[ 1421.343328]  kmem_cache_alloc+0x5b/0x310
[ 1421.343920]  ? mark_held_locks+0x9e/0xe0
[ 1421.344517]  create_object.isra.0+0x3a/0xa20
[ 1421.345162]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1421.345904]  kmem_cache_alloc_bulk+0x168/0x320
[ 1421.346576]  io_submit_sqes+0x6fe6/0x8610
[ 1421.347194]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1421.347921]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1421.348648]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1421.349351]  ? lock_downgrade+0x6d0/0x6d0
[ 1421.349955]  ? find_held_lock+0x2c/0x110
[ 1421.350556]  ? io_submit_sqes+0x8610/0x8610
[ 1421.351196]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1421.352074]  ? wait_for_completion_io+0x270/0x270
[ 1421.352912]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1421.353310] FAULT_INJECTION: forcing a failure.
[ 1421.353310] name failslab, interval 1, probability 0, space 0, times 0
[ 1421.353716]  ? vfs_write+0x354/0xb10
[ 1421.353755]  ? fput_many+0x2f/0x1a0
[ 1421.353776]  ? ksys_write+0x1a9/0x260
[ 1421.353801]  ? __ia32_sys_read+0xb0/0xb0
[ 1421.356950]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1421.357792]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1421.358547]  do_syscall_64+0x33/0x40
[ 1421.359098]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1421.359850] RIP: 0033:0x7f7e6ceffb19
[ 1421.360403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1421.363091] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1421.364208] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1421.365251] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1421.366292] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1421.367331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1421.368366] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1421.369438] CPU: 1 PID: 9150 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1421.370022] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1421.370690] Call Trace:
[ 1421.370916]  dump_stack+0x107/0x167
[ 1421.371212]  should_fail.cold+0x5/0xa
[ 1421.371525]  ? create_object.isra.0+0x3a/0xa20
[ 1421.371894]  should_failslab+0x5/0x20
[ 1421.372206]  kmem_cache_alloc+0x5b/0x310
[ 1421.372537]  create_object.isra.0+0x3a/0xa20
[ 1421.372892]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1421.373304]  kmem_cache_alloc_trace+0x151/0x320
[ 1421.373696]  io_issue_sqe+0x2492/0x77b0
[ 1421.374048]  ? io_connect+0x610/0x610
[ 1421.374361]  ? lock_acquire+0x197/0x470
[ 1421.374686]  ? find_held_lock+0x2c/0x110
[ 1421.375019]  ? xa_load+0x12d/0x2c0
[ 1421.375308]  ? lock_downgrade+0x6d0/0x6d0
[ 1421.375651]  __io_queue_sqe+0x90/0x9d0
[ 1421.375967]  ? xa_load+0x156/0x2c0
[ 1421.376255]  ? io_issue_sqe+0x77b0/0x77b0
[ 1421.376609]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1421.376992]  io_submit_sqes+0x44aa/0x8610
[ 1421.377357]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1421.377763]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1421.378152]  ? lock_downgrade+0x6d0/0x6d0
[ 1421.378487]  ? find_held_lock+0x2c/0x110
[ 1421.378822]  ? io_submit_sqes+0x8610/0x8610
[ 1421.379180]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1421.379578]  ? wait_for_completion_io+0x270/0x270
[ 1421.379976]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1421.380354]  ? vfs_write+0x354/0xb10
[ 1421.380658]  ? fput_many+0x2f/0x1a0
[ 1421.380954]  ? ksys_write+0x1a9/0x260
[ 1421.381262]  ? __ia32_sys_read+0xb0/0xb0
[ 1421.381596]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1421.382031]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1421.382457]  do_syscall_64+0x33/0x40
[ 1421.382758]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1421.383172] RIP: 0033:0x7fd30c0eeb19
[ 1421.383472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1421.384929] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1421.385535] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1421.386114] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1421.386686] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1421.387265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1421.387837] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1421.412174] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
23:10:04 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0xc0045878, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:10:04 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:10:04 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:10:04 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc81", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:10:04 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x0)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:10:04 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:10:04 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0xc0189436, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

[ 1421.633146] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1422.119801] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1422.120771] print_req_error: 22 callbacks suppressed
[ 1422.120791] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1422.123604] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1422.125293] buffer_io_error: 6 callbacks suppressed
[ 1422.125306] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1422.133598] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1422.135002] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1422.136706] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1422.138401] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1422.139803] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1422.140767] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1422.142535] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1422.142599] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1422.143457] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1422.145589] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1422.147408] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1422.147476] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1422.148253] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1422.149153] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1422.151496] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1422.151868] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1422.152377] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1422.153436] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1422.153914] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1422.154888] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1422.155385] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1422.156811] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:10:19 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x0)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:10:19 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:10:19 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
fcntl$lock(r0, 0x5, &(0x7f0000000600))

23:10:19 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 49)

23:10:19 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 7)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:10:19 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)

23:10:19 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0xc020660b, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1d}})

23:10:19 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1436.051697] FAULT_INJECTION: forcing a failure.
[ 1436.051697] name failslab, interval 1, probability 0, space 0, times 0
[ 1436.053484] CPU: 0 PID: 9201 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1436.054523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1436.055761] Call Trace:
[ 1436.056180]  dump_stack+0x107/0x167
[ 1436.056741]  should_fail.cold+0x5/0xa
[ 1436.057327]  ? io_issue_sqe+0x2492/0x77b0
[ 1436.057973]  should_failslab+0x5/0x20
[ 1436.058556]  kmem_cache_alloc_trace+0x55/0x320
[ 1436.059262]  io_issue_sqe+0x2492/0x77b0
[ 1436.059890]  ? io_connect+0x610/0x610
[ 1436.060474]  ? lock_acquire+0x197/0x470
[ 1436.061078]  ? find_held_lock+0x2c/0x110
[ 1436.061704]  ? xa_load+0x12d/0x2c0
[ 1436.062262]  ? lock_downgrade+0x6d0/0x6d0
[ 1436.062909]  __io_queue_sqe+0x90/0x9d0
[ 1436.063509]  ? xa_load+0x156/0x2c0
[ 1436.064057]  ? io_issue_sqe+0x77b0/0x77b0
[ 1436.064703]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1436.065431]  io_submit_sqes+0x44aa/0x8610
[ 1436.066112]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1436.066868]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1436.067603]  ? lock_downgrade+0x6d0/0x6d0
[ 1436.068228]  ? find_held_lock+0x2c/0x110
[ 1436.068853]  ? io_submit_sqes+0x8610/0x8610
[ 1436.069517]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1436.070264]  ? wait_for_completion_io+0x270/0x270
[ 1436.070997]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1436.071700]  ? vfs_write+0x354/0xb10
[ 1436.072269]  ? fput_many+0x2f/0x1a0
[ 1436.072827]  ? ksys_write+0x1a9/0x260
[ 1436.073411]  ? __ia32_sys_read+0xb0/0xb0
[ 1436.074068]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1436.074860]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1436.075650]  do_syscall_64+0x33/0x40
[ 1436.076220]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1436.076992] RIP: 0033:0x7fd30c0eeb19
[ 1436.077559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1436.080301] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1436.081445] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1436.082519] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1436.083582] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1436.084648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1436.085712] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1436.108900] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1436.112023] FAULT_INJECTION: forcing a failure.
[ 1436.112023] name failslab, interval 1, probability 0, space 0, times 0
[ 1436.113897] CPU: 0 PID: 9194 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1436.114934] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1436.116192] Call Trace:
[ 1436.116608]  dump_stack+0x107/0x167
[ 1436.117175]  should_fail.cold+0x5/0xa
[ 1436.117765]  ? create_object.isra.0+0x3a/0xa20
[ 1436.118483]  should_failslab+0x5/0x20
[ 1436.119076]  kmem_cache_alloc+0x5b/0x310
[ 1436.119704]  ? mark_held_locks+0x9e/0xe0
[ 1436.120338]  create_object.isra.0+0x3a/0xa20
[ 1436.121015]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1436.121804]  kmem_cache_alloc_bulk+0x168/0x320
[ 1436.122527]  io_submit_sqes+0x6fe6/0x8610
[ 1436.123171]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1436.123950]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1436.124726]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1436.125474]  ? lock_downgrade+0x6d0/0x6d0
[ 1436.126121]  ? find_held_lock+0x2c/0x110
[ 1436.126755]  ? io_submit_sqes+0x8610/0x8610
[ 1436.127428]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1436.128173]  ? wait_for_completion_io+0x270/0x270
[ 1436.128915]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1436.129627]  ? vfs_write+0x354/0xb10
[ 1436.130214]  ? fput_many+0x2f/0x1a0
[ 1436.130783]  ? ksys_write+0x1a9/0x260
[ 1436.131372]  ? __ia32_sys_read+0xb0/0xb0
[ 1436.132005]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1436.132805]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1436.133596]  do_syscall_64+0x33/0x40
[ 1436.134185]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1436.134966] RIP: 0033:0x7f7e6ceffb19
[ 1436.135541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1436.138302] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1436.139451] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1436.140522] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1436.141594] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1436.142674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1436.143747] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
23:10:19 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x2}})

23:10:19 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x3}})

23:10:19 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 8)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:10:19 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x4}})

23:10:19 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x0, 0xffcd, 0x0, 0x0, 0x0)

23:10:19 executing program 5:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
open$dir(0x0, 0x840, 0x0)
openat(0xffffffffffffffff, 0x0, 0x482800, 0x2)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = syz_open_dev$sg(0x0, 0x0, 0x0)
write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0x120)
read(r2, &(0x7f0000000100)=""/99, 0x63)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r3, 0x4b40, 0x0)
socket(0x28, 0x2, 0x7fff)
r4 = dup(r3)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r4, 0x8008f511, &(0x7f0000000180))
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x7, 0x7, 0x81, 0x9b, 0x0, 0x9, 0x8000, 0xc, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f00000001c0), 0x4}, 0x2001, 0x8, 0x400, 0x4, 0xbd82, 0x5, 0x5, 0x0, 0x7, 0x0, 0x7}, 0x0, 0x5, r0, 0x0)
ioctl$FITRIM(r1, 0xc0185879, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000300)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10, 0x0}}], 0x40001a9, 0x810)
pipe(0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100))

23:10:19 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(0xffffffffffffffff, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1436.328717] FAULT_INJECTION: forcing a failure.
[ 1436.328717] name failslab, interval 1, probability 0, space 0, times 0
[ 1436.330631] CPU: 0 PID: 9223 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1436.331591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1436.332742] Call Trace:
[ 1436.333131]  dump_stack+0x107/0x167
[ 1436.333660]  should_fail.cold+0x5/0xa
[ 1436.334221]  ? create_object.isra.0+0x3a/0xa20
[ 1436.334876]  should_failslab+0x5/0x20
[ 1436.335421]  kmem_cache_alloc+0x5b/0x310
[ 1436.336190]  ? mark_held_locks+0x9e/0xe0
[ 1436.336776]  create_object.isra.0+0x3a/0xa20
[ 1436.337572]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1436.338362]  kmem_cache_alloc_bulk+0x168/0x320
[ 1436.339199]  io_submit_sqes+0x6fe6/0x8610
[ 1436.339788]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1436.340679]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1436.341424]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1436.342325]  ? lock_downgrade+0x6d0/0x6d0
[ 1436.342904]  ? find_held_lock+0x2c/0x110
[ 1436.343664]  ? io_submit_sqes+0x8610/0x8610
[ 1436.344284]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1436.345172]  ? wait_for_completion_io+0x270/0x270
[ 1436.345927]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1436.346777]  ? vfs_write+0x354/0xb10
[ 1436.347304]  ? fput_many+0x2f/0x1a0
[ 1436.347986]  ? ksys_write+0x1a9/0x260
[ 1436.348528]  ? __ia32_sys_read+0xb0/0xb0
[ 1436.349282]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1436.350029]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1436.350996]  do_syscall_64+0x33/0x40
[ 1436.351568]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1436.352502] RIP: 0033:0x7f7e6ceffb19
[ 1436.353070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1436.356123] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1436.357213] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1436.358297] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1436.359344] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1436.360435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1436.361478] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1436.878564] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1436.879445] print_req_error: 6 callbacks suppressed
[ 1436.879464] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1436.881816] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1436.882647] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1436.884239] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1436.885058] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1436.886679] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1436.887500] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1436.889104] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1436.889967] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1436.891550] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1436.893091] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1436.894235] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1436.895759] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1436.896890] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1436.898423] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1436.899559] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1436.901116] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1436.902268] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1436.903802] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1436.905538] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1436.906479] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1436.907409] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1436.908255] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1436.909421] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1436.910576] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:10:33 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 9)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:10:33 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x0)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:10:33 executing program 5:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
open$dir(0x0, 0x840, 0x0)
openat(0xffffffffffffffff, 0x0, 0x482800, 0x2)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = syz_open_dev$sg(0x0, 0x0, 0x0)
write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0x120)
read(r2, &(0x7f0000000100)=""/99, 0x63)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r3, 0x4b40, 0x0)
socket(0x28, 0x2, 0x7fff)
r4 = dup(r3)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r4, 0x8008f511, &(0x7f0000000180))
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x7, 0x7, 0x81, 0x9b, 0x0, 0x9, 0x8000, 0xc, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f00000001c0), 0x4}, 0x2001, 0x8, 0x400, 0x4, 0xbd82, 0x5, 0x5, 0x0, 0x7, 0x0, 0x7}, 0x0, 0x5, r0, 0x0)
ioctl$FITRIM(r1, 0xc0185879, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000300)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10, 0x0}}], 0x40001a9, 0x810)
pipe(0x0)
syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100))

23:10:33 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x5}})

23:10:33 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 50)

23:10:33 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x0, 0xffcd, 0x0, 0x0, 0x0)

23:10:33 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(0xffffffffffffffff, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1450.499010] FAULT_INJECTION: forcing a failure.
[ 1450.499010] name failslab, interval 1, probability 0, space 0, times 0
[ 1450.500919] CPU: 0 PID: 9242 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1450.501867] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1450.503022] Call Trace:
[ 1450.503403]  dump_stack+0x107/0x167
[ 1450.503471] FAULT_INJECTION: forcing a failure.
[ 1450.503471] name failslab, interval 1, probability 0, space 0, times 0
[ 1450.503909]  should_fail.cold+0x5/0xa
[ 1450.503930]  ? create_object.isra.0+0x3a/0xa20
[ 1450.503957]  should_failslab+0x5/0x20
[ 1450.507638]  kmem_cache_alloc+0x5b/0x310
[ 1450.508208]  ? mark_held_locks+0x9e/0xe0
[ 1450.508782]  create_object.isra.0+0x3a/0xa20
[ 1450.509396]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1450.510118]  kmem_cache_alloc_bulk+0x168/0x320
[ 1450.510788]  io_submit_sqes+0x6fe6/0x8610
[ 1450.511374]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1450.512073]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1450.512770]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1450.513445]  ? lock_downgrade+0x6d0/0x6d0
[ 1450.514025]  ? find_held_lock+0x2c/0x110
[ 1450.514602]  ? io_submit_sqes+0x8610/0x8610
[ 1450.515221]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1450.515903]  ? wait_for_completion_io+0x270/0x270
[ 1450.516581]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1450.517252]  ? vfs_write+0x354/0xb10
[ 1450.517774]  ? fput_many+0x2f/0x1a0
[ 1450.518297]  ? ksys_write+0x1a9/0x260
[ 1450.518829]  ? __ia32_sys_read+0xb0/0xb0
[ 1450.519398]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1450.520130]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1450.520851]  do_syscall_64+0x33/0x40
[ 1450.521371]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1450.522092] RIP: 0033:0x7f7e6ceffb19
[ 1450.522616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1450.525152] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1450.526267] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1450.527253] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1450.528241] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1450.529226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1450.530218] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1450.531241] CPU: 1 PID: 9251 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1450.532515] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1450.534040] Call Trace:
[ 1450.534547]  dump_stack+0x107/0x167
[ 1450.535259]  should_fail.cold+0x5/0xa
[ 1450.535975]  ? create_object.isra.0+0x3a/0xa20
[ 1450.536831]  should_failslab+0x5/0x20
[ 1450.537538]  kmem_cache_alloc+0x5b/0x310
[ 1450.538311]  create_object.isra.0+0x3a/0xa20
[ 1450.539122]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1450.540068]  kmem_cache_alloc_trace+0x151/0x320
[ 1450.540944]  io_issue_sqe+0x2492/0x77b0
[ 1450.540985]  ? io_connect+0x610/0x610
[ 1450.541005]  ? lock_acquire+0x197/0x470
[ 1450.541021]  ? find_held_lock+0x2c/0x110
[ 1450.541044]  ? xa_load+0x12d/0x2c0
[ 1450.541061]  ? lock_downgrade+0x6d0/0x6d0
[ 1450.541089]  __io_queue_sqe+0x90/0x9d0
[ 1450.541108]  ? xa_load+0x156/0x2c0
[ 1450.541126]  ? io_issue_sqe+0x77b0/0x77b0
[ 1450.541154]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1450.541179]  io_submit_sqes+0x44aa/0x8610
[ 1450.541230]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1450.541248]  __do_sys_io_uring_enter+0x6b5/0x18c0
23:10:33 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:10:33 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x0, 0xffcd, 0x0, 0x0, 0x0)

[ 1450.541272]  ? lock_downgrade+0x6d0/0x6d0
[ 1450.541287]  ? find_held_lock+0x2c/0x110
[ 1450.541312]  ? io_submit_sqes+0x8610/0x8610
[ 1450.541339]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1450.541363]  ? wait_for_completion_io+0x270/0x270
[ 1450.541383]  ? rcu_read_lock_any_held+0x75/0xa0
23:10:33 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(0xffffffffffffffff, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:10:33 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x6}})

[ 1450.541400]  ? vfs_write+0x354/0xb10
[ 1450.541418]  ? fput_many+0x2f/0x1a0
[ 1450.541437]  ? ksys_write+0x1a9/0x260
[ 1450.541456]  ? __ia32_sys_read+0xb0/0xb0
[ 1450.541480]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1450.541497]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1450.541518]  do_syscall_64+0x33/0x40
[ 1450.541535]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1450.541546] RIP: 0033:0x7fd30c0eeb19
[ 1450.541562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1450.541572] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1450.541591] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1450.541601] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1450.541612] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1450.541622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1450.541632] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1450.591292] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1451.160275] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1451.161145] print_req_error: 6 callbacks suppressed
[ 1451.161163] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1451.163497] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1451.165035] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1451.167555] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1451.168414] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1451.169960] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1451.171495] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1451.174569] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1451.175403] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1451.176978] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1451.178537] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1451.179815] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1451.180660] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1451.182251] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1451.183789] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1451.185039] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1451.185876] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1451.187559] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1451.188349] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1451.190018] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1451.190984] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1451.193994] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1451.195164] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1451.196304] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1451.197436] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:10:47 executing program 5:
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000001, 0x608, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x400, 0x8d)

23:10:47 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:10:47 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(0xffffffffffffffff, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:10:47 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x0, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:10:47 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0x0, 0x0, 0x0, 0x0)

23:10:47 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 10)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:10:47 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x7}})

23:10:47 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 51)

[ 1464.554657] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1464.556650] FAULT_INJECTION: forcing a failure.
[ 1464.556650] name failslab, interval 1, probability 0, space 0, times 0
[ 1464.557619] CPU: 0 PID: 9298 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1464.558241] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1464.558979] Call Trace:
[ 1464.559222]  dump_stack+0x107/0x167
[ 1464.559553]  should_fail.cold+0x5/0xa
[ 1464.559901]  should_failslab+0x5/0x20
[ 1464.560240]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1464.560652]  io_submit_sqes+0x6fe6/0x8610
[ 1464.561043]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1464.561493]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1464.561934]  ? lock_downgrade+0x6d0/0x6d0
[ 1464.562311]  ? find_held_lock+0x2c/0x110
[ 1464.562696]  ? io_submit_sqes+0x8610/0x8610
[ 1464.563091]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1464.563525]  ? wait_for_completion_io+0x270/0x270
[ 1464.563963]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1464.564381]  ? vfs_write+0x354/0xb10
[ 1464.564717]  ? fput_many+0x2f/0x1a0
[ 1464.565046]  ? ksys_write+0x1a9/0x260
[ 1464.565388]  ? __ia32_sys_read+0xb0/0xb0
[ 1464.565762]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1464.566231]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1464.566699]  do_syscall_64+0x33/0x40
[ 1464.567030]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1464.567487] RIP: 0033:0x7fd30c0eeb19
[ 1464.567825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1464.569462] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1464.570137] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1464.570772] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1464.571410] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1464.572046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1464.572675] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1464.592245] FAULT_INJECTION: forcing a failure.
[ 1464.592245] name failslab, interval 1, probability 0, space 0, times 0
[ 1464.594278] CPU: 1 PID: 9296 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1464.595343] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1464.596622] Call Trace:
[ 1464.597050]  dump_stack+0x107/0x167
[ 1464.597626]  should_fail.cold+0x5/0xa
[ 1464.598240]  ? io_issue_sqe+0x2492/0x77b0
[ 1464.598894]  should_failslab+0x5/0x20
[ 1464.599496]  kmem_cache_alloc_trace+0x55/0x320
[ 1464.600224]  io_issue_sqe+0x2492/0x77b0
[ 1464.600876]  ? io_connect+0x610/0x610
[ 1464.601485]  ? __lockdep_reset_lock+0x180/0x180
[ 1464.602233]  ? lock_acquire+0x197/0x470
[ 1464.602860]  ? slab_free_freelist_hook+0x180/0x180
[ 1464.603629]  ? find_held_lock+0x2c/0x110
[ 1464.604276]  __io_queue_sqe+0x90/0x9d0
[ 1464.604897]  ? io_issue_sqe+0x77b0/0x77b0
[ 1464.605563]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1464.606321]  io_submit_sqes+0x44aa/0x8610
[ 1464.607012]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1464.607792]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1464.608553]  ? lock_downgrade+0x6d0/0x6d0
[ 1464.609205]  ? find_held_lock+0x2c/0x110
[ 1464.609854]  ? io_submit_sqes+0x8610/0x8610
[ 1464.610554]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1464.611314]  ? wait_for_completion_io+0x270/0x270
[ 1464.612068]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1464.612794]  ? vfs_write+0x354/0xb10
[ 1464.613379]  ? fput_many+0x2f/0x1a0
[ 1464.613953]  ? ksys_write+0x1a9/0x260
[ 1464.614561]  ? __ia32_sys_read+0xb0/0xb0
[ 1464.615205]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1464.616022]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1464.616830]  do_syscall_64+0x33/0x40
[ 1464.617412]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1464.618206] RIP: 0033:0x7f7e6ceffb19
[ 1464.618804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1464.621621] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1464.622810] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1464.623914] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1464.625014] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1464.626115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1464.627219] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1464.989251] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1464.990130] print_req_error: 6 callbacks suppressed
[ 1464.990149] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1464.992455] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1464.993226] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1464.994781] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1464.995588] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1464.997147] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1464.997951] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1464.999525] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1465.000296] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1465.001864] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1465.003392] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1465.004508] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1465.005997] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1465.007112] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1465.008603] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1465.009716] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1465.011200] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1465.012295] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1465.013789] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1465.014988] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1465.015902] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1465.016788] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1465.023420] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1465.024548] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1465.025656] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:11:01 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x8}})

23:11:01 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 11)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:11:01 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 52)

23:11:01 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(0xffffffffffffffff, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:11:01 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x0, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:11:01 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0x0, 0x0, 0x0, 0x0)

23:11:01 executing program 5:
r0 = socket$inet(0x2, 0x1, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x80, &(0x7f00000000c0)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}}, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r1, 0x4b40, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff})
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SPLICE={0x1e, 0x5, 0x0, @fd=r1, 0x0, {}, 0x800, 0x0, 0x0, {0x0, 0x0, r2}}, 0xc5de)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x100, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0)
r3 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f00000000c0), 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
syz_genetlink_get_family_id$wireguard(&(0x7f0000000240), r4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRESDEC=r4, @ANYBLOB="010000000000000000000600000008000300", @ANYRES16, @ANYBLOB="08000500060000007d16120000ccf463dc8c8e351e1a465430c2cc00", @ANYRESDEC=r5], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r4)
syncfs(r3)
add_key(0x0, 0x0, &(0x7f0000000000)='t', 0x1, 0xfffffffffffffffb)
syz_mount_image$iso9660(&(0x7f0000000300), &(0x7f0000000040)='./file0\x00', 0xfad4, 0x2, &(0x7f0000000200)=[{&(0x7f0000000380)="ff5743e55b1b7cdca18fd852bb2b4966678e", 0x12, 0x8800}, {&(0x7f0000000680)="8800170000000000001700080000000008007809140b2a3a0802000001000001010053500701beef005252050181505824016d4100000000416d03000000000000030000000000000000000000000000000054461a010e7809140b2a3a087809140b2a3a087809140b2a3a0843451c0119000000000000190000000000000000ed000000000000ed6600170000000000001700080000000008007809140b2a3a080200000100000101015252050181505824016d4100000000416d02000000000000020000000000000000000000000000000054461a010e7809140b2a3a087809140b2a3a087809140b2a3a08008c001a0000000000eeeb9a4be1f8ad7af0d28d8119c4b942119d885beb6d7b5f16329d06c87b39634377efe8822ea190d470d93997df33307308784f2c7d4249f5453a37a9943bda8f17e466d9f2a3cb3d8615a533345d82647d7e02bd85e2b27c815c20b063dd14191891d67784a8bc", 0x15e, 0xb800}], 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="636865636b3d731c402a28742c6d41703d6e6f726d616c2c6d6f64653d307820303030c3163030303030dc30e42c6d6f64653d3078666666666666666637666666666666662c000000"])
ioctl$AUTOFS_IOC_CATATONIC(0xffffffffffffffff, 0x9362, 0x0)

23:11:01 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

[ 1478.505326] FAULT_INJECTION: forcing a failure.
[ 1478.505326] name failslab, interval 1, probability 0, space 0, times 0
[ 1478.507263] CPU: 0 PID: 9317 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1478.508320] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1478.509825] Call Trace:
[ 1478.510303]  dump_stack+0x107/0x167
[ 1478.510882]  should_fail.cold+0x5/0xa
[ 1478.511470]  ? create_object.isra.0+0x3a/0xa20
[ 1478.512177]  should_failslab+0x5/0x20
[ 1478.512752]  kmem_cache_alloc+0x5b/0x310
[ 1478.513368]  create_object.isra.0+0x3a/0xa20
[ 1478.514023]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1478.514796]  kmem_cache_alloc_bulk+0x168/0x320
[ 1478.515654]  io_submit_sqes+0x6fe6/0x8610
[ 1478.516360]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1478.517124]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1478.517907]  ? lock_downgrade+0x6d0/0x6d0
[ 1478.518599]  ? find_held_lock+0x2c/0x110
[ 1478.519267]  ? io_submit_sqes+0x8610/0x8610
[ 1478.519949]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1478.520704]  ? wait_for_completion_io+0x270/0x270
[ 1478.521512]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1478.522214]  ? vfs_write+0x354/0xb10
[ 1478.522810]  ? fput_many+0x2f/0x1a0
[ 1478.523449]  ? ksys_write+0x1a9/0x260
[ 1478.524076]  ? __ia32_sys_read+0xb0/0xb0
[ 1478.524706]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1478.525512]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1478.526305]  do_syscall_64+0x33/0x40
[ 1478.526910]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1478.527697] RIP: 0033:0x7fd30c0eeb19
[ 1478.528280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1478.531246] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1478.532443] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1478.533503] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1478.534556] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1478.535829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1478.537079] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:11:01 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x9}})

[ 1478.574699] FAULT_INJECTION: forcing a failure.
[ 1478.574699] name failslab, interval 1, probability 0, space 0, times 0
[ 1478.574858] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1478.576512] CPU: 0 PID: 9321 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1478.578217] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1478.579478] Call Trace:
[ 1478.579896]  dump_stack+0x107/0x167
[ 1478.580463]  should_fail.cold+0x5/0xa
[ 1478.581056]  ? create_object.isra.0+0x3a/0xa20
[ 1478.581756]  should_failslab+0x5/0x20
[ 1478.582339]  kmem_cache_alloc+0x5b/0x310
[ 1478.582964]  create_object.isra.0+0x3a/0xa20
[ 1478.583606]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1478.584337]  kmem_cache_alloc_trace+0x151/0x320
[ 1478.585045]  io_issue_sqe+0x2492/0x77b0
[ 1478.585651]  ? io_connect+0x610/0x610
[ 1478.586350]  ? __lockdep_reset_lock+0x180/0x180
[ 1478.587198]  ? lock_acquire+0x197/0x470
[ 1478.587922]  ? slab_free_freelist_hook+0x180/0x180
[ 1478.588721]  ? find_held_lock+0x2c/0x110
[ 1478.589462]  __io_queue_sqe+0x90/0x9d0
[ 1478.590184]  ? io_issue_sqe+0x77b0/0x77b0
[ 1478.590951]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1478.591687]  io_submit_sqes+0x44aa/0x8610
[ 1478.592378]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1478.593131]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1478.594022]  ? lock_downgrade+0x6d0/0x6d0
[ 1478.594666]  ? find_held_lock+0x2c/0x110
[ 1478.595304]  ? io_submit_sqes+0x8610/0x8610
[ 1478.595983]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1478.596739]  ? wait_for_completion_io+0x270/0x270
23:11:01 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 53)

[ 1478.597454]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1478.598318]  ? vfs_write+0x354/0xb10
[ 1478.598923]  ? fput_many+0x2f/0x1a0
[ 1478.599477]  ? ksys_write+0x1a9/0x260
[ 1478.600030]  ? __ia32_sys_read+0xb0/0xb0
[ 1478.600648]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1478.601426]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1478.602197]  do_syscall_64+0x33/0x40
[ 1478.602788]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1478.603571] RIP: 0033:0x7f7e6ceffb19
[ 1478.604150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1478.607115] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1478.608259] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1478.609331] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1478.610404] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1478.611612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1478.612643] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
23:11:01 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0x0, 0x0, 0x0, 0x0)

23:11:01 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x0, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1478.716270] FAULT_INJECTION: forcing a failure.
[ 1478.716270] name failslab, interval 1, probability 0, space 0, times 0
[ 1478.717329] CPU: 1 PID: 9346 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1478.717903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1478.718609] Call Trace:
[ 1478.718841]  dump_stack+0x107/0x167
[ 1478.719152]  should_fail.cold+0x5/0xa
[ 1478.719484]  ? io_issue_sqe+0x2492/0x77b0
[ 1478.719843]  should_failslab+0x5/0x20
[ 1478.720162]  kmem_cache_alloc_trace+0x55/0x320
[ 1478.720546]  io_issue_sqe+0x2492/0x77b0
[ 1478.720890]  ? io_connect+0x610/0x610
[ 1478.721209]  ? lock_acquire+0x197/0x470
[ 1478.721536]  ? find_held_lock+0x2c/0x110
[ 1478.721879]  ? xa_load+0x12d/0x2c0
[ 1478.722177]  ? lock_downgrade+0x6d0/0x6d0
[ 1478.722544]  __io_queue_sqe+0x90/0x9d0
[ 1478.722870]  ? xa_load+0x156/0x2c0
[ 1478.723162]  ? io_issue_sqe+0x77b0/0x77b0
[ 1478.723512]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1478.723900]  io_submit_sqes+0x44aa/0x8610
[ 1478.724275]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1478.724681]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1478.725095]  ? lock_downgrade+0x6d0/0x6d0
[ 1478.725455]  ? find_held_lock+0x2c/0x110
[ 1478.725799]  ? io_submit_sqes+0x8610/0x8610
[ 1478.726184]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1478.726596]  ? wait_for_completion_io+0x270/0x270
[ 1478.727000]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1478.727383]  ? vfs_write+0x354/0xb10
[ 1478.727687]  ? fput_many+0x2f/0x1a0
[ 1478.727988]  ? ksys_write+0x1a9/0x260
[ 1478.728300]  ? __ia32_sys_read+0xb0/0xb0
[ 1478.728657]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1478.729100]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1478.729540]  do_syscall_64+0x33/0x40
[ 1478.729846]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1478.730271] RIP: 0033:0x7fd30c0eeb19
[ 1478.730599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1478.732151] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1478.732795] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1478.733388] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1478.733985] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1478.734578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1478.735168] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:11:01 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0xa}})

23:11:01 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(0xffffffffffffffff, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:11:01 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:11:01 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 1)

[ 1478.897749] FAULT_INJECTION: forcing a failure.
[ 1478.897749] name failslab, interval 1, probability 0, space 0, times 0
[ 1478.899697] CPU: 0 PID: 9359 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1478.900700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1478.901927] Call Trace:
[ 1478.902341]  dump_stack+0x107/0x167
[ 1478.902897]  should_fail.cold+0x5/0xa
[ 1478.903482]  should_failslab+0x5/0x20
[ 1478.904066]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1478.904761]  io_submit_sqes+0x6fe6/0x8610
[ 1478.905389]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1478.906131]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1478.906873]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1478.907598]  ? lock_downgrade+0x6d0/0x6d0
[ 1478.908179]  ? find_held_lock+0x2c/0x110
[ 1478.908790]  ? io_submit_sqes+0x8610/0x8610
[ 1478.909438]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1478.910141]  ? wait_for_completion_io+0x270/0x270
[ 1478.910860]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1478.911547]  ? vfs_write+0x354/0xb10
[ 1478.912086]  ? fput_many+0x2f/0x1a0
[ 1478.912642]  ? ksys_write+0x1a9/0x260
[ 1478.913212]  ? __ia32_sys_read+0xb0/0xb0
[ 1478.913836]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1478.914602]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1478.915368]  do_syscall_64+0x33/0x40
[ 1478.915900]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1478.916657] RIP: 0033:0x7ff984008b19
[ 1478.917193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1478.919892] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1478.920992] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1478.922034] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1478.923097] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1478.924144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1478.925185] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1478.951066] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1479.317617] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1479.318660] print_req_error: 6 callbacks suppressed
[ 1479.318680] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1479.321261] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1479.321389] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1479.322197] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1479.323085] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1479.325369] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1479.325460] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1479.326236] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1479.327153] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1479.329446] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1479.329603] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1479.330297] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1479.332486] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1479.334230] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1479.334345] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1479.335094] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1479.335976] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1479.338313] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1479.338496] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1479.339197] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1479.340468] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1479.340884] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1479.342027] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1479.342312] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1479.343773] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1479.446993] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1479.448000] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1479.450301] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1479.451307] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1479.452557] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1479.453477] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1479.454436] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1479.455319] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1479.456237] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1479.457153] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:11:16 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

23:11:16 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0xb}})

23:11:16 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 2)

23:11:16 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:11:16 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:11:16 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:11:16 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 54)

23:11:16 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 12)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1493.160214] FAULT_INJECTION: forcing a failure.
[ 1493.160214] name failslab, interval 1, probability 0, space 0, times 0
[ 1493.162127] CPU: 1 PID: 9373 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1493.163215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1493.164504] Call Trace:
[ 1493.164936]  dump_stack+0x107/0x167
[ 1493.165519]  should_fail.cold+0x5/0xa
[ 1493.166135]  ? create_object.isra.0+0x3a/0xa20
[ 1493.166878]  should_failslab+0x5/0x20
[ 1493.167474]  kmem_cache_alloc+0x5b/0x310
[ 1493.168105]  ? mark_held_locks+0x9e/0xe0
[ 1493.168742]  create_object.isra.0+0x3a/0xa20
[ 1493.169423]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1493.170218]  kmem_cache_alloc_bulk+0x168/0x320
[ 1493.170940]  io_submit_sqes+0x6fe6/0x8610
[ 1493.171622]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.172393]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.173143]  ? lock_downgrade+0x6d0/0x6d0
[ 1493.173786]  ? find_held_lock+0x2c/0x110
[ 1493.174426]  ? io_submit_sqes+0x8610/0x8610
[ 1493.175132]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1493.175890]  ? wait_for_completion_io+0x270/0x270
[ 1493.176643]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1493.177366]  ? vfs_write+0x354/0xb10
[ 1493.177952]  ? fput_many+0x2f/0x1a0
[ 1493.178533]  ? ksys_write+0x1a9/0x260
[ 1493.179135]  ? __ia32_sys_read+0xb0/0xb0
[ 1493.179775]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1493.180593]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1493.181401]  do_syscall_64+0x33/0x40
[ 1493.181985]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1493.182785] RIP: 0033:0x7fd30c0eeb19
[ 1493.183364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1493.186191] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1493.187379] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1493.188479] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1493.189575] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1493.190682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1493.191780] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1493.209776] FAULT_INJECTION: forcing a failure.
[ 1493.209776] name failslab, interval 1, probability 0, space 0, times 0
[ 1493.210864] CPU: 0 PID: 9374 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1493.211473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1493.212227] Call Trace:
[ 1493.212492]  dump_stack+0x107/0x167
[ 1493.212849]  should_fail.cold+0x5/0xa
[ 1493.213213]  ? create_object.isra.0+0x3a/0xa20
[ 1493.213652]  should_failslab+0x5/0x20
[ 1493.214020]  kmem_cache_alloc+0x5b/0x310
[ 1493.214418]  create_object.isra.0+0x3a/0xa20
[ 1493.214851]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1493.215309]  kmem_cache_alloc_bulk+0x168/0x320
[ 1493.215735]  io_submit_sqes+0x6fe6/0x8610
[ 1493.216108]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1493.216554]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.217006]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.217444]  ? lock_downgrade+0x6d0/0x6d0
[ 1493.217826]  ? find_held_lock+0x2c/0x110
[ 1493.218197]  ? io_submit_sqes+0x8610/0x8610
[ 1493.218606]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1493.219046]  ? wait_for_completion_io+0x270/0x270
[ 1493.219487]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1493.219904]  ? vfs_write+0x354/0xb10
[ 1493.220242]  ? fput_many+0x2f/0x1a0
[ 1493.220572]  ? ksys_write+0x1a9/0x260
[ 1493.220909]  ? __ia32_sys_read+0xb0/0xb0
[ 1493.221279]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1493.221754]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1493.222226]  do_syscall_64+0x33/0x40
[ 1493.222573]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1493.223034] RIP: 0033:0x7ff984008b19
[ 1493.223374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1493.224997] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1493.225675] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1493.226312] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1493.226955] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1493.227593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1493.228229] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1493.242124] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:11:16 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 3)

23:11:16 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x400, 0x0, 0x8}, &(0x7f0000000180)='./file0/file0\x00', 0x18, 0x0, 0x23456}, 0x79)

[ 1493.297699] FAULT_INJECTION: forcing a failure.
[ 1493.297699] name failslab, interval 1, probability 0, space 0, times 0
[ 1493.299598] CPU: 1 PID: 9385 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1493.300668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1493.301947] Call Trace:
[ 1493.302367]  dump_stack+0x107/0x167
[ 1493.302949]  should_fail.cold+0x5/0xa
[ 1493.303550]  ? io_issue_sqe+0x2492/0x77b0
[ 1493.304199]  should_failslab+0x5/0x20
[ 1493.304794]  kmem_cache_alloc_trace+0x55/0x320
[ 1493.305510]  io_issue_sqe+0x2492/0x77b0
[ 1493.306154]  ? io_connect+0x610/0x610
[ 1493.306768]  ? __lockdep_reset_lock+0x180/0x180
[ 1493.307500]  ? lock_acquire+0x197/0x470
23:11:16 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 55)

[ 1493.308120]  ? slab_free_freelist_hook+0x180/0x180
[ 1493.308994]  ? find_held_lock+0x2c/0x110
[ 1493.309638]  __io_queue_sqe+0x90/0x9d0
[ 1493.310252]  ? io_issue_sqe+0x77b0/0x77b0
[ 1493.310916]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1493.311660]  io_submit_sqes+0x44aa/0x8610
[ 1493.312336]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.313114]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.313866]  ? lock_downgrade+0x6d0/0x6d0
[ 1493.314510]  ? find_held_lock+0x2c/0x110
[ 1493.315154]  ? io_submit_sqes+0x8610/0x8610
[ 1493.315837]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1493.316590]  ? wait_for_completion_io+0x270/0x270
[ 1493.317339]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1493.318065]  ? vfs_write+0x354/0xb10
[ 1493.318653]  ? fput_many+0x2f/0x1a0
[ 1493.319220]  ? ksys_write+0x1a9/0x260
[ 1493.319812]  ? __ia32_sys_read+0xb0/0xb0
[ 1493.320448]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1493.321257]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1493.322061]  do_syscall_64+0x33/0x40
[ 1493.322647]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1493.323437] RIP: 0033:0x7f7e6ceffb19
[ 1493.324020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1493.326845] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1493.328026] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1493.329125] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1493.330229] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1493.331339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1493.332432] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1493.397234] FAULT_INJECTION: forcing a failure.
[ 1493.397234] name failslab, interval 1, probability 0, space 0, times 0
[ 1493.398353] CPU: 0 PID: 9393 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1493.398931] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1493.399632] Call Trace:
[ 1493.399862]  dump_stack+0x107/0x167
[ 1493.400174]  should_fail.cold+0x5/0xa
[ 1493.400499]  ? create_object.isra.0+0x3a/0xa20
[ 1493.400893]  should_failslab+0x5/0x20
[ 1493.401220]  kmem_cache_alloc+0x5b/0x310
[ 1493.401569]  ? mark_held_locks+0x9e/0xe0
[ 1493.401918]  create_object.isra.0+0x3a/0xa20
[ 1493.402287]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1493.402731]  kmem_cache_alloc_bulk+0x168/0x320
[ 1493.403125]  io_submit_sqes+0x6fe6/0x8610
[ 1493.403491]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.403912]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.404322]  ? lock_downgrade+0x6d0/0x6d0
[ 1493.404671]  ? find_held_lock+0x2c/0x110
[ 1493.405017]  ? io_submit_sqes+0x8610/0x8610
[ 1493.405390]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1493.405798]  ? wait_for_completion_io+0x270/0x270
[ 1493.406211]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1493.406607]  ? vfs_write+0x354/0xb10
[ 1493.406926]  ? fput_many+0x2f/0x1a0
[ 1493.407234]  ? ksys_write+0x1a9/0x260
[ 1493.407554]  ? __ia32_sys_read+0xb0/0xb0
[ 1493.407902]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1493.408340]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1493.408778]  do_syscall_64+0x33/0x40
[ 1493.409096]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1493.409528] RIP: 0033:0x7fd30c0eeb19
[ 1493.409845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1493.411381] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1493.412022] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1493.412625] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1493.413230] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1493.413823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1493.414426] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:11:16 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0xc}})

[ 1493.439236] FAULT_INJECTION: forcing a failure.
[ 1493.439236] name failslab, interval 1, probability 0, space 0, times 0
[ 1493.440294] CPU: 0 PID: 9396 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1493.440861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1493.441544] Call Trace:
[ 1493.441771]  dump_stack+0x107/0x167
[ 1493.442071]  should_fail.cold+0x5/0xa
[ 1493.442388]  ? create_object.isra.0+0x3a/0xa20
[ 1493.442772]  should_failslab+0x5/0x20
[ 1493.443087]  kmem_cache_alloc+0x5b/0x310
[ 1493.443424]  ? mark_held_locks+0x9e/0xe0
[ 1493.443765]  create_object.isra.0+0x3a/0xa20
[ 1493.444127]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1493.444549]  kmem_cache_alloc_bulk+0x168/0x320
[ 1493.444929]  io_submit_sqes+0x6fe6/0x8610
[ 1493.445279]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1493.445695]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.446106]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.446510]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1493.446958]  ? _raw_spin_unlock_irq+0x1f/0x30
[ 1493.447331]  ? trace_hardirqs_on+0x5b/0x180
[ 1493.447688]  ? io_submit_sqes+0x8610/0x8610
[ 1493.448051]  ? finish_task_switch+0x1a4/0x5d0
[ 1493.448423]  ? __switch_to+0x572/0xf70
[ 1493.448748]  ? __switch_to_asm+0x3a/0x60
[ 1493.449085]  ? __switch_to_asm+0x34/0x60
[ 1493.449430]  ? __schedule+0x82c/0x1ea0
[ 1493.449758]  ? io_schedule_timeout+0x140/0x140
[ 1493.450142]  ? copy_kernel_to_fpregs+0x9e/0xe0
[ 1493.450520]  ? trace_event_raw_event_x86_fpu+0x390/0x390
[ 1493.450971]  ? ksys_write+0x1a9/0x260
[ 1493.451295]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1493.451724]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1493.452155]  do_syscall_64+0x33/0x40
[ 1493.452464]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1493.452890] RIP: 0033:0x7ff984008b19
[ 1493.453197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1493.454714] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1493.455340] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1493.455918] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1493.456503] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1493.457083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1493.457665] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
23:11:16 executing program 5:
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
fallocate(0xffffffffffffffff, 0x0, 0x806, 0x0)
ftruncate(r0, 0x1000003)
ioctl$SG_GET_LOW_DMA(0xffffffffffffffff, 0x227a, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000280)={0x1, 0x1, 0x2, 0xfffffffffffffffc})
getpgrp(0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x300c)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000100)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, 0x14)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000140), 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYRES32, @ANYRESOCT=r1, @ANYBLOB="2c6e8f657874656e642c76657273696f6e3d39703230bdb966090000000000000065723c79ab0aa4ffd87b81cc42fd2f8e184c2b0ddbde386bb1a76f67020f662bc62b87e3db204ee0aac2063a3b92a6025bb53989afe1070000000000000015120346d447fdc43a67bfd814145279292b3712df7029da3adc6296e9e4337c8cfe26daabe737e7303eb1f9f6f8dabcfb9483b688c690e55171010bcd40b8109d3bd3dc4600a1588eb8643ea6845a82e825519d7ba7878943a11131da599010152234708ceecd4ba4e41024284b1f64770bbec3cd83a663000000000000", @ANYRESOCT=0x0, @ANYBLOB="2c66736d616769633d3078303030303030303030303030666666662c736d61636b66737472616e736d34f600000000000079e60d7218a5194155fc1bb72d662d0000000000002c00"])
getsockopt$IPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x43, 0x0, 0x0)
dup2(r0, r1)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
fsetxattr$security_capability(r0, &(0x7f0000000040), &(0x7f0000000080)=@v2, 0x14, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x2}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="2321202e2f66696c06300a"], 0xb)

23:11:16 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

23:11:16 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:11:16 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[ 1493.530278] 9pnet: Unknown protocol version 9p20½¹f	
23:11:16 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0xe}})

23:11:16 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 13)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1493.580953] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1493.585607] 9pnet: Unknown protocol version 9p20½¹f	
[ 1493.614862] FAULT_INJECTION: forcing a failure.
[ 1493.614862] name failslab, interval 1, probability 0, space 0, times 0
[ 1493.615802] CPU: 0 PID: 9413 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1493.616348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1493.617014] Call Trace:
[ 1493.617235]  dump_stack+0x107/0x167
[ 1493.617535]  should_fail.cold+0x5/0xa
[ 1493.617849]  ? create_object.isra.0+0x3a/0xa20
[ 1493.618221]  should_failslab+0x5/0x20
[ 1493.618527]  kmem_cache_alloc+0x5b/0x310
[ 1493.618863]  create_object.isra.0+0x3a/0xa20
[ 1493.619219]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1493.619630]  kmem_cache_alloc_trace+0x151/0x320
[ 1493.620008]  io_issue_sqe+0x2492/0x77b0
[ 1493.620336]  ? io_connect+0x610/0x610
[ 1493.620644]  ? __lockdep_reset_lock+0x180/0x180
[ 1493.621021]  ? lock_acquire+0x197/0x470
[ 1493.621339]  ? slab_free_freelist_hook+0x180/0x180
[ 1493.621734]  ? find_held_lock+0x2c/0x110
[ 1493.622063]  __io_queue_sqe+0x90/0x9d0
[ 1493.622381]  ? io_issue_sqe+0x77b0/0x77b0
[ 1493.622726]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1493.623105]  io_submit_sqes+0x44aa/0x8610
[ 1493.623453]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.623849]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.624235]  ? lock_downgrade+0x6d0/0x6d0
[ 1493.624564]  ? find_held_lock+0x2c/0x110
[ 1493.624889]  ? io_submit_sqes+0x8610/0x8610
[ 1493.625241]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1493.625629]  ? wait_for_completion_io+0x270/0x270
[ 1493.626017]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1493.626387]  ? vfs_write+0x354/0xb10
[ 1493.626701]  ? copy_kernel_to_fpregs+0x9e/0xe0
[ 1493.627063]  ? trace_event_raw_event_x86_fpu+0x390/0x390
[ 1493.627495]  ? ksys_write+0x1a9/0x260
[ 1493.627802]  ? __ia32_sys_read+0xb0/0xb0
[ 1493.628130]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1493.628547]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1493.628959]  do_syscall_64+0x33/0x40
[ 1493.629257]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1493.629665] RIP: 0033:0x7f7e6ceffb19
[ 1493.629966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1493.631424] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1493.632033] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1493.632597] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1493.633165] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1493.633740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1493.634303] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
23:11:16 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

23:11:16 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0xf}})

23:11:16 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {<r2=>0xffffffffffffffff}}, './file0\x00'})
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x3, 0x84, 0x3, 0x1, 0x0, 0x9d, 0x81004, 0x8, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x10001, 0x4, @perf_bp={&(0x7f0000000000), 0x9}, 0x1c002, 0x0, 0x8c0, 0x9, 0x0, 0x5, 0x7, 0x0, 0x22e, 0x0, 0x4}, 0x0, 0xc, r2, 0x9)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$PIO_UNIMAPCLR(r3, 0x4b40, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r3, 0x80049367, 0xfffffffffffffffe)
ioctl$RFKILL_IOCTL_NOINPUT(r1, 0x5201)
dup2(r0, r1)

23:11:16 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 56)

23:11:16 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:11:16 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x10}})

[ 1493.787225] FAULT_INJECTION: forcing a failure.
[ 1493.787225] name failslab, interval 1, probability 0, space 0, times 0
[ 1493.788281] CPU: 0 PID: 9428 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1493.788836] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1493.789490] Call Trace:
[ 1493.789711]  dump_stack+0x107/0x167
[ 1493.790006]  should_fail.cold+0x5/0xa
[ 1493.790320]  ? create_object.isra.0+0x3a/0xa20
[ 1493.790698]  should_failslab+0x5/0x20
[ 1493.791007]  kmem_cache_alloc+0x5b/0x310
[ 1493.791333]  create_object.isra.0+0x3a/0xa20
[ 1493.791688]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1493.792098]  kmem_cache_alloc_bulk+0x168/0x320
[ 1493.792468]  io_submit_sqes+0x6fe6/0x8610
[ 1493.792821]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.793223]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.793616]  ? lock_downgrade+0x6d0/0x6d0
[ 1493.793949]  ? find_held_lock+0x2c/0x110
[ 1493.794278]  ? io_submit_sqes+0x8610/0x8610
[ 1493.794638]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1493.795031]  ? wait_for_completion_io+0x270/0x270
[ 1493.795419]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1493.795785]  ? vfs_write+0x354/0xb10
[ 1493.796084]  ? fput_many+0x2f/0x1a0
[ 1493.796383]  ? ksys_write+0x1a9/0x260
[ 1493.796687]  ? __ia32_sys_read+0xb0/0xb0
[ 1493.797018]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1493.797435]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1493.797855]  do_syscall_64+0x33/0x40
[ 1493.798157]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1493.798576] RIP: 0033:0x7fd30c0eeb19
[ 1493.798875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1493.800323] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1493.800929] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1493.801493] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1493.802057] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1493.802629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1493.803197] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:11:16 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 4)

23:11:16 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

23:11:16 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 14)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:11:16 executing program 5:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f00000003c0)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f00000000000000000100000000000000475420a5071e7d44e588fc7172aa0b0000000002891a254c9aa53bbd7bd28538779b419f927f6d8053a67392fa621bc9bd3a68db859aafe700d0c254951eb167e2273cd5b215ff80255ea4740fd50000000070e95554879a5b42e75ab4e060dfe0751c8353a58bfb2c504673d3d23ff78a90c43402bd26ae5143b658349a67b568ff77fb37bdb1005b1ca63f32d6a67b585d929f7af7dda1b1e8e316113e899390e930ff07000073e6f3fdf9ea0ae4b09d1e1104000000000000c3002c7554592886d6a727ba06a80547a8e0a956e723ed5efffa57bf84971b8819e84c2384d29891c114081dfd7043f5a1f5d61c33d0fc88c95855caf35019c8ec99c6b7e322bf4c54b226e8be27b2b4963257acd889e0ee382cc7745d6d13b17292e683492934ea939e1af006420b83c3fa66848a9e1ca12f43dae5b074f42512cb2496f8d4ed330b77280979661730a2dc68c686d3608aec7cbb84923f170db58ecf0358a60dfe33374545e83b09ec7edfa002fe435d6192e317f89f11f01abc115f5dd69e7ff6bfb34e86bd47f17057e3da04105b4e9f0757988fe9ae894359519fbb89c6b750a3adebbf5c234d8c426f53ef01e558c25123251a5ed5ab247e5fdf4d3787be5e46f2d610b48309c9f53b098bcc5c87a4ee87d2d2ac9fc4c096b146dba541f64d3ed17c51f0de899b6976599e4b77775effaed0fd3b2e34b765c03740f76e7f0129bd623989ee7e400100be3b3492690695b0a0a4bb05aa", 0x26d, 0x400}, {&(0x7f0000010400)="03000003000000607417592b636c56", 0xf, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0x6}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f0000012900)=ANY=[])
openat(r0, &(0x7f0000000380)='./file1/file0/../file0\x00', 0x20002, 0x18)
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r3, &(0x7f0000000240)="01", 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105142, 0x0)
ftruncate(r4, 0x10002)
mount$9p_unix(&(0x7f0000000080)='./file1/file0\x00', &(0x7f0000000140)='./file1\x00', &(0x7f0000000180), 0x26001, &(0x7f00000002c0)={'trans=unix,', {[{@version_u}, {@privport}], [{@obj_type={'obj_type', 0x3d, 'ext4\x00'}}, {@appraise_type}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@fowner_eq={'fowner', 0x3d, 0xee00}}, {@euid_gt={'euid>', 0xee01}}, {@context={'context', 0x3d, 'staff_u'}}]}})
sendfile(r1, r2, 0x0, 0x20d315)

[ 1493.849103] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1493.881188] FAULT_INJECTION: forcing a failure.
[ 1493.881188] name failslab, interval 1, probability 0, space 0, times 0
[ 1493.882210] CPU: 0 PID: 9436 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1493.882767] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1493.883432] Call Trace:
[ 1493.883652]  dump_stack+0x107/0x167
[ 1493.883951]  should_fail.cold+0x5/0xa
[ 1493.884262]  ? create_object.isra.0+0x3a/0xa20
[ 1493.884631]  should_failslab+0x5/0x20
[ 1493.884935]  kmem_cache_alloc+0x5b/0x310
[ 1493.885264]  ? mark_held_locks+0x9e/0xe0
[ 1493.885592]  create_object.isra.0+0x3a/0xa20
[ 1493.885948]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1493.886365]  kmem_cache_alloc_bulk+0x168/0x320
[ 1493.886756]  io_submit_sqes+0x6fe6/0x8610
[ 1493.887101]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1493.887519]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.887919]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.888305]  ? lock_downgrade+0x6d0/0x6d0
[ 1493.888636]  ? find_held_lock+0x2c/0x110
[ 1493.888968]  ? io_submit_sqes+0x8610/0x8610
[ 1493.889320]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1493.889711]  ? wait_for_completion_io+0x270/0x270
[ 1493.890098]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1493.890469]  ? vfs_write+0x354/0xb10
[ 1493.890776]  ? fput_many+0x2f/0x1a0
[ 1493.891071]  ? ksys_write+0x1a9/0x260
[ 1493.891376]  ? __ia32_sys_read+0xb0/0xb0
[ 1493.891705]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1493.892124]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1493.892541]  do_syscall_64+0x33/0x40
[ 1493.892841]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1493.893247] RIP: 0033:0x7ff984008b19
[ 1493.893550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1493.895008] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1493.895613] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1493.896182] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1493.896751] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1493.897318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1493.897885] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1493.901249] EXT4-fs (loop5): invalid first ino: 2770359367
[ 1493.925221] FAULT_INJECTION: forcing a failure.
[ 1493.925221] name failslab, interval 1, probability 0, space 0, times 0
[ 1493.927282] CPU: 1 PID: 9441 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1493.928579] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1493.929865] Call Trace:
[ 1493.930293]  dump_stack+0x107/0x167
[ 1493.930887]  should_fail.cold+0x5/0xa
[ 1493.931589]  ? io_issue_sqe+0x2492/0x77b0
[ 1493.932247]  should_failslab+0x5/0x20
[ 1493.932847]  kmem_cache_alloc_trace+0x55/0x320
[ 1493.933573]  io_issue_sqe+0x2492/0x77b0
[ 1493.934212]  ? io_connect+0x610/0x610
[ 1493.934978]  ? __lockdep_reset_lock+0x180/0x180
[ 1493.935751]  ? lock_acquire+0x197/0x470
[ 1493.936591]  ? slab_free_freelist_hook+0x180/0x180
[ 1493.937342]  ? find_held_lock+0x2c/0x110
[ 1493.937978]  __io_queue_sqe+0x90/0x9d0
[ 1493.938596]  ? io_issue_sqe+0x77b0/0x77b0
[ 1493.939245]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1493.939976]  io_submit_sqes+0x44aa/0x8610
[ 1493.940653]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.941420]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1493.942164]  ? lock_downgrade+0x6d0/0x6d0
[ 1493.942806]  ? find_held_lock+0x2c/0x110
[ 1493.943440]  ? io_submit_sqes+0x8610/0x8610
[ 1493.944116]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1493.944862]  ? wait_for_completion_io+0x270/0x270
[ 1493.945604]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1493.946317]  ? vfs_write+0x354/0xb10
[ 1493.946899]  ? fput_many+0x2f/0x1a0
[ 1493.947466]  ? ksys_write+0x1a9/0x260
[ 1493.948056]  ? __ia32_sys_read+0xb0/0xb0
[ 1493.948690]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1493.949502]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1493.950302]  do_syscall_64+0x33/0x40
[ 1493.950886]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1493.951676] RIP: 0033:0x7f7e6ceffb19
[ 1493.952249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1493.955073] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1493.956248] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1493.957347] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1493.958440] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1493.959538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1493.960635] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1493.983802] EXT4-fs (loop5): invalid first ino: 2770359367
[ 1494.380786] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.381274] print_req_error: 22 callbacks suppressed
[ 1494.381285] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1494.382592] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1494.383447] buffer_io_error: 6 callbacks suppressed
[ 1494.383454] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1494.395860] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.396299] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1494.397184] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1494.398027] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1494.401690] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.402123] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1494.402990] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1494.403833] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1494.407448] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.407879] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1494.408759] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1494.409605] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1494.410377] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.410824] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1494.411679] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1494.412525] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1494.413277] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.413761] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1494.414508] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.414977] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1494.415730] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.416183] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1494.471584] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.472092] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1494.472100] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.472170] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.473277] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1494.473709] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.475476] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.475963] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.476481] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.476970] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.545535] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.546047] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.546632] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.547117] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.547621] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.548113] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.548626] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1494.549108] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:11:31 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 15)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:11:31 executing program 5:
setxattr$incfs_id(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0, 0x2)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f00000002c0)=[&(0x7f0000000240)='0000000000000000000000000000000', &(0x7f0000000280)='0000000000000000000000000000000'])
setsockopt$netlink_NETLINK_CAP_ACK(0xffffffffffffffff, 0x10e, 0xa, &(0x7f0000000300)=0x76dc, 0x4)
chmod(&(0x7f0000000340)='./file0\x00', 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000380)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x0, 0xffffffffffffffff}}, './file0\x00'})
stat(0x0, &(0x7f0000000400))
mkdir(&(0x7f0000000480)='./file0\x00', 0x0)
r0 = openat$sr(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)
ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000080)=""/80)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
lstat(0x0, 0x0)
syz_mount_image$nfs4(&(0x7f0000006140), &(0x7f0000006180)='./file0/file0\x00', 0x0, 0x1, &(0x7f00000062c0)=[{&(0x7f00000061c0)="c0", 0x1, 0xfffffffffffffffb}], 0x0, &(0x7f0000006300))
truncate(&(0x7f0000006380)='./file0\x00', 0x0)

23:11:31 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511e", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:11:31 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)

23:11:31 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x11}})

23:11:31 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:11:31 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 57)

23:11:31 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 5)

[ 1507.973290] FAULT_INJECTION: forcing a failure.
[ 1507.973290] name failslab, interval 1, probability 0, space 0, times 0
[ 1507.974706] CPU: 1 PID: 9459 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1507.975491] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1507.976438] Call Trace:
[ 1507.976753]  dump_stack+0x107/0x167
[ 1507.977175]  should_fail.cold+0x5/0xa
[ 1507.977623]  ? create_object.isra.0+0x3a/0xa20
[ 1507.978152]  should_failslab+0x5/0x20
[ 1507.978592]  kmem_cache_alloc+0x5b/0x310
[ 1507.979071]  ? mark_held_locks+0x9e/0xe0
[ 1507.979544]  create_object.isra.0+0x3a/0xa20
[ 1507.980049]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1507.980643]  kmem_cache_alloc_bulk+0x168/0x320
[ 1507.980873] FAULT_INJECTION: forcing a failure.
[ 1507.980873] name failslab, interval 1, probability 0, space 0, times 0
[ 1507.981173]  io_submit_sqes+0x6fe6/0x8610
[ 1507.982514]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1507.983103]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1507.983684]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1507.984243]  ? lock_downgrade+0x6d0/0x6d0
[ 1507.984721]  ? find_held_lock+0x2c/0x110
[ 1507.985195]  ? io_submit_sqes+0x8610/0x8610
[ 1507.985705]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1507.986266]  ? wait_for_completion_io+0x270/0x270
[ 1507.986829]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1507.987360]  ? vfs_write+0x354/0xb10
[ 1507.987793]  ? fput_many+0x2f/0x1a0
[ 1507.988213]  ? ksys_write+0x1a9/0x260
[ 1507.988661]  ? __ia32_sys_read+0xb0/0xb0
[ 1507.989131]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1507.989731]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1507.990322]  do_syscall_64+0x33/0x40
[ 1507.990764]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1507.991359] RIP: 0033:0x7ff984008b19
[ 1507.991787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1507.993867] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1507.994742] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1507.995555] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1507.996363] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1507.997176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1507.997988] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1507.998829] CPU: 0 PID: 9469 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1507.999380] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1508.000034] Call Trace:
[ 1508.000248]  dump_stack+0x107/0x167
[ 1508.000541]  should_fail.cold+0x5/0xa
[ 1508.000847]  ? create_object.isra.0+0x3a/0xa20
[ 1508.001216]  should_failslab+0x5/0x20
[ 1508.001521]  kmem_cache_alloc+0x5b/0x310
[ 1508.001854]  ? mark_held_locks+0x9e/0xe0
[ 1508.002182]  create_object.isra.0+0x3a/0xa20
[ 1508.002533]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1508.002951]  kmem_cache_alloc_bulk+0x168/0x320
[ 1508.003318]  io_submit_sqes+0x6fe6/0x8610
[ 1508.003668]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1508.004064]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1508.004452]  ? lock_downgrade+0x6d0/0x6d0
[ 1508.004787]  ? find_held_lock+0x2c/0x110
[ 1508.005130]  ? io_submit_sqes+0x8610/0x8610
[ 1508.005483]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1508.005871]  ? wait_for_completion_io+0x270/0x270
[ 1508.006256]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1508.006631]  ? vfs_write+0x354/0xb10
[ 1508.006937]  ? fput_many+0x2f/0x1a0
[ 1508.007233]  ? ksys_write+0x1a9/0x260
[ 1508.007547]  ? __ia32_sys_read+0xb0/0xb0
[ 1508.007878]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1508.008301]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1508.008713]  do_syscall_64+0x33/0x40
[ 1508.009013]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1508.009421] RIP: 0033:0x7fd30c0eeb19
[ 1508.009720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1508.011177] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1508.011450] FAULT_INJECTION: forcing a failure.
[ 1508.011450] name failslab, interval 1, probability 0, space 0, times 0
[ 1508.011782] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1508.011788] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1508.011794] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1508.011809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1508.015312] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:11:31 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x12}})

[ 1508.015903] CPU: 1 PID: 9460 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1508.016849] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1508.017792] Call Trace:
[ 1508.018099]  dump_stack+0x107/0x167
[ 1508.018524]  should_fail.cold+0x5/0xa
[ 1508.018973]  ? create_object.isra.0+0x3a/0xa20
[ 1508.019498]  should_failslab+0x5/0x20
[ 1508.019945]  kmem_cache_alloc+0x5b/0x310
[ 1508.020419]  create_object.isra.0+0x3a/0xa20
[ 1508.020946]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1508.021529]  kmem_cache_alloc_trace+0x151/0x320
[ 1508.022069]  io_issue_sqe+0x2492/0x77b0
[ 1508.022546]  ? io_connect+0x610/0x610
[ 1508.022998]  ? __lockdep_reset_lock+0x180/0x180
[ 1508.023534]  ? lock_acquire+0x197/0x470
[ 1508.023996]  ? slab_free_freelist_hook+0x180/0x180
[ 1508.024553]  ? find_held_lock+0x2c/0x110
[ 1508.025031]  __io_queue_sqe+0x90/0x9d0
[ 1508.025485]  ? io_issue_sqe+0x77b0/0x77b0
[ 1508.025977]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1508.026521]  io_submit_sqes+0x44aa/0x8610
[ 1508.027044]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1508.027617]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1508.028174]  ? lock_downgrade+0x6d0/0x6d0
[ 1508.028645]  ? find_held_lock+0x2c/0x110
[ 1508.029121]  ? io_submit_sqes+0x8610/0x8610
[ 1508.029623]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1508.030188]  ? wait_for_completion_io+0x270/0x270
[ 1508.030757]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1508.031288]  ? vfs_write+0x354/0xb10
[ 1508.031721]  ? fput_many+0x2f/0x1a0
[ 1508.032145]  ? ksys_write+0x1a9/0x260
[ 1508.032585]  ? __ia32_sys_read+0xb0/0xb0
[ 1508.033064]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1508.033666]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1508.034261]  do_syscall_64+0x33/0x40
[ 1508.034696]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1508.035282] RIP: 0033:0x7f7e6ceffb19
[ 1508.035719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1508.037815] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1508.038680] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1508.039508] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1508.040316] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1508.041121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1508.041929] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
23:11:31 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 58)

[ 1508.129460] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1508.129951] print_req_error: 38 callbacks suppressed
[ 1508.129962] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1508.131584] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1508.132445] buffer_io_error: 14 callbacks suppressed
[ 1508.132451] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1508.134719] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1508.135160] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1508.136265] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1508.137120] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1508.137934] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1508.138420] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1508.139352] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1508.140183] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1508.141000] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1508.141547] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1508.142462] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1508.143292] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1508.144266] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1508.144747] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1508.145668] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1508.146511] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1508.147379] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1508.147723] FAULT_INJECTION: forcing a failure.
[ 1508.147723] name failslab, interval 1, probability 0, space 0, times 0
[ 1508.147831] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1508.149084] CPU: 1 PID: 9482 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1508.149095] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1508.149892] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1508.150459] Call Trace:
[ 1508.150480]  dump_stack+0x107/0x167
[ 1508.150497]  should_fail.cold+0x5/0xa
[ 1508.151398] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1508.151754]  ? create_object.isra.0+0x3a/0xa20
[ 1508.152357] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1508.152377] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1508.152799]  should_failslab+0x5/0x20
[ 1508.155841]  kmem_cache_alloc+0x5b/0x310
[ 1508.156311]  ? mark_held_locks+0x9e/0xe0
[ 1508.156786]  create_object.isra.0+0x3a/0xa20
[ 1508.157294]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1508.157883]  kmem_cache_alloc_bulk+0x168/0x320
[ 1508.158420]  io_submit_sqes+0x6fe6/0x8610
[ 1508.158929]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1508.159500]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1508.160060]  ? lock_downgrade+0x6d0/0x6d0
[ 1508.160545]  ? find_held_lock+0x2c/0x110
[ 1508.161019]  ? io_submit_sqes+0x8610/0x8610
[ 1508.161525]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1508.162077]  ? wait_for_completion_io+0x270/0x270
[ 1508.162636]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1508.163184]  ? vfs_write+0x354/0xb10
[ 1508.163618]  ? fput_many+0x2f/0x1a0
[ 1508.164038]  ? ksys_write+0x1a9/0x260
[ 1508.164476]  ? __ia32_sys_read+0xb0/0xb0
[ 1508.164952]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1508.165558]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1508.166165]  do_syscall_64+0x33/0x40
[ 1508.166595]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1508.167202] RIP: 0033:0x7fd30c0eeb19
[ 1508.167637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1508.169726] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1508.170609] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1508.171430] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1508.172260] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1508.173078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1508.173903] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:11:31 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)

23:11:31 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 16)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:11:31 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x13}})

[ 1508.220633] FAULT_INJECTION: forcing a failure.
[ 1508.220633] name failslab, interval 1, probability 0, space 0, times 0
[ 1508.221571] CPU: 0 PID: 9488 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1508.222113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1508.222780] Call Trace:
[ 1508.223004]  dump_stack+0x107/0x167
[ 1508.223296]  should_fail.cold+0x5/0xa
[ 1508.223604]  ? io_issue_sqe+0x2492/0x77b0
[ 1508.223943]  should_failslab+0x5/0x20
[ 1508.224249]  kmem_cache_alloc_trace+0x55/0x320
[ 1508.224619]  io_issue_sqe+0x2492/0x77b0
[ 1508.224950]  ? io_connect+0x610/0x610
[ 1508.225266]  ? __lockdep_reset_lock+0x180/0x180
[ 1508.225642]  ? lock_acquire+0x197/0x470
[ 1508.225962]  ? slab_free_freelist_hook+0x180/0x180
[ 1508.226354]  ? find_held_lock+0x2c/0x110
[ 1508.226687]  __io_queue_sqe+0x90/0x9d0
[ 1508.227010]  ? io_issue_sqe+0x77b0/0x77b0
[ 1508.227353]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1508.227737]  io_submit_sqes+0x44aa/0x8610
[ 1508.228089]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1508.228485]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1508.228875]  ? lock_downgrade+0x6d0/0x6d0
[ 1508.229207]  ? find_held_lock+0x2c/0x110
[ 1508.229536]  ? io_submit_sqes+0x8610/0x8610
[ 1508.229893]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1508.230282]  ? wait_for_completion_io+0x270/0x270
[ 1508.230667]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1508.231047]  ? vfs_write+0x354/0xb10
[ 1508.231349]  ? fput_many+0x2f/0x1a0
[ 1508.231647]  ? ksys_write+0x1a9/0x260
[ 1508.231954]  ? __ia32_sys_read+0xb0/0xb0
[ 1508.232284]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1508.232703]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1508.233114]  do_syscall_64+0x33/0x40
[ 1508.233415]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1508.233823] RIP: 0033:0x7f7e6ceffb19
[ 1508.234126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1508.235589] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1508.236196] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1508.236764] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1508.237335] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1508.237905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1508.238479] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
23:11:31 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000600), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setpriority(0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)={0x30, 0x10, 0x1, 0xa, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @nested={0x11, 0x3ffc, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149f8"]}]}, 0x30}}, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x82280, 0x0)
r2 = syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00')
getdents64(r3, &(0x7f00000007c0)=""/180, 0x200007d8)
getdents64(r3, 0x0, 0x0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000380)={0x0}}, 0x1)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'lo\x00', <r4=>0x0})
lseek(r1, 0x1, 0x4)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000000)={r4, 0x1, 0x6, @local}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000440)=ANY=[@ANYBLOB="3d8099b150f6488aecf7a0e390d5d3108ef952f970bde002218aef0b1aeac2224fab6e6985d24610ce742b62f949d717a2b09f1461034dc5cf6c6ceb4a714a6da21601e36bb18d4a2663a17b34f5b916f379ba315d269f1187931f2095a1070fcf421527f9859ccc290f7b20a76ef77d13b05cc31edc435a60", @ANYRES16=r0])
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYRESOCT, @ANYRES16, @ANYBLOB="6131e6afecb32e24820bfaf1375895611c549cb1ff0f005031e8f2fab76be54f0f33304588b78c933acaf2ee0cc846861ad47052fccf176e13339f2885eb6cce5e85fc75c2261c00afe40686eef795b58cc67031a4fb"], 0x100}, 0x1, 0x0, 0x0, 0x4804}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x1c, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_REQ_SET_REG(r1, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)={0x1c, 0x0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000c0}, 0x4000000)
unshare(0x48020200)

23:11:31 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)

[ 1508.265502] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1508.276686] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.5'.
23:11:31 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x14}})

23:11:31 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 17)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1508.308949] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9492 comm=syz-executor.5
[ 1508.338190] FAULT_INJECTION: forcing a failure.
[ 1508.338190] name failslab, interval 1, probability 0, space 0, times 0
[ 1508.339405] CPU: 0 PID: 9498 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1508.339953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1508.340622] Call Trace:
[ 1508.340840]  dump_stack+0x107/0x167
[ 1508.341133]  should_fail.cold+0x5/0xa
[ 1508.341443]  ? create_object.isra.0+0x3a/0xa20
[ 1508.341817]  should_failslab+0x5/0x20
[ 1508.342124]  kmem_cache_alloc+0x5b/0x310
[ 1508.342455]  create_object.isra.0+0x3a/0xa20
[ 1508.342817]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1508.343230]  kmem_cache_alloc_trace+0x151/0x320
[ 1508.343611]  io_issue_sqe+0x2492/0x77b0
[ 1508.343941]  ? io_connect+0x610/0x610
[ 1508.344254]  ? __lockdep_reset_lock+0x180/0x180
[ 1508.344631]  ? lock_acquire+0x197/0x470
[ 1508.344947]  ? slab_free_freelist_hook+0x180/0x180
[ 1508.345338]  ? find_held_lock+0x2c/0x110
[ 1508.345669]  __io_queue_sqe+0x90/0x9d0
[ 1508.345987]  ? io_issue_sqe+0x77b0/0x77b0
[ 1508.346325]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1508.346715]  io_submit_sqes+0x44aa/0x8610
[ 1508.347066]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1508.347463]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1508.347850]  ? lock_downgrade+0x6d0/0x6d0
[ 1508.348183]  ? find_held_lock+0x2c/0x110
[ 1508.348514]  ? io_submit_sqes+0x8610/0x8610
[ 1508.348866]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1508.349255]  ? wait_for_completion_io+0x270/0x270
[ 1508.349642]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1508.350012]  ? vfs_write+0x354/0xb10
[ 1508.350315]  ? fput_many+0x2f/0x1a0
[ 1508.350608]  ? ksys_write+0x1a9/0x260
[ 1508.350919]  ? __ia32_sys_read+0xb0/0xb0
[ 1508.351252]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1508.351669]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1508.352085]  do_syscall_64+0x33/0x40
[ 1508.352383]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1508.352797] RIP: 0033:0x7f7e6ceffb19
[ 1508.353100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1508.354558] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1508.355173] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1508.355739] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1508.356306] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1508.356873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1508.357436] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1508.398107] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1508.400781] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9502 comm=syz-executor.5
[ 1508.669686] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1508.670227] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1508.675770] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1508.676232] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1508.679535] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1508.680059] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1508.684431] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1508.684966] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1508.685510] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1508.686030] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:11:44 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 59)

23:11:44 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511e", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:11:44 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000600), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setpriority(0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)={0x30, 0x10, 0x1, 0xa, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @nested={0x11, 0x3ffc, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149f8"]}]}, 0x30}}, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x82280, 0x0)
r2 = syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00')
getdents64(r3, &(0x7f00000007c0)=""/180, 0x200007d8)
getdents64(r3, 0x0, 0x0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000380)={0x0}}, 0x1)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'lo\x00', <r4=>0x0})
lseek(r1, 0x1, 0x4)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000000)={r4, 0x1, 0x6, @local}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000440)=ANY=[@ANYBLOB="3d8099b150f6488aecf7a0e390d5d3108ef952f970bde002218aef0b1aeac2224fab6e6985d24610ce742b62f949d717a2b09f1461034dc5cf6c6ceb4a714a6da21601e36bb18d4a2663a17b34f5b916f379ba315d269f1187931f2095a1070fcf421527f9859ccc290f7b20a76ef77d13b05cc31edc435a60", @ANYRES16=r0])
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYRESOCT, @ANYRES16, @ANYBLOB="6131e6afecb32e24820bfaf1375895611c549cb1ff0f005031e8f2fab76be54f0f33304588b78c933acaf2ee0cc846861ad47052fccf176e13339f2885eb6cce5e85fc75c2261c00afe40686eef795b58cc67031a4fb"], 0x100}, 0x1, 0x0, 0x0, 0x4804}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x1c, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_REQ_SET_REG(r1, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)={0x1c, 0x0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000c0}, 0x4000000)
unshare(0x48020200)

23:11:44 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:11:44 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 1)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

23:11:44 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 6)

23:11:44 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 18)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:11:44 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x15}})

[ 1521.894713] FAULT_INJECTION: forcing a failure.
[ 1521.894713] name failslab, interval 1, probability 0, space 0, times 0
[ 1521.896320] CPU: 0 PID: 9517 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1521.897271] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1521.898412] Call Trace:
[ 1521.898783]  dump_stack+0x107/0x167
[ 1521.899312]  should_fail.cold+0x5/0xa
[ 1521.899841]  ? create_object.isra.0+0x3a/0xa20
[ 1521.900498]  should_failslab+0x5/0x20
[ 1521.901023]  kmem_cache_alloc+0x5b/0x310
[ 1521.901597]  ? mark_held_locks+0x9e/0xe0
[ 1521.902161]  create_object.isra.0+0x3a/0xa20
[ 1521.902784]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1521.903499]  kmem_cache_alloc_bulk+0x168/0x320
[ 1521.904140]  io_submit_sqes+0x6fe6/0x8610
[ 1521.904734]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1521.905437]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1521.906125]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1521.906768] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1521.906807]  ? lock_downgrade+0x6d0/0x6d0
[ 1521.906831]  ? find_held_lock+0x2c/0x110
[ 1521.909507]  ? io_submit_sqes+0x8610/0x8610
[ 1521.910235]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1521.911069]  ? wait_for_completion_io+0x270/0x270
[ 1521.911880]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1521.912666]  ? vfs_write+0x354/0xb10
[ 1521.913300]  ? fput_many+0x2f/0x1a0
[ 1521.913911]  ? ksys_write+0x1a9/0x260
[ 1521.914548]  ? __ia32_sys_read+0xb0/0xb0
[ 1521.915234]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1521.916098]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1521.916952]  do_syscall_64+0x33/0x40
[ 1521.917568]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1521.918388] RIP: 0033:0x7ff984008b19
[ 1521.919014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1521.921944] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1521.921964] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1521.921974] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1521.921984] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1521.921994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1521.922005] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1521.922635] FAULT_INJECTION: forcing a failure.
[ 1521.922635] name failslab, interval 1, probability 0, space 0, times 0
[ 1521.922658] CPU: 0 PID: 9522 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1521.922671] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1521.922678] Call Trace:
[ 1521.922700]  dump_stack+0x107/0x167
[ 1521.922725]  should_fail.cold+0x5/0xa
[ 1521.922749]  ? create_object.isra.0+0x3a/0xa20
[ 1521.922775]  should_failslab+0x5/0x20
[ 1521.922796]  kmem_cache_alloc+0x5b/0x310
[ 1521.922818]  ? mark_held_locks+0x9e/0xe0
[ 1521.922861]  create_object.isra.0+0x3a/0xa20
[ 1521.922885]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1521.922917]  kmem_cache_alloc_bulk+0x168/0x320
[ 1521.922948]  io_submit_sqes+0x6fe6/0x8610
[ 1521.922994]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1521.923010]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1521.923031]  ? lock_downgrade+0x6d0/0x6d0
[ 1521.923045]  ? find_held_lock+0x2c/0x110
[ 1521.923068]  ? io_submit_sqes+0x8610/0x8610
[ 1521.923093]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1521.923114]  ? wait_for_completion_io+0x270/0x270
[ 1521.923133]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1521.923148]  ? vfs_write+0x354/0xb10
[ 1521.923169]  ? fput_many+0x2f/0x1a0
[ 1521.923195]  ? ksys_write+0x1a9/0x260
[ 1521.923216]  ? __ia32_sys_read+0xb0/0xb0
[ 1521.923243]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1521.923259]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1521.923278]  do_syscall_64+0x33/0x40
[ 1521.923293]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1521.923304] RIP: 0033:0x7fd30c0eeb19
[ 1521.923320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1521.923329] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1521.923347] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1521.923357] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1521.923367] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1521.923376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1521.923386] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1521.969791] FAULT_INJECTION: forcing a failure.
[ 1521.969791] name failslab, interval 1, probability 0, space 0, times 0
[ 1521.969808] CPU: 0 PID: 9524 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1521.969822] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1521.969827] Call Trace:
[ 1521.969843]  dump_stack+0x107/0x167
[ 1521.969861]  should_fail.cold+0x5/0xa
[ 1521.969878]  ? create_object.isra.0+0x3a/0xa20
[ 1521.969895]  should_failslab+0x5/0x20
[ 1521.969910]  kmem_cache_alloc+0x5b/0x310
[ 1521.969934]  create_object.isra.0+0x3a/0xa20
[ 1521.969950]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1521.969972]  kmem_cache_alloc_trace+0x151/0x320
[ 1521.969995]  io_issue_sqe+0x2492/0x77b0
[ 1521.970028]  ? io_connect+0x610/0x610
[ 1521.970049]  ? __lockdep_reset_lock+0x180/0x180
[ 1521.970071]  ? lock_acquire+0x197/0x470
[ 1521.970087]  ? slab_free_freelist_hook+0x180/0x180
[ 1521.970102]  ? find_held_lock+0x2c/0x110
[ 1521.970126]  __io_queue_sqe+0x90/0x9d0
[ 1521.970149]  ? io_issue_sqe+0x77b0/0x77b0
[ 1521.970183]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1521.970213]  io_submit_sqes+0x44aa/0x8610
[ 1521.970258]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1521.970273]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1521.970293]  ? lock_downgrade+0x6d0/0x6d0
[ 1521.970307]  ? find_held_lock+0x2c/0x110
[ 1521.970328]  ? io_submit_sqes+0x8610/0x8610
[ 1521.970352]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1521.970378]  ? wait_for_completion_io+0x270/0x270
[ 1521.970396]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1521.970410]  ? vfs_write+0x354/0xb10
[ 1521.970426]  ? fput_many+0x2f/0x1a0
[ 1521.970443]  ? ksys_write+0x1a9/0x260
[ 1521.970459]  ? __ia32_sys_read+0xb0/0xb0
[ 1521.970480]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1521.970496]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1521.970514]  do_syscall_64+0x33/0x40
[ 1521.970529]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1521.970540] RIP: 0033:0x7f7e6ceffb19
[ 1521.970555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1521.970564] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1521.970581] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1521.970591] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1521.970601] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1521.970611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1521.970621] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1521.974855] FAULT_INJECTION: forcing a failure.
[ 1521.974855] name failslab, interval 1, probability 0, space 0, times 0
[ 1521.974873] CPU: 0 PID: 9513 Comm: syz-executor.7 Not tainted 5.10.220 #1
[ 1521.974882] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1521.974887] Call Trace:
[ 1521.974903]  dump_stack+0x107/0x167
[ 1521.974921]  should_fail.cold+0x5/0xa
[ 1521.974943]  should_failslab+0x5/0x20
[ 1521.974958]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1521.974979]  io_submit_sqes+0x6fe6/0x8610
[ 1521.974997]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1521.975036]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1521.975051]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1521.975071]  ? lock_downgrade+0x6d0/0x6d0
[ 1521.975085]  ? find_held_lock+0x2c/0x110
[ 1521.975106]  ? io_submit_sqes+0x8610/0x8610
[ 1521.975131]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1522.033384]  ? wait_for_completion_io+0x270/0x270
[ 1522.033973]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1522.034543]  ? vfs_write+0x354/0xb10
[ 1522.035015]  ? fput_many+0x2f/0x1a0
[ 1522.035476]  ? ksys_write+0x1a9/0x260
[ 1522.035938]  ? __ia32_sys_read+0xb0/0xb0
[ 1522.036453]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1522.037091]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1522.037742]  do_syscall_64+0x33/0x40
[ 1522.038205]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1522.038835] RIP: 0033:0x7fac812b2b19
[ 1522.039315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1522.041590] RSP: 002b:00007fac7e828188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1522.042531] RAX: ffffffffffffffda RBX: 00007fac813c5f60 RCX: 00007fac812b2b19
[ 1522.043408] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1522.044273] RBP: 00007fac7e8281d0 R08: 0000000000000000 R09: 0000000000000000
[ 1522.045144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1522.045759] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9515 comm=syz-executor.5
[ 1522.046012] R13: 00007fff494cb88f R14: 00007fac7e828300 R15: 0000000000022000
23:11:45 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 7)

23:11:45 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x16}})

23:11:45 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 2)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

[ 1522.180025] FAULT_INJECTION: forcing a failure.
23:11:45 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 60)

[ 1522.180025] name failslab, interval 1, probability 0, space 0, times 0
[ 1522.181980] CPU: 1 PID: 9534 Comm: syz-executor.7 Not tainted 5.10.220 #1
[ 1522.182971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1522.184126] Call Trace:
[ 1522.184518]  dump_stack+0x107/0x167
[ 1522.185034]  should_fail.cold+0x5/0xa
[ 1522.185576]  ? create_object.isra.0+0x3a/0xa20
[ 1522.186238]  should_failslab+0x5/0x20
[ 1522.186776]  kmem_cache_alloc+0x5b/0x310
[ 1522.187388]  create_object.isra.0+0x3a/0xa20
[ 1522.188012]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1522.188751]  kmem_cache_alloc_bulk+0x168/0x320
[ 1522.189405]  io_submit_sqes+0x6fe6/0x8610
[ 1522.190006]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1522.190712]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1522.191447]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1522.192132]  ? lock_downgrade+0x6d0/0x6d0
[ 1522.192729]  ? find_held_lock+0x2c/0x110
[ 1522.193308]  ? io_submit_sqes+0x8610/0x8610
[ 1522.193947]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1522.194636]  ? wait_for_completion_io+0x270/0x270
[ 1522.195355]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1522.196020]  ? vfs_write+0x354/0xb10
[ 1522.196552]  ? fput_many+0x2f/0x1a0
[ 1522.197083]  ? ksys_write+0x1a9/0x260
[ 1522.197619]  ? __ia32_sys_read+0xb0/0xb0
[ 1522.198214]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1522.198973]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1522.199728]  do_syscall_64+0x33/0x40
[ 1522.200256]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1522.200995] RIP: 0033:0x7fac812b2b19
[ 1522.201523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1522.204156] RSP: 002b:00007fac7e828188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1522.205223] RAX: ffffffffffffffda RBX: 00007fac813c5f60 RCX: 00007fac812b2b19
[ 1522.206247] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1522.207296] RBP: 00007fac7e8281d0 R08: 0000000000000000 R09: 0000000000000000
[ 1522.208322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1522.209346] R13: 00007fff494cb88f R14: 00007fac7e828300 R15: 0000000000022000
[ 1522.255680] FAULT_INJECTION: forcing a failure.
[ 1522.255680] name failslab, interval 1, probability 0, space 0, times 0
[ 1522.257610] CPU: 1 PID: 9538 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1522.258572] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1522.259747] FAULT_INJECTION: forcing a failure.
[ 1522.259747] name failslab, interval 1, probability 0, space 0, times 0
[ 1522.261259] Call Trace:
[ 1522.261641]  dump_stack+0x107/0x167
[ 1522.262161]  should_fail.cold+0x5/0xa
[ 1522.262707]  ? create_object.isra.0+0x3a/0xa20
[ 1522.263378]  should_failslab+0x5/0x20
[ 1522.263918]  kmem_cache_alloc+0x5b/0x310
[ 1522.264493]  ? mark_held_locks+0x9e/0xe0
[ 1522.265068]  create_object.isra.0+0x3a/0xa20
[ 1522.265687]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1522.266429]  kmem_cache_alloc_bulk+0x168/0x320
[ 1522.267109]  io_submit_sqes+0x6fe6/0x8610
[ 1522.267695]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1522.268401]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1522.269104]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1522.269791]  ? lock_downgrade+0x6d0/0x6d0
[ 1522.270385]  ? find_held_lock+0x2c/0x110
[ 1522.270986]  ? io_submit_sqes+0x8610/0x8610
[ 1522.271608]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1522.272289]  ? wait_for_completion_io+0x270/0x270
[ 1522.272971]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1522.273630]  ? vfs_write+0x354/0xb10
[ 1522.274157]  ? fput_many+0x2f/0x1a0
[ 1522.274676]  ? ksys_write+0x1a9/0x260
[ 1522.275255]  ? __ia32_sys_read+0xb0/0xb0
[ 1522.275834]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1522.276569]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1522.277304]  do_syscall_64+0x33/0x40
[ 1522.277831]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1522.278545] RIP: 0033:0x7ff984008b19
[ 1522.279093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1522.281673] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1522.282752] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1522.283766] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1522.284772] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1522.285767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1522.286776] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1522.287830] CPU: 0 PID: 9540 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1522.288666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1522.289590] Call Trace:
[ 1522.289893]  dump_stack+0x107/0x167
[ 1522.290330]  should_fail.cold+0x5/0xa
[ 1522.290770]  ? create_object.isra.0+0x3a/0xa20
[ 1522.291309]  should_failslab+0x5/0x20
[ 1522.291740]  kmem_cache_alloc+0x5b/0x310
[ 1522.292211]  ? mark_held_locks+0x9e/0xe0
[ 1522.292679]  create_object.isra.0+0x3a/0xa20
[ 1522.293191]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1522.293786]  kmem_cache_alloc_bulk+0x168/0x320
[ 1522.294328]  io_submit_sqes+0x6fe6/0x8610
[ 1522.294817]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1522.295393]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1522.295943]  ? lock_downgrade+0x6d0/0x6d0
[ 1522.296429]  ? find_held_lock+0x2c/0x110
[ 1522.296896]  ? io_submit_sqes+0x8610/0x8610
[ 1522.297408]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1522.297954]  ? wait_for_completion_io+0x270/0x270
[ 1522.298512]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1522.299050]  ? vfs_write+0x354/0xb10
[ 1522.299478]  ? fput_many+0x2f/0x1a0
[ 1522.299888]  ? ksys_write+0x1a9/0x260
[ 1522.300347]  ? __ia32_sys_read+0xb0/0xb0
[ 1522.300806]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1522.301414]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1522.301997]  do_syscall_64+0x33/0x40
[ 1522.302426]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1522.303010] RIP: 0033:0x7fd30c0eeb19
[ 1522.303446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1522.304184] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1522.305494] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1522.305512] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1522.305530] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1522.309099] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1522.309898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1522.310701] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1522.781246] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1522.781782] print_req_error: 22 callbacks suppressed
[ 1522.781793] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1522.783143] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1522.784022] buffer_io_error: 6 callbacks suppressed
[ 1522.784030] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1522.791861] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1522.792303] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1522.793288] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1522.794150] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1522.795096] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1522.795569] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1522.796449] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1522.797284] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1522.798195] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1522.798653] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1522.799670] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1522.800522] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1522.801501] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1522.801947] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1522.802835] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1522.803703] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1522.804658] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1522.805120] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1522.805843] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1522.806320] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1522.807378] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1522.807855] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1522.827031] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1522.827824] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1522.828539] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1522.829014] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1522.830127] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1522.830984] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1522.831556] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1522.832304] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1522.832905] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1522.833781] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:11:58 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 61)

[ 1535.302117] FAULT_INJECTION: forcing a failure.
23:11:58 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511e", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:11:58 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 8)

23:11:58 executing program 5:
setregid(0xffffffffffffffff, 0xee01)
r0 = getegid()
setfsgid(r0)
setresgid(r0, r0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0)
read(r1, &(0x7f0000000000), 0x1b4000)
clock_gettime(0x0, &(0x7f00000004c0)={<r2=>0x0, <r3=>0x0})
recvmmsg$unix(r1, &(0x7f0000000480)=[{{&(0x7f0000000040), 0x6e, &(0x7f0000000300)=[{&(0x7f00000000c0)=""/151, 0x97}, {&(0x7f0000000180)=""/83, 0x53}, {&(0x7f0000000200)=""/220, 0xdc}], 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="2c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000094eeb3284df05dfd19e0d4ac6e0fef7d", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="1b0010008f174519783149bce7f3ab489435901f5300fca9232dae38333c102bb96bcdb22624ac3c0bf41eeccf79adaeae368b8e34159e538bf2ae4b3e36db9b654462bdfdcf970eb35029af7cc8e617ad57133d5a47f1a86e404d33c4a208b09d871b8c1f86feb0740848a8c003ff3504d8a3f2a6934ba5d178a4db9cbe94ad5814aa"], 0x110}}], 0x1, 0x0, &(0x7f0000000500)={r2, r3+60000000})
r4 = fork()
kcmp(r4, r4, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
syz_open_procfs(r4, &(0x7f0000000000)='fdinfo/4\x00')
getpgid(r4)
geteuid()

23:11:58 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 19)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:11:58 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x17}})

23:11:58 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 3)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

23:11:58 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[ 1535.302117] name failslab, interval 1, probability 0, space 0, times 0
[ 1535.303821] CPU: 1 PID: 9558 Comm: syz-executor.7 Not tainted 5.10.220 #1
[ 1535.304386] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1535.305177] FAULT_INJECTION: forcing a failure.
[ 1535.305177] name failslab, interval 1, probability 0, space 0, times 0
[ 1535.305307] Call Trace:
[ 1535.305339]  dump_stack+0x107/0x167
[ 1535.307619]  should_fail.cold+0x5/0xa
[ 1535.308056]  ? create_object.isra.0+0x3a/0xa20
[ 1535.308569]  should_failslab+0x5/0x20
[ 1535.309005]  kmem_cache_alloc+0x5b/0x310
[ 1535.309457]  ? mark_held_locks+0x9e/0xe0
[ 1535.309921]  create_object.isra.0+0x3a/0xa20
[ 1535.310411]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1535.310977]  kmem_cache_alloc_bulk+0x168/0x320
[ 1535.311400]  io_submit_sqes+0x6fe6/0x8610
[ 1535.311867]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1535.312424]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1535.312983]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1535.313512]  ? lock_downgrade+0x6d0/0x6d0
[ 1535.313976]  ? find_held_lock+0x2c/0x110
[ 1535.314437]  ? io_submit_sqes+0x8610/0x8610
[ 1535.314920]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1535.315473]  ? wait_for_completion_io+0x270/0x270
[ 1535.316014]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1535.316428]  ? vfs_write+0x354/0xb10
[ 1535.316847]  ? fput_many+0x2f/0x1a0
[ 1535.317254]  ? ksys_write+0x1a9/0x260
[ 1535.317681]  ? __ia32_sys_read+0xb0/0xb0
[ 1535.318138]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1535.318719]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1535.319302]  do_syscall_64+0x33/0x40
[ 1535.319721]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1535.320303] RIP: 0033:0x7fac812b2b19
[ 1535.320720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1535.322741] RSP: 002b:00007fac7e828188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1535.323588] RAX: ffffffffffffffda RBX: 00007fac813c5f60 RCX: 00007fac812b2b19
[ 1535.324359] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1535.324937] RBP: 00007fac7e8281d0 R08: 0000000000000000 R09: 0000000000000000
[ 1535.325732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1535.326309] R13: 00007fff494cb88f R14: 00007fac7e828300 R15: 0000000000022000
[ 1535.327131] CPU: 0 PID: 9548 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1535.328176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1535.329423] Call Trace:
[ 1535.329836]  dump_stack+0x107/0x167
[ 1535.330401]  should_fail.cold+0x5/0xa
[ 1535.330998]  ? create_object.isra.0+0x3a/0xa20
[ 1535.331702]  should_failslab+0x5/0x20
[ 1535.332289]  kmem_cache_alloc+0x5b/0x310
[ 1535.332924]  create_object.isra.0+0x3a/0xa20
[ 1535.333592]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1535.334380]  kmem_cache_alloc_trace+0x151/0x320
[ 1535.335107]  io_issue_sqe+0x2492/0x77b0
[ 1535.335733]  ? io_connect+0x610/0x610
[ 1535.336321]  ? lock_acquire+0x197/0x470
[ 1535.336930]  ? find_held_lock+0x2c/0x110
[ 1535.337563]  ? xa_load+0x12d/0x2c0
[ 1535.338106]  ? lock_downgrade+0x6d0/0x6d0
[ 1535.338751]  __io_queue_sqe+0x90/0x9d0
[ 1535.339354]  ? xa_load+0x156/0x2c0
[ 1535.339900]  ? io_issue_sqe+0x77b0/0x77b0
[ 1535.340543]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1535.341270]  io_submit_sqes+0x44aa/0x8610
[ 1535.341936]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1535.342696]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1535.343443]  ? lock_downgrade+0x6d0/0x6d0
[ 1535.344091]  ? find_held_lock+0x2c/0x110
[ 1535.344719]  ? io_submit_sqes+0x8610/0x8610
[ 1535.345380]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1535.346074]  ? wait_for_completion_io+0x270/0x270
[ 1535.346771]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1535.347450]  ? vfs_write+0x354/0xb10
[ 1535.347989]  ? fput_many+0x2f/0x1a0
[ 1535.348516]  ? ksys_write+0x1a9/0x260
[ 1535.349067]  ? __ia32_sys_read+0xb0/0xb0
[ 1535.349657]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1535.350406]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1535.351155]  do_syscall_64+0x33/0x40
[ 1535.351694]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1535.352427] RIP: 0033:0x7fd30c0eeb19
[ 1535.352959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1535.355615] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1535.356707] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1535.357725] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1535.358744] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1535.359767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1535.360784] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1535.399069] FAULT_INJECTION: forcing a failure.
[ 1535.399069] name failslab, interval 1, probability 0, space 0, times 0
[ 1535.400727] CPU: 0 PID: 9563 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1535.401736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1535.402937] Call Trace:
[ 1535.403341]  dump_stack+0x107/0x167
[ 1535.403869]  should_fail.cold+0x5/0xa
[ 1535.404422]  ? create_object.isra.0+0x3a/0xa20
[ 1535.405083]  should_failslab+0x5/0x20
[ 1535.405637]  kmem_cache_alloc+0x5b/0x310
[ 1535.406236]  ? mark_held_locks+0x9e/0xe0
[ 1535.406820]  create_object.isra.0+0x3a/0xa20
[ 1535.407474]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1535.408362]  kmem_cache_alloc_bulk+0x168/0x320
[ 1535.409082]  io_submit_sqes+0x6fe6/0x8610
[ 1535.409681]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1535.410392]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1535.411136]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1535.411853]  ? lock_downgrade+0x6d0/0x6d0
[ 1535.412446]  ? find_held_lock+0x2c/0x110
[ 1535.413052]  ? io_submit_sqes+0x8610/0x8610
[ 1535.413684]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1535.414403]  ? wait_for_completion_io+0x270/0x270
[ 1535.415102]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1535.415759]  ? vfs_write+0x354/0xb10
[ 1535.416321]  ? fput_many+0x2f/0x1a0
[ 1535.416840]  ? ksys_write+0x1a9/0x260
[ 1535.417413]  ? __ia32_sys_read+0xb0/0xb0
[ 1535.417993]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1535.418769]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1535.419515]  do_syscall_64+0x33/0x40
[ 1535.420045]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1535.420790] RIP: 0033:0x7ff984008b19
[ 1535.421321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1535.423915] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1535.424993] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1535.425998] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1535.427020] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1535.428029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1535.429036] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1535.440104] FAULT_INJECTION: forcing a failure.
[ 1535.440104] name failslab, interval 1, probability 0, space 0, times 0
[ 1535.441990] CPU: 0 PID: 9564 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1535.442975] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1535.444156] Call Trace:
[ 1535.444538]  dump_stack+0x107/0x167
[ 1535.445061]  should_fail.cold+0x5/0xa
[ 1535.445612]  ? create_object.isra.0+0x3a/0xa20
[ 1535.446266]  should_failslab+0x5/0x20
[ 1535.446809]  kmem_cache_alloc+0x5b/0x310
[ 1535.447421]  create_object.isra.0+0x3a/0xa20
[ 1535.448071]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1535.448840]  kmem_cache_alloc_trace+0x151/0x320
[ 1535.449554]  io_issue_sqe+0x2492/0x77b0
[ 1535.450178]  ? io_connect+0x610/0x610
[ 1535.450760]  ? __lockdep_reset_lock+0x180/0x180
[ 1535.451512]  ? lock_acquire+0x197/0x470
[ 1535.452112]  ? slab_free_freelist_hook+0x180/0x180
[ 1535.452858]  ? find_held_lock+0x2c/0x110
[ 1535.453481]  __io_queue_sqe+0x90/0x9d0
[ 1535.454077]  ? io_issue_sqe+0x77b0/0x77b0
[ 1535.454745]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1535.455473]  io_submit_sqes+0x44aa/0x8610
[ 1535.456132]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1535.456882]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1535.457614]  ? lock_downgrade+0x6d0/0x6d0
[ 1535.458239]  ? find_held_lock+0x2c/0x110
[ 1535.458896]  ? io_submit_sqes+0x8610/0x8610
[ 1535.459581]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1535.460311]  ? wait_for_completion_io+0x270/0x270
[ 1535.461040]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1535.461742]  ? vfs_write+0x354/0xb10
[ 1535.462307]  ? fput_many+0x2f/0x1a0
[ 1535.462863]  ? ksys_write+0x1a9/0x260
[ 1535.463450]  ? __ia32_sys_read+0xb0/0xb0
[ 1535.464070]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1535.464861]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1535.465637]  do_syscall_64+0x33/0x40
[ 1535.466201]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1535.466972] RIP: 0033:0x7f7e6ceffb19
[ 1535.467543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1535.470295] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1535.471449] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1535.472559] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1535.473659] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1535.474727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1535.475805] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1535.543288] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1535.741120] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1535.742005] print_req_error: 22 callbacks suppressed
[ 1535.742025] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1535.744427] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1535.746007] buffer_io_error: 6 callbacks suppressed
[ 1535.746020] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1535.750759] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1535.751620] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1535.753209] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1535.754778] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1535.756656] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1535.757519] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1535.759115] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1535.760678] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1535.762519] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1535.763383] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1535.764963] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1535.766526] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1535.768299] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1535.769158] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1535.770739] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1535.772309] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1535.774759] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1535.775655] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1535.777616] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1535.778503] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1535.780255] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1535.781149] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:12:11 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xc}, 0x0, 0xfffffffffffff0f3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
faccessat2(r0, &(0x7f0000000100)='./file0\x00', 0x48, 0x100)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
finit_module(0xffffffffffffffff, &(0x7f0000000000)='[-|K\x00', 0x2)
mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB="8b224c84b372044f5f0602589273b921c474309cef6fda59340d6e94fdd0d8fe7e5b6faf4a2e21a5839c52153f6ae81b0a84000000f18b6ccb06244803b3b075151b1556f076648cbc19bdcae8220ed0bb925ede12802538a62e4bdf73d7c917426a91c4a6df6f55a81465d91d31685de45d2784a586010c573e64f7b964b21be77c3ed89cb5b21276009dd41734a7abd3", @ANYRESHEX=r2, @ANYBLOB])

23:12:11 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x18}})

23:12:11 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 9)

23:12:11 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 62)

23:12:11 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 4)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

23:12:11 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:12:11 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:12:11 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 20)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1548.647428] 9pnet: Insufficient options for proto=fd
[ 1548.654829] FAULT_INJECTION: forcing a failure.
[ 1548.654829] name failslab, interval 1, probability 0, space 0, times 0
[ 1548.656143] CPU: 0 PID: 9588 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1548.656912] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1548.657844] Call Trace:
[ 1548.658152]  dump_stack+0x107/0x167
[ 1548.658567]  should_fail.cold+0x5/0xa
[ 1548.659002]  ? io_issue_sqe+0x2492/0x77b0
[ 1548.659480]  should_failslab+0x5/0x20
[ 1548.659920]  kmem_cache_alloc_trace+0x55/0x320
[ 1548.660444]  io_issue_sqe+0x2492/0x77b0
[ 1548.660913]  ? io_connect+0x610/0x610
[ 1548.661352]  ? __lockdep_reset_lock+0x180/0x180
[ 1548.661883]  ? mark_held_locks+0x9e/0xe0
[ 1548.662346]  __io_queue_sqe+0x90/0x9d0
[ 1548.662793]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1548.663414]  ? io_issue_sqe+0x77b0/0x77b0
[ 1548.663888]  ? io_submit_sqes+0x9a0/0x8610
[ 1548.664367]  ? __sanitizer_cov_trace_switch+0x37/0x80
[ 1548.664947]  io_submit_sqes+0x44aa/0x8610
[ 1548.665443]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1548.666009]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1548.666557]  ? lock_downgrade+0x6d0/0x6d0
[ 1548.667014]  ? find_held_lock+0x2c/0x110
[ 1548.667486]  ? io_submit_sqes+0x8610/0x8610
[ 1548.667977]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1548.668525]  ? wait_for_completion_io+0x270/0x270
[ 1548.669068]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1548.669588]  ? vfs_write+0x354/0xb10
[ 1548.670005]  ? fput_many+0x2f/0x1a0
[ 1548.670422]  ? ksys_write+0x1a9/0x260
[ 1548.670854]  ? __ia32_sys_read+0xb0/0xb0
[ 1548.671331]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1548.671910]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1548.672502]  do_syscall_64+0x33/0x40
[ 1548.672921]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1548.673501] RIP: 0033:0x7f7e6ceffb19
[ 1548.673927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1548.675985] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1548.676838] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1548.677633] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1548.678426] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1548.679226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1548.680023] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1548.682652] FAULT_INJECTION: forcing a failure.
[ 1548.682652] name failslab, interval 1, probability 0, space 0, times 0
[ 1548.683902] CPU: 0 PID: 9594 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1548.684658] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1548.685560] Call Trace:
[ 1548.685858]  dump_stack+0x107/0x167
[ 1548.686261]  should_fail.cold+0x5/0xa
[ 1548.686681]  ? create_object.isra.0+0x3a/0xa20
[ 1548.687202]  should_failslab+0x5/0x20
[ 1548.687625]  kmem_cache_alloc+0x5b/0x310
[ 1548.688075]  ? mark_held_locks+0x9e/0xe0
[ 1548.688525]  create_object.isra.0+0x3a/0xa20
[ 1548.689012]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1548.689570]  kmem_cache_alloc_bulk+0x168/0x320
[ 1548.690079]  io_submit_sqes+0x6fe6/0x8610
[ 1548.690539]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1548.691087]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1548.691589]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1548.692123]  ? lock_downgrade+0x6d0/0x6d0
[ 1548.692580]  ? find_held_lock+0x2c/0x110
[ 1548.693037]  ? io_submit_sqes+0x8610/0x8610
[ 1548.693519]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1548.694053]  ? wait_for_completion_io+0x270/0x270
[ 1548.694485]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1548.694994]  ? vfs_write+0x354/0xb10
[ 1548.695326]  ? fput_many+0x2f/0x1a0
[ 1548.695734]  ? ksys_write+0x1a9/0x260
[ 1548.696052]  ? __ia32_sys_read+0xb0/0xb0
[ 1548.696517]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1548.697099]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1548.697560]  do_syscall_64+0x33/0x40
[ 1548.697975]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1548.698395] RIP: 0033:0x7ff984008b19
[ 1548.698810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1548.700850] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1548.701688] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1548.702490] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1548.703282] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1548.704070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1548.704859] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1548.706093] FAULT_INJECTION: forcing a failure.
[ 1548.706093] name failslab, interval 1, probability 0, space 0, times 0
[ 1548.707340] CPU: 0 PID: 9595 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1548.708091] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1548.708994] Call Trace:
[ 1548.709290]  dump_stack+0x107/0x167
[ 1548.709693]  should_fail.cold+0x5/0xa
[ 1548.710112]  ? io_issue_sqe+0x2492/0x77b0
[ 1548.710577]  should_failslab+0x5/0x20
[ 1548.710994]  kmem_cache_alloc_trace+0x55/0x320
[ 1548.711509]  io_issue_sqe+0x2492/0x77b0
[ 1548.711962]  ? io_connect+0x610/0x610
[ 1548.712391]  ? lock_acquire+0x197/0x470
[ 1548.712830]  ? find_held_lock+0x2c/0x110
[ 1548.713287]  ? xa_load+0x12d/0x2c0
[ 1548.713689]  ? lock_downgrade+0x6d0/0x6d0
[ 1548.714157]  __io_queue_sqe+0x90/0x9d0
[ 1548.714588]  ? xa_load+0x156/0x2c0
[ 1548.714981]  ? io_issue_sqe+0x77b0/0x77b0
[ 1548.715459]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1548.715989]  io_submit_sqes+0x44aa/0x8610
[ 1548.716466]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1548.717012]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1548.717548]  ? lock_downgrade+0x6d0/0x6d0
[ 1548.718007]  ? find_held_lock+0x2c/0x110
[ 1548.718462]  ? io_submit_sqes+0x8610/0x8610
[ 1548.718951]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1548.719497]  ? wait_for_completion_io+0x270/0x270
[ 1548.720032]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1548.720546]  ? vfs_write+0x354/0xb10
[ 1548.720964]  ? fput_many+0x2f/0x1a0
[ 1548.721369]  ? ksys_write+0x1a9/0x260
[ 1548.721788]  ? __ia32_sys_read+0xb0/0xb0
[ 1548.722240]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1548.722819]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1548.723752]  do_syscall_64+0x33/0x40
[ 1548.724492]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1548.725490] RIP: 0033:0x7fd30c0eeb19
[ 1548.726225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1548.729625] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1548.730916] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1548.732125] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1548.733331] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1548.734516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1548.735697] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1548.753616] FAULT_INJECTION: forcing a failure.
[ 1548.753616] name failslab, interval 1, probability 0, space 0, times 0
[ 1548.755665] CPU: 0 PID: 9593 Comm: syz-executor.7 Not tainted 5.10.220 #1
[ 1548.756846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1548.758273] Call Trace:
[ 1548.758748]  dump_stack+0x107/0x167
[ 1548.759408]  should_fail.cold+0x5/0xa
[ 1548.760086]  ? create_object.isra.0+0x3a/0xa20
[ 1548.760903]  should_failslab+0x5/0x20
[ 1548.761590]  kmem_cache_alloc+0x5b/0x310
[ 1548.762315]  ? mark_held_locks+0x9e/0xe0
[ 1548.763048]  create_object.isra.0+0x3a/0xa20
[ 1548.763830]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1548.764725]  kmem_cache_alloc_bulk+0x168/0x320
[ 1548.765538]  io_submit_sqes+0x6fe6/0x8610
[ 1548.766278]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1548.767179]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1548.768061]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1548.768919]  ? lock_downgrade+0x6d0/0x6d0
[ 1548.769657]  ? find_held_lock+0x2c/0x110
[ 1548.770391]  ? io_submit_sqes+0x8610/0x8610
[ 1548.771179]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1548.772050]  ? wait_for_completion_io+0x270/0x270
[ 1548.772915]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1548.773702]  ? vfs_write+0x354/0xb10
[ 1548.774274]  ? fput_many+0x2f/0x1a0
[ 1548.774840]  ? ksys_write+0x1a9/0x260
[ 1548.775428]  ? __ia32_sys_read+0xb0/0xb0
[ 1548.776055]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1548.776856]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1548.777645]  do_syscall_64+0x33/0x40
[ 1548.778216]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1548.778997] RIP: 0033:0x7fac812b2b19
[ 1548.779576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1548.782360] RSP: 002b:00007fac7e828188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1548.783533] RAX: ffffffffffffffda RBX: 00007fac813c5f60 RCX: 00007fac812b2b19
[ 1548.784619] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1548.785702] RBP: 00007fac7e8281d0 R08: 0000000000000000 R09: 0000000000000000
[ 1548.786788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1548.787877] R13: 00007fff494cb88f R14: 00007fac7e828300 R15: 0000000000022000
[ 1548.808964] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:12:11 executing program 5:
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0171c200000000000000000086dd6096033f00303a00fc020000000000000000000000000000ff1200000000000000000000000000010200907800000000600009e60000000000000000000000000000ffffac1e0001fe8000000000000000000000000000bb"], 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = gettid()
setpgid(0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r2=>r0, {0x7f}}, './file0\x00'})
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x0, 0x1f, 0x0, 0x1, 0x0, 0x9, 0x2000, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x400000ff, 0x4, @perf_bp={&(0x7f0000000180), 0x2}, 0x0, 0x3, 0x6, 0x2, 0x200, 0x1, 0xb8f9, 0x0, 0xffffffff, 0x0, 0x2000000000}, r1, 0x1, r2, 0xb)
ptrace(0x8, r1)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0)
read(r4, &(0x7f0000000000), 0x1b4000)
ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f00000000c0)={'wlan1\x00'})
ptrace(0x10, r1)
syz_emit_ethernet(0x32, &(0x7f00000005c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaa28c3ffb4f1991004600810048000806000108000200000000002ad1aa26e0000002218cad5417200100010000000000da9f7325e4e58c85b4c0f43f7a4b67745b55b8c3231c59a32e5c7a6f603ce6a57a28208aa35c882afc607f9b89b1d76665ea4f18e08f01d69c08195ae8a8e3b194f62104b1d5e08f89f57005d85530a86fc076aea30d59342e0650f8c4bcf32b540064f4c87fdbcbd013ef3936493d3d47e5a3a05c3fff95a2b1a2e55d7f8384c523698493341217d7a600a9bf037199e99baf28796845630554d8a79a25a32fd41a7baae0ccd36ae9608acc966dcaf5ac2dad5165eebf1b65623faa7ec0056ad48f8de405f7c702984e22c9a895bdd759d58c7bff3ff4ba68fc1b4ed00d5b9553682f8e65e0ab1abe00"/299], &(0x7f0000000140)={0x0, 0x1, [0xb65, 0x6cb, 0xe93, 0xd]})
openat$tun(0xffffffffffffff9c, 0x0, 0x412100, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000080)={'veth1_vlan\x00'})
r5 = openat(0xffffffffffffffff, 0x0, 0x131201, 0x0)
setsockopt$inet6_icmp_ICMP_FILTER(r5, 0x1, 0x1, &(0x7f0000000100)={0x80000001}, 0x4)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

23:12:11 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x19}})

23:12:12 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:12:12 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 21)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:12:12 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 5)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

23:12:12 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1a}})

23:12:12 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 10)

[ 1549.058636] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:12:12 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 63)

[ 1549.096705] FAULT_INJECTION: forcing a failure.
[ 1549.096705] name failslab, interval 1, probability 0, space 0, times 0
[ 1549.098693] CPU: 1 PID: 9618 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1549.099743] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1549.100978] Call Trace:
[ 1549.101389]  dump_stack+0x107/0x167
[ 1549.101948]  should_fail.cold+0x5/0xa
[ 1549.102531]  ? io_issue_sqe+0x2492/0x77b0
[ 1549.103170]  should_failslab+0x5/0x20
[ 1549.103745]  kmem_cache_alloc_trace+0x55/0x320
[ 1549.104443]  io_issue_sqe+0x2492/0x77b0
[ 1549.105074]  ? io_connect+0x610/0x610
[ 1549.105660]  ? __lockdep_reset_lock+0x180/0x180
[ 1549.106371]  ? lock_acquire+0x197/0x470
[ 1549.106971]  ? slab_free_freelist_hook+0x180/0x180
[ 1549.107705]  ? find_held_lock+0x2c/0x110
[ 1549.108338]  __io_queue_sqe+0x90/0x9d0
[ 1549.108913]  ? io_issue_sqe+0x77b0/0x77b0
[ 1549.109538]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1549.110224]  io_submit_sqes+0x44aa/0x8610
[ 1549.110877]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1549.111597]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1549.112318]  ? lock_downgrade+0x6d0/0x6d0
[ 1549.112907]  ? find_held_lock+0x2c/0x110
[ 1549.113517]  ? io_submit_sqes+0x8610/0x8610
23:12:12 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x8}, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000340)=ANY=[@ANYRES16])
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6, @random="4b57099ac259"}, 0x10)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x2)
pipe2(0x0, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, &(0x7f00000000c0)={0x1, 0x1, 0x1000, 0xde, &(0x7f0000000140)="a9b488b59dfb721a5896481fd8f2a0460e30c74abfc4baeb64782d6d856e2f84474a90d34e0711f06d449daa1c110660d3d2040000002b56b751f8cf6c12c9dd8a45b8cbe46cea0f06c1f4ad1bb5120c3d5da828fc5d48ea251695805855932a2ef1d515f51beb11470969d5b01fe19e90bec928f1daf32c29d78b0ff513c6863c75b9586220dbd80e23f6d2d6f343d60bcb2080c1fb76496b790bf1d2612eac40417734d38085e806b308553341f047790e1dbf8f87ad9f90700d10320f3a31b914cd1d5c2e452c7a35e0ef1e861e3df688912c832019d80bfdfe5f10e1", 0x0, 0x0, 0x0})
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000240)=@abs, 0x6e, &(0x7f0000000700)=[{&(0x7f00000002c0)=""/107, 0x6b}, {&(0x7f0000000380)=""/175, 0xaf}, {&(0x7f0000000500)=""/204, 0xcc}, {&(0x7f0000000440)}, {&(0x7f0000000600)=""/174, 0xae}, {&(0x7f0000000480)=""/55, 0x37}, {&(0x7f00000006c0)=""/6, 0x6}], 0x7, &(0x7f0000000780)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r1=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x90}, 0x81)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000880)={0x0, 0x0, 0xb4a, 0xfffffffffffffff8})
sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x7ffff000, 0x0)
shutdown(0xffffffffffffffff, 0x1)

[ 1549.114149]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1549.115076]  ? wait_for_completion_io+0x270/0x270
[ 1549.115791]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1549.116466]  ? vfs_write+0x354/0xb10
[ 1549.117015]  ? fput_many+0x2f/0x1a0
[ 1549.117551]  ? ksys_write+0x1a9/0x260
[ 1549.118108]  ? __ia32_sys_read+0xb0/0xb0
[ 1549.118706]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1549.119476]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1549.120225]  do_syscall_64+0x33/0x40
[ 1549.120769]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1549.121501] RIP: 0033:0x7f7e6ceffb19
[ 1549.122042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1549.124661] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1549.125746] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1549.126760] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1549.127803] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1549.128864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1549.129880] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1549.134976] FAULT_INJECTION: forcing a failure.
[ 1549.134976] name failslab, interval 1, probability 0, space 0, times 0
[ 1549.136961] CPU: 0 PID: 9622 Comm: syz-executor.7 Not tainted 5.10.220 #1
[ 1549.137976] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1549.139211] Call Trace:
[ 1549.139618]  dump_stack+0x107/0x167
[ 1549.140166]  should_fail.cold+0x5/0xa
[ 1549.140740]  ? create_object.isra.0+0x3a/0xa20
[ 1549.141431]  should_failslab+0x5/0x20
[ 1549.141998]  kmem_cache_alloc+0x5b/0x310
[ 1549.142604]  ? mark_held_locks+0x9e/0xe0
[ 1549.143224]  create_object.isra.0+0x3a/0xa20
[ 1549.143879]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1549.144634]  kmem_cache_alloc_bulk+0x168/0x320
[ 1549.145318]  io_submit_sqes+0x6fe6/0x8610
[ 1549.145935]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1549.146675]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1549.147418]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1549.148133]  ? lock_downgrade+0x6d0/0x6d0
[ 1549.148745]  ? find_held_lock+0x2c/0x110
[ 1549.149353]  ? io_submit_sqes+0x8610/0x8610
[ 1549.150003]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1549.150721]  ? wait_for_completion_io+0x270/0x270
[ 1549.151454]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1549.152139]  ? vfs_write+0x354/0xb10
[ 1549.152693]  ? fput_many+0x2f/0x1a0
[ 1549.153234]  ? ksys_write+0x1a9/0x260
[ 1549.153800]  ? __ia32_sys_read+0xb0/0xb0
[ 1549.154407]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1549.155187]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1549.155960]  do_syscall_64+0x33/0x40
[ 1549.156529]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1549.157181] FAULT_INJECTION: forcing a failure.
[ 1549.157181] name failslab, interval 1, probability 0, space 0, times 0
[ 1549.157288] RIP: 0033:0x7fac812b2b19
[ 1549.157318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1549.162094] RSP: 002b:00007fac7e828188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1549.163224] RAX: ffffffffffffffda RBX: 00007fac813c5f60 RCX: 00007fac812b2b19
[ 1549.164269] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1549.165314] RBP: 00007fac7e8281d0 R08: 0000000000000000 R09: 0000000000000000
[ 1549.166360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1549.167419] R13: 00007fff494cb88f R14: 00007fac7e828300 R15: 0000000000022000
[ 1549.168495] CPU: 1 PID: 9626 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1549.169487] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1549.170661] Call Trace:
[ 1549.171052]  dump_stack+0x107/0x167
[ 1549.171609]  should_fail.cold+0x5/0xa
[ 1549.172173]  ? create_object.isra.0+0x3a/0xa20
[ 1549.172837]  should_failslab+0x5/0x20
[ 1549.173398]  kmem_cache_alloc+0x5b/0x310
[ 1549.173995]  ? mark_held_locks+0x9e/0xe0
[ 1549.174597]  create_object.isra.0+0x3a/0xa20
[ 1549.175254]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1549.176001]  kmem_cache_alloc_bulk+0x168/0x320
[ 1549.176678]  io_submit_sqes+0x6fe6/0x8610
[ 1549.177286]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1549.178010]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1549.178743]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1549.179460]  ? lock_downgrade+0x6d0/0x6d0
[ 1549.180062]  ? find_held_lock+0x2c/0x110
[ 1549.180661]  ? io_submit_sqes+0x8610/0x8610
[ 1549.181336]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1549.182248]  ? wait_for_completion_io+0x270/0x270
[ 1549.183055]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1549.183769]  ? vfs_write+0x354/0xb10
[ 1549.184338]  ? fput_many+0x2f/0x1a0
[ 1549.184894]  ? ksys_write+0x1a9/0x260
[ 1549.185477]  ? __ia32_sys_read+0xb0/0xb0
[ 1549.186097]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1549.186884]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1549.187676]  do_syscall_64+0x33/0x40
[ 1549.188242]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1549.189012] RIP: 0033:0x7ff984008b19
[ 1549.189579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1549.192312] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1549.193459] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1549.194526] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1549.195595] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1549.196655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1549.197717] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
23:12:12 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

[ 1549.225668] FAULT_INJECTION: forcing a failure.
[ 1549.225668] name failslab, interval 1, probability 0, space 0, times 0
[ 1549.227537] CPU: 0 PID: 9631 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1549.228554] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1549.229772] Call Trace:
[ 1549.230172]  dump_stack+0x107/0x167
[ 1549.230718]  should_fail.cold+0x5/0xa
[ 1549.231293]  ? create_object.isra.0+0x3a/0xa20
[ 1549.231963]  ? create_object.isra.0+0x3a/0xa20
[ 1549.232639]  should_failslab+0x5/0x20
[ 1549.233190]  kmem_cache_alloc+0x5b/0x310
[ 1549.233790]  ? mark_held_locks+0x9e/0xe0
[ 1549.234382]  create_object.isra.0+0x3a/0xa20
[ 1549.235023]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1549.235767]  kmem_cache_alloc_bulk+0x168/0x320
[ 1549.236443]  io_submit_sqes+0x6fe6/0x8610
[ 1549.237072]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1549.237798]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1549.238497]  ? lock_downgrade+0x6d0/0x6d0
[ 1549.239105]  ? find_held_lock+0x2c/0x110
[ 1549.239704]  ? io_submit_sqes+0x8610/0x8610
[ 1549.240349]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1549.241045]  ? wait_for_completion_io+0x270/0x270
[ 1549.241753]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1549.242417]  ? vfs_write+0x354/0xb10
[ 1549.242962]  ? fput_many+0x2f/0x1a0
[ 1549.243496]  ? ksys_write+0x1a9/0x260
[ 1549.244053]  ? __ia32_sys_read+0xb0/0xb0
[ 1549.244644]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1549.245403]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1549.246144]  do_syscall_64+0x33/0x40
[ 1549.246690]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1549.247434] RIP: 0033:0x7fd30c0eeb19
[ 1549.247981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1549.250617] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1549.251706] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1549.252734] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1549.253763] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1549.254790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1549.255828] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1550.114021] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1550.114928] print_req_error: 6 callbacks suppressed
[ 1550.114948] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1550.117292] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1550.117358] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1550.118727] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1550.119505] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1550.121974] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1550.122027] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1550.123354] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1550.124116] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1550.126568] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1550.126737] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1550.127920] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1550.130648] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1550.132221] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1550.132271] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1550.133568] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1550.134328] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1550.136753] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1550.136802] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1550.138075] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1550.138951] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1550.139860] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1550.140847] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1550.141530] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1550.143844] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1550.169758] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1550.170680] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1550.170700] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1550.172498] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1550.172549] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1550.174346] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1550.175246] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1550.176153] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1550.177067] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1550.177977] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1564.126546] FAULT_INJECTION: forcing a failure.
[ 1564.126546] name failslab, interval 1, probability 0, space 0, times 0
[ 1564.127739] CPU: 1 PID: 9652 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1564.128516] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1564.129471] Call Trace:
[ 1564.129709]  dump_stack+0x107/0x167
[ 1564.130402]  should_fail.cold+0x5/0xa
[ 1564.130959]  ? create_object.isra.0+0x3a/0xa20
[ 1564.131553]  should_failslab+0x5/0x20
[ 1564.131990]  kmem_cache_alloc+0x5b/0x310
[ 1564.132465]  create_object.isra.0+0x3a/0xa20
[ 1564.132975]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1564.133567]  kmem_cache_alloc_trace+0x151/0x320
[ 1564.134101]  io_issue_sqe+0x2492/0x77b0
[ 1564.134569]  ? io_connect+0x610/0x610
[ 1564.135009]  ? lock_acquire+0x197/0x470
[ 1564.135477]  ? find_held_lock+0x2c/0x110
[ 1564.135948]  ? xa_load+0x12d/0x2c0
[ 1564.136353]  ? lock_downgrade+0x6d0/0x6d0
[ 1564.136841]  __io_queue_sqe+0x90/0x9d0
[ 1564.137295]  ? xa_load+0x156/0x2c0
[ 1564.137613]  ? io_issue_sqe+0x77b0/0x77b0
[ 1564.138111]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1564.138662]  io_submit_sqes+0x44aa/0x8610
23:12:27 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1b}})

23:12:27 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 22)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:12:27 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:12:27 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:12:27 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 6)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

23:12:27 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 11)

23:12:27 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 64)

23:12:27 executing program 5:
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000340)={{0x1, 0x1, 0x18, <r1=>r0}, './file1/file1\x00'})
accept4$unix(r1, &(0x7f0000000380), &(0x7f0000000400)=0x6e, 0x100000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
renameat2(r0, &(0x7f00000001c0)='./file0\x00', r0, &(0x7f0000000280)='./file1/file0\x00', 0x2)
r3 = dup(0xffffffffffffffff)
pwrite64(r0, &(0x7f0000000340), 0x0, 0x0)
flock(r0, 0x1)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000640)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="000000040000009e1c1e7966ec1697f91d31fb04d1383a69be358af7c41797bb281cf29a84997b7afbe60a330c82e25899f06b6ddedf27ff213bd37829d101000000861f1671777ec9d2bec77115b8b32b6483010444a21696c4abcf786e5179f17f39351e08"])
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
openat(r3, &(0x7f0000000300)='./file0\x00', 0x101000, 0x4)
accept4$unix(r4, &(0x7f0000000200)=@abs, &(0x7f00000002c0)=0x6e, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000580)='./file1/file1\x00', 0x1cd481, 0x118)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
timerfd_create(0x8, 0x0)
unshare(0x48020200)
ioctl$BTRFS_IOC_FS_INFO(0xffffffffffffffff, 0x8400941f, &(0x7f0000000940))
sendmsg$TIPC_CMD_GET_NETID(r0, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, 0x0, 0xd22, 0x70bd2b, 0x25dfdbff, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
unshare(0x2010e00)

[ 1564.139165]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1564.139807]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1564.140361]  ? lock_downgrade+0x6d0/0x6d0
[ 1564.140837]  ? find_held_lock+0x2c/0x110
[ 1564.141312]  ? io_submit_sqes+0x8610/0x8610
[ 1564.141809]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1564.142366]  ? wait_for_completion_io+0x270/0x270
[ 1564.142913]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1564.143452]  ? vfs_write+0x354/0xb10
[ 1564.143874]  ? fput_many+0x2f/0x1a0
[ 1564.144297]  ? ksys_write+0x1a9/0x260
[ 1564.144738]  ? __ia32_sys_read+0xb0/0xb0
[ 1564.145206]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1564.145809]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1564.146401]  do_syscall_64+0x33/0x40
[ 1564.146829]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1564.147421] RIP: 0033:0x7ff984008b19
[ 1564.147847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1564.149922] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1564.150780] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1564.151602] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1564.152409] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1564.153217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1564.154021] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1564.170779] FAULT_INJECTION: forcing a failure.
[ 1564.170779] name failslab, interval 1, probability 0, space 0, times 0
[ 1564.172573] CPU: 0 PID: 9658 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1564.173608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1564.174856] Call Trace:
[ 1564.175275]  dump_stack+0x107/0x167
[ 1564.175855]  should_fail.cold+0x5/0xa
[ 1564.176447]  ? memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1564.177240]  should_failslab+0x5/0x20
[ 1564.177806]  __kmalloc_node+0x76/0x420
[ 1564.178396]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1564.179148]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 1564.179904]  kmem_cache_alloc_bulk+0x182/0x320
[ 1564.180588]  io_submit_sqes+0x6fe6/0x8610
[ 1564.181246]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1564.181970]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1564.182699]  ? lock_downgrade+0x6d0/0x6d0
[ 1564.183322]  ? find_held_lock+0x2c/0x110
[ 1564.183919]  ? io_submit_sqes+0x8610/0x8610
[ 1564.184568]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1564.185286]  ? wait_for_completion_io+0x270/0x270
[ 1564.186013]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1564.186712]  ? vfs_write+0x354/0xb10
[ 1564.187263]  ? fput_many+0x2f/0x1a0
[ 1564.187799]  ? ksys_write+0x1a9/0x260
[ 1564.188361]  ? __ia32_sys_read+0xb0/0xb0
[ 1564.188967]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1564.189743]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1564.190513]  do_syscall_64+0x33/0x40
[ 1564.191065]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1564.191813] RIP: 0033:0x7fd30c0eeb19
[ 1564.192371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1564.195003] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1564.196147] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1564.197207] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1564.198276] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1564.199357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1564.200429] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1564.208111] FAULT_INJECTION: forcing a failure.
[ 1564.208111] name failslab, interval 1, probability 0, space 0, times 0
[ 1564.209852] CPU: 0 PID: 9647 Comm: syz-executor.7 Not tainted 5.10.220 #1
[ 1564.210877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1564.212133] Call Trace:
[ 1564.212535]  dump_stack+0x107/0x167
[ 1564.213088]  should_fail.cold+0x5/0xa
[ 1564.213664]  ? create_object.isra.0+0x3a/0xa20
[ 1564.214355]  should_failslab+0x5/0x20
[ 1564.214939]  kmem_cache_alloc+0x5b/0x310
[ 1564.215553]  ? mark_held_locks+0x9e/0xe0
[ 1564.216165]  create_object.isra.0+0x3a/0xa20
[ 1564.216822]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1564.217555]  kmem_cache_alloc_bulk+0x168/0x320
[ 1564.218238]  io_submit_sqes+0x6fe6/0x8610
[ 1564.218856]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1564.219601]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1564.220345]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1564.221063]  ? lock_downgrade+0x6d0/0x6d0
[ 1564.221682]  ? find_held_lock+0x2c/0x110
[ 1564.222294]  ? io_submit_sqes+0x8610/0x8610
[ 1564.222937]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1564.223664]  ? wait_for_completion_io+0x270/0x270
[ 1564.224377]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1564.225035]  ? vfs_write+0x354/0xb10
[ 1564.225589]  ? fput_many+0x2f/0x1a0
[ 1564.226132]  ? ksys_write+0x1a9/0x260
[ 1564.226703]  ? __ia32_sys_read+0xb0/0xb0
[ 1564.227318]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1564.228096]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1564.228871]  do_syscall_64+0x33/0x40
[ 1564.229428]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1564.230194] RIP: 0033:0x7fac812b2b19
[ 1564.230750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1564.233473] RSP: 002b:00007fac7e828188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1564.234612] RAX: ffffffffffffffda RBX: 00007fac813c5f60 RCX: 00007fac812b2b19
[ 1564.235673] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1564.236739] RBP: 00007fac7e8281d0 R08: 0000000000000000 R09: 0000000000000000
[ 1564.237802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1564.238859] R13: 00007fff494cb88f R14: 00007fac7e828300 R15: 0000000000022000
[ 1564.271577] FAULT_INJECTION: forcing a failure.
[ 1564.271577] name failslab, interval 1, probability 0, space 0, times 0
[ 1564.273248] CPU: 0 PID: 9666 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1564.274271] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1564.275517] Call Trace:
[ 1564.275915]  dump_stack+0x107/0x167
[ 1564.276457]  should_fail.cold+0x5/0xa
[ 1564.277029]  ? create_object.isra.0+0x3a/0xa20
[ 1564.277709]  should_failslab+0x5/0x20
[ 1564.278282]  kmem_cache_alloc+0x5b/0x310
[ 1564.278890]  ? find_held_lock+0x2c/0x110
[ 1564.279551]  create_object.isra.0+0x3a/0xa20
[ 1564.280201]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1564.280961]  __kmalloc_node+0x1ae/0x420
[ 1564.281564]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1564.282327]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 1564.283081]  kmem_cache_alloc_bulk+0x182/0x320
[ 1564.283773]  io_submit_sqes+0x6fe6/0x8610
[ 1564.284395]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1564.285146]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1564.285861]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1564.286588]  ? lock_downgrade+0x6d0/0x6d0
[ 1564.287208]  ? find_held_lock+0x2c/0x110
[ 1564.287826]  ? io_submit_sqes+0x8610/0x8610
[ 1564.288483]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1564.289213]  ? wait_for_completion_io+0x270/0x270
[ 1564.289933]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1564.290627]  ? vfs_write+0x354/0xb10
[ 1564.291190]  ? fput_many+0x2f/0x1a0
[ 1564.291740]  ? ksys_write+0x1a9/0x260
[ 1564.292307]  ? __ia32_sys_read+0xb0/0xb0
[ 1564.292928]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1564.293717]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1564.294492]  do_syscall_64+0x33/0x40
[ 1564.295026]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1564.295803] RIP: 0033:0x7ff984008b19
[ 1564.296335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1564.299094] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1564.300223] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1564.301285] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1564.302364] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1564.303432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1564.304494] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1564.311907] FAULT_INJECTION: forcing a failure.
[ 1564.311907] name failslab, interval 1, probability 0, space 0, times 0
[ 1564.313867] CPU: 0 PID: 9656 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1564.314896] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1564.316158] Call Trace:
[ 1564.316561]  dump_stack+0x107/0x167
[ 1564.317111]  should_fail.cold+0x5/0xa
[ 1564.317687]  ? create_object.isra.0+0x3a/0xa20
[ 1564.318431]  should_failslab+0x5/0x20
[ 1564.319000]  kmem_cache_alloc+0x5b/0x310
[ 1564.319647]  create_object.isra.0+0x3a/0xa20
[ 1564.320308]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1564.321078]  kmem_cache_alloc_trace+0x151/0x320
[ 1564.321810]  io_issue_sqe+0x2492/0x77b0
[ 1564.322437]  ? io_connect+0x610/0x610
[ 1564.323015]  ? __lockdep_reset_lock+0x180/0x180
[ 1564.323704]  ? lock_acquire+0x197/0x470
[ 1564.324319]  __io_queue_sqe+0x90/0x9d0
[ 1564.324903]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1564.325756]  ? trace_hardirqs_on+0x5b/0x180
[ 1564.326407]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1564.327209]  ? io_issue_sqe+0x77b0/0x77b0
[ 1564.327848]  ? io_submit_sqes+0x68d8/0x8610
[ 1564.328507]  io_submit_sqes+0x44aa/0x8610
[ 1564.329188]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1564.329959]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1564.330691]  ? lock_downgrade+0x6d0/0x6d0
[ 1564.331321]  ? find_held_lock+0x2c/0x110
[ 1564.331940]  ? io_submit_sqes+0x8610/0x8610
[ 1564.332589]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1564.333359]  ? wait_for_completion_io+0x270/0x270
[ 1564.334087]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1564.334782]  ? vfs_write+0x354/0xb10
[ 1564.335347]  ? fput_many+0x2f/0x1a0
[ 1564.335905]  ? ksys_write+0x1a9/0x260
[ 1564.336484]  ? __ia32_sys_read+0xb0/0xb0
[ 1564.337112]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1564.337939]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1564.338724]  do_syscall_64+0x33/0x40
[ 1564.339290]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1564.340073] RIP: 0033:0x7f7e6ceffb19
[ 1564.340638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1564.343445] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1564.344600] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1564.345671] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1564.346746] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1564.347823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1564.348897] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
23:12:27 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 12)

23:12:27 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1c}})

23:12:27 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 65)

[ 1564.376144] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:12:27 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1e}})

[ 1564.519117] FAULT_INJECTION: forcing a failure.
[ 1564.519117] name failslab, interval 1, probability 0, space 0, times 0
[ 1564.521006] CPU: 1 PID: 9679 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1564.522016] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1564.523232] Call Trace:
[ 1564.523650]  dump_stack+0x107/0x167
[ 1564.524200]  should_fail.cold+0x5/0xa
[ 1564.524782]  ? io_issue_sqe+0x2492/0x77b0
[ 1564.525405]  should_failslab+0x5/0x20
[ 1564.525960]  kmem_cache_alloc_trace+0x55/0x320
[ 1564.526627]  io_issue_sqe+0x2492/0x77b0
[ 1564.527228]  ? io_connect+0x610/0x610
[ 1564.527796]  ? lock_acquire+0x197/0x470
[ 1564.528383]  ? find_held_lock+0x2c/0x110
[ 1564.528980]  ? xa_load+0x12d/0x2c0
[ 1564.529498]  ? lock_downgrade+0x6d0/0x6d0
[ 1564.530114]  __io_queue_sqe+0x90/0x9d0
[ 1564.530721]  ? xa_load+0x156/0x2c0
[ 1564.531398]  ? io_issue_sqe+0x77b0/0x77b0
[ 1564.532180]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1564.533033]  io_submit_sqes+0x44aa/0x8610
[ 1564.533712]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1564.534673]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1564.535621]  ? lock_downgrade+0x6d0/0x6d0
[ 1564.536414]  ? find_held_lock+0x2c/0x110
[ 1564.537071]  ? io_submit_sqes+0x8610/0x8610
[ 1564.537712]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1564.538420]  ? wait_for_completion_io+0x270/0x270
[ 1564.539115]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1564.539806]  ? vfs_write+0x354/0xb10
[ 1564.540354]  ? fput_many+0x2f/0x1a0
[ 1564.540891]  ? ksys_write+0x1a9/0x260
[ 1564.541450]  ? __ia32_sys_read+0xb0/0xb0
[ 1564.542042]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1564.542798]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1564.543578]  do_syscall_64+0x33/0x40
[ 1564.544120]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1564.544862] RIP: 0033:0x7fd30c0eeb19
[ 1564.545403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1564.548051] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1564.549156] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1564.550185] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1564.551222] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1564.552258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1564.553288] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1564.761116] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1564.762012] print_req_error: 22 callbacks suppressed
[ 1564.762031] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1564.764406] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1564.764450] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1564.766041] buffer_io_error: 6 callbacks suppressed
[ 1564.766054] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1564.766826] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1564.770219] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1564.770268] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1564.771816] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1564.772609] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1564.775279] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1564.775382] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1564.776852] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1564.777634] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1564.780274] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1564.780345] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1564.781840] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1564.782619] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1564.785276] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1564.785353] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1564.786832] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1564.787751] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1564.788780] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1564.789611] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1564.790633] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1564.792559] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:12:41 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 7)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

23:12:41 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x809, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
fcntl$dupfd(r1, 0x0, r0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
clone3(&(0x7f00000008c0)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000008e40)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@access_any}]}})

23:12:41 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x21}})

23:12:41 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 66)

23:12:41 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d46", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:12:41 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 13)

23:12:41 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 23)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:12:41 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[ 1578.769005] FAULT_INJECTION: forcing a failure.
[ 1578.769005] name failslab, interval 1, probability 0, space 0, times 0
[ 1578.770110] CPU: 1 PID: 9695 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1578.770718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1578.770875] FAULT_INJECTION: forcing a failure.
[ 1578.770875] name failslab, interval 1, probability 0, space 0, times 0
[ 1578.771443] Call Trace:
[ 1578.771461]  dump_stack+0x107/0x167
[ 1578.771483]  should_fail.cold+0x5/0xa
[ 1578.771496]  ? create_object.isra.0+0x3a/0xa20
[ 1578.771520]  should_failslab+0x5/0x20
[ 1578.774705]  kmem_cache_alloc+0x5b/0x310
[ 1578.775081]  create_object.isra.0+0x3a/0xa20
[ 1578.775479]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1578.775928]  kmem_cache_alloc_trace+0x151/0x320
[ 1578.776342]  io_issue_sqe+0x2492/0x77b0
[ 1578.776702]  ? io_connect+0x610/0x610
[ 1578.777039]  ? lock_acquire+0x197/0x470
[ 1578.777392]  ? find_held_lock+0x2c/0x110
[ 1578.777751]  ? xa_load+0x12d/0x2c0
[ 1578.778064]  ? lock_downgrade+0x6d0/0x6d0
[ 1578.778432]  __io_queue_sqe+0x90/0x9d0
[ 1578.778776]  ? xa_load+0x156/0x2c0
[ 1578.779095]  ? io_issue_sqe+0x77b0/0x77b0
[ 1578.779462]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1578.779884]  io_submit_sqes+0x44aa/0x8610
[ 1578.780266]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1578.780705]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1578.781123]  ? lock_downgrade+0x6d0/0x6d0
[ 1578.781485]  ? find_held_lock+0x2c/0x110
[ 1578.781842]  ? io_submit_sqes+0x8610/0x8610
[ 1578.782233]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1578.782656]  ? wait_for_completion_io+0x270/0x270
[ 1578.783071]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1578.783485]  ? vfs_write+0x354/0xb10
[ 1578.783809]  ? fput_many+0x2f/0x1a0
[ 1578.784127]  ? ksys_write+0x1a9/0x260
[ 1578.784462]  ? __ia32_sys_read+0xb0/0xb0
[ 1578.784815]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1578.785269]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1578.785722]  do_syscall_64+0x33/0x40
[ 1578.786044]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1578.786490] RIP: 0033:0x7ff984008b19
[ 1578.786821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1578.788408] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1578.789069] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1578.789689] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1578.790301] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1578.790914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1578.791543] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1578.792187] CPU: 0 PID: 9685 Comm: syz-executor.7 Not tainted 5.10.220 #1
[ 1578.793207] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1578.794417] Call Trace:
[ 1578.794475] FAULT_INJECTION: forcing a failure.
[ 1578.794475] name failslab, interval 1, probability 0, space 0, times 0
[ 1578.794816]  dump_stack+0x107/0x167
[ 1578.796276]  should_fail.cold+0x5/0xa
[ 1578.796837]  ? create_object.isra.0+0x3a/0xa20
[ 1578.797507]  should_failslab+0x5/0x20
[ 1578.798065]  kmem_cache_alloc+0x5b/0x310
[ 1578.798655]  ? mark_held_locks+0x9e/0xe0
[ 1578.799260]  create_object.isra.0+0x3a/0xa20
[ 1578.799906]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1578.800655]  kmem_cache_alloc_bulk+0x168/0x320
[ 1578.801337]  io_submit_sqes+0x6fe6/0x8610
[ 1578.801947]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1578.802677]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1578.803404]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1578.804113]  ? lock_downgrade+0x6d0/0x6d0
[ 1578.804718]  ? find_held_lock+0x2c/0x110
[ 1578.805312]  ? io_submit_sqes+0x8610/0x8610
[ 1578.805948]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1578.806658]  ? wait_for_completion_io+0x270/0x270
[ 1578.807360]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1578.808044]  ? vfs_write+0x354/0xb10
[ 1578.808595]  ? fput_many+0x2f/0x1a0
[ 1578.809133]  ? ksys_write+0x1a9/0x260
[ 1578.809692]  ? __ia32_sys_read+0xb0/0xb0
[ 1578.810288]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1578.811050]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1578.811811]  do_syscall_64+0x33/0x40
[ 1578.812365]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1578.813111] RIP: 0033:0x7fac812b2b19
[ 1578.813662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1578.816333] RSP: 002b:00007fac7e828188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1578.817453] RAX: ffffffffffffffda RBX: 00007fac813c5f60 RCX: 00007fac812b2b19
[ 1578.818490] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1578.819540] RBP: 00007fac7e8281d0 R08: 0000000000000000 R09: 0000000000000000
[ 1578.820581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1578.821616] R13: 00007fff494cb88f R14: 00007fac7e828300 R15: 0000000000022000
[ 1578.822683] CPU: 1 PID: 9686 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1578.823273] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1578.823975] Call Trace:
[ 1578.824199]  dump_stack+0x107/0x167
[ 1578.824509]  should_fail.cold+0x5/0xa
[ 1578.824829]  ? io_issue_sqe+0x2492/0x77b0
[ 1578.825180]  should_failslab+0x5/0x20
[ 1578.825504]  kmem_cache_alloc_trace+0x55/0x320
[ 1578.825908]  io_issue_sqe+0x2492/0x77b0
[ 1578.826272]  ? io_connect+0x610/0x610
[ 1578.826615]  ? lock_acquire+0x197/0x470
[ 1578.826968]  ? find_held_lock+0x2c/0x110
[ 1578.827316]  ? xa_load+0x12d/0x2c0
[ 1578.827622]  ? lock_downgrade+0x6d0/0x6d0
[ 1578.827979]  __io_queue_sqe+0x90/0x9d0
[ 1578.828310]  ? xa_load+0x156/0x2c0
[ 1578.828612]  ? io_issue_sqe+0x77b0/0x77b0
[ 1578.828972]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1578.829380]  io_submit_sqes+0x44aa/0x8610
[ 1578.829747]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1578.830171]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1578.830578]  ? lock_downgrade+0x6d0/0x6d0
[ 1578.830929]  ? find_held_lock+0x2c/0x110
[ 1578.831278]  ? io_submit_sqes+0x8610/0x8610
[ 1578.831667]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1578.832085]  ? wait_for_completion_io+0x270/0x270
[ 1578.832494]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1578.832885]  ? vfs_write+0x354/0xb10
[ 1578.833201]  ? fput_many+0x2f/0x1a0
[ 1578.833510]  ? ksys_write+0x1a9/0x260
[ 1578.833836]  ? __ia32_sys_read+0xb0/0xb0
[ 1578.834185]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1578.834627]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1578.835054]  do_syscall_64+0x33/0x40
[ 1578.835371]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1578.835803] RIP: 0033:0x7fd30c0eeb19
[ 1578.836119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1578.837639] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1578.838283] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1578.838874] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1578.839464] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1578.840068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1578.840672] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1578.850621] FAULT_INJECTION: forcing a failure.
[ 1578.850621] name failslab, interval 1, probability 0, space 0, times 0
[ 1578.852426] CPU: 0 PID: 9698 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1578.853443] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1578.854670] Call Trace:
[ 1578.855073]  dump_stack+0x107/0x167
[ 1578.855639]  should_fail.cold+0x5/0xa
[ 1578.856220]  ? create_object.isra.0+0x3a/0xa20
[ 1578.856910]  should_failslab+0x5/0x20
[ 1578.857490]  kmem_cache_alloc+0x5b/0x310
[ 1578.858111]  create_object.isra.0+0x3a/0xa20
[ 1578.858765]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1578.859530]  kmem_cache_alloc_trace+0x151/0x320
[ 1578.860222]  io_issue_sqe+0x2492/0x77b0
[ 1578.860827]  ? io_connect+0x610/0x610
[ 1578.861400]  ? __lockdep_reset_lock+0x180/0x180
[ 1578.862087]  ? lock_acquire+0x197/0x470
[ 1578.862683]  ? slab_free_freelist_hook+0x180/0x180
[ 1578.863401]  ? find_held_lock+0x2c/0x110
[ 1578.864017]  __io_queue_sqe+0x90/0x9d0
[ 1578.864603]  ? io_issue_sqe+0x77b0/0x77b0
[ 1578.865219]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1578.865926]  io_submit_sqes+0x44aa/0x8610
[ 1578.866574]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1578.867304]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1578.868024]  ? lock_downgrade+0x6d0/0x6d0
[ 1578.868630]  ? find_held_lock+0x2c/0x110
[ 1578.869235]  ? io_submit_sqes+0x8610/0x8610
[ 1578.869872]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1578.870582]  ? wait_for_completion_io+0x270/0x270
[ 1578.871295]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1578.871976]  ? vfs_write+0x354/0xb10
[ 1578.872530]  ? fput_many+0x2f/0x1a0
[ 1578.873064]  ? ksys_write+0x1a9/0x260
[ 1578.873628]  ? __ia32_sys_read+0xb0/0xb0
[ 1578.874234]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1578.875002]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1578.875766]  do_syscall_64+0x33/0x40
[ 1578.876313]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1578.877055] RIP: 0033:0x7f7e6ceffb19
[ 1578.877604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1578.880251] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1578.881360] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1578.882403] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1578.883438] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1578.884481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1578.885518] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
23:12:41 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 14)

23:12:42 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d46", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:12:42 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x23}})

[ 1578.955984] FAULT_INJECTION: forcing a failure.
[ 1578.955984] name failslab, interval 1, probability 0, space 0, times 0
[ 1578.957002] CPU: 1 PID: 9706 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1578.957564] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1578.958251] Call Trace:
[ 1578.958490]  dump_stack+0x107/0x167
[ 1578.958805]  should_fail.cold+0x5/0xa
[ 1578.959134]  ? create_object.isra.0+0x3a/0xa20
[ 1578.959547]  should_failslab+0x5/0x20
[ 1578.959880]  kmem_cache_alloc+0x5b/0x310
[ 1578.960234]  create_object.isra.0+0x3a/0xa20
[ 1578.960596]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1578.961005]  kmem_cache_alloc_trace+0x151/0x320
[ 1578.961394]  io_issue_sqe+0x2492/0x77b0
[ 1578.961724]  ? io_connect+0x610/0x610
[ 1578.962041]  ? lock_acquire+0x197/0x470
[ 1578.962361]  ? find_held_lock+0x2c/0x110
[ 1578.962699]  ? xa_load+0x12d/0x2c0
[ 1578.962986]  ? lock_downgrade+0x6d0/0x6d0
[ 1578.963328]  __io_queue_sqe+0x90/0x9d0
[ 1578.963651]  ? xa_load+0x156/0x2c0
[ 1578.963940]  ? io_issue_sqe+0x77b0/0x77b0
[ 1578.964280]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1578.964670]  io_submit_sqes+0x44aa/0x8610
[ 1578.965018]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1578.965422]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1578.965809]  ? lock_downgrade+0x6d0/0x6d0
[ 1578.966145]  ? find_held_lock+0x2c/0x110
[ 1578.966477]  ? io_submit_sqes+0x8610/0x8610
[ 1578.966836]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1578.967225]  ? wait_for_completion_io+0x270/0x270
[ 1578.967634]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1578.968008]  ? vfs_write+0x354/0xb10
[ 1578.968317]  ? fput_many+0x2f/0x1a0
[ 1578.968613]  ? ksys_write+0x1a9/0x260
[ 1578.968920]  ? __ia32_sys_read+0xb0/0xb0
[ 1578.969248]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1578.969672]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1578.970085]  do_syscall_64+0x33/0x40
[ 1578.970390]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1578.970799] RIP: 0033:0x7ff984008b19
[ 1578.971101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1578.972567] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1578.973182] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1578.973755] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1578.974328] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1578.974898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1578.975479] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1578.977942] kernel write not supported for file /sg0 (pid: 7228 comm: kworker/1:3)
[ 1579.004561] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:12:42 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 67)

23:12:42 executing program 5:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x2, 0x3, 0x0, 0x0, 0x1, '`\x00\x00\x00\x00\x00\x00@\x00'})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000040)={'macvtap0\x00'})
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, 0x0)
io_uring_enter(r2, 0x29ef, 0x0, 0x3, &(0x7f0000000080)={[0x5]}, 0x8)
fcntl$notify(r0, 0x402, 0x25)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1f, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x80000, 0xffffffff, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f00000000c0)={0x0, r0, 0x7fffffff, 0xc65f, 0x371d5d70, 0x8})
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
dup3(r2, r3, 0x80000)
dup3(r1, r0, 0x0)

23:12:42 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:12:42 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x24}})

23:12:42 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 8)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

[ 1579.081641] FAULT_INJECTION: forcing a failure.
[ 1579.081641] name failslab, interval 1, probability 0, space 0, times 0
[ 1579.083430] CPU: 0 PID: 9722 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1579.084448] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1579.085648] Call Trace:
[ 1579.086047]  dump_stack+0x107/0x167
[ 1579.086584]  should_fail.cold+0x5/0xa
[ 1579.087143]  ? create_object.isra.0+0x3a/0xa20
[ 1579.087822]  should_failslab+0x5/0x20
[ 1579.088374]  kmem_cache_alloc+0x5b/0x310
[ 1579.088978]  ? mark_held_locks+0x9e/0xe0
[ 1579.089584]  create_object.isra.0+0x3a/0xa20
[ 1579.090229]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1579.090989]  kmem_cache_alloc_bulk+0x168/0x320
[ 1579.091671]  io_submit_sqes+0x6fe6/0x8610
[ 1579.092311]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1579.093038]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1579.093745]  ? lock_downgrade+0x6d0/0x6d0
[ 1579.094351]  ? find_held_lock+0x2c/0x110
[ 1579.094958]  ? io_submit_sqes+0x8610/0x8610
[ 1579.095608]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1579.096323]  ? wait_for_completion_io+0x270/0x270
[ 1579.097036]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1579.097720]  ? vfs_write+0x354/0xb10
[ 1579.098266]  ? fput_many+0x2f/0x1a0
[ 1579.098803]  ? ksys_write+0x1a9/0x260
[ 1579.099364]  ? __ia32_sys_read+0xb0/0xb0
[ 1579.099973]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1579.100743]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1579.101507]  do_syscall_64+0x33/0x40
[ 1579.102054]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1579.102797] RIP: 0033:0x7fd30c0eeb19
[ 1579.103344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1579.106011] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1579.107121] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1579.108162] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1579.109192] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1579.110222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1579.111258] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
23:12:42 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x25}})

23:12:42 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:12:42 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 24)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:12:42 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d46", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:12:42 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x26}})

[ 1579.197152] FAULT_INJECTION: forcing a failure.
[ 1579.197152] name failslab, interval 1, probability 0, space 0, times 0
[ 1579.198228] CPU: 1 PID: 9733 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1579.198774] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1579.199442] Call Trace:
[ 1579.199665]  dump_stack+0x107/0x167
[ 1579.199964]  should_fail.cold+0x5/0xa
[ 1579.200272]  ? io_issue_sqe+0x2492/0x77b0
[ 1579.200608]  should_failslab+0x5/0x20
[ 1579.200912]  kmem_cache_alloc_trace+0x55/0x320
[ 1579.201280]  io_issue_sqe+0x2492/0x77b0
[ 1579.201617]  ? io_connect+0x610/0x610
[ 1579.201936]  ? __lockdep_reset_lock+0x180/0x180
[ 1579.202313]  ? lock_acquire+0x197/0x470
[ 1579.202637]  ? slab_free_freelist_hook+0x180/0x180
[ 1579.203040]  __io_queue_sqe+0x90/0x9d0
[ 1579.203353]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1579.203777]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1579.204207]  ? trace_hardirqs_on+0x5b/0x180
[ 1579.204565]  ? io_issue_sqe+0x77b0/0x77b0
[ 1579.204904]  ? io_submit_sqes+0x2d26/0x8610
[ 1579.205249]  io_submit_sqes+0x44aa/0x8610
[ 1579.205603]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1579.206001]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1579.206394]  ? lock_downgrade+0x6d0/0x6d0
[ 1579.206726]  ? find_held_lock+0x2c/0x110
[ 1579.207054]  ? io_submit_sqes+0x8610/0x8610
[ 1579.207413]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1579.207818]  ? wait_for_completion_io+0x270/0x270
[ 1579.208210]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1579.208583]  ? vfs_write+0x354/0xb10
[ 1579.208886]  ? fput_many+0x2f/0x1a0
[ 1579.209177]  ? ksys_write+0x1a9/0x260
[ 1579.209484]  ? __ia32_sys_read+0xb0/0xb0
[ 1579.209817]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1579.210232]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1579.210649]  do_syscall_64+0x33/0x40
[ 1579.210949]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1579.211356] RIP: 0033:0x7f7e6ceffb19
[ 1579.211674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1579.213170] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1579.213791] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1579.214358] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1579.214919] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1579.215492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1579.216051] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1579.229818] FAULT_INJECTION: forcing a failure.
[ 1579.229818] name failslab, interval 1, probability 0, space 0, times 0
[ 1579.231732] CPU: 0 PID: 9737 Comm: syz-executor.7 Not tainted 5.10.220 #1
[ 1579.232735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
23:12:42 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 15)

[ 1579.233932] Call Trace:
[ 1579.234434]  dump_stack+0x107/0x167
[ 1579.234971]  should_fail.cold+0x5/0xa
[ 1579.235539]  ? create_object.isra.0+0x3a/0xa20
[ 1579.236207]  should_failslab+0x5/0x20
[ 1579.236768]  kmem_cache_alloc+0x5b/0x310
[ 1579.237369]  ? mark_held_locks+0x9e/0xe0
[ 1579.237965]  create_object.isra.0+0x3a/0xa20
23:12:42 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[ 1579.238607]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1579.239387]  kmem_cache_alloc_bulk+0x168/0x320
[ 1579.240075]  io_submit_sqes+0x6fe6/0x8610
[ 1579.240680]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1579.241411]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1579.242141]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1579.242858]  ? lock_downgrade+0x6d0/0x6d0
[ 1579.243487]  ? find_held_lock+0x2c/0x110
[ 1579.244095]  ? io_submit_sqes+0x8610/0x8610
[ 1579.244737]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1579.245450]  ? wait_for_completion_io+0x270/0x270
[ 1579.246164]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1579.246839]  ? vfs_write+0x354/0xb10
[ 1579.247383]  ? fput_many+0x2f/0x1a0
[ 1579.247924]  ? ksys_write+0x1a9/0x260
[ 1579.248482]  ? __ia32_sys_read+0xb0/0xb0
[ 1579.249084]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1579.249846]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1579.250594]  do_syscall_64+0x33/0x40
[ 1579.251139]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1579.251892] RIP: 0033:0x7fac812b2b19
[ 1579.252438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1579.255084] RSP: 002b:00007fac7e828188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1579.256174] RAX: ffffffffffffffda RBX: 00007fac813c5f60 RCX: 00007fac812b2b19
[ 1579.257201] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1579.258237] RBP: 00007fac7e8281d0 R08: 0000000000000000 R09: 0000000000000000
[ 1579.259274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1579.260317] R13: 00007fff494cb88f R14: 00007fac7e828300 R15: 0000000000022000
23:12:42 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x27}})

23:12:42 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x3, &(0x7f0000000180)=[{0x3ff, 0x3, 0x0, 0xec}, {0x0, 0x6, 0xde, 0x80000001}, {0x7f, 0x17, 0x4, 0x592}]})
syz_io_uring_setup(0x64f3, &(0x7f00000002c0)={0x0, 0xff03, 0x10}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f00000001c0)=<r0=>0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0)
read(r1, &(0x7f0000000000), 0x1b4000)
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r1, 0x40082102, &(0x7f0000000040))
syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='net/igmp6\x00')
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x85, 0x8}, 0x3e7678147890c900, 0x0, 0x0, 0x3, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pkey_mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x6, 0xffffffffffffffff)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='net/igmp6\x00')
readv(r2, &(0x7f0000000400)=[{&(0x7f00000000c0)=""/118, 0x76}, {&(0x7f00000003c0)=""/14, 0xe}], 0x2)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_OPENAT={0x12, 0x3, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)='./file0\x00', 0x69, 0x101001, 0x12345, {0x0, r5}}, 0x80000001)
syz_io_uring_submit(0x0, r0, &(0x7f0000000380)=@IORING_OP_OPENAT2={0x1c, 0x4, 0x0, 0xffffffffffffffff, &(0x7f0000000280)={0x42, 0x1b7, 0x14}, &(0x7f0000000340)='./file0\x00', 0x18, 0x0, 0x12345, {0x0, r5}}, 0x7ff)
pread64(r2, &(0x7f0000002100)=""/4075, 0xfeb, 0x0)
fcntl$getownex(r2, 0x10, &(0x7f0000000240))

23:12:42 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:12:42 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x28}})

[ 1579.361521] FAULT_INJECTION: forcing a failure.
[ 1579.361521] name failslab, interval 1, probability 0, space 0, times 0
[ 1579.363311] CPU: 0 PID: 9752 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1579.364317] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1579.365535] Call Trace:
[ 1579.365934]  dump_stack+0x107/0x167
[ 1579.366480]  should_fail.cold+0x5/0xa
[ 1579.367040]  ? memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1579.367813]  should_failslab+0x5/0x20
[ 1579.368369]  __kmalloc_node+0x76/0x420
[ 1579.368946]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1579.369687]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 1579.370409]  ? trace_hardirqs_on+0x5b/0x180
[ 1579.371042]  kmem_cache_alloc_trace+0x169/0x320
[ 1579.371739]  io_issue_sqe+0x2492/0x77b0
[ 1579.372341]  ? io_connect+0x610/0x610
[ 1579.372902]  ? lock_acquire+0x197/0x470
[ 1579.373481]  ? find_held_lock+0x2c/0x110
[ 1579.374082]  ? xa_load+0x12d/0x2c0
[ 1579.374602]  ? lock_downgrade+0x6d0/0x6d0
[ 1579.375216]  __io_queue_sqe+0x90/0x9d0
[ 1579.375799]  ? xa_load+0x156/0x2c0
[ 1579.376322]  ? io_issue_sqe+0x77b0/0x77b0
[ 1579.376935]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1579.377632]  io_submit_sqes+0x44aa/0x8610
[ 1579.378275]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1579.378998]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1579.379710]  ? lock_downgrade+0x6d0/0x6d0
[ 1579.380303]  ? find_held_lock+0x2c/0x110
[ 1579.380905]  ? io_submit_sqes+0x8610/0x8610
[ 1579.381543]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1579.382253]  ? wait_for_completion_io+0x270/0x270
[ 1579.382960]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1579.383646]  ? vfs_write+0x354/0xb10
[ 1579.384197]  ? fput_many+0x2f/0x1a0
[ 1579.384732]  ? ksys_write+0x1a9/0x260
[ 1579.385285]  ? __ia32_sys_read+0xb0/0xb0
[ 1579.385887]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1579.386648]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1579.387396]  do_syscall_64+0x33/0x40
[ 1579.387949]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1579.388695] RIP: 0033:0x7ff984008b19
[ 1579.389244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1579.391903] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1579.393011] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1579.394047] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1579.395084] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1579.396124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1579.397159] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
23:12:42 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 68)

[ 1579.434866] FAULT_INJECTION: forcing a failure.
[ 1579.434866] name failslab, interval 1, probability 0, space 0, times 0
[ 1579.435941] CPU: 1 PID: 9760 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1579.436513] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1579.437190] Call Trace:
[ 1579.437428]  dump_stack+0x107/0x167
[ 1579.437746]  should_fail.cold+0x5/0xa
[ 1579.438078]  ? io_issue_sqe+0x2492/0x77b0
[ 1579.438417]  should_failslab+0x5/0x20
[ 1579.438726]  kmem_cache_alloc_trace+0x55/0x320
[ 1579.439093]  io_issue_sqe+0x2492/0x77b0
[ 1579.439425]  ? io_connect+0x610/0x610
[ 1579.439741]  ? lock_acquire+0x197/0x470
[ 1579.440063]  ? find_held_lock+0x2c/0x110
[ 1579.440401]  ? xa_load+0x12d/0x2c0
[ 1579.440686]  ? lock_downgrade+0x6d0/0x6d0
[ 1579.441026]  __io_queue_sqe+0x90/0x9d0
[ 1579.441344]  ? xa_load+0x156/0x2c0
[ 1579.441633]  ? io_issue_sqe+0x77b0/0x77b0
[ 1579.441971]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1579.442356]  io_submit_sqes+0x44aa/0x8610
[ 1579.442706]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1579.443112]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1579.443514]  ? lock_downgrade+0x6d0/0x6d0
[ 1579.443841]  ? find_held_lock+0x2c/0x110
[ 1579.444176]  ? io_submit_sqes+0x8610/0x8610
[ 1579.444529]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1579.444916]  ? wait_for_completion_io+0x270/0x270
[ 1579.445315]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1579.445689]  ? vfs_write+0x354/0xb10
[ 1579.445989]  ? fput_many+0x2f/0x1a0
[ 1579.446284]  ? ksys_write+0x1a9/0x260
[ 1579.446592]  ? __ia32_sys_read+0xb0/0xb0
[ 1579.446925]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1579.447344]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1579.447773]  do_syscall_64+0x33/0x40
[ 1579.448072]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1579.448492] RIP: 0033:0x7fd30c0eeb19
[ 1579.448790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1579.450250] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1579.451116] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1579.451689] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1579.452253] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1579.452823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1579.453389] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1579.459645] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:12:42 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 25)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1579.552898] FAULT_INJECTION: forcing a failure.
[ 1579.552898] name failslab, interval 1, probability 0, space 0, times 0
[ 1579.553979] CPU: 1 PID: 9766 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1579.554523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1579.555186] Call Trace:
[ 1579.555409]  dump_stack+0x107/0x167
[ 1579.555710]  should_fail.cold+0x5/0xa
[ 1579.556019]  ? io_issue_sqe+0x2492/0x77b0
[ 1579.556355]  should_failslab+0x5/0x20
[ 1579.556661]  kmem_cache_alloc_trace+0x55/0x320
[ 1579.557026]  io_issue_sqe+0x2492/0x77b0
[ 1579.557358]  ? io_connect+0x610/0x610
[ 1579.557672]  ? __lockdep_reset_lock+0x180/0x180
[ 1579.558047]  ? lock_acquire+0x197/0x470
[ 1579.558369]  ? slab_free_freelist_hook+0x180/0x180
[ 1579.558758]  ? find_held_lock+0x2c/0x110
[ 1579.559090]  __io_queue_sqe+0x90/0x9d0
[ 1579.559408]  ? io_issue_sqe+0x77b0/0x77b0
[ 1579.559762]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1579.560148]  io_submit_sqes+0x44aa/0x8610
[ 1579.560496]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1579.560897]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1579.561285]  ? lock_downgrade+0x6d0/0x6d0
[ 1579.561616]  ? find_held_lock+0x2c/0x110
[ 1579.561945]  ? io_submit_sqes+0x8610/0x8610
[ 1579.562297]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1579.562691]  ? wait_for_completion_io+0x270/0x270
[ 1579.563082]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1579.563456]  ? vfs_write+0x354/0xb10
[ 1579.563763]  ? fput_many+0x2f/0x1a0
[ 1579.564059]  ? ksys_write+0x1a9/0x260
[ 1579.564370]  ? __ia32_sys_read+0xb0/0xb0
[ 1579.564697]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1579.565117]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1579.565531]  do_syscall_64+0x33/0x40
[ 1579.565829]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1579.566236] RIP: 0033:0x7f7e6ceffb19
[ 1579.566535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1579.567999] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1579.568606] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1579.569175] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1579.569742] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1579.570312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1579.570881] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1579.920431] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1579.920927] print_req_error: 6 callbacks suppressed
[ 1579.920938] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1579.922252] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1579.922700] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1579.923582] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1579.924011] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1579.924898] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1579.925346] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1579.926212] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1579.926664] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1579.927566] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1579.928000] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1579.928874] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1579.929328] blk_update_request: I/O error, dev sr0, sector 2096902 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1579.930198] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1579.930649] blk_update_request: I/O error, dev sr0, sector 2096903 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1579.931532] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1579.932389] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1579.933010] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1579.933842] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1579.934460] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1579.935069] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1579.935694] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1579.936289] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1579.936905] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1579.937515] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1580.003797] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1580.004384] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1580.005174] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1580.005765] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1580.006564] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1580.007022] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1580.008083] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1580.009681] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1580.010197] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1580.010734] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1580.085114] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1580.089942] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1580.090530] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1580.091022] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1580.091541] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1580.092042] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1580.092549] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1580.093031] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1592.545273] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
23:12:55 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

23:12:55 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 9)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

23:12:55 executing program 5:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x20100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x1a, &(0x7f0000000000)={'NETMAP\x00'}, &(0x7f0000000040)=0x1e)
syz_io_uring_setup(0x1c, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000ff2000/0xc000)=nil, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = socket$inet(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000500)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f00000000c0)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}}, 0x0)
syz_io_uring_complete(r2)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000003a00c5d500000000000000000a0002006803f51792af8281ca583f0895e6321cef6b331118ffa321907064ecde0d000000128b6ad9a5bc5b758c90cf4924a9da3a39fcafd018e8dfab23b63c332ae029f596740f51537d78c5e97d2611dca6fb2735a0d7"], 0x14}}, 0x0)
r6 = perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x3, 0x4, 0x9, 0x2a, 0x0, 0x1, 0x2000, 0x8, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0xc93, 0x4, @perf_config_ext={0x58, 0x200}, 0x108, 0xfff, 0x88a, 0x3, 0x2, 0x3, 0x0, 0x0, 0x1, 0x0, 0x5}, 0x0, 0xa, r1, 0xa)
r7 = syz_io_uring_complete(0x0)
getsockopt$ARPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x63, &(0x7f0000000240)={'IDLETIMER\x00'}, &(0x7f00000012c0)=0x1e)
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r6, 0x50009418, &(0x7f00000002c0)={{r7}, 0x0, 0x2, @inherit={0x78, &(0x7f0000000140)={0x1, 0x6, 0x0, 0x2, {0xf, 0x17dd, 0x7, 0x7f, 0x1}, [0xfffffffffffffffe, 0xfff, 0x5, 0x89, 0x7fffffff, 0x9]}}, @subvolid=0x4})
creat(&(0x7f0000000080)='./file0\x00', 0x48)

23:12:55 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 26)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:12:55 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 69)

23:12:55 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 16)

23:12:55 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:12:55 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x29}})

23:12:55 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x2a}})

[ 1592.587596] FAULT_INJECTION: forcing a failure.
[ 1592.587596] name failslab, interval 1, probability 0, space 0, times 0
[ 1592.588667] CPU: 1 PID: 9785 Comm: syz-executor.7 Not tainted 5.10.220 #1
[ 1592.589261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1592.589988] Call Trace:
[ 1592.590237]  dump_stack+0x107/0x167
[ 1592.590563]  should_fail.cold+0x5/0xa
[ 1592.590901]  ? create_object.isra.0+0x3a/0xa20
[ 1592.591309]  should_failslab+0x5/0x20
[ 1592.591662]  kmem_cache_alloc+0x5b/0x310
[ 1592.592025]  ? mark_held_locks+0x9e/0xe0
[ 1592.592390]  create_object.isra.0+0x3a/0xa20
[ 1592.592777]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1592.593230]  kmem_cache_alloc_bulk+0x168/0x320
[ 1592.593643]  io_submit_sqes+0x6fe6/0x8610
[ 1592.594011]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1592.594454]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1592.594897]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1592.595327]  ? lock_downgrade+0x6d0/0x6d0
[ 1592.595704]  ? find_held_lock+0x2c/0x110
[ 1592.596067]  ? io_submit_sqes+0x8610/0x8610
[ 1592.596456]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1592.596885]  ? wait_for_completion_io+0x270/0x270
[ 1592.597312]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1592.597722]  ? vfs_write+0x354/0xb10
[ 1592.598055]  ? fput_many+0x2f/0x1a0
[ 1592.598379]  ? ksys_write+0x1a9/0x260
[ 1592.598719]  ? __ia32_sys_read+0xb0/0xb0
[ 1592.599082]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1592.599537]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1592.600001]  do_syscall_64+0x33/0x40
[ 1592.600337]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1592.600788] RIP: 0033:0x7fac812b2b19
[ 1592.601118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1592.602718] RSP: 002b:00007fac7e828188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1592.603390] RAX: ffffffffffffffda RBX: 00007fac813c5f60 RCX: 00007fac812b2b19
[ 1592.604022] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1592.604649] RBP: 00007fac7e8281d0 R08: 0000000000000000 R09: 0000000000000000
[ 1592.605270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1592.605895] R13: 00007fff494cb88f R14: 00007fac7e828300 R15: 0000000000022000
[ 1592.627133] FAULT_INJECTION: forcing a failure.
[ 1592.627133] name failslab, interval 1, probability 0, space 0, times 0
[ 1592.628829] CPU: 0 PID: 9791 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1592.629831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1592.631043] Call Trace:
[ 1592.631444]  dump_stack+0x107/0x167
[ 1592.631998]  should_fail.cold+0x5/0xa
[ 1592.632567]  ? io_issue_sqe+0x2492/0x77b0
[ 1592.633190]  should_failslab+0x5/0x20
[ 1592.633755]  kmem_cache_alloc_trace+0x55/0x320
[ 1592.634434]  io_issue_sqe+0x2492/0x77b0
[ 1592.635033]  ? io_connect+0x610/0x610
[ 1592.635593]  ? lock_acquire+0x197/0x470
[ 1592.636187]  ? find_held_lock+0x2c/0x110
[ 1592.636788]  ? xa_load+0x12d/0x2c0
[ 1592.637307]  ? lock_downgrade+0x6d0/0x6d0
[ 1592.637941]  __io_queue_sqe+0x90/0x9d0
[ 1592.638520]  ? xa_load+0x156/0x2c0
[ 1592.639050]  ? io_issue_sqe+0x77b0/0x77b0
[ 1592.639679]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1592.640371]  io_submit_sqes+0x44aa/0x8610
[ 1592.641002]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1592.641739]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1592.642452]  ? lock_downgrade+0x6d0/0x6d0
[ 1592.643061]  ? find_held_lock+0x2c/0x110
[ 1592.643663]  ? io_submit_sqes+0x8610/0x8610
[ 1592.644303]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1592.645009]  ? wait_for_completion_io+0x270/0x270
[ 1592.645714]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1592.646388]  ? vfs_write+0x354/0xb10
[ 1592.646931]  ? fput_many+0x2f/0x1a0
[ 1592.647463]  ? ksys_write+0x1a9/0x260
[ 1592.648024]  ? __ia32_sys_read+0xb0/0xb0
[ 1592.648619]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1592.649375]  ? syscall_enter_from_user_mode+0x1d/0x50
23:12:55 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[ 1592.650123]  do_syscall_64+0x33/0x40
[ 1592.650797]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1592.651531] RIP: 0033:0x7ff984008b19
[ 1592.652080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1592.654701] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1592.655803] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1592.656824] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1592.657851] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1592.658876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1592.659906] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1592.662707] FAULT_INJECTION: forcing a failure.
[ 1592.662707] name failslab, interval 1, probability 0, space 0, times 0
[ 1592.664459] CPU: 0 PID: 9792 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1592.665442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1592.666626] Call Trace:
[ 1592.667011]  dump_stack+0x107/0x167
[ 1592.667546]  should_fail.cold+0x5/0xa
[ 1592.668107]  ? create_object.isra.0+0x3a/0xa20
[ 1592.668767]  should_failslab+0x5/0x20
[ 1592.669320]  kmem_cache_alloc+0x5b/0x310
[ 1592.669911]  create_object.isra.0+0x3a/0xa20
[ 1592.670546]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1592.671272]  kmem_cache_alloc_trace+0x151/0x320
[ 1592.671955]  io_issue_sqe+0x2492/0x77b0
[ 1592.672549]  ? io_connect+0x610/0x610
[ 1592.673096]  ? lock_acquire+0x197/0x470
[ 1592.673669]  ? find_held_lock+0x2c/0x110
[ 1592.674255]  ? xa_load+0x12d/0x2c0
[ 1592.674770]  ? lock_downgrade+0x6d0/0x6d0
[ 1592.675378]  __io_queue_sqe+0x90/0x9d0
[ 1592.675944]  ? xa_load+0x156/0x2c0
[ 1592.676465]  ? io_issue_sqe+0x77b0/0x77b0
[ 1592.677073]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1592.677755]  io_submit_sqes+0x44aa/0x8610
[ 1592.678382]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1592.679095]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1592.679802]  ? lock_downgrade+0x6d0/0x6d0
[ 1592.680399]  ? find_held_lock+0x2c/0x110
[ 1592.680990]  ? io_submit_sqes+0x8610/0x8610
[ 1592.681622]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1592.682318]  ? wait_for_completion_io+0x270/0x270
[ 1592.683013]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1592.683683]  ? vfs_write+0x354/0xb10
[ 1592.684220]  ? fput_many+0x2f/0x1a0
[ 1592.684750]  ? ksys_write+0x1a9/0x260
[ 1592.685301]  ? __ia32_sys_read+0xb0/0xb0
[ 1592.685891]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1592.686640]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1592.687381]  do_syscall_64+0x33/0x40
[ 1592.687925]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1592.688654] RIP: 0033:0x7fd30c0eeb19
[ 1592.689190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1592.691798] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1592.692877] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1592.693892] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1592.694909] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1592.695938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1592.696950] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1592.703601] FAULT_INJECTION: forcing a failure.
[ 1592.703601] name failslab, interval 1, probability 0, space 0, times 0
[ 1592.705263] CPU: 0 PID: 9787 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1592.706244] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1592.707436] Call Trace:
[ 1592.707828]  dump_stack+0x107/0x167
[ 1592.708360]  should_fail.cold+0x5/0xa
[ 1592.708919]  should_failslab+0x5/0x20
[ 1592.709470]  kmem_cache_alloc_bulk+0x4b/0x320
[ 1592.710124]  io_submit_sqes+0x6fe6/0x8610
[ 1592.710751]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1592.711476]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1592.712180]  ? lock_downgrade+0x6d0/0x6d0
[ 1592.712780]  ? find_held_lock+0x2c/0x110
[ 1592.713373]  ? io_submit_sqes+0x8610/0x8610
[ 1592.714002]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1592.714706]  ? wait_for_completion_io+0x270/0x270
[ 1592.715405]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1592.716085]  ? vfs_write+0x354/0xb10
[ 1592.716630]  ? fput_many+0x2f/0x1a0
[ 1592.717165]  ? ksys_write+0x1a9/0x260
[ 1592.717721]  ? __ia32_sys_read+0xb0/0xb0
[ 1592.718321]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1592.719081]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1592.719842]  do_syscall_64+0x33/0x40
[ 1592.720387]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1592.721123] RIP: 0033:0x7f7e6ceffb19
[ 1592.721670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1592.724305] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1592.725400] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1592.726431] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1592.727471] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1592.728504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1592.729541] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1592.745729] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1593.033102] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1593.033621] print_req_error: 38 callbacks suppressed
[ 1593.033631] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1593.034913] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1593.035761] buffer_io_error: 14 callbacks suppressed
[ 1593.035768] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1593.040670] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1593.041108] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1593.041970] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1593.042829] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1593.044423] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1593.044851] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1593.045701] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1593.046536] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1593.047513] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1593.047960] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1593.048834] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1593.049698] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1593.050726] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1593.051165] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1593.052034] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1593.052882] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1593.053912] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1593.054395] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1593.055346] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1593.055821] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1593.056770] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1593.057229] Buffer I/O error on dev loop0, logical block 2096903, async page read
23:13:11 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 27)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:13:11 executing program 5:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x20100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x1a, &(0x7f0000000000)={'NETMAP\x00'}, &(0x7f0000000040)=0x1e)
syz_io_uring_setup(0x1c, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000ff2000/0xc000)=nil, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = socket$inet(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000500)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f00000000c0)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}}, 0x0)
syz_io_uring_complete(r2)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000003a00c5d500000000000000000a0002006803f51792af8281ca583f0895e6321cef6b331118ffa321907064ecde0d000000128b6ad9a5bc5b758c90cf4924a9da3a39fcafd018e8dfab23b63c332ae029f596740f51537d78c5e97d2611dca6fb2735a0d7"], 0x14}}, 0x0)
r6 = perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x3, 0x4, 0x9, 0x2a, 0x0, 0x1, 0x2000, 0x8, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0xc93, 0x4, @perf_config_ext={0x58, 0x200}, 0x108, 0xfff, 0x88a, 0x3, 0x2, 0x3, 0x0, 0x0, 0x1, 0x0, 0x5}, 0x0, 0xa, r1, 0xa)
r7 = syz_io_uring_complete(0x0)
getsockopt$ARPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x63, &(0x7f0000000240)={'IDLETIMER\x00'}, &(0x7f00000012c0)=0x1e)
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r6, 0x50009418, &(0x7f00000002c0)={{r7}, 0x0, 0x2, @inherit={0x78, &(0x7f0000000140)={0x1, 0x6, 0x0, 0x2, {0xf, 0x17dd, 0x7, 0x7f, 0x1}, [0xfffffffffffffffe, 0xfff, 0x5, 0x89, 0x7fffffff, 0x9]}}, @subvolid=0x4})
creat(&(0x7f0000000080)='./file0\x00', 0x48)

23:13:11 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 70)

23:13:11 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 17)

23:13:11 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 10)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

23:13:11 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x2b}})

23:13:11 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:13:11 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[ 1608.676087] FAULT_INJECTION: forcing a failure.
[ 1608.676087] name failslab, interval 1, probability 0, space 0, times 0
[ 1608.677798] CPU: 1 PID: 9810 Comm: syz-executor.7 Not tainted 5.10.220 #1
[ 1608.678786] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1608.679111] FAULT_INJECTION: forcing a failure.
[ 1608.679111] name failslab, interval 1, probability 0, space 0, times 0
[ 1608.679961] Call Trace:
[ 1608.679987]  dump_stack+0x107/0x167
[ 1608.680013]  should_fail.cold+0x5/0xa
[ 1608.682912]  ? io_issue_sqe+0x2492/0x77b0
[ 1608.683529]  should_failslab+0x5/0x20
[ 1608.684092]  kmem_cache_alloc_trace+0x55/0x320
[ 1608.684770]  io_issue_sqe+0x2492/0x77b0
[ 1608.685362]  ? io_connect+0x610/0x610
[ 1608.685908]  ? lock_acquire+0x197/0x470
[ 1608.686486]  ? find_held_lock+0x2c/0x110
[ 1608.687091]  ? xa_load+0x12d/0x2c0
[ 1608.687616]  ? lock_downgrade+0x6d0/0x6d0
[ 1608.688244]  __io_queue_sqe+0x90/0x9d0
[ 1608.688822]  ? xa_load+0x156/0x2c0
[ 1608.689343]  ? io_issue_sqe+0x77b0/0x77b0
[ 1608.689946]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1608.690642]  io_submit_sqes+0x44aa/0x8610
[ 1608.691262]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1608.691978]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1608.692690]  ? lock_downgrade+0x6d0/0x6d0
[ 1608.693289]  ? find_held_lock+0x2c/0x110
[ 1608.693883]  ? io_submit_sqes+0x8610/0x8610
[ 1608.694506]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1608.695204]  ? wait_for_completion_io+0x270/0x270
[ 1608.695915]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1608.696571]  ? vfs_write+0x354/0xb10
[ 1608.697116]  ? fput_many+0x2f/0x1a0
[ 1608.697647]  ? ksys_write+0x1a9/0x260
[ 1608.698204]  ? __ia32_sys_read+0xb0/0xb0
[ 1608.698782]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1608.699520]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1608.700263]  do_syscall_64+0x33/0x40
[ 1608.700805]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1608.701544] RIP: 0033:0x7fac812b2b19
[ 1608.702087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1608.704685] RSP: 002b:00007fac7e828188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1608.705760] RAX: ffffffffffffffda RBX: 00007fac813c5f60 RCX: 00007fac812b2b19
[ 1608.706792] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1608.707831] RBP: 00007fac7e8281d0 R08: 0000000000000000 R09: 0000000000000000
[ 1608.708861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1608.709885] R13: 00007fff494cb88f R14: 00007fac7e828300 R15: 0000000000022000
[ 1608.710948] CPU: 0 PID: 9818 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1608.711895] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1608.713006] Call Trace:
[ 1608.713378]  dump_stack+0x107/0x167
[ 1608.713881]  should_fail.cold+0x5/0xa
[ 1608.714411]  ? io_issue_sqe+0x2492/0x77b0
[ 1608.714974]  should_failslab+0x5/0x20
[ 1608.715491]  kmem_cache_alloc_trace+0x55/0x320
[ 1608.716117]  io_issue_sqe+0x2492/0x77b0
[ 1608.716676]  ? io_connect+0x610/0x610
[ 1608.717197]  ? lock_acquire+0x197/0x470
[ 1608.717739]  ? find_held_lock+0x2c/0x110
[ 1608.718300]  ? xa_load+0x12d/0x2c0
[ 1608.718783]  ? lock_downgrade+0x6d0/0x6d0
[ 1608.719359]  __io_queue_sqe+0x90/0x9d0
[ 1608.719908]  ? xa_load+0x156/0x2c0
[ 1608.720394]  ? io_issue_sqe+0x77b0/0x77b0
[ 1608.720965]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1608.721618]  io_submit_sqes+0x44aa/0x8610
[ 1608.722209]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1608.722875]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1608.723523]  ? lock_downgrade+0x6d0/0x6d0
[ 1608.724088]  ? find_held_lock+0x2c/0x110
[ 1608.724636]  ? io_submit_sqes+0x8610/0x8610
[ 1608.725229]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1608.725887]  ? wait_for_completion_io+0x270/0x270
[ 1608.726540]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1608.727161]  ? vfs_write+0x354/0xb10
[ 1608.727664]  ? fput_many+0x2f/0x1a0
[ 1608.728165]  ? ksys_write+0x1a9/0x260
[ 1608.728677]  ? __ia32_sys_read+0xb0/0xb0
[ 1608.729233]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1608.729929]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1608.730638]  do_syscall_64+0x33/0x40
[ 1608.731134]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1608.731821] RIP: 0033:0x7fd30c0eeb19
[ 1608.732323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1608.734745] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1608.735752] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1608.736705] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1608.737651] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1608.738603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1608.739550] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1608.758202] FAULT_INJECTION: forcing a failure.
[ 1608.758202] name failslab, interval 1, probability 0, space 0, times 0
[ 1608.759757] CPU: 0 PID: 9820 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1608.760702] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1608.761840] Call Trace:
[ 1608.762226]  dump_stack+0x107/0x167
[ 1608.762740]  should_fail.cold+0x5/0xa
[ 1608.763287]  ? create_object.isra.0+0x3a/0xa20
[ 1608.763932]  should_failslab+0x5/0x20
[ 1608.764473]  kmem_cache_alloc+0x5b/0x310
[ 1608.765040]  create_object.isra.0+0x3a/0xa20
[ 1608.765644]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1608.766331]  kmem_cache_alloc_trace+0x151/0x320
[ 1608.766964]  io_issue_sqe+0x2492/0x77b0
[ 1608.767523]  ? io_connect+0x610/0x610
[ 1608.768050]  ? lock_acquire+0x197/0x470
[ 1608.768585]  ? find_held_lock+0x2c/0x110
[ 1608.769143]  ? xa_load+0x12d/0x2c0
[ 1608.769629]  ? lock_downgrade+0x6d0/0x6d0
[ 1608.770198]  __io_queue_sqe+0x90/0x9d0
[ 1608.770733]  ? xa_load+0x156/0x2c0
[ 1608.771222]  ? io_issue_sqe+0x77b0/0x77b0
[ 1608.771789]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1608.772476]  io_submit_sqes+0x44aa/0x8610
[ 1608.773068]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1608.773738]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1608.774400]  ? lock_downgrade+0x6d0/0x6d0
[ 1608.774945]  ? find_held_lock+0x2c/0x110
[ 1608.775506]  ? io_submit_sqes+0x8610/0x8610
[ 1608.776098]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1608.776757]  ? wait_for_completion_io+0x270/0x270
[ 1608.777402]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1608.778026]  ? vfs_write+0x354/0xb10
[ 1608.778528]  ? fput_many+0x2f/0x1a0
[ 1608.779022]  ? ksys_write+0x1a9/0x260
[ 1608.779532]  ? __ia32_sys_read+0xb0/0xb0
[ 1608.780103]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1608.780805]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1608.781501]  do_syscall_64+0x33/0x40
[ 1608.782015]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1608.782698] RIP: 0033:0x7ff984008b19
[ 1608.783207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1608.785644] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1608.786649] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1608.787588] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1608.788533] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1608.789467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1608.790406] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1608.816501] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1608.821640] FAULT_INJECTION: forcing a failure.
[ 1608.821640] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1608.823267] CPU: 0 PID: 9819 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1608.824179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1608.825268] Call Trace:
[ 1608.825627]  dump_stack+0x107/0x167
[ 1608.826113]  should_fail.cold+0x5/0xa
[ 1608.826625]  __alloc_pages_nodemask+0x182/0x600
[ 1608.827239]  ? do_raw_spin_lock+0x121/0x260
[ 1608.827825]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 1608.828639]  alloc_pages_current+0x187/0x280
[ 1608.829231]  allocate_slab+0x26f/0x380
[ 1608.829755]  ___slab_alloc+0x470/0x700
[ 1608.830276]  ? io_submit_sqes+0x6fe6/0x8610
[ 1608.830861]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1608.831551]  ? trace_hardirqs_on+0x5b/0x180
[ 1608.832143]  ? kmem_cache_alloc_bulk+0x1ec/0x320
[ 1608.832765]  kmem_cache_alloc_bulk+0x1ec/0x320
[ 1608.833380]  io_submit_sqes+0x6fe6/0x8610
[ 1608.833963]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1608.834625]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1608.835273]  ? lock_downgrade+0x6d0/0x6d0
[ 1608.835827]  ? find_held_lock+0x2c/0x110
[ 1608.836379]  ? io_submit_sqes+0x8610/0x8610
[ 1608.836964]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1608.837608]  ? wait_for_completion_io+0x270/0x270
[ 1608.838253]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1608.838868]  ? vfs_write+0x354/0xb10
[ 1608.839370]  ? fput_many+0x2f/0x1a0
[ 1608.839861]  ? ksys_write+0x1a9/0x260
[ 1608.840372]  ? __ia32_sys_read+0xb0/0xb0
[ 1608.840919]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1608.841610]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1608.842295]  do_syscall_64+0x33/0x40
[ 1608.842790]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1608.843468] RIP: 0033:0x7f7e6ceffb19
[ 1608.843970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1608.846368] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1608.847366] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1608.848313] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1608.849240] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1608.850177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1608.851118] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
23:13:11 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x2c}})

23:13:11 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 11)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

23:13:12 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 71)

23:13:12 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:13:12 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 28)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

[ 1608.996183] FAULT_INJECTION: forcing a failure.
[ 1608.996183] name failslab, interval 1, probability 0, space 0, times 0
[ 1608.998000] CPU: 0 PID: 9836 Comm: syz-executor.7 Not tainted 5.10.220 #1
[ 1608.998904] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1609.000031] Call Trace:
[ 1609.000392]  dump_stack+0x107/0x167
[ 1609.000876]  should_fail.cold+0x5/0xa
[ 1609.001392]  ? memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1609.002090]  should_failslab+0x5/0x20
[ 1609.002602]  __kmalloc_node+0x76/0x420
[ 1609.003123]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 1609.003796]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 1609.004481]  kmem_cache_alloc_bulk+0x182/0x320
[ 1609.005090]  io_submit_sqes+0x6fe6/0x8610
[ 1609.005647]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 1609.006309]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1609.006972]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1609.007617]  ? lock_downgrade+0x6d0/0x6d0
[ 1609.008190]  ? find_held_lock+0x2c/0x110
[ 1609.008735]  ? io_submit_sqes+0x8610/0x8610
[ 1609.009322]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1609.009969]  ? wait_for_completion_io+0x270/0x270
[ 1609.010610]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1609.011283]  ? vfs_write+0x354/0xb10
[ 1609.011810]  ? fput_many+0x2f/0x1a0
[ 1609.012299]  ? ksys_write+0x1a9/0x260
[ 1609.012803]  ? __ia32_sys_read+0xb0/0xb0
[ 1609.013346]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1609.014041]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1609.014717]  do_syscall_64+0x33/0x40
[ 1609.015210]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1609.015902] RIP: 0033:0x7fac812b2b19
[ 1609.016401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1609.018835] RSP: 002b:00007fac7e828188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1609.019865] RAX: ffffffffffffffda RBX: 00007fac813c5f60 RCX: 00007fac812b2b19
[ 1609.020801] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1609.021747] RBP: 00007fac7e8281d0 R08: 0000000000000000 R09: 0000000000000000
[ 1609.022673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1609.023600] R13: 00007fff494cb88f R14: 00007fac7e828300 R15: 0000000000022000
23:13:12 executing program 5:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x20100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x1a, &(0x7f0000000000)={'NETMAP\x00'}, &(0x7f0000000040)=0x1e)
syz_io_uring_setup(0x1c, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000ff2000/0xc000)=nil, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = socket$inet(0x2, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000500)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f00000000c0)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}}, 0x0)
syz_io_uring_complete(r2)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000003a00c5d500000000000000000a0002006803f51792af8281ca583f0895e6321cef6b331118ffa321907064ecde0d000000128b6ad9a5bc5b758c90cf4924a9da3a39fcafd018e8dfab23b63c332ae029f596740f51537d78c5e97d2611dca6fb2735a0d7"], 0x14}}, 0x0)
r6 = perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x3, 0x4, 0x9, 0x2a, 0x0, 0x1, 0x2000, 0x8, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0xc93, 0x4, @perf_config_ext={0x58, 0x200}, 0x108, 0xfff, 0x88a, 0x3, 0x2, 0x3, 0x0, 0x0, 0x1, 0x0, 0x5}, 0x0, 0xa, r1, 0xa)
r7 = syz_io_uring_complete(0x0)
getsockopt$ARPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x63, &(0x7f0000000240)={'IDLETIMER\x00'}, &(0x7f00000012c0)=0x1e)
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r6, 0x50009418, &(0x7f00000002c0)={{r7}, 0x0, 0x2, @inherit={0x78, &(0x7f0000000140)={0x1, 0x6, 0x0, 0x2, {0xf, 0x17dd, 0x7, 0x7f, 0x1}, [0xfffffffffffffffe, 0xfff, 0x5, 0x89, 0x7fffffff, 0x9]}}, @subvolid=0x4})
creat(&(0x7f0000000080)='./file0\x00', 0x48)

23:13:12 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 18)

[ 1609.072677] FAULT_INJECTION: forcing a failure.
[ 1609.072677] name failslab, interval 1, probability 0, space 0, times 0
[ 1609.074619] CPU: 1 PID: 9841 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1609.075639] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1609.076868] Call Trace:
[ 1609.077383]  dump_stack+0x107/0x167
[ 1609.077954]  should_fail.cold+0x5/0xa
[ 1609.078543]  ? create_object.isra.0+0x3a/0xa20
[ 1609.079219]  should_failslab+0x5/0x20
[ 1609.079793]  kmem_cache_alloc+0x5b/0x310
[ 1609.080426]  create_object.isra.0+0x3a/0xa20
[ 1609.081083]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1609.081895]  kmem_cache_alloc_trace+0x151/0x320
[ 1609.082569]  io_issue_sqe+0x2492/0x77b0
[ 1609.083172]  ? io_connect+0x610/0x610
[ 1609.083743]  ? lock_acquire+0x197/0x470
[ 1609.084366]  ? find_held_lock+0x2c/0x110
[ 1609.084980]  ? xa_load+0x12d/0x2c0
[ 1609.085515]  ? lock_downgrade+0x6d0/0x6d0
[ 1609.086146]  __io_queue_sqe+0x90/0x9d0
[ 1609.086732]  ? xa_load+0x156/0x2c0
[ 1609.087264]  ? io_issue_sqe+0x77b0/0x77b0
[ 1609.087904]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1609.088611]  io_submit_sqes+0x44aa/0x8610
[ 1609.089263]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1609.090006]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1609.090727]  ? lock_downgrade+0x6d0/0x6d0
[ 1609.091344]  ? find_held_lock+0x2c/0x110
[ 1609.092102]  ? io_submit_sqes+0x8610/0x8610
[ 1609.092816]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1609.093611]  ? wait_for_completion_io+0x270/0x270
[ 1609.094337]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1609.095129]  ? vfs_write+0x354/0xb10
[ 1609.095670]  ? fput_many+0x2f/0x1a0
[ 1609.096221]  ? ksys_write+0x1a9/0x260
[ 1609.096808]  ? __ia32_sys_read+0xb0/0xb0
23:13:12 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)

[ 1609.097564]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1609.098723]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1609.099483]  do_syscall_64+0x33/0x40
[ 1609.100047]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1609.100797] RIP: 0033:0x7fd30c0eeb19
[ 1609.101346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1609.104038] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1609.105239] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1609.106262] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1609.107292] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1609.108576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1609.109653] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1609.141125] FAULT_INJECTION: forcing a failure.
[ 1609.141125] name failslab, interval 1, probability 0, space 0, times 0
[ 1609.143566] CPU: 1 PID: 9840 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1609.144794] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1609.146201] Call Trace:
[ 1609.146595]  dump_stack+0x107/0x167
[ 1609.147131]  should_fail.cold+0x5/0xa
[ 1609.147699]  ? create_object.isra.0+0x3a/0xa20
[ 1609.148395]  should_failslab+0x5/0x20
[ 1609.148963]  kmem_cache_alloc+0x5b/0x310
[ 1609.149568]  create_object.isra.0+0x3a/0xa20
[ 1609.150295]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1609.151204]  kmem_cache_alloc_bulk+0x168/0x320
[ 1609.151946]  io_submit_sqes+0x6fe6/0x8610
[ 1609.152594]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1609.153476]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1609.154350]  ? lock_downgrade+0x6d0/0x6d0
[ 1609.155017]  ? find_held_lock+0x2c/0x110
[ 1609.155672]  ? io_submit_sqes+0x8610/0x8610
[ 1609.156321]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1609.157049]  ? wait_for_completion_io+0x270/0x270
[ 1609.157766]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1609.158471]  ? vfs_write+0x354/0xb10
[ 1609.159034]  ? fput_many+0x2f/0x1a0
[ 1609.159588]  ? ksys_write+0x1a9/0x260
[ 1609.160175]  ? __ia32_sys_read+0xb0/0xb0
[ 1609.160804]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1609.161592]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1609.162347]  do_syscall_64+0x33/0x40
[ 1609.162955]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1609.163716] RIP: 0033:0x7f7e6ceffb19
[ 1609.164326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1609.167056] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1609.168297] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1609.169334] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1609.170412] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1609.171457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1609.172604] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1609.181549] FAULT_INJECTION: forcing a failure.
[ 1609.181549] name failslab, interval 1, probability 0, space 0, times 0
[ 1609.183158] CPU: 0 PID: 9844 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1609.184108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1609.185253] Call Trace:
[ 1609.185637]  dump_stack+0x107/0x167
[ 1609.186154]  should_fail.cold+0x5/0xa
[ 1609.186690]  ? create_object.isra.0+0x3a/0xa20
[ 1609.187330]  should_failslab+0x5/0x20
[ 1609.187874]  kmem_cache_alloc+0x5b/0x310
[ 1609.188444]  create_object.isra.0+0x3a/0xa20
[ 1609.189035]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1609.189723]  kmem_cache_alloc_trace+0x151/0x320
[ 1609.190370]  io_issue_sqe+0x2492/0x77b0
[ 1609.190924]  ? io_connect+0x610/0x610
[ 1609.191452]  ? lock_acquire+0x197/0x470
[ 1609.191997]  ? find_held_lock+0x2c/0x110
[ 1609.192546]  ? xa_load+0x12d/0x2c0
[ 1609.193023]  ? lock_downgrade+0x6d0/0x6d0
[ 1609.193592]  __io_queue_sqe+0x90/0x9d0
[ 1609.194126]  ? xa_load+0x156/0x2c0
[ 1609.194612]  ? io_issue_sqe+0x77b0/0x77b0
[ 1609.195184]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1609.195868]  io_submit_sqes+0x44aa/0x8610
[ 1609.196461]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1609.197132]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1609.197784]  ? lock_downgrade+0x6d0/0x6d0
[ 1609.198344]  ? find_held_lock+0x2c/0x110
[ 1609.198901]  ? io_submit_sqes+0x8610/0x8610
[ 1609.199498]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1609.200156]  ? wait_for_completion_io+0x270/0x270
[ 1609.200808]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1609.201448]  ? vfs_write+0x354/0xb10
[ 1609.201954]  ? fput_many+0x2f/0x1a0
[ 1609.202453]  ? ksys_write+0x1a9/0x260
[ 1609.202977]  ? __ia32_sys_read+0xb0/0xb0
[ 1609.203530]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1609.204242]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1609.204946]  do_syscall_64+0x33/0x40
[ 1609.205451]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1609.206139] RIP: 0033:0x7ff984008b19
[ 1609.206647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1609.209101] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1609.210115] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1609.211062] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1609.212020] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1609.212969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1609.213917] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1609.279139] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1609.738213] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1609.738958] print_req_error: 6 callbacks suppressed
[ 1609.738973] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1609.740695] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1609.741784] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1609.748364] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1609.748954] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1609.750088] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1609.751156] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1609.756061] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1609.756670] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1609.757782] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1609.758891] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1609.761461] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1609.762006] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1609.763083] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1609.764197] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1609.765060] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1609.765641] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1609.766757] blk_update_request: I/O error, dev loop0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1609.767804] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1609.768689] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1609.769270] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1609.778543] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1609.779230] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1609.782359] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1609.783181] Buffer I/O error on dev loop0, logical block 2096903, async page read
[ 1609.875333] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1609.875937] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1609.875962] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1609.877733] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1609.877760] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1609.879480] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1609.880073] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1609.880684] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1609.881266] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1609.881888] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
23:13:27 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x2d}})

23:13:27 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 12)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

23:13:27 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="9f04cd16b2f4dc73a49328916b685feda945324d89ba3f463ba563448011c0dc5812329889db0e227836d11c45f6ec015fbd01f3500dfad421c8e886845a3733e8a55a070905146b5f281503e88332ecc048ac05ecf5a03c9c383617688df59a34d3900b3b256396c4933b47e26dbd72037a94f1e4570ef5bdfe373007dc8144d88f283c8bda20169eb4a949fd223f8f0667d34cedf493172a6e7ecaaf228a305fd20ff746c97f39ecfb12ad0b65ee3fafc118e0e25a8337ec8f0aa5a07e2e143cc529f0fa7882f0a0b05536e2d641d34d7bc5f351d8594dffc37480277b484640f3cc4020232acb1d9bb939511ea355c4736fefbc57f8145d463abc6f", @ANYBLOB="7c9fe20c234c23fd18304ec3a73702000000203d431d707a6b67aec2293d6fe9094aa2d235e1edce3892104e69bec56d5617799747b7b6ea835feb464723000000000000000000000000000083c1b40e32c1e46a98c9f0d6d601fac7111ddd6af6b2cf34a5c6e8eaa1abd18fe7a477c258719264d850feab52901ec4482c7e9ac2bc4d9e23d060c087b0ca0b4dfbccb90e34104811137229649725c29b57be35988be80dd529ae2926627c2844daf1dde38844614f73931fa263645485b77d398e3046631919e43efa372420d434c5ce24b8c6e74d0d94b220519925838ee93a051efcbc4084b46ebe8c3081f80114ed662ec0c66d6d"], 0x98a)
r2 = creat(0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]})
r3 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, '\x00', [{0xfffffff8, 0x10000, 0x0, 0x80000001, 0x6}, {0x7, 0x0, 0x20, 0x2, 0x9, 0x8}], ['\x00', '\x00', '\x00', '\x00']})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
dup(0xffffffffffffffff)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
tee(r1, r4, 0x1, 0x6)
unshare(0x48020200)
unshare(0x10000100)

23:13:27 executing program 0:
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r3}}, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 72)

23:13:27 executing program 6:
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r4}}, 0x0)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 19)

23:13:27 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(0x0, 0x0)

23:13:27 executing program 4:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x6000, @fd_index, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x1c6, 0xffcd, 0x0, 0x0, 0x0) (fail_nth: 29)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000231}, 0x8010}, 0x0, 0x0, 0xffffffffffffffff, 0x2)

23:13:27 executing program 5:
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), r0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000400)={&(0x7f0000000980)=ANY=[@ANYRES32, @ANYRESOCT=r1, @ANYBLOB="000129bd7000ffdbdf25170000000c00058008000100756470001001058007000100696200004c0002800800020000000000080001000400000008000400000000000800040009000000080002000700000008000400ff000000080003000500000008000100130000000800010006000000340002800800040000040000080002001f0000000800040001000000080004001aa20000080001000a00000008000300000000002400028008000200050000000800020003000000080001001f00000008000200f50400000c000280080003000101000007000100696200004c0002800800040006000000080001001b000000080001000a0000000800010020000000080001001a00000008000200010000000800020000100000080004000400000008000200010000004c0004803c000780080001000f00000008000200010000000800030001000000080002008000000008000300c1ffffff080004000500000008000200920775590c000780080001000b00000088000280440003800800020002000000080002000104000008000200070000000800020006000000080001000700000008000100010000000800010001000080080002003f0800000800020000100000140003800800020005000000080002005e0d000008000100030000001c0003800800020000000100080001000100000008000100020000003800058034000280080002000101000008000200070000000800040008000000080003000200000008000300000000000800010001000000"], 0x23c}, 0x1, 0x0, 0x0, 0x810}, 0x10)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={<r2=>0xffffffffffffffff, 0x10000000000000})
statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, 0x0)
write$selinux_attr(r2, &(0x7f00000000c0)='system_u:object_r:unconfined_exec_t:s0\x00', 0x27)
r3 = openat(0xffffffffffffffff, &(0x7f0000000080)='/proc/self/exe\x00', 0x107100, 0x0)
read(r3, &(0x7f0000000000), 0x1b4000)
read$hiddev(r3, &(0x7f00000004c0)=""/136, 0x88)
mknodat$loop(r2, &(0x7f0000000380)='./file1\x00', 0x1, 0x0)
lstat(&(0x7f00000002c0)='./file1\x00', 0x0)
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000240)='./file1\x00')
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r0, 0x80605414, &(0x7f0000000100))
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f00000001c0)={r0, 0x0, 0xfffffffffffffffa, 0x3})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x1000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000001004001f000000ea0000000000"], 0x1c}}, 0x8000)

[ 1624.811486] FAULT_INJECTION: forcing a failure.
[ 1624.811486] name failslab, interval 1, probability 0, space 0, times 0
[ 1624.813159] CPU: 0 PID: 9877 Comm: syz-executor.0 Not tainted 5.10.220 #1
[ 1624.814127] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1624.815305] Call Trace:
[ 1624.815696]  dump_stack+0x107/0x167
[ 1624.816224]  should_fail.cold+0x5/0xa
[ 1624.816774]  ? create_object.isra.0+0x3a/0xa20
[ 1624.817428]  should_failslab+0x5/0x20
[ 1624.817976]  kmem_cache_alloc+0x5b/0x310
[ 1624.818565]  create_object.isra.0+0x3a/0xa20
[ 1624.819194]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1624.819923]  kmem_cache_alloc_trace+0x151/0x320
[ 1624.820602] FAULT_INJECTION: forcing a failure.
[ 1624.820602] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1624.820637]  io_issue_sqe+0x2492/0x77b0
[ 1624.822907]  ? io_connect+0x610/0x610
[ 1624.823464]  ? lock_acquire+0x197/0x470
[ 1624.824036]  ? find_held_lock+0x2c/0x110
[ 1624.824627]  ? xa_load+0x12d/0x2c0
[ 1624.825134]  ? lock_downgrade+0x6d0/0x6d0
[ 1624.825736]  __io_queue_sqe+0x90/0x9d0
[ 1624.826286]  ? xa_load+0x156/0x2c0
[ 1624.826791]  ? io_issue_sqe+0x77b0/0x77b0
[ 1624.827385]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1624.828063]  io_submit_sqes+0x44aa/0x8610
[ 1624.828686]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1624.829389]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1624.830068]  ? lock_downgrade+0x6d0/0x6d0
[ 1624.830657]  ? find_held_lock+0x2c/0x110
[ 1624.831240]  ? io_submit_sqes+0x8610/0x8610
[ 1624.831864]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1624.832560]  ? wait_for_completion_io+0x270/0x270
[ 1624.833243]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1624.833900]  ? vfs_write+0x354/0xb10
[ 1624.834427]  ? fput_many+0x2f/0x1a0
[ 1624.834941]  ? ksys_write+0x1a9/0x260
[ 1624.835503]  ? __ia32_sys_read+0xb0/0xb0
[ 1624.836089]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1624.836831]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1624.837560]  do_syscall_64+0x33/0x40
[ 1624.838084]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1624.838808] RIP: 0033:0x7fd30c0eeb19
[ 1624.839336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1624.841893] RSP: 002b:00007fd309664188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1624.842969] RAX: ffffffffffffffda RBX: 00007fd30c201f60 RCX: 00007fd30c0eeb19
[ 1624.843967] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1624.844975] RBP: 00007fd3096641d0 R08: 0000000000000000 R09: 0000000000000000
[ 1624.845971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1624.846975] R13: 00007ffd0572fecf R14: 00007fd309664300 R15: 0000000000022000
[ 1624.848019] CPU: 1 PID: 9872 Comm: syz-executor.7 Not tainted 5.10.220 #1
[ 1624.849028] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1624.850230] Call Trace:
[ 1624.850630]  dump_stack+0x107/0x167
[ 1624.851695]  should_fail.cold+0x5/0xa
[ 1624.851729]  _copy_to_user+0x2e/0x180
[ 1624.851762]  simple_read_from_buffer+0xcc/0x160
[ 1624.851796]  proc_fail_nth_read+0x198/0x230
[ 1624.851827]  ? proc_sessionid_read+0x230/0x230
[ 1624.851855]  ? security_file_permission+0xb1/0xe0
[ 1624.851890]  ? proc_sessionid_read+0x230/0x230
[ 1624.851915]  vfs_read+0x228/0x620
[ 1624.851949]  ksys_read+0x12d/0x260
[ 1624.851982]  ? vfs_write+0xb10/0xb10
[ 1624.852015]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1624.852041]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1624.852069]  do_syscall_64+0x33/0x40
[ 1624.852092]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1624.852108] RIP: 0033:0x7fac8126569c
[ 1624.852132] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
23:13:27 executing program 1:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x30}})

23:13:27 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

[ 1624.852146] RSP: 002b:00007fac7e828170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1624.852171] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fac8126569c
[ 1624.852187] RDX: 000000000000000f RSI: 00007fac7e8281e0 RDI: 0000000000000005
[ 1624.852202] RBP: 00007fac7e8281d0 R08: 0000000000000000 R09: 0000000000000000
23:13:28 executing program 3:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000000440)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[])
r0 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
inotify_init1(0x0)
r1 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x0)
syz_io_uring_setup(0x3406, &(0x7f0000000140)={0x0, 0x9360, 0x2, 0x2, 0x203}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0), &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd_index=0xa, 0xfffffffffffeffff, &(0x7f00000004c0)=""/4096, 0x1000, 0x2, 0x0, {0x0, r0}}, 0x6)
ioctl$FIOCLEX(r1, 0x5451)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(0x0, 0x0)

23:13:28 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xd}, 0x10000, 0x7, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, r0, 0x0)
r1 = syz_io_uring_setup(0x6544, &(0x7f0000000080)={0x0, 0x40000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3f]}, 0xfffffffffffffd81, 0x0)
openat(r4, &(0x7f0000000100)='./file0/file0\x00', 0x986d2dfada44dd94, 0x29)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0xc0045878, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, {0x0, r5}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x1c6, 0xffcd, 0x2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x79)

[ 1624.852212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1624.852227] R13: 00007fff494cb88f R14: 00007fac7e828300 R15: 0000000000022000
[ 1624.868686] FAULT_INJECTION: forcing a failure.
[ 1624.868686] name failslab, interval 1, probability 0, space 0, times 0
[ 1624.868705] CPU: 0 PID: 9882 Comm: syz-executor.6 Not tainted 5.10.220 #1
[ 1624.868716] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1624.868722] Call Trace:
[ 1624.868739]  dump_stack+0x107/0x167
[ 1624.868759]  should_fail.cold+0x5/0xa
[ 1624.868777]  ? io_issue_sqe+0x2492/0x77b0
[ 1624.868796]  should_failslab+0x5/0x20
[ 1624.868814]  kmem_cache_alloc_trace+0x55/0x320
[ 1624.868838]  io_issue_sqe+0x2492/0x77b0
[ 1624.868874]  ? io_connect+0x610/0x610
[ 1624.868892]  ? lock_acquire+0x197/0x470
[ 1624.868908]  ? find_held_lock+0x2c/0x110
[ 1624.868930]  ? xa_load+0x12d/0x2c0
[ 1624.868947]  ? lock_downgrade+0x6d0/0x6d0
[ 1624.868975]  __io_queue_sqe+0x90/0x9d0
[ 1624.868994]  ? xa_load+0x156/0x2c0
[ 1624.869012]  ? io_issue_sqe+0x77b0/0x77b0
[ 1624.869038]  ? kmem_cache_alloc_bulk+0x182/0x320
[ 1624.869062]  io_submit_sqes+0x44aa/0x8610
[ 1624.869109]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1624.869126]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1624.869147]  ? lock_downgrade+0x6d0/0x6d0
[ 1624.869162]  ? find_held_lock+0x2c/0x110
[ 1624.869185]  ? io_submit_sqes+0x8610/0x8610
[ 1624.869210]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1624.869233]  ? wait_for_completion_io+0x270/0x270
[ 1624.869253]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1624.869268]  ? vfs_write+0x354/0xb10
[ 1624.869291]  ? fput_many+0x2f/0x1a0
[ 1624.869310]  ? ksys_write+0x1a9/0x260
[ 1624.869328]  ? __ia32_sys_read+0xb0/0xb0
[ 1624.869350]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1624.869367]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1624.869387]  do_syscall_64+0x33/0x40
[ 1624.869403]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1624.869414] RIP: 0033:0x7ff984008b19
[ 1624.869430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1624.869439] RSP: 002b:00007ff98157e188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1624.869458] RAX: ffffffffffffffda RBX: 00007ff98411bf60 RCX: 00007ff984008b19
[ 1624.869468] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000003
[ 1624.869478] RBP: 00007ff98157e1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1624.869488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1624.869498] R13: 00007fffdd8f95ff R14: 00007ff98157e300 R15: 0000000000022000
[ 1624.901555] FAULT_INJECTION: forcing a failure.
[ 1624.901555] name failslab, interval 1, probability 0, space 0, times 0
[ 1624.901574] CPU: 0 PID: 9881 Comm: syz-executor.4 Not tainted 5.10.220 #1
[ 1624.901583] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1624.901589] Call Trace:
[ 1624.901608]  dump_stack+0x107/0x167
[ 1624.901626]  should_fail.cold+0x5/0xa
[ 1624.901645]  ? create_object.isra.0+0x3a/0xa20
[ 1624.901668]  should_failslab+0x5/0x20
[ 1624.901686]  kmem_cache_alloc+0x5b/0x310
[ 1624.901702]  ? mark_held_locks+0x9e/0xe0
[ 1624.901723]  create_object.isra.0+0x3a/0xa20
[ 1624.901741]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1624.901764]  kmem_cache_alloc_bulk+0x168/0x320
[ 1624.901787]  io_submit_sqes+0x6fe6/0x8610
[ 1624.901834]  ? __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1624.901851]  __do_sys_io_uring_enter+0x6b5/0x18c0
[ 1624.901872]  ? lock_downgrade+0x6d0/0x6d0
[ 1624.901887]  ? find_held_lock+0x2c/0x110
[ 1624.901910]  ? io_submit_sqes+0x8610/0x8610
[ 1624.901936]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 1624.901958]  ? wait_for_completion_io+0x270/0x270
[ 1624.901978]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1624.901992]  ? vfs_write+0x354/0xb10
[ 1624.902009]  ? fput_many+0x2f/0x1a0
[ 1624.902027]  ? ksys_write+0x1a9/0x260
[ 1624.902045]  ? __ia32_sys_read+0xb0/0xb0
[ 1624.902067]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1624.902084]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1624.902103]  do_syscall_64+0x33/0x40
[ 1624.902119]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1624.902130] RIP: 0033:0x7f7e6ceffb19
[ 1624.902146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1624.902155] RSP: 002b:00007f7e6a475188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1624.902173] RAX: ffffffffffffffda RBX: 00007f7e6d012f60 RCX: 00007f7e6ceffb19
[ 1624.902183] RDX: 000000000000ffcd RSI: 00000000000001c6 RDI: 0000000000000004
[ 1624.902194] RBP: 00007f7e6a4751d0 R08: 0000000000000000 R09: 0000000000000000
[ 1624.902203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1624.902214] R13: 00007ffd99ec187f R14: 00007f7e6a475300 R15: 0000000000022000
[ 1624.935836] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1625.047682] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1625.425689] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1625.426586] print_req_error: 22 callbacks suppressed
[ 1625.426605] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1625.428957] blk_update_request: I/O error, dev loop0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1625.429013] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1625.430101] buffer_io_error: 6 callbacks suppressed
[ 1625.430118] Buffer I/O error on dev loop0, logical block 2096896, async page read
[ 1625.430925] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1625.434047] blk_update_request: I/O error, dev loop0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1625.434108] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1625.435130] Buffer I/O error on dev loop0, logical block 2096897, async page read
[ 1625.437058] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1625.438617] blk_update_request: I/O error, dev loop0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1625.438675] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1625.439665] Buffer I/O error on dev loop0, logical block 2096898, async page read
[ 1625.441576] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1625.443158] blk_update_request: I/O error, dev loop0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1625.443583] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1625.444241] Buffer I/O error on dev loop0, logical block 2096899, async page read
[ 1625.445019] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1625.447432] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1625.448228] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1625.449452] Buffer I/O error on dev loop0, logical block 2096900, async page read
[ 1625.449852] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1625.450476] Buffer I/O error on dev loop0, logical block 2096901, async page read
[ 1625.451357] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1625.451964] Buffer I/O error on dev loop0, logical block 2096902, async page read
[ 1625.455948] Buffer I/O error on dev loop0, logical block 2096903, async page read

VM DIAGNOSIS:
23:18:37  Registers:
info registers vcpu 0
RAX=ffffffff83e73d90 RBX=0000000000000000 RCX=ffffffff83e5bb8c RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e74398 RBP=fffffbfff09c6450 RSP=ffffffff84e07e38
R8 =0000000000000001 R9 =ffff88806ce3c12b R10=ffffed100d9c7825 R11=0000000000000001
R12=0000000000000000 R13=ffffffff85674f48 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e73d9e RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffd52f3e000 CR3=00000000182a2000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=000000c000840140000000c0008400c0
XMM02=000000c0008410c0000000c000841040 XMM03=000000c000585bf0000000c00057ae80
XMM04=000000c000a217c0000000c000a21240 XMM05=000000c000582040000000c000a50240
XMM06=000000c000582580000000c000582400 XMM07=000000c000582fc0000000c000582d40
XMM08=000000c000a20800000000c0008ebb00 XMM09=000000c000a21240000000c000a20940
XMM10=000000c000a50240000000c000a217c0 XMM11=000000c000582400000000c000582040
XMM12=000000c000582d40000000c000582580 XMM13=000000c000583040000000c000582fc0
XMM14=000000c000583100000000c000583080 XMM15=000000c000584480000000c0004337a0
info registers vcpu 1
RAX=ffffffff83e73d90 RBX=0000000000000001 RCX=ffffffff83e5bb8c RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff83e74398 RBP=ffffed1001130000 RSP=ffff88800898fe70
R8 =0000000000000001 R9 =ffff88806cf3c12b R10=ffffed100d9e7825 R11=0000000000000001
R12=0000000000000001 R13=ffffffff85674f48 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff83e73d9e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f2d5f8d8d40 CR3=00000000182a2000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=0000000000000000412b48d000000000 XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000