0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003640c9e537c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009b1f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000555247ac0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f386b6d3474fd410cecd2d098128cc5914657b30e8bc2901a274453aeb636182d5b100b94787692817c7deb11b84965047d939b4e02a2b0c77536f6044c54606cee89ebde22846579fddd3e3c61c49866ba68c9334fb770796475ee901bd910f6ea53601336e00000000000000"])
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:39:37 executing program 1:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:39:37 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 63)

06:39:37 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:39:37 executing program 1:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000100)=<r1=>0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r2, 0x0, 0x0}, 0x0)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:39:37 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0xc0a85322, &(0x7f0000000240))
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x3000000, 0x1010, r5, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:39:37 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r0, {0xee01, <r3=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r3, r3, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r4=>r2, @in_args={0x1}}, './file0\x00'})
fsetxattr$trusted_overlay_upper(r4, &(0x7f0000000100), &(0x7f0000000140)={0x0, 0xfb, 0x1015, 0x1, 0x6, "abb906a6bbd92d3ad7673c4cf942a6dc", "07b7ce819746154cb1ba2517e2a3c1f2a5f2e660702fbf6423f1742739cf0d8a53cc083c838eb3314f0bd299923f66ba04479e33af01e426f1bd403357cf1dc4edbf6718cfde0d71cd6766ba3ea54cea6c10581fc71c1a9a619416a2854f0df0fb0453fa9cb2c9e3a41e647355bddd81c1ac680ec03602fcfebe3588bf3a78b3aad6cab59767118a6b27984ad4006a0f51a1a3ea4f7d788d0c09f10a744d362df8db5d4ef787b3abd73b695ea81bc52f8320059945ddd2b91c31217101e9e64a328edf3da1aae3a515b8be72912bd158bd15649d848290a7b2d7c28fb8413dace58bd8e567df7bff721d71c900c63ac2a95f40f993d246b29dbf57e6077664387b53aa8e7737243fef47f049abd55ea1d0b3f68093e17e8c83210e0504a12d33ff0b318ea3b053a0a107bf7eddb7290c2f45d7b3b4935beb155956d7fe0a2c26c6be62bbb146f0de53f49d5c3e5454ce69dd5bf8738aaa8f8651823905abf4c161e7370e1e76760c87028d4c322d51119b7417166795283f97a4b6d7baa42f765095f664c46de21c93713d23b7a1598dab170ad8b111060ec5457e5380b3481ebc1c499eaba2da57cb16142103fbf1709562e4fe8c46bcff9ff2f901a08ea9b7f1adf69dccf5b33ad79486b31e8a40118f56005baaa4ec634cc9a80a847b7cc29e3a11aaa12f8b4d570af8eb8d8385ead33b742faca621703768c8a992c2a346e9d027ff8423bbb7072ca83136b62b00bf33a91d89ba5cf608a89bdc80b08f0a2d4b51eb3364ba142ed306f35f08fbb096f03dca7207c939cced0546fdccba52d2dce8342130630eebfd0d6c74a9c333cc81978ff589ad2d2b4d364339546c5c86375ff23f89d65c49ac6965dcc69d9ab34848a83ddddb99fefc29c61c40b7a4dea3b19ba51ac7774b693e4817205e34bdefc8a665a993d3d9d3a595f3d466464d1230dab7bf83d4752cffbdf9cd9eb52e143c10bac63c3bebe2b89a7111ebec75e85d80b05629611e04654fbf7d106b6359bbb7d4cff2b1f90c1d45ee963eeae75a0c98c2bc2f578be4147c0aef8acd634124602819bd975749156c39c3b07dc6318a6bb76051f8aba0c671c457f12766ee6a6cdc57ddd8e8299da91a1c005d8f9e704ac86d5f71afc61a2d0751084d1f92e8d56ec30b6cecf162bf349db5e13b6fd5a4a9ee063c563eb6050c388e63b113d67b0668e200ce42e414e2d9e13f8677100fc619c89d741c96e21998f63c0f7cb8f2d3be155a7d57b26d060af99da5e5d6eb58907e7da1be7a077d464ce6eab557652f0005dcd1a1413c52434624f21faa7aed5687e7c77630e3ea48a3cf23a80ba364614e0926f8650468ed8e009c66225a8730d3c43e782eebc8c22387618dfec515d895c106d4dc20f3eef361005abe7f25b6eb86233630d4e74724e902f132bdaac9cbf49d09389430530d46eaace0d003037088ae6c6a19682a3445e0aa2f17b1745ff1eba4a266ff6d0ee3d45d8c36619091b46d6eddbb335b2e90b48ff91befb4d1ab3b57d19fa88413a788313c8904f9116377e4ddef42ba88881caf9f824bcb5e3ea41fe748c8b07e7834d9125a9fc21fea2d76731acb0ed9a1722f959ac92310d04510f81692a9a224876068eb568dd2442d844b127602ba908de3af49f321ca4a6aa60478d338981fc3d2ea7996930ff1d9de0db5e6167613a68aae9f039a84b234feba6a3856a42906829b4a2c3bbd98b68f5d42cb06874148e50e603862cad2c0683f4b2b7f66012b1329a4dfdc50e02a441df4405123b050c8012428b88ac559c8cc23a94d8d71fc32ccea7c2d9d40209dc73161cf093b5b27bc9a973f3f5c6a6607db2b5417aa2e3e2bdf6ddbd57ef651f461e410d8723d9015600654418ac18ab4cb52724516eac028bcd71e0c5c904fd4dc8e335176e9ac9165a3c19168ac8c5017b3f3374fbaa61b56e29cc409df6a90aca0b9d8e4669e45eeb17d9b0714cb1f8e37cc6b683fe37a5d072894bf975f3d00679af7c2b67036d7ae62fabe358f4380b02be3f6ff62885937fa5e208921ab11b0629b4a32994ef0e17894dd33bdf3f08fc755fd8bb79a75b9cc38f9cfcae0d4022e93b4a6bf756e0841953bef69fd644dc4a32d271fd067f1b6df6c903b70bc91786551b6827958a5e5b921826b817037877616d0fa42ee7bb0a0513c8aabb66b4c1cb11a08d5304ccb37c43986a2301eefcfa5a27e8144cb6a047dd49952cf9e4edb79372c0341b8039cdb52d271e750d771d8cdfb103a16f1da65c1f25f9b12775c47081d7ed285a313aa66c8e4052f9b7a3c23c97d946814493fd417a6b842e73818f9e9bdcdca428eafae82d19019af9dad42f3d5a77f43320976f28753e9655c20f839fe6912d9d4cf1768ffe6847a427ff3f2fa3bd1bfc672a2137f863a39b400a59fe4d3249538023f706a73c22edad02344f4edb30163c154a7d8bffe6869c82d20516398c99d7d09c8e0737da4531b140faaccfcda85c2bf3b7c736707553010d668c489bb014a1295b343f529982923a0fc0febb4d692008f216886ae9a1da07e9a4689ff63d450f7f5e30c10762334b552016b0a63ee5397c86d36a631188bb1dfbaa6953cc4e614e47e4e054f068c61d1e21e08e4c6206fc6b2397388c1a1cf1f39f3a0b6342d8d1609e8a0e8587ad407fbff23e434482df945d438d7d663e06414d4a770b4a6dbf3d10c5a92665625c92ba9a0c08400a2e3b5a0f222da3d5853dbfbc0cdf4942bbdd9c52f7c46e120f5d6881f35641feb458d19d6f12b2c84589dfc632872fef32b327a72886ea7c1f5c670e89f186dd01c0a2d9a13416e6833a66b4e09788c73360f8c6ad1a8aba87e598c2d8935dd47c8480e7466098b4be6582ef799bb5203bb2c9e4bfe55939930a0bee7db8a6bbea764a69073cac37191dd877f92094ff480b030dcac26d43bf45312c1f8329f30cbf712a0c41ce2a9245b430045525751fc1532dad458385c18d0718601cd0056d075f7b456068905ba76c8d72a6632a2e0fe39af8958bce4bd9ae993f2f3bed944825505510360500454c637e71dbaea5e1835a4de7955e5242f7fd925454df8aa911fe8d3c9935966822e457b1357728a348d11cbefd54d926accd5268fe6f3c6d0512177846360f37b799bc99b2c03f17428931214f5a919c0b246a2fd89a4ac6d1ab28a8258648ec008fe984e9a3e6136bacb475635430fb3e99d58806a13c62075e88bc9e2a911913260fca09edc2e4dc350f459fc8586b718f4693bcfd289f566524ba4f4776c5536f6e91bfbd53269938160960fb75f44dfeb41e6b128b47e1899a5d946269e8d1caf3f02fa80a3489c65bbd92b8c752136c8c3048ed4c5631d870ae42fa120a18b72d11463b39ac59e8fdd79a78514a52a9e692bf6530a67add4cc2ad7562b479a4c6842eab4bd5092cb2885b8b352705e29253bb4825894bf67bd692a349fcbc5bc9e0b593177f9966fef5f2b643c848a120c9c821e24c3a715d36dbef586850b8309531cfdfcaf703a7af1586b5bf29e5dcf11c92649c6adff6976f559beee6723fb49d87c76b8c7ac19e1a7228f3760c98299f17ef40129dca584ae881e0b74b791ecab27ed8c4ff12f6cead7809ab067c51b8ce3694724b47c20de5422831a4167682efa040368eec1f265e93edc3ed50e56ec18e06003a6c3cfff435dcb93e863cd5ae73740e8ea415081c57f2abaa5e41c49c3c8b2bd036f462411e5a419cf841607490064ae1bdd9d7d6041de8867fd3cd30a174056125aa0eb39639c25bda8b91f76033a4359faa165cca93d08927f0773b5accff156e80b2fdd0f9571a37c7d8cb1988a6f93c0f6c542041052c68a9e612aa66eadec767865e5db045bb4783e3e631d5e72316e8f517c906f19fe76c82d607f52b4c13ddb425dbf2129857b89fc273f7e6a8c79be5b19883ec78c684842830e95a19a76ad3a0da4be7ddcdcda0b7bb28113f4cc7bd240f3ebe09a4678df71f73fadc77593ccdd53f9357a03f11e7d5792db37c971caf814d5cabd3ef10dda671fb6f2701957f4a947dbd624a8954d4e9a2b4bfdf8120ff64668eb68cee12007ac2974b424fa9356b18bb74683f977118b02b15d6bcbaac9fe99820b53e8913f66b7fabfd115eab577d57183f8120673abc2b7a969584b7e428867a459e1d4f41cd3e93341c70459c6ed47947a8717fe4835ac2f1397a4ff455e34a80a515214b5127978f097e6e3908323dbed52fcf045fd8b661dfe7a8b05a3c5e06e9249caca333f5c46e57cc32abc8141617ceab1111edd47f68f94cd1d4a4fc0300c54bcfee628f6a3f2fae54dfa6697c279b97ca40590faa11277922ed08a785ff8303e5a97e6618b7058c6ff6feaee6375dc20687927b9ceff28d0f157058ccd186743059144adbeca89e77cf8c507166e83932ecbd0d3183be72c0a105d6f1527894f7776d1d0ab81301a6afdfad713f5cfad579e59e09efc7b2d071950d2d26662bf35407ed23cbfee2ee43f01eb3a4ded95a75578ec25bb53c6f34de3c86f11f36777528587a9adb516112bec35fe401914dd07153ab407462e136cd264de3d50c9bb4ca5f253257d491815e24bb05451b6c3d1ef17f650d9c46cf78060aff76a3c4757572c52566217b0c34c7f00e596830e242ee0c1128fbaccbd3c89b41628baa36706e876d39e293ec1c7cc4de1a5df2b91a61ebce6f70b37148504f9ed20282a917b096086ed7beee349c9b7c2158fb18b0575b30701c8dffee6b21bc4f42fd529b603fb2cbe49fa77d38f89f458e6ae920a0308d852c7af08610e499a7c1935c9427e0e25dfa5aae6ec387b91d90a626c434ca2ec751cfb054472b785ed0e5a1e14ecad7c4f7463821d42f150bef59a6c09f09c34d4c3f8a17df2f915b50c4c9ac692441a659ba2c9718c5dbc5f8d93c24f7d99b8a4fc7ffd93ba161f48c63e52bb3934485df8b9cab2555d564fdccc6da910befeef7be29a2036334294b86dbd91c02de0055099dd7a7972b56b15ffff01c1849dd4a49f1867a561d4dab257f7576fa7c56c55a81451b610cc1471f04f971a801bd2e4887369d11da0f65bf1a50996b6a2c9878e5af07256f5dd6625b5f79908da11f31fb4c3b85b008cdfc2f1e74c5b30cb2b85613f472e0576054db271ad928ff9dc944938039cddb156cdd788aef603bea0c215a023880317201ec5c4e39085b80e75345e4c30acd033a149cecebdfbb3748be5f3a8e794a6568782d7e3ebd64d40cc680eea5a5994c387df19c8ba251c50bcbda994607ca8e4d81d6edecd2b466fabff3987b3e70cd7046492fbfecad30ffa79d5a7b0e6cc9f6497325a35b0756511099d85bbc015841c4b3fe6d0ac2cd3bae3865a8421d83c0ee6aab67c81a7f89e7da6ea8a651de2678486aa6f3ab4e6cf8c4d65e67ae8b8b96c310c76eef47fc27a7830f46195d0bd9542ea40fd64ebf96bbe1a266e56b92ce1bdffe78f67367f0eba9f6ac03225be7de14af06af2c2b76b33c39df1839a04f0d2a95eebea97e9c1eaf45e57c0196d549ae78030b9379e5b1586e541bcdce874f54594ed0ef5b447199a10a82b41b199cf246a7e01a6f1bffd150e453b81bfa7bf81d5bec4937272970e6cdcc37b7f3e86d20faa2047b89ff797dfb240425691e322a10cedcb591dcbf32edd96dead1a9b7d04add0f1559837b5188df16e4347b135e874e6ce143feb8c2c9ef427bd7884e0d68424d9e72e4b8fd679b5aff0263bdc1aa570247538d67f6f392e24d7d478eed1e11c49c2100a04a7eaf3b0a5b6021f63"}, 0x1015, 0x3)

06:39:54 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x804, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x1ff, 0xf89}}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x2)

06:39:54 executing program 1:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100))
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:39:54 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, 0x0, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:39:54 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:39:54 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, 0x0, 0x0)

06:39:54 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r6}}, 0x0)

06:39:54 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 64)

06:39:54 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
socket$inet6_udplite(0xa, 0x2, 0x88)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 1752.874207] FAULT_INJECTION: forcing a failure.
[ 1752.874207] name failslab, interval 1, probability 0, space 0, times 0
[ 1752.876605] CPU: 0 PID: 9355 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1752.877992] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1752.879690] Call Trace:
[ 1752.880255]  dump_stack+0x107/0x167
[ 1752.881009]  should_fail.cold+0x5/0xa
[ 1752.881791]  ? skb_clone+0x14f/0x3d0
[ 1752.882557]  should_failslab+0x5/0x20
[ 1752.883331]  kmem_cache_alloc+0x5b/0x360
[ 1752.884188]  skb_clone+0x14f/0x3d0
[ 1752.884934]  netlink_broadcast_filtered+0xa08/0xdc0
[ 1752.885998]  netlink_broadcast+0x35/0x50
[ 1752.886837]  kobject_uevent_env+0x93d/0xf90
[ 1752.887746]  device_add+0xaaf/0x1bc0
[ 1752.888521]  ? devlink_add_symlinks+0x970/0x970
[ 1752.889478]  device_create_groups_vargs+0x207/0x280
[ 1752.890484]  device_create+0xdc/0x120
[ 1752.891268]  ? device_create_groups_vargs+0x280/0x280
[ 1752.892341]  ? init_timer_key+0x12a/0x2d0
[ 1752.893199]  ? ieee80211_alloc_hw_nm+0x1e5/0x2320
[ 1752.894199]  mac80211_hwsim_new_radio+0x352/0x4250
[ 1752.895190]  ? ____sys_sendmsg+0x70d/0x870
[ 1752.896040]  ? ___sys_sendmsg+0xf3/0x170
[ 1752.896872]  ? __sys_sendmsg+0xe5/0x1b0
[ 1752.897677]  ? do_syscall_64+0x33/0x40
[ 1752.898460]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1752.899514]  ? lock_acquire+0x197/0x4a0
[ 1752.900317]  ? create_object.isra.0+0x3ad/0xa20
[ 1752.901291]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1752.902222]  ? __kmalloc+0x16e/0x330
[ 1752.902988]  hwsim_new_radio_nl+0x991/0x1080
[ 1752.903878]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1752.904986]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1752.906324]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1752.907622]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1752.908625]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1752.909936]  ? cap_capable+0x1d6/0x240
[ 1752.910767]  ? ns_capable+0xe2/0x110
[ 1752.911546]  genl_rcv_msg+0x33c/0x5a0
[ 1752.912348]  ? genl_get_cmd+0x480/0x480
[ 1752.913171]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1752.914241]  ? lock_release+0x6b0/0x6b0
[ 1752.915055]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1752.915989]  netlink_rcv_skb+0x14b/0x430
[ 1752.916843]  ? genl_get_cmd+0x480/0x480
[ 1752.917674]  ? netlink_ack+0xab0/0xab0
[ 1752.918502]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1752.919440]  ? is_vmalloc_addr+0x7b/0xb0
[ 1752.920289]  genl_rcv+0x24/0x40
[ 1752.920964]  netlink_unicast+0x549/0x7f0
[ 1752.921813]  ? netlink_attachskb+0x870/0x870
[ 1752.922711]  ? __virt_addr_valid+0x128/0x350
[ 1752.923641]  netlink_sendmsg+0x90f/0xdf0
[ 1752.924492]  ? netlink_unicast+0x7f0/0x7f0
[ 1752.925381]  ? netlink_unicast+0x7f0/0x7f0
[ 1752.926232]  sock_sendmsg+0x154/0x190
[ 1752.927004]  ____sys_sendmsg+0x70d/0x870
[ 1752.927838]  ? kernel_sendmsg+0x50/0x50
[ 1752.928642]  ? do_recvmmsg+0x6d0/0x6d0
[ 1752.929428]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1752.930520]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1752.931569]  ? SOFTIRQ_verbose+0x10/0x10
[ 1752.932430]  ___sys_sendmsg+0xf3/0x170
[ 1752.933233]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1752.934180]  ? lock_downgrade+0x6d0/0x6d0
[ 1752.935039]  ? find_held_lock+0x2c/0x110
[ 1752.935894]  ? __fget_files+0x296/0x4c0
[ 1752.936752]  ? __fget_light+0xea/0x290
[ 1752.937569]  __sys_sendmsg+0xe5/0x1b0
[ 1752.938353]  ? __sys_sendmsg_sock+0x40/0x40
[ 1752.939225]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1752.940224]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1752.941264]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1752.942290]  ? trace_hardirqs_on+0x5b/0x180
[ 1752.943171]  do_syscall_64+0x33/0x40
[ 1752.943921]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1752.944965] RIP: 0033:0x7f111cc48b19
[ 1752.945715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1752.949423] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1752.950956] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1752.952407] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1752.953845] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1752.955278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1752.956709] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:39:54 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)=ANY=[@ANYBLOB="ffff00000000000018000000", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB='./file0\x00'])
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:39:54 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, 0x0, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:39:54 executing program 1:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100))
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:39:54 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x4000010, 0xffffffffffffffff, 0x8000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x11e1d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x8000000}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000280)=<r5=>0x0, &(0x7f00000005c0))
r6 = syz_open_dev$mouse(&(0x7f0000000140), 0x7, 0x10000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000300)=@IORING_OP_WRITE={0x17, 0x0, 0xe9950f12de09ba13, @fd=r6, 0x4, &(0x7f0000000240)="3b7a2fc62521ac08e77789707772db98d09cd91a781217000c0500a75d8ce23c9e25d277088818029925bf44f655eebda90a30813f076e743376ca379fd1e53bd89d6eef490ae3f072c74c06054bff5004797ea12b2a934eee2348ca2c0029369ce4abc4c975ce6b2793bda2467656baded1cef32a3d5c5977d24d587d9ea9fe9ddb1e1dc395425df26cd0daa5ac78bf506ab4f0", 0x94, 0x8, 0x0, {0x0, r7}}, 0x40)
r8 = signalfd4(r0, &(0x7f0000000040)={[0x66]}, 0x8, 0x80800)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000140)=@IORING_OP_TEE={0x21, 0x5, 0x0, @fd_index, 0x0, 0x0, 0xb9, 0x8, 0x0, {0x0, r7, r8}}, 0x1)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:39:54 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, 0x0, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:39:55 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x1, 0x1, 0x12, 0x6, 0x2, 0xa12b492dc3d51d9d, 0xfffffff7, 0x27d, 0x40, 0x22a, 0x3, 0x0, 0x38, 0x2, 0x5dc1, 0x81, 0x8}, [{0x2, 0x2, 0x316, 0xffffffffffffff80, 0x0, 0x6, 0x7, 0x6}], "4245b2461a1750c849fc97beebb3c1f81538b101ea362330acb90af64a51cea5be3dcfdc16ca3af8b8e8fa8c969bc75aad7e4d76ad1504332a0c74251334f635aa22751e6b87e57e7ebae4129372b83cb6aa69ae9f9cabde1e2884f80f80305e47c368d768634a030d246b6c5c56438745aaefaf18663f0eac692253a17c95c9903ff2f23a4f94f4ab0b432430c313ccced7f32341f23e298c8e79154a993629ef455152069d38d40bdfa6171ed4fc4f64c8d86c491b402510a67688d5326df1820f24d4c7345561f8fa9552fc2287b04e739668aa0462ad0523caf3ad9e6a803b7893eb2ef52e5be44a1653afe44d73bb30676b1ad76b7d913a8ef85929ad93ce722c9002f0024f4bae12fb1492f6cb21ddc2b7f3ea08a66081b2af4cdd220540c66d9a75d1043770984637943f788b1e421ea6613ba322270477d1064b4bb880e85b681c1d3a7a6b008be35f4259cd0a231146ff88d1a88e89be8bfc87225ef3b8cacdc1d6d08f42658c092750a73ad3ee2abcac4e129578defaf1b09ab882eeecabd8e090adc4284e5c7e0ec9410d87322ad2de1a50a8ee343899fa06f5388c0d3ddbe8508419479e23118dee74c8854fbfc01c4730e40f83da678ae7846554d4e3dac05e5deb2d3ed99c6472e1efe48dbb0c333dd1a505b26a25410b747d59814a96e41c26bd637d7ce08ed29cdd282e93468c193e230d9e112a3791f47b64a648c973a28bfc6e34ce04886237c7720e4b52f0afa0e24a8c02094112479a3d1f0ac573af302e5a45e914970d71da1755369e355d43b73f576b670989bc22207ab2d5ca262ce51840aa603c4387dac26fdd5d9f124a1d99373787fc7d489b13bd692b5e50501aa42547aa3ebe7f3796a5b9b503e5077d484d5bd65af5f66677a3ca4087e746ca7d736a908d78f465003c6258eee4c3d8d19c7470b305ffeb30fc51955ac499ce62d346cc0bb343abe3f6bbdd78932fa341cb963292bd4dbc8ced272724674a3e087af037bece6eca104483fb41ff6c095550927a19f93b712fd680f65bc8317db149d79ae954d843554da48c882346b34bdc92c67ac4fc8b23798099e3c5ed4a03b4b52ffe34e159443d1391e5b4c89ca3e4bda336f554b9d797e31387461098dcdfdfff2bc8c2960dd488b5cad65d3651253897b2018eac52ab41649364b9280255ab1a4b57fd775288e5cdac36a4be1fa738048ae9d7564cef00e04da16296ccab334c1af2496a79d6745d1666f6b19b56d4938760c3bffe043f2e86071c77158e84f016d38114a995492b7c2b096dcef54470dbd831744e5ba57f75295e2fd95c80d3b20cd3090e4143501d2b6c2758215e43532e113663aec37db348237208cdd5bd833af820aab6aad47636fcc31c026ca1d277505db6bb1d648cefc49558b2cea0445a07c3a459a85e11ac7020b1e9e2d2a1de8c645193298ddc0d3d8d516eee1fb5ef8d82dbe3399de013a9fccedd1c40178399362d2718d3f042a0f6db7c81211518e5384792a4175059ec164b4605200aa0461c17576b6cd2f094c0b3cd05c76a4fdfb6dbe5f1cd7ed288c7c61480e2ac40d2611d9b525970383212f2eeabc167c1b14a659842f18fee84ad22cfb5745f618d8689849ce80d479551f6856b6ca1f83bdb1535a2748cc9bf5cce80f58e79d2f6a28f5b6a1452a81122ae785680b463b3f4e42cb94491c046f86611e47d51fba8e6c6776da1a16e45104d9fcc9c01d266a7db1d63c662bac56bbf64a430b37aa06fc374f632bbbd007a368792f919c6dd509a19130b4850c89531cc2282a6434637c0f5ee0223aa7ad3f3f8b6ee85e489705a0d70a1200cb07f59e8a180dd02ab1970030a5e042b52b176be15da0e864daa7ab1235ad25c4cf5466df79a1b5189140ec788ffdf82d69d6022e1ee74e2e39b69bce3f39018a4df9d45947f8c66db02305b7fd4926b1c8b7c7b447f168e9a169f302d380d38d4d5f7af91e2b7bb7b88e248abc937a087608d01cee03c21f79a5b123967bf6a7de7762f1c1d6d2fa58e86569a36d945f2c2b2799b41e57749492b7429174af66631c9e67de06a8cb900e3e40c07e6f45613a4995dfe709a6522bc3bd58408971fe167213353fdc59164ab1b4ce9cd7f31dbfa4454ba03358e49050da0725dc42bce707bf76ed24b3b2bac3f988935a77fa2f2b2a0d48f794c547903460c2e8fd2d3f5513c091c961bed1e1d8a23ea437eb84c2ea625bad52356cf1ad7819401ee6eb4e360e7515ee303669715af4997f2a4a7150e3bf422142e6db7269aac4fa2888742f483cd0147342e9249c000cda6f54d8b654a6e1ae8b7e56af95fe83c68ea6998bb5b02b0c4c83eb7041d7aad2eb05278d0a7fa9cf4c21a8660fc2323b7d2a79221d981833e0ff2c67f0b57532b31b57bf7866d4ce5807378241809610db8d6325c4881b8d967e47dcd9a4f7d09591f75a8e4a11bd61e9826d69cf56aa179e2590ebd60fd21efa75923e2cb9de91667d38dd54c39a1a79a4e90d8b38ddc005cefd2ce8cfad71ea57022f21b6fe6d947c6fcacd1863f205765842a4a7b9fe6b3d72ff1d0385f13cce6a4e77b74a01f73c1ee3ddb823ef70b81e4eddeb0af3d1cf15e599f5b45e7cbc64d933e947b25f546dd7aae2eaf7d1d7aa35eff122c2371ca97b47e3b59d5235cba4944272396813d317a675771a1419f346accb14cffddef0c434d1a3358baf0c8fe8b3aeddfa97e73c9e14f5a3f796111d779c7a3751d4912ebf884b0038aa3853f7efac117f5898196bc641ea7ccd6ba0f23fc32c97749fb84ed484f16dcf34db78325ed89341ab172d61bcf789811b5dbd224520008b1575fa01da3b86744f00d3d7ccb2e7bb03a4ade57977c01e0c0e24c49845f4683f1fb04f1c727fd3485691ea54f8e7af730b746d6430292cf876ce982a0b0c0c4a767388b862305646d6a1ea18f447f11d5a08b355a1c4ea26aac7f9a550840a714ec036de7ea12576bb26d108ba98171ac628f2ea44bf56b39ab576963eca1edb5afc5ea5a5bbdb504d8057fb41fd6119f262ecb90d3d86968e8d916fa18e8bd464d10824490bfccc31eae4b69992e8414c7197170037392725cff79a9a1c20966c528c553c0d68f115b6e6b6c4a8a2c84070e0db21ebbb13d328f2082485aea0c4f9803994d3a1696bbddcaf18055dc94699ed6ff3480d55236f3ec105621f075b4239ae30e2f9c2e308801d4a478d95852fb95dfbe3ec7401331f44f73c19d8abbce1c66894380ec1835787a39db3e0a5e48ea713aa0224c8ecb2c5e25c1d63fb2701f3d27806069d7e9f2dcc02568a949820eaa1e49db0062d5bf1b719d8dce359dac2502767184364a68b1bddbce7c6125a4148139a2301e3f4a11e7995440395c664c4abb175e551a3e43abb29d998736040ab1c141df4e54a56568f606026f5e8dde5cb97d50e45d79356dd9d7fb22d04f795011a3baa1ce5d88868b8dddb3225e583cc9c125b0f17b9e9fe89f8315f4d742713b7aee116d9a8fdd1521e0034268e3d67a75fa8259b3b704868b6474a60aa5dbed6f80636d29c9cf6f6120e284d12eb92548d3de70e1cbbad595ba57047dd95d6f4073a8f72b76f2ee8bc551d7ac986a62c407be0df30b44fc42334620ecc43260fe9010146841f183d7c2f7a697004e2dedd9d0b4b8b59240734916cd3f97d639353b3cfb3cf3e5717dc7496626c7126339e83ddfa0ed9622d7d8ad8d342927e23654d17fcec8f840ccca8053eccc12b5be0b4fc48fd88bdfca0b860fa069df19438347d8bbef036f5904d112bc270f162eacfdf0e3e9e479cba68ea5b9aa2dfe242acf7eb3827614eec3fe8fb8398ba77c5627b25a060af737f06de1c7aa4da8036c7d1a54673f8c9d4f49004e3300263f53f49022b966eeb4480ecfd23bbc3fe35ed49953cb9fc1ccd975f7eb9a65a7b08d2eaed6c3f85383283953f5d5a24c97a5d3571a838dc33c5ae21c583eb0ec809ce1146476011e7393d35e8aca541ba0f696df903b662e0992cc4ab93aff48f7ba6dda05e896cd184160cda5cc80238024cdbcc40fd782b6286cb0b04dc7726866c43dd0e16bbec9d0c3de46e405daa34d1a322e14ae33ac92a6caf4be6ca7ce4e8a49f908a4364a2b126ac5276c35024dd77b22b59a611f7c7ca54dc7e93f831b6d39b47c146b19a287e0bddb71eb169181bd0c5587724801433acabb209f835a743830705d459050e9a3a439722ed89b9571c3419f5e38704cd42d116664065887bb5dff1add2524854d0a00f542068da79af58aaf6df123a79cae2ff43990c7bb4ecec0a576bdefa9c4713bac0961525c8b375d4e8531374b98ac319e647148964ef6b96b2c47524eba5fc9792bdb910a7ca4418b22fe76d53c416044ca16224f499694c2f2937e38d6f094276ec95a2797a3d558f7eefac532fc5ff1c8f75e94ae877ee46c3c0d2cea8a0ebd08e6105ef0b4c2cff7841ba76f77b047cae1615a0d3d7211f167f2b3938f271f6b38de63f28aea8c7bf942d2a96b13555a0fd2018f30b5f50eaa3549bc3d23011f7bbf17aa2c99ed92336209ada7d03eabd4547022aaa2775e4bf58f7863f29e57f354d9430028b02a0f10a3d66fb7ef313a2760244a4e21696abf80ec3d0c2ba9e84d3043aa606f73e2f73741751a1624ee047e8b83da047b1480c96147db2e196360466fd045d4943abb7f61fefde3285f8904b792425585759e181242f9daa2d0ef62ebb53645097b90529ded5ff0b87ecf222c360b303f6b0d46a877fd9f2728eabba21535568fcb08752370553cd8fcf809fd5a9c28db20274eba079fac896dcab6af31144221c71f2a84293afa3ea4c725c266b5e0438a58793139cbcbe7c17840eb49a4a11a83333d6cce8e701625a5b969da20b8a4bc5a0f7876eb37d67edc8fc69f0837ab3617e6fa0a049669863ffde78b9858b762f6414f92adaae1f8ee869e3659d623f1f2bf8337d09a6da67d9dd24ca55ffb56227b69fddcecf27e11a383d9e5b040e6e665ceb4274caec55587e5bfbfcc891669d7f51de6052db670c18ae00a4d4c7d58ba931d687ab173d89877df2e8b65e4245f239b712bbbc4f5fbc8f832a08df6c2724624a95ee0fa58aabfebcf146b2e01de5d9de3a2f646266917b7e678226312aaf4d86c372fefe4388a63bbac137e75cde65e1c5f9d2a5983415aa8215a136bc0faeca6031ed10418ad689d418a7316d9894da365d6d0ae44c904f2d8dfb96094bb917e95e20a10c2d67f0b963499bc0a2d01f6fd39714c3c5d3e3218a69f828c0cd767b42e35138a1645847474b963017008c70c7c79e42fb1a95b8fddd20966b9ffda778c4253fcc411484b3e16a4864eaa563bd24c096f27bdd820583e28cce67c5337fbc580a1d338cff45b752fa3a2f1b647c86edc00b37ead51ffeb1f177ec65b92da8126936c2d586999410cd01e86bbbf6e054d1c999f90599b7688facedb8ba265e3251a46161a9c0b4c76afb0534f52472e2b9b55205a43f66266435377b40791fbc5b1edf2bb628ca22c73f2cf07859b90355308d0384fe7cffdd7cbe34145be272f101683b02e97f82b7e03f4c648d40d33efcee3aea7bd1ac5b3c7e93d5be4a5f2db7ad4343243edff080bb931a6beccc6b3d80cd69b623d0edf7a823dcefa317a4996f9670e39ceed3c94ab84f122f9ecc2bc2b87a53c93e3e72bab0306b1449fa796678a9e19354c3b9f85cbc13905833e4568b362ce71531154dd1a6c607705724a48757dddb34da042d2b329b6d8544640db707b2b725b2aada6881f", ['\x00']}, 0x1178)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:39:55 executing program 1:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:39:55 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, 0x0, 0x0)

06:39:55 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:39:55 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0xc0a85322, &(0x7f0000000240))
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x1, 0x2000, @fd=r4, 0x2, 0x0, 0x0, 0xa, 0x0, {0x3}}, 0xd3c)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='io\x00')
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x1010, r5, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:39:55 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 65)

06:39:55 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 1753.675001] FAULT_INJECTION: forcing a failure.
[ 1753.675001] name failslab, interval 1, probability 0, space 0, times 0
[ 1753.677370] CPU: 0 PID: 9395 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1753.678745] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1753.680418] Call Trace:
[ 1753.680959]  dump_stack+0x107/0x167
[ 1753.681712]  should_fail.cold+0x5/0xa
[ 1753.682491]  ? create_object.isra.0+0x3a/0xa20
[ 1753.683391]  should_failslab+0x5/0x20
[ 1753.684139]  kmem_cache_alloc+0x5b/0x360
[ 1753.684986]  create_object.isra.0+0x3a/0xa20
[ 1753.685868]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1753.686874]  kmem_cache_alloc+0x159/0x360
[ 1753.687730]  skb_clone+0x14f/0x3d0
[ 1753.688455]  netlink_broadcast_filtered+0xa08/0xdc0
[ 1753.689507]  netlink_broadcast+0x35/0x50
[ 1753.690335]  kobject_uevent_env+0x93d/0xf90
[ 1753.691229]  device_add+0xaaf/0x1bc0
[ 1753.691991]  ? devlink_add_symlinks+0x970/0x970
[ 1753.692949]  device_create_groups_vargs+0x207/0x280
[ 1753.693961]  device_create+0xdc/0x120
[ 1753.694720]  ? device_create_groups_vargs+0x280/0x280
[ 1753.695758]  ? init_timer_key+0x12a/0x2d0
[ 1753.696597]  ? ieee80211_alloc_hw_nm+0x1e5/0x2320
[ 1753.697585]  mac80211_hwsim_new_radio+0x352/0x4250
[ 1753.698533]  ? ____sys_sendmsg+0x70d/0x870
[ 1753.699379]  ? ___sys_sendmsg+0xf3/0x170
[ 1753.700159]  ? __sys_sendmsg+0xe5/0x1b0
[ 1753.700977]  ? do_syscall_64+0x33/0x40
[ 1753.701732]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1753.702799]  ? lock_acquire+0x197/0x4a0
[ 1753.703578]  ? create_object.isra.0+0x3ad/0xa20
[ 1753.704546]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1753.705458]  ? __kmalloc+0x16e/0x330
[ 1753.706228]  hwsim_new_radio_nl+0x991/0x1080
[ 1753.707099]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1753.708172]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1753.709456]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1753.710772]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1753.711710]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1753.713038]  ? cap_capable+0x1d6/0x240
[ 1753.713832]  ? ns_capable+0xe2/0x110
[ 1753.714593]  genl_rcv_msg+0x33c/0x5a0
[ 1753.715371]  ? genl_get_cmd+0x480/0x480
[ 1753.716177]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1753.717222]  ? lock_release+0x6b0/0x6b0
[ 1753.718007]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1753.718915]  netlink_rcv_skb+0x14b/0x430
[ 1753.719713]  ? genl_get_cmd+0x480/0x480
[ 1753.720529]  ? netlink_ack+0xab0/0xab0
[ 1753.721326]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1753.722243]  ? is_vmalloc_addr+0x7b/0xb0
[ 1753.723054]  genl_rcv+0x24/0x40
[ 1753.723719]  netlink_unicast+0x549/0x7f0
[ 1753.724541]  ? netlink_attachskb+0x870/0x870
[ 1753.725418]  ? __virt_addr_valid+0x128/0x350
[ 1753.726302]  netlink_sendmsg+0x90f/0xdf0
[ 1753.727139]  ? netlink_unicast+0x7f0/0x7f0
[ 1753.727987]  ? netlink_unicast+0x7f0/0x7f0
[ 1753.728835]  sock_sendmsg+0x154/0x190
[ 1753.729588]  ____sys_sendmsg+0x70d/0x870
[ 1753.730405]  ? kernel_sendmsg+0x50/0x50
[ 1753.731182]  ? do_recvmmsg+0x6d0/0x6d0
[ 1753.731955]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1753.733008]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1753.734039]  ? SOFTIRQ_verbose+0x10/0x10
[ 1753.734836]  ___sys_sendmsg+0xf3/0x170
[ 1753.735613]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1753.736526]  ? lock_downgrade+0x6d0/0x6d0
[ 1753.737365]  ? find_held_lock+0x2c/0x110
[ 1753.738182]  ? __fget_files+0x296/0x4c0
[ 1753.738998]  ? __fget_light+0xea/0x290
[ 1753.739769]  __sys_sendmsg+0xe5/0x1b0
[ 1753.740548]  ? __sys_sendmsg_sock+0x40/0x40
[ 1753.741404]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1753.742344]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1753.743383]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1753.744385]  ? trace_hardirqs_on+0x5b/0x180
[ 1753.745248]  do_syscall_64+0x33/0x40
[ 1753.745976]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1753.746985] RIP: 0033:0x7f111cc48b19
[ 1753.747706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1753.751314] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1753.752776] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1753.754161] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1753.755554] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1753.756907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1753.758292] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
[ 1753.780110] audit: type=1400 audit(1678603195.565:19): avc:  denied  { map } for  pid=9392 comm="syz-executor.5" path="/proc/9392/io" dev="proc" ino=35403 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=file permissive=1
[ 1753.785531] audit: type=1400 audit(1678603195.566:20): avc:  denied  { execute } for  pid=9392 comm="syz-executor.5" path="/proc/9392/io" dev="proc" ino=35403 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=file permissive=1
06:40:12 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, 0x0, 0x0)

06:40:12 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 66)

06:40:12 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 1771.015826] FAULT_INJECTION: forcing a failure.
[ 1771.015826] name failslab, interval 1, probability 0, space 0, times 0
[ 1771.018388] CPU: 0 PID: 9411 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1771.019820] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1771.021540] Call Trace:
[ 1771.022096]  dump_stack+0x107/0x167
[ 1771.022867]  should_fail.cold+0x5/0xa
[ 1771.023716]  should_failslab+0x5/0x20
[ 1771.023738]  __kmalloc_track_caller+0x79/0x310
[ 1771.023759]  ? kstrdup_const+0x53/0x80
[ 1771.023798]  kstrdup+0x36/0x70
[ 1771.023825]  kstrdup_const+0x53/0x80
[ 1771.023851]  __kernfs_new_node+0x9d/0x850
[ 1771.023874]  ? SOFTIRQ_verbose+0x10/0x10
[ 1771.023906]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1771.023929]  ? device_add+0x464/0x1bc0
[ 1771.023971]  ? find_held_lock+0x2c/0x110
[ 1771.024008]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1771.024047]  kernfs_new_node+0x93/0x120
[ 1771.024086]  kernfs_create_link+0xcb/0x230
[ 1771.024118]  sysfs_do_create_link_sd+0x90/0x140
[ 1771.024147]  sysfs_create_link+0x5f/0xc0
06:40:12 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
r3 = syz_open_pts(r1, 0x40080)
ioctl$BTRFS_IOC_SNAP_DESTROY(r3, 0x5000940f, &(0x7f0000000180)={{r1}, "7d217686a8f42cc75a82f2b14464d7a0fe189cb5115b15ece35a60395c603a7de1bd02bd5092f84007dfe45dc0905a4ab8f97428ac32375b9d340b2e21733c0ffd0ab423f70948243d255a6b72a2ac52a7432cb8f3da9ef719d6bef82251aa8b34a20a0e0a92604d57955697f3e177f16195a305501793b9e919d70af53e97e1dbf953b5bba43f1bc121a58ee8293bafa2c22612992b596d1218526d6d34ce11d9d65f8868ab884069587aca08cc1e1aadcc4ac85abe51ffe8fb8a7b81124bdb53ddacb462b07d611b1d5f405a78aa87e25fc9626b8bc450e5348e74cc3374b30499b2371d6de7dbb437be5ce66e84a3fd7fdec4ccd712114293ff11503a5e2bf2746f5bcbdd415f58c9d78ad86e4be2c442a11859e1c32022cfb29554361a1f686cf49d69900967eccf7a78b822bbcc5763e495297deb61d949ecb57c464c1ab9be4690c24cc390f613bd05fdfcfedf74e02fce690e23e42f8a9b091bc5f2ff99d56fc80d1335e1ee7c3c014c9a05b11c2f68bcfcfd4ec2daf9c2ca89c3e8fd8cf1cbf60e214fe3a0b917afd6d880dda0022864cb3f556eb2ba4d2391dcf08383aff516e07cd9002a2cde053456722af57fc93b023de0ba83575883d5c2fec4d97a92fea16794ec61250a6af6034f1ad58558f64a5b188b9aea0b9cd406fc9ba9db4b8c1e96136a8d7818759f77367b6448385ace84f786f5ea84f9fc6b3946dd03031d0a358a75dfb4e710662e55cb8c6a7ae1a61452be3c0b1778ccab2275989c97e75835513e4b952bdc42fbbe3aed6fd7b729b5676e1be3fde922e493f857206baa60f08267bc644a7cbd6b667580a56166f8014c4f3fb404affda8c57c00eb66d8c295d57d67213ce06df366f117368a80242300193b4eb699628718e76f1fecb84ef43d55a2be57835be40ea1f6011a7829457cec17abe7382212e77de75426206d136392930c25bfc63d2f97c7b068e9f17e74f3d6e9250157dee2a6cc008ed3cd638a3750daef4c644db35f5a7c7fe31534207e063930ffa88ee52b13293a149b8a76d9ad3f78f3c50fb59f5dd0ede4b878032583dfe685aa6d891051c4d0a10656c561df70b48dc61a86e71227cc5edb5b3472716a306822b209a9a9391edc9223756edc9b4b72f0773205d462ff02731d863673d909f710b7aec3d3a0a7f52410911ca6da3fe457a788917836e538817301c4fabb769ab71c9759eaef002c443960a418173edd1d498b89bfa103c0b985b6f84d19b791178812ce5d0bd3f3102d8aede9b5c66fbb1d54704b54b416363a55169f8e74d3c9a7fec75f3d91dcc5ecd573ffd4b1e43521f15c5e17228f2e91f8921d2f164085b93cc96c367876fd265f627013eb729b5c90ffd535bc8ad11b25643113a479104d4b405025738d046417c0371de806d8296b862e3c8e0653f0f82993fb630ad0b593394f53e7ce6192792e5261e51adc1c977e8f1affd3dee61148b937f38a4fc5de6061a4256dc5704896987cd5266c72ccdf2e01306938aaaf1058e7372078ed12dbe020ef1d99878713af8b4fa86f4632130b0cfa757a1c9787062ad33c5091ed65957c53ef6d0be8e178e1ccddc80ce823c364d1a74096f89cb030900b8840be242656885cf60ac4018d79f6fa8cd5c3003e35c2fca9789ba5d0e69ee9534e16ac90b6fe1506b8a1127be90b323f301d7f6cc1a489dd113c15270483ae8dfa9df147c5efe525040f60b45a0f8434ebaa5300f7b79c99fd409bb026ac4df9b444001ec2ed0b7e0e71c8238896005d1eee42416a9e9dd280512f6c1f560b18c0a752da545cfb1ab6838c36b8ba2948004d5be9b73cd84cd585501878623cf8bfc2647e1deecd36691d6223a88357d8032439dde1873aa1e6ee4ecfc87c7eb4519de0096915cbf3ae845d50d1dbfd302e8c70acce05a7959dad0af39511f916f85784d7dcae00cc3f7e76f7bbb79a56d778008d61da2e4ba27e5a4ca949ef8fd2b6915ce14064cab605d438fca38182bb4593872559fc797d4137db977006b13b9996a0e52be70d3a94417f10caf690dce08fe276ef7f88077d9ccef184c34fd689076e6deee8c33eb6542d65e2a1f818845c934b86a86bdbfd5c796beb270c47b9085fd4ebc8c923eb29517795686b4e248f54d3d82345d4251057985b5fa75ce64d7fd347638aa8f350031d048b2c0a1d0569fde38b8d1248a1bb4cf940e384c9ba92612d39feac37f56303ebfe9989bf98993ba7c0e85cce4f75c82194a42344755f506e8b9fb9a6266bb8ce54a720d7cb1d976f69bcecd81758b3dcabb3c467dcc4939c663a0fcbff6cd9b0ee15ae77e69fd6af8ce7dd8837aeea45075f3537daa4b2cf9f9f933816d621d0b5615cb1e4928c4a780f7ac65ebb701d1b6e949626b47643f2830191f0c32a40e04de44ea5a39b5aa504a5c19b6b534d1a877d41750b36655d8b71e8f57d9acf4dd037f94c6b40142f7fbcdb6785bd706be1b73caab31ca77db22fdd8ad6706577fcd047f83e21d1944064c9bb10f060e9b782fab54652e9dfdce6e6a0fa62cb9b90c4db530f235c2574c6be1b5587cc9186c9fc64cb58e209909c72fdfbcbd02d2c8dd8cab249fec6373f48e81c1051e4b2de89dd5a874626ce5a24f1d70bc87fb2926586dffdee410cf0e81345c2c3e7154e72b21f7a92891f40780ed013dd24ab001f5093016be93cbf5fe478ce15a8aed712f6048ea4e6f6043fabdf32411d0a846f14bb2ced71858de108de529f8507ff3dba4da8583e2793d71730966d4d49fb0543f4b91ed98f300c8586d52356d8a4692681519b27e4821cb85623eea3f2007eced7e564b0ff09cc359fc7895e2086c8552eaba4dfe584901463283ef226274bc3d00c1821faf367b821467717b29666e8dd6909dfced4a649ccdbe6f0c59711dc2b35d172e75983b5917f261a7119cb4ac0fd0b20632b1beb803728c4aa0b268fb051004ee48df9ec68e6f2dd75e696379e9d11c7ea2268995fb278bd33d66dddb133ab8bfaf36b7b8a336b6fdb99e0e559276078ea0041ec314a4deff23253dcb00306209c68e2345bca53c0a975bbb2b1c13b6a9573b5c2e763ccaf326d70ac31ab4e8d42c454b57301c6e6414ff9ce652ab88c2a2cb44dc0ada746a5dfcb5a51bd12152affab30cb0c422011b0d7c9d6912058e85a30785e36c43904508b08fd31de82046cbacaa29b2a4ed929da2281a68504433820a3566f7debbbd16b5be27824b35aace24c848044ad87bc4dff3a13fe9b228ce42ae36127c4fc013b0a83380e0e848f70119d19f66e6e070d1c1290935de4d04f004f60ccf6516b66378ad52c8adc3f92a1a8f1a20a7ce7b6d9ac57ceb37dc218cf5dce5eefadbcded4597031522cb3de7989bf9c2f3f2d8bb4309a128772e19465de55cefb34b6ecef08b64cd53fa81b9673fddbd4b9ee971e34920d96bc0f65ddff2bf8804e81406dfcaf8872a9dd5cd2d339487f8dbb4bca3377d21de766b62bc03b807979a7d5d9cb546bc47d1340fa0f8494bc941791ebd4e4463155a30e7b43a830ee2131016bca417a5c18473ea84674df721117468f96a117d487441899fce4b935d2483e964f6e170b922540fff5f5f484eaf98cb9043ab74c4732c312e3f1ce8ea88d0042b859ec8dcb2e116b0006b800696527bc5c1f5ff391a048c6358bbde86eecd6e40277419267b005eec8d9bfec7d1ac194e32eb5110f6d53f6c9e7e4c831c7ab86e6c479c9a7e47a3a16d4e5118514a4bc3e634f0027d2fdaa5470b061c7500ab7ea010dfae0f59626e4046f40150001aded14d7b0005a939bcd9cc286dfdf7e477035e1f124b5fccec4f2096d67e4b9df0a0e7772951277bb854bf67b55fb99fcfede03cd1152e1405e2cab5b125a8c2f002bcc55c4beff71445d7486efe8f441eedb05e29a37d869469769d963dde3b22c05ac10d0ce09260b132311df81c3783be52e5998dbfa8b9bc3cbfa84cb17a4c007fb4237467301ac9d3c9963b553de76164fe14cf2628f1f2512e03f8056d6d4d8b1d4e8fba76fa1c43fbd50f46d24ee3aa264604b6beb6160da9711490f588b877c85ca87535b5d45c47bbee876a30d07e210bef2b9d7760e946c857fc6e599e45f9b558c0f5e9b3d99e112c01f28f44d71d39097e49ac44ade1e69d46d1d487d5ff1ca30f6e686b1fbc1ab7b378b83199fb3f092fb3c8d70a63e6d96b92a9f3ee95eb43c84599d23e1b72945b9124f3c60a326738b017b217b36a9e1b0c997116576aea5b7c0952d27e012ff4a94e64d000cfddf54736f20322d75860729d4fb71c1f20015d8953e18b85ba44adf62b47856ee2ca0dd605492b1cd2a4cf6f00d0215c04e07bac71b3c45a15aa4e2f82ccc785578408386405ad0b1f5a028c3bd48a5855a6ea5385013341140ec21184f34ca1b27a4eee3813651d4968404c5050f29a978e568cf1b95ace050e05ec6a2920eaa0b86495151caae744ba17addc453294282059dc9459c3df985c17f3e86722bca67f70f65543d03473a7d7b4754400274d85d1a2581324d0a3fb96f958910c6a1cf1ebfbf469d78dc6c0f1bb9392baf214388c5237138d805181c9fee180790432f769b2e823466ccce01f8769e3c8776231edf712b824287b3989acba40b466c45cb9cc4056d3ce013ac37a9bdfe0166917b221031a6120cf4ce775eb5ed9577eeced9ca9fab7f9d148355eeda270d6865e8252857cfe8ad66274ad4f3da1368a28e65e772764f9f2d8aa50dc481913655e985e0fac749b9a5378f03c89fe2dd5ec4b43da12a7711f5f31827c45f0498254eb001079216d2970fc0e9f35fa705a304802b9b151a78f7f4a066c2e4ca541d0d33e68deb2e64c82a18912da69f1ba41124c2dc25dbbe505c9657f05a5b2771d799d4a5118df8b45e6bb6e9b8a14ddfc3bf7a001944971a9844f7110edb4df52b7c0484c25c6152101d229b49e9a1db1bffd4b8debe57ccfeb6844eb45d1c528d12d8c8644727ecf6f646e772cd1e5bbde22a5049ec17f4d0e0182a95d576622c524dc0c618b7189f2f514971ee9462cd0892b77013a8c51e6db64714a1d2fc476bfcab57d5c55727d2914e7e4d81f3676347a48d78ca5d2fbe5b3a6a89b8206224930e53894ee9c270f20ed17f718ac958a513273cd0c0ce0b8b758a91e2f23659f2555a851c5cd555cd9f1a4e313902ae0494b85f411e8dffcdec091ff60d5ecb9b68e0b7751dd9eccc323a3a4295a09474405e9c2405f1eed5d9d22cfa8a4a4974d611371baa7174e58cba7683cb60bb1a0bf6e5247db92470c5136219324793da10acf99477785fe68a1fb8e7d43e7ccecf3237a803cceee176c58b6ca678e44570f6d744194b3d3cf7797fc51462f26616ccab81a4673d4a87e9e6a57c75e3645c9d542cd064666a28f037a59521eb99eb38a285c73458697cf892321c28f17acb8f762cc5650d85bed857d0489776ee311223a3c64f9d70ced5f4709fd3d88ecae6142c62f8fb636781d6cf84bc2729004a349dfa206c2df10f3711ecacd98a4c2534309e372dc1780b0180b1cc00f99ed4f79a9fb1c330f4ac83b4195f2b06d37d66c5686862f2a80071c28573453e12b77fe5ffc2e7b14ec371902c1a818e3b8a17425b94f4b775bcaf8abe3e88eb9e4e222d0ec398394591539bd17b62c2ac21c87d343da318d06d18061db3732eef2a25f08818de21cb5574d6f4072509b9fd97ffd21b5e1b8716e0307dca3bc16a4cb428a0b0a32e9752a1f09cad379778a4c460e00f1d26032837c6693bef"})
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:40:12 executing program 1:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:40:12 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, 0x0, 0x0)

06:40:12 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:40:12 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x8, 0x2}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 1771.024176]  driver_sysfs_add+0xf5/0x290
[ 1771.024205]  device_bind_driver+0x15/0xd0
[ 1771.024236]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1771.024254]  ? ____sys_sendmsg+0x70d/0x870
[ 1771.024272]  ? ___sys_sendmsg+0xf3/0x170
[ 1771.024290]  ? __sys_sendmsg+0xe5/0x1b0
06:40:12 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 1771.024310]  ? do_syscall_64+0x33/0x40
[ 1771.024333]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1771.024357]  ? lock_acquire+0x197/0x4a0
[ 1771.024378]  ? create_object.isra.0+0x3ad/0xa20
[ 1771.024449]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1771.024479]  ? __kmalloc+0x16e/0x330
[ 1771.024520]  hwsim_new_radio_nl+0x991/0x1080
06:40:12 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 67)

06:40:12 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

[ 1771.024559]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1771.024619]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1771.024639]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1771.024678]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1771.024708]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1771.024732]  ? cap_capable+0x1d6/0x240
[ 1771.024787]  ? ns_capable+0xe2/0x110
[ 1771.024822]  genl_rcv_msg+0x33c/0x5a0
06:40:13 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, 0x0, 0x0)

06:40:13 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 1771.024854]  ? genl_get_cmd+0x480/0x480
[ 1771.024883]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1771.024921]  ? lock_release+0x6b0/0x6b0
[ 1771.024944]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1771.024983]  netlink_rcv_skb+0x14b/0x430
[ 1771.025006]  ? genl_get_cmd+0x480/0x480
[ 1771.025037]  ? netlink_ack+0xab0/0xab0
[ 1771.025085]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1771.025108]  ? is_vmalloc_addr+0x7b/0xb0
[ 1771.025140]  genl_rcv+0x24/0x40
[ 1771.025162]  netlink_unicast+0x549/0x7f0
[ 1771.025203]  ? netlink_attachskb+0x870/0x870
[ 1771.025222]  ? __virt_addr_valid+0x128/0x350
[ 1771.025275]  netlink_sendmsg+0x90f/0xdf0
[ 1771.025319]  ? netlink_unicast+0x7f0/0x7f0
[ 1771.025374]  ? netlink_unicast+0x7f0/0x7f0
[ 1771.025397]  sock_sendmsg+0x154/0x190
[ 1771.025423]  ____sys_sendmsg+0x70d/0x870
[ 1771.025454]  ? kernel_sendmsg+0x50/0x50
[ 1771.025471]  ? do_recvmmsg+0x6d0/0x6d0
[ 1771.025496]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1771.025538]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1771.025558]  ? SOFTIRQ_verbose+0x10/0x10
[ 1771.025592]  ___sys_sendmsg+0xf3/0x170
[ 1771.025620]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1771.025657]  ? lock_downgrade+0x6d0/0x6d0
[ 1771.025689]  ? find_held_lock+0x2c/0x110
[ 1771.025735]  ? __fget_files+0x296/0x4c0
[ 1771.025785]  ? __fget_light+0xea/0x290
[ 1771.025829]  __sys_sendmsg+0xe5/0x1b0
[ 1771.025852]  ? __sys_sendmsg_sock+0x40/0x40
[ 1771.025872]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1771.025937]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1771.025958]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1771.025980]  ? trace_hardirqs_on+0x5b/0x180
[ 1771.026013]  do_syscall_64+0x33/0x40
[ 1771.026038]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1771.026053] RIP: 0033:0x7f111cc48b19
[ 1771.026076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1771.026089] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1771.026114] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1771.026128] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1771.026142] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1771.026155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1771.026168] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
[ 1771.207783] FAULT_INJECTION: forcing a failure.
[ 1771.207783] name failslab, interval 1, probability 0, space 0, times 0
[ 1771.207799] CPU: 1 PID: 9436 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1771.207806] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1771.207810] Call Trace:
[ 1771.207827]  dump_stack+0x107/0x167
[ 1771.207850]  should_fail.cold+0x5/0xa
[ 1771.207869]  should_failslab+0x5/0x20
[ 1771.207882]  __kmalloc_track_caller+0x79/0x310
[ 1771.207895]  ? kstrdup_const+0x53/0x80
[ 1771.207911]  kstrdup+0x36/0x70
[ 1771.207923]  kstrdup_const+0x53/0x80
[ 1771.207937]  __kernfs_new_node+0x9d/0x850
[ 1771.207950]  ? SOFTIRQ_verbose+0x10/0x10
[ 1771.207965]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1771.207977]  ? device_add+0x464/0x1bc0
[ 1771.207994]  ? find_held_lock+0x2c/0x110
[ 1771.208009]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1771.208026]  kernfs_new_node+0x93/0x120
[ 1771.208043]  kernfs_create_link+0xcb/0x230
[ 1771.208057]  sysfs_do_create_link_sd+0x90/0x140
[ 1771.208069]  sysfs_create_link+0x5f/0xc0
[ 1771.208083]  driver_sysfs_add+0xf5/0x290
[ 1771.208097]  device_bind_driver+0x15/0xd0
[ 1771.208113]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1771.208124]  ? ____sys_sendmsg+0x70d/0x870
[ 1771.208133]  ? ___sys_sendmsg+0xf3/0x170
[ 1771.208142]  ? __sys_sendmsg+0xe5/0x1b0
[ 1771.208154]  ? do_syscall_64+0x33/0x40
[ 1771.208166]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1771.208178]  ? lock_acquire+0x197/0x4a0
[ 1771.208189]  ? create_object.isra.0+0x3ad/0xa20
[ 1771.208209]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1771.208222]  ? __kmalloc+0x16e/0x330
[ 1771.208239]  hwsim_new_radio_nl+0x991/0x1080
[ 1771.208256]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1771.208281]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1771.208292]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1771.208307]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1771.208321]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1771.208333]  ? cap_capable+0x1d6/0x240
[ 1771.208355]  ? ns_capable+0xe2/0x110
[ 1771.208369]  genl_rcv_msg+0x33c/0x5a0
[ 1771.208383]  ? genl_get_cmd+0x480/0x480
[ 1771.208396]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1771.208431]  ? lock_release+0x6b0/0x6b0
[ 1771.208444]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1771.208460]  netlink_rcv_skb+0x14b/0x430
[ 1771.208471]  ? genl_get_cmd+0x480/0x480
[ 1771.208484]  ? netlink_ack+0xab0/0xab0
[ 1771.208504]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1771.208516]  ? is_vmalloc_addr+0x7b/0xb0
[ 1771.208529]  genl_rcv+0x24/0x40
[ 1771.208540]  netlink_unicast+0x549/0x7f0
[ 1771.208558]  ? netlink_attachskb+0x870/0x870
[ 1771.208568]  ? __virt_addr_valid+0x128/0x350
[ 1771.208589]  netlink_sendmsg+0x90f/0xdf0
[ 1771.208607]  ? netlink_unicast+0x7f0/0x7f0
[ 1771.208628]  ? netlink_unicast+0x7f0/0x7f0
[ 1771.208640]  sock_sendmsg+0x154/0x190
[ 1771.208651]  ____sys_sendmsg+0x70d/0x870
[ 1771.208664]  ? kernel_sendmsg+0x50/0x50
[ 1771.208673]  ? do_recvmmsg+0x6d0/0x6d0
[ 1771.208685]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1771.208698]  ? lock_downgrade+0x6d0/0x6d0
[ 1771.208711]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1771.208721]  ? SOFTIRQ_verbose+0x10/0x10
[ 1771.208736]  ___sys_sendmsg+0xf3/0x170
[ 1771.208749]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1771.208764]  ? lock_downgrade+0x6d0/0x6d0
[ 1771.208778]  ? find_held_lock+0x2c/0x110
[ 1771.208797]  ? __fget_files+0x296/0x4c0
[ 1771.208816]  ? __fget_light+0xea/0x290
[ 1771.208833]  __sys_sendmsg+0xe5/0x1b0
[ 1771.208844]  ? __sys_sendmsg_sock+0x40/0x40
[ 1771.208855]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1771.208881]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1771.208891]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1771.208904]  ? trace_hardirqs_on+0x5b/0x180
[ 1771.208918]  do_syscall_64+0x33/0x40
[ 1771.208931]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1771.208939] RIP: 0033:0x7f111cc48b19
[ 1771.208953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1771.208959] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1771.208972] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1771.208979] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1771.208986] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1771.208993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1771.209000] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:40:28 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 68)

06:40:28 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, 0x0, 0x0)

06:40:28 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, 0x0, 0x0)

06:40:28 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:40:28 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x5}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0)
preadv(r3, &(0x7f0000001580)=[{&(0x7f00000015c0)=""/4106, 0x100a}], 0x1, 0x5, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000000, 0x4000010, 0xffffffffffffffff, 0x8000000)
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x11e1d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x8000000}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000280)=<r4=>0x0, &(0x7f00000005c0))
r5 = syz_open_dev$mouse(&(0x7f0000000140), 0x7, 0x10000)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000300)=@IORING_OP_WRITE={0x17, 0x0, 0xe9950f12de09ba13, @fd=r5, 0x4, &(0x7f0000000240)="3b7a2fc62521ac08e77789707772db98d09cd91a781217000c0500a75d8ce23c9e25d277088818029925bf44f655eebda90a30813f076e743376ca379fd1e53bd89d6eef490ae3f072c74c06054bff5004797ea12b2a934eee2348ca2c0029369ce4abc4c975ce6b2793bda2467656baded1cef32a3d5c5977d24d587d9ea9fe9ddb1e1dc395425df26cd0daa5ac78bf506ab4f0", 0x94, 0x8, 0x0, {0x0, r6}}, 0x40)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MADVISE={0x19, 0x2, 0x0, 0x0, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x0, {0x0, r6}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:40:28 executing program 1:
syz_mount_image$iso9660(0x0, &(0x7f0000000180)='./file0\x00', 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:40:28 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:40:28 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 1786.388939] FAULT_INJECTION: forcing a failure.
[ 1786.388939] name failslab, interval 1, probability 0, space 0, times 0
[ 1786.391366] CPU: 1 PID: 9460 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1786.393039] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1786.394713] Call Trace:
[ 1786.395353]  dump_stack+0x107/0x167
[ 1786.396103]  should_fail.cold+0x5/0xa
[ 1786.397049]  ? __kernfs_new_node+0xd4/0x850
[ 1786.397942]  should_failslab+0x5/0x20
[ 1786.398743]  kmem_cache_alloc+0x5b/0x360
[ 1786.399600]  __kernfs_new_node+0xd4/0x850
[ 1786.400462]  ? SOFTIRQ_verbose+0x10/0x10
[ 1786.401330]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1786.402325]  ? device_add+0x464/0x1bc0
[ 1786.403161]  ? find_held_lock+0x2c/0x110
[ 1786.404026]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1786.405063]  kernfs_new_node+0x93/0x120
[ 1786.405911]  kernfs_create_link+0xcb/0x230
[ 1786.406805]  sysfs_do_create_link_sd+0x90/0x140
[ 1786.407786]  sysfs_create_link+0x5f/0xc0
[ 1786.408667]  driver_sysfs_add+0xf5/0x290
[ 1786.409531]  device_bind_driver+0x15/0xd0
[ 1786.410411]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1786.411439]  ? ____sys_sendmsg+0x70d/0x870
[ 1786.412336]  ? ___sys_sendmsg+0xf3/0x170
[ 1786.413214]  ? __sys_sendmsg+0xe5/0x1b0
[ 1786.414062]  ? do_syscall_64+0x33/0x40
[ 1786.414898]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1786.416032]  ? lock_acquire+0x197/0x4a0
[ 1786.416887]  ? create_object.isra.0+0x3ad/0xa20
[ 1786.417894]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1786.418888]  ? __kmalloc+0x16e/0x330
[ 1786.419697]  hwsim_new_radio_nl+0x991/0x1080
[ 1786.420670]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1786.421811]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1786.423226]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1786.424650]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1786.425699]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1786.427116]  ? security_capable+0x78/0xc0
[ 1786.428037]  ? ns_capable+0xe2/0x110
[ 1786.428867]  genl_rcv_msg+0x33c/0x5a0
[ 1786.429700]  ? genl_get_cmd+0x480/0x480
[ 1786.430567]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1786.431704]  ? lock_release+0x6b0/0x6b0
[ 1786.432578]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1786.433590]  netlink_rcv_skb+0x14b/0x430
[ 1786.434480]  ? genl_get_cmd+0x480/0x480
[ 1786.435355]  ? netlink_ack+0xab0/0xab0
[ 1786.436223]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1786.437248]  ? is_vmalloc_addr+0x7b/0xb0
[ 1786.438145]  genl_rcv+0x24/0x40
[ 1786.438876]  netlink_unicast+0x549/0x7f0
[ 1786.439780]  ? netlink_attachskb+0x870/0x870
[ 1786.440769]  ? __virt_addr_valid+0x128/0x350
[ 1786.441760]  netlink_sendmsg+0x90f/0xdf0
[ 1786.442671]  ? netlink_unicast+0x7f0/0x7f0
[ 1786.443627]  ? netlink_unicast+0x7f0/0x7f0
[ 1786.444561]  sock_sendmsg+0x154/0x190
[ 1786.445418]  ____sys_sendmsg+0x70d/0x870
[ 1786.446321]  ? kernel_sendmsg+0x50/0x50
[ 1786.447197]  ? do_recvmmsg+0x6d0/0x6d0
[ 1786.448061]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1786.449247]  ? lock_downgrade+0x6d0/0x6d0
[ 1786.450189]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1786.451357]  ? SOFTIRQ_verbose+0x10/0x10
[ 1786.452270]  ___sys_sendmsg+0xf3/0x170
[ 1786.453171]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1786.454201]  ? lock_downgrade+0x6d0/0x6d0
[ 1786.455132]  ? find_held_lock+0x2c/0x110
[ 1786.456054]  ? __fget_files+0x296/0x4c0
[ 1786.456977]  ? __fget_light+0xea/0x290
[ 1786.457861]  __sys_sendmsg+0xe5/0x1b0
[ 1786.458714]  ? __sys_sendmsg_sock+0x40/0x40
[ 1786.459654]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1786.460706]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1786.461837]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1786.462961]  ? trace_hardirqs_on+0x5b/0x180
[ 1786.463894]  do_syscall_64+0x33/0x40
[ 1786.464714]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1786.465813] RIP: 0033:0x7f111cc48b19
[ 1786.466628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1786.470635] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1786.472301] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1786.473875] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1786.475438] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1786.477011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1786.478589] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:40:28 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000100000000009fe0a39adff53f91fb4dcef94f0bed75d51addfdc71dc9385493c38cac5073994ec2714312ae412d771b7ca6cf944c47c3f527c49d5d32b99170b5f682ce34fc59ff0f00"/88, @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="232ffd09fd431025f83df866696caa5e5a703e5378390f9abd95653000"])
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:40:28 executing program 1:
syz_mount_image$iso9660(0x0, &(0x7f0000000180)='./file0\x00', 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:40:28 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 69)

[ 1786.761086] FAULT_INJECTION: forcing a failure.
[ 1786.761086] name failslab, interval 1, probability 0, space 0, times 0
[ 1786.763445] CPU: 1 PID: 9487 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1786.764831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1786.766486] Call Trace:
[ 1786.767159]  dump_stack+0x107/0x167
[ 1786.767907]  should_fail.cold+0x5/0xa
[ 1786.768853]  ? create_object.isra.0+0x3a/0xa20
[ 1786.769773]  should_failslab+0x5/0x20
[ 1786.770689]  kmem_cache_alloc+0x5b/0x360
[ 1786.771517]  create_object.isra.0+0x3a/0xa20
[ 1786.772574]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1786.773604]  kmem_cache_alloc+0x159/0x360
[ 1786.774614]  __kernfs_new_node+0xd4/0x850
[ 1786.775447]  ? SOFTIRQ_verbose+0x10/0x10
[ 1786.776357]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1786.777313]  ? device_add+0x464/0x1bc0
[ 1786.778101]  ? find_held_lock+0x2c/0x110
[ 1786.778923]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1786.779902]  kernfs_new_node+0x93/0x120
[ 1786.780729]  kernfs_create_link+0xcb/0x230
[ 1786.781584]  sysfs_do_create_link_sd+0x90/0x140
[ 1786.782511]  sysfs_create_link+0x5f/0xc0
[ 1786.783318]  driver_sysfs_add+0xf5/0x290
[ 1786.784137]  device_bind_driver+0x15/0xd0
[ 1786.784976]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1786.785959]  ? ____sys_sendmsg+0x70d/0x870
[ 1786.786913]  ? ___sys_sendmsg+0xf3/0x170
[ 1786.787730]  ? __sys_sendmsg+0xe5/0x1b0
[ 1786.788698]  ? do_syscall_64+0x33/0x40
[ 1786.789480]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1786.790771]  ? lock_acquire+0x197/0x4a0
[ 1786.791566]  ? create_object.isra.0+0x3ad/0xa20
[ 1786.792710]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1786.793643]  ? __kmalloc+0x16e/0x330
[ 1786.794553]  hwsim_new_radio_nl+0x991/0x1080
[ 1786.795447]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1786.796584]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1786.798120]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1786.799433]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1786.800600]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1786.801941]  ? cap_capable+0x1d6/0x240
[ 1786.802901]  ? ns_capable+0xe2/0x110
[ 1786.803668]  genl_rcv_msg+0x33c/0x5a0
[ 1786.804549]  ? genl_get_cmd+0x480/0x480
[ 1786.805388]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1786.806428]  ? lock_release+0x6b0/0x6b0
[ 1786.807228]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1786.808146]  netlink_rcv_skb+0x14b/0x430
[ 1786.809134]  ? genl_get_cmd+0x480/0x480
[ 1786.809954]  ? netlink_ack+0xab0/0xab0
[ 1786.810908]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1786.811831]  ? is_vmalloc_addr+0x7b/0xb0
[ 1786.812834]  genl_rcv+0x24/0x40
[ 1786.813509]  netlink_unicast+0x549/0x7f0
[ 1786.814501]  ? netlink_attachskb+0x870/0x870
[ 1786.815518]  ? __virt_addr_valid+0x128/0x350
[ 1786.816427]  netlink_sendmsg+0x90f/0xdf0
[ 1786.817424]  ? netlink_unicast+0x7f0/0x7f0
[ 1786.818299]  ? netlink_unicast+0x7f0/0x7f0
[ 1786.819309]  sock_sendmsg+0x154/0x190
[ 1786.820084]  ____sys_sendmsg+0x70d/0x870
[ 1786.821087]  ? kernel_sendmsg+0x50/0x50
[ 1786.821890]  ? do_recvmmsg+0x6d0/0x6d0
[ 1786.822826]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1786.823893]  ? lock_downgrade+0x6d0/0x6d0
[ 1786.824912]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1786.825975]  ? SOFTIRQ_verbose+0x10/0x10
[ 1786.826965]  ___sys_sendmsg+0xf3/0x170
[ 1786.827764]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1786.828880]  ? lock_downgrade+0x6d0/0x6d0
[ 1786.829730]  ? find_held_lock+0x2c/0x110
[ 1786.830727]  ? __fget_files+0x296/0x4c0
[ 1786.831547]  ? __fget_light+0xea/0x290
[ 1786.832496]  __sys_sendmsg+0xe5/0x1b0
[ 1786.833289]  ? __sys_sendmsg_sock+0x40/0x40
[ 1786.834326]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1786.835294]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1786.836561]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1786.837612]  ? trace_hardirqs_on+0x5b/0x180
[ 1786.838659]  do_syscall_64+0x33/0x40
[ 1786.839418]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1786.840535] RIP: 0033:0x7f111cc48b19
[ 1786.841304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1786.845002] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1786.846521] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1786.847943] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1786.849388] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1786.850813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1786.852234] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:40:28 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:40:28 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:40:28 executing program 1:
syz_mount_image$iso9660(0x0, &(0x7f0000000180)='./file0\x00', 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:40:28 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_setup(0x3626, &(0x7f0000000140)={0x0, 0x21be, 0x8, 0x3, 0xee}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000240)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x3, 0x0, 0x7, 0x3, &(0x7f0000000280)="d4", 0x8, 0x0, 0x1, {0x3}}, 0x400)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:40:28 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'])
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
stat(&(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setresgid(r2, r2, r3)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:40:28 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), 0x0, 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:40:28 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x89, 0x9, 0x20, 0x0, 0x0, 0xffffffffffff7096, 0x1a0c, 0xa, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1f, 0x4, @perf_bp={&(0x7f0000000040), 0x9}, 0x8081, 0x3f, 0x8, 0x7, 0x3, 0x5, 0x7fff, 0x0, 0x81, 0x0, 0x100}, 0xffffffffffffffff, 0x5, r0, 0x8)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:40:29 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), 0x0, 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:40:29 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 70)

06:40:29 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x2, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1}, 0xfff)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r0, {0xee01, <r3=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r3, r3, 0x0)
semget$private(0x0, 0x0, 0x1)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0xc0a85322, &(0x7f0000000240))
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r2, 0xc02c5341, &(0x7f0000000100))
ioctl$VT_RESIZE(r5, 0x5609, &(0x7f0000000040)={0x5, 0x1, 0x1})
r6 = semget(0x2, 0x3, 0x4)
semop(r6, &(0x7f0000000180)=[{0x0, 0x9, 0x3000}, {0x4, 0x4, 0x1800}, {0x1, 0xe4d9, 0x1c00}, {0x1, 0x200}, {0x1, 0x1, 0x1000}, {0x4, 0x1, 0x800}, {0x3, 0xff, 0x800}, {0x1, 0x8001, 0x1800}, {0x4, 0x8, 0x1000}], 0x9)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:40:29 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

06:40:29 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r4 = open_tree(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x100)
syz_io_uring_setup(0xbc5, &(0x7f0000000140)={0x0, 0xefdd, 0x20, 0x3, 0x26f, 0x0, r4}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000240), &(0x7f0000000280))

[ 1787.513440] FAULT_INJECTION: forcing a failure.
[ 1787.513440] name failslab, interval 1, probability 0, space 0, times 0
[ 1787.515083] CPU: 0 PID: 9520 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1787.515991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1787.517089] Call Trace:
[ 1787.517451]  dump_stack+0x107/0x167
[ 1787.517947]  should_fail.cold+0x5/0xa
[ 1787.518461]  ? create_object.isra.0+0x3a/0xa20
[ 1787.519076]  should_failslab+0x5/0x20
[ 1787.519583]  kmem_cache_alloc+0x5b/0x360
[ 1787.520124]  ? device_add+0xd90/0x1bc0
[ 1787.520658]  create_object.isra.0+0x3a/0xa20
[ 1787.521244]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1787.521976]  __kmalloc_track_caller+0x177/0x310
[ 1787.522600]  ? kstrdup_const+0x53/0x80
[ 1787.523132]  kstrdup+0x36/0x70
[ 1787.523568]  kstrdup_const+0x53/0x80
[ 1787.524067]  __kernfs_new_node+0x9d/0x850
[ 1787.524621]  ? SOFTIRQ_verbose+0x10/0x10
[ 1787.525226]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1787.525861]  ? device_add+0x464/0x1bc0
[ 1787.526399]  ? find_held_lock+0x2c/0x110
[ 1787.526952]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1787.527602]  kernfs_new_node+0x93/0x120
[ 1787.528140]  kernfs_create_link+0xcb/0x230
[ 1787.528712]  sysfs_do_create_link_sd+0x90/0x140
[ 1787.529331]  sysfs_create_link+0x5f/0xc0
[ 1787.529878]  driver_sysfs_add+0xf5/0x290
[ 1787.530420]  device_bind_driver+0x15/0xd0
[ 1787.530973]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1787.531618]  ? ____sys_sendmsg+0x70d/0x870
[ 1787.532172]  ? ___sys_sendmsg+0xf3/0x170
[ 1787.532711]  ? __sys_sendmsg+0xe5/0x1b0
[ 1787.533236]  ? do_syscall_64+0x33/0x40
[ 1787.533750]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1787.534450]  ? lock_acquire+0x197/0x4a0
[ 1787.534978]  ? create_object.isra.0+0x3ad/0xa20
[ 1787.535608]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1787.536231]  ? __kmalloc+0x16e/0x330
[ 1787.536751]  hwsim_new_radio_nl+0x991/0x1080
[ 1787.537344]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1787.538048]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1787.538911]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1787.539773]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1787.540409]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1787.541267]  ? cap_capable+0x1d6/0x240
[ 1787.541800]  ? ns_capable+0xe2/0x110
[ 1787.542298]  genl_rcv_msg+0x33c/0x5a0
[ 1787.542805]  ? genl_get_cmd+0x480/0x480
[ 1787.543331]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1787.544012]  ? lock_release+0x6b0/0x6b0
[ 1787.544594]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1787.545205]  netlink_rcv_skb+0x14b/0x430
[ 1787.545738]  ? genl_get_cmd+0x480/0x480
[ 1787.546264]  ? netlink_ack+0xab0/0xab0
[ 1787.546794]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1787.547392]  ? is_vmalloc_addr+0x7b/0xb0
[ 1787.547929]  genl_rcv+0x24/0x40
[ 1787.548364]  netlink_unicast+0x549/0x7f0
[ 1787.548983]  ? netlink_attachskb+0x870/0x870
[ 1787.549558]  ? __virt_addr_valid+0x128/0x350
[ 1787.550153]  netlink_sendmsg+0x90f/0xdf0
[ 1787.550699]  ? netlink_unicast+0x7f0/0x7f0
[ 1787.551274]  ? netlink_unicast+0x7f0/0x7f0
06:40:29 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, 0x0, 0x0)

[ 1787.551827]  sock_sendmsg+0x154/0x190
[ 1787.552489]  ____sys_sendmsg+0x70d/0x870
[ 1787.553043]  ? kernel_sendmsg+0x50/0x50
[ 1787.553559]  ? do_recvmmsg+0x6d0/0x6d0
[ 1787.554094]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1787.554782]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1787.555462]  ? SOFTIRQ_verbose+0x10/0x10
[ 1787.555487]  ___sys_sendmsg+0xf3/0x170
[ 1787.555507]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1787.555534]  ? lock_downgrade+0x6d0/0x6d0
[ 1787.555557]  ? find_held_lock+0x2c/0x110
[ 1787.555590]  ? __fget_files+0x296/0x4c0
[ 1787.555626]  ? __fget_light+0xea/0x290
[ 1787.555656]  __sys_sendmsg+0xe5/0x1b0
[ 1787.555673]  ? __sys_sendmsg_sock+0x40/0x40
06:40:29 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 1787.555688]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1787.555733]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1787.555748]  ? syscall_enter_from_user_mode+0x1d/0x50
06:40:29 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), 0x0, 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

[ 1787.555764]  ? trace_hardirqs_on+0x5b/0x180
[ 1787.555787]  do_syscall_64+0x33/0x40
[ 1787.555805]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1787.555816] RIP: 0033:0x7f111cc48b19
06:40:29 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, 0x0, 0x0)

[ 1787.555834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1787.555843] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1787.555861] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1787.555871] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1787.555881] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
06:40:29 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000040), 0xf)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 1787.555890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1787.555900] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:40:44 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:40:44 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:40:44 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:40:44 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:40:44 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
setgroups(0x1, &(0x7f0000000040)=[0xee00])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:40:44 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e21, @local}, {0x2, 0x4e22, @private=0xa010101}, 0x0, 0x0, 0x0, 0x0, 0xfff, &(0x7f0000000340)='wg0\x00', 0x7, 0x7ff, 0x8001})
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
r5 = openat2(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)={0x18000, 0x100, 0x10}, 0x18)
newfstatat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140), 0x20000, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@fscache}, {@dfltuid={'dfltuid', 0x3d, 0xee01}}, {@afid={'afid', 0x3d, 0x6}}, {@noextend}, {@dfltuid}, {@access_any}], [{@hash}, {@smackfshat={'smackfshat', 0x3d, '\x00'}}, {@dont_hash}, {@pcr={'pcr', 0x3d, 0x32}}, {@context={'context', 0x3d, 'system_u'}}, {@pcr={'pcr', 0x3d, 0xe}}, {@obj_type}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}, {@fowner_gt={'fowner>', r6}}]}})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:40:44 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

06:40:44 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 71)

[ 1802.535419] FAULT_INJECTION: forcing a failure.
[ 1802.535419] name failslab, interval 1, probability 0, space 0, times 0
[ 1802.538094] CPU: 0 PID: 9570 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1802.539651] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1802.541549] Call Trace:
[ 1802.542163]  dump_stack+0x107/0x167
[ 1802.543022]  should_fail.cold+0x5/0xa
[ 1802.543920]  ? radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1802.545275]  should_failslab+0x5/0x20
[ 1802.546156]  kmem_cache_alloc+0x5b/0x360
[ 1802.547118]  radix_tree_node_alloc.constprop.0+0x1e3/0x300
[ 1802.548436]  idr_get_free+0x4b5/0x8f0
[ 1802.549380]  idr_alloc_u32+0x170/0x2d0
[ 1802.550302]  ? __fprop_inc_percpu_max+0x130/0x130
[ 1802.551439]  ? lock_acquire+0x197/0x4a0
[ 1802.552365]  ? __kernfs_new_node+0xff/0x850
[ 1802.553282]  idr_alloc_cyclic+0x102/0x230
[ 1802.553949]  ? idr_alloc+0x130/0x130
[ 1802.554537]  ? rwlock_bug.part.0+0x90/0x90
[ 1802.555223]  __kernfs_new_node+0x117/0x850
[ 1802.555900]  ? SOFTIRQ_verbose+0x10/0x10
[ 1802.556554]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1802.557341]  ? device_add+0x464/0x1bc0
[ 1802.557977]  ? find_held_lock+0x2c/0x110
[ 1802.558634]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1802.559418]  kernfs_new_node+0x93/0x120
[ 1802.560070]  kernfs_create_link+0xcb/0x230
[ 1802.560748]  sysfs_do_create_link_sd+0x90/0x140
[ 1802.561496]  sysfs_create_link+0x5f/0xc0
[ 1802.562141]  driver_sysfs_add+0xf5/0x290
[ 1802.562790]  device_bind_driver+0x15/0xd0
[ 1802.563479]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1802.564302]  ? ____sys_sendmsg+0x70d/0x870
[ 1802.565014]  ? ___sys_sendmsg+0xf3/0x170
[ 1802.565680]  ? __sys_sendmsg+0xe5/0x1b0
[ 1802.566344]  ? do_syscall_64+0x33/0x40
[ 1802.566993]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1802.567877]  ? lock_acquire+0x197/0x4a0
[ 1802.568540]  ? create_object.isra.0+0x3ad/0xa20
[ 1802.569358]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1802.570135]  ? __kmalloc+0x16e/0x330
[ 1802.570772]  hwsim_new_radio_nl+0x991/0x1080
[ 1802.571518]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1802.572406]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1802.573495]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1802.574590]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1802.575404]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1802.576512]  ? cap_capable+0x1d6/0x240
[ 1802.577206]  ? ns_capable+0xe2/0x110
[ 1802.577839]  genl_rcv_msg+0x33c/0x5a0
[ 1802.578484]  ? genl_get_cmd+0x480/0x480
[ 1802.579150]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1802.580016]  ? lock_release+0x6b0/0x6b0
[ 1802.580642]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1802.581394]  netlink_rcv_skb+0x14b/0x430
[ 1802.582044]  ? genl_get_cmd+0x480/0x480
[ 1802.582705]  ? netlink_ack+0xab0/0xab0
[ 1802.583352]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1802.584104]  ? is_vmalloc_addr+0x7b/0xb0
[ 1802.584752]  genl_rcv+0x24/0x40
[ 1802.585308]  netlink_unicast+0x549/0x7f0
[ 1802.585975]  ? netlink_attachskb+0x870/0x870
[ 1802.586707]  ? __virt_addr_valid+0x128/0x350
[ 1802.587430]  netlink_sendmsg+0x90f/0xdf0
[ 1802.588113]  ? netlink_unicast+0x7f0/0x7f0
[ 1802.588810]  ? netlink_unicast+0x7f0/0x7f0
[ 1802.589522]  sock_sendmsg+0x154/0x190
[ 1802.590137]  ____sys_sendmsg+0x70d/0x870
[ 1802.590822]  ? kernel_sendmsg+0x50/0x50
[ 1802.591486]  ? do_recvmmsg+0x6d0/0x6d0
[ 1802.592131]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1802.593042]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1802.593905]  ? SOFTIRQ_verbose+0x10/0x10
[ 1802.594589]  ___sys_sendmsg+0xf3/0x170
[ 1802.595236]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1802.596023]  ? lock_downgrade+0x6d0/0x6d0
[ 1802.596732]  ? find_held_lock+0x2c/0x110
[ 1802.597432]  ? __fget_files+0x296/0x4c0
[ 1802.598128]  ? __fget_light+0xea/0x290
[ 1802.598789]  __sys_sendmsg+0xe5/0x1b0
[ 1802.599422]  ? __sys_sendmsg_sock+0x40/0x40
[ 1802.600152]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1802.600975]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1802.601859]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1802.602702]  ? trace_hardirqs_on+0x5b/0x180
[ 1802.603439]  do_syscall_64+0x33/0x40
[ 1802.604061]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1802.604914] RIP: 0033:0x7f111cc48b19
[ 1802.605542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1802.608617] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1802.609892] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1802.611056] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1802.612238] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1802.613447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1802.614653] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:40:44 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x3840, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x15d7, &(0x7f0000000340)={0x0, 0x50ed, 0x20, 0x0, 0x3b7, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000003c0), &(0x7f0000000400)=<r4=>0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000500)=@IORING_OP_LINK_TIMEOUT={0xf, 0x5, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x0, 0x989680}, 0x1, 0x1, 0x1}, 0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x9, 0x810, r0, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x4000}}, 0x3)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x8, 0x2000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000180)=<r6=>0x0, &(0x7f0000002a40))
syz_io_uring_submit(r6, 0x0, &(0x7f0000000100)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x2}}, 0x1)
open_tree(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x101)
syz_io_uring_setup(0x42a6, &(0x7f0000000140)={0x0, 0xe69e, 0x4, 0x0, 0x1dd}, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000240), &(0x7f0000000280)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000300)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x9, 0x0, &(0x7f00000002c0), 0x9, 0x0, 0x0, {0x1}}, 0xff3c)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:40:59 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:40:59 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 72)

06:40:59 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:40:59 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r1=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r1, r1, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

[ 1817.936479] FAULT_INJECTION: forcing a failure.
[ 1817.936479] name failslab, interval 1, probability 0, space 0, times 0
[ 1817.938888] CPU: 0 PID: 9591 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1817.940288] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1817.942012] Call Trace:
[ 1817.942569]  dump_stack+0x107/0x167
[ 1817.943344]  should_fail.cold+0x5/0xa
[ 1817.944141]  ? create_object.isra.0+0x3a/0xa20
[ 1817.945134]  should_failslab+0x5/0x20
[ 1817.945915]  kmem_cache_alloc+0x5b/0x360
[ 1817.946810]  create_object.isra.0+0x3a/0xa20
[ 1817.947721]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1817.948806]  kmem_cache_alloc+0x159/0x360
[ 1817.949697]  __kernfs_new_node+0xd4/0x850
[ 1817.950581]  ? SOFTIRQ_verbose+0x10/0x10
[ 1817.951428]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 1817.952503]  ? find_held_lock+0x2c/0x110
[ 1817.953484]  ? sysfs_do_create_link_sd+0x82/0x140
[ 1817.954486]  kernfs_new_node+0x93/0x120
[ 1817.955324]  kernfs_create_link+0xcb/0x230
[ 1817.956206]  sysfs_do_create_link_sd+0x90/0x140
[ 1817.957179]  sysfs_create_link+0x5f/0xc0
[ 1817.958019]  driver_sysfs_add+0x179/0x290
[ 1817.958902]  device_bind_driver+0x15/0xd0
[ 1817.959764]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1817.960838]  ? ____sys_sendmsg+0x70d/0x870
[ 1817.961708]  ? ___sys_sendmsg+0xf3/0x170
[ 1817.962537]  ? __sys_sendmsg+0xe5/0x1b0
[ 1817.963404]  ? do_syscall_64+0x33/0x40
[ 1817.964232]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1817.965421]  ? lock_acquire+0x197/0x4a0
[ 1817.966234]  ? create_object.isra.0+0x3ad/0xa20
[ 1817.967224]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1817.968175]  ? __kmalloc+0x16e/0x330
[ 1817.968982]  hwsim_new_radio_nl+0x991/0x1080
[ 1817.969924]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1817.971037]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1817.972376]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1817.973774]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1817.974789]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1817.976167]  ? cap_capable+0x1d6/0x240
[ 1817.977002]  ? ns_capable+0xe2/0x110
[ 1817.977788]  genl_rcv_msg+0x33c/0x5a0
[ 1817.978580]  ? genl_get_cmd+0x480/0x480
[ 1817.979403]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1817.980472]  ? lock_release+0x6b0/0x6b0
[ 1817.981301]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1817.982234]  netlink_rcv_skb+0x14b/0x430
[ 1817.983105]  ? genl_get_cmd+0x480/0x480
[ 1817.983933]  ? netlink_ack+0xab0/0xab0
[ 1817.984803]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1817.985747]  ? is_vmalloc_addr+0x7b/0xb0
[ 1817.986589]  genl_rcv+0x24/0x40
[ 1817.987292]  netlink_unicast+0x549/0x7f0
[ 1817.988146]  ? netlink_attachskb+0x870/0x870
[ 1817.989080]  ? __virt_addr_valid+0x128/0x350
[ 1817.990011]  netlink_sendmsg+0x90f/0xdf0
[ 1817.990865]  ? netlink_unicast+0x7f0/0x7f0
[ 1817.991816]  ? netlink_unicast+0x7f0/0x7f0
[ 1817.992682]  sock_sendmsg+0x154/0x190
[ 1817.993489]  ____sys_sendmsg+0x70d/0x870
06:40:59 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:40:59 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:40:59 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:40:59 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

[ 1817.994329]  ? kernel_sendmsg+0x50/0x50
[ 1817.995199]  ? do_recvmmsg+0x6d0/0x6d0
[ 1817.996001]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1817.997105]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1817.998174]  ? SOFTIRQ_verbose+0x10/0x10
[ 1817.999015]  ___sys_sendmsg+0xf3/0x170
[ 1817.999833]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1818.000782]  ? lock_downgrade+0x6d0/0x6d0
[ 1818.001661]  ? find_held_lock+0x2c/0x110
[ 1818.002520]  ? __fget_files+0x296/0x4c0
[ 1818.003367]  ? __fget_light+0xea/0x290
[ 1818.004187]  __sys_sendmsg+0xe5/0x1b0
[ 1818.004970]  ? __sys_sendmsg_sock+0x40/0x40
[ 1818.005877]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1818.006878]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1818.007951]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1818.009007]  ? trace_hardirqs_on+0x5b/0x180
[ 1818.009942]  do_syscall_64+0x33/0x40
[ 1818.010736]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1818.011811] RIP: 0033:0x7f111cc48b19
[ 1818.012611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1818.016506] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1818.018088] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1818.019540] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1818.020989] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1818.022463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1818.023911] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:40:59 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:40:59 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:40:59 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)=ANY=[@ANYBLOB="30aa00000613800018080000", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB='./file0\x00'])
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:40:59 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:40:59 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
r4 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r6, 0xc0a85322, &(0x7f0000000240))
pipe(&(0x7f00000035c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_VERSION(r6, 0xc0189371, &(0x7f0000003600)=ANY=[@ANYBLOB="010000007f6f5e7ddbbf323a", @ANYRES32=r7, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00'])
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000040)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x2007, @fd=r6, 0xfff, 0x6, 0x8, 0x2, 0x1, {0x3, r8}}, 0x1000)

06:40:59 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:41:00 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:41:00 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:41:16 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:41:16 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

06:41:16 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 73)

06:41:16 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:41:16 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:41:16 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
fcntl$dupfd(r0, 0x0, r0)
fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000380), &(0x7f00000003c0)={'L+', 0x21ee}, 0x16, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x20200, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x3}, 0x48100, 0x0, 0x400, 0x0, 0x1, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x8, 0x2000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000002a40))
syz_io_uring_submit(r5, 0x0, &(0x7f0000000100)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x2}}, 0x1)
r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x20900, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f0000000340)=@IORING_OP_STATX={0x15, 0x0, 0x0, r6, &(0x7f0000000240), &(0x7f0000000180)='./file0\x00', 0x20, 0x1000, 0x2}, 0x40)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:41:16 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:41:16 executing program 2:
r0 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x3f, 0x8, 0xfe, 0xff, 0x0, 0x5e, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_config_ext, 0x4, 0x0, 0x0, 0xa7e41e36a4bda0c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xfffffffffffdffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000100)=""/217, 0xd9}, {&(0x7f0000000200)=""/234, 0xea}], 0x2)
lstat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setresgid(r1, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r3=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r3, r3, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

[ 1834.572790] FAULT_INJECTION: forcing a failure.
[ 1834.572790] name failslab, interval 1, probability 0, space 0, times 0
[ 1834.575139] CPU: 0 PID: 9656 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1834.576516] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1834.578162] Call Trace:
[ 1834.578706]  dump_stack+0x107/0x167
[ 1834.579451]  should_fail.cold+0x5/0xa
[ 1834.580229]  ? create_object.isra.0+0x3a/0xa20
[ 1834.581151]  should_failslab+0x5/0x20
[ 1834.581933]  kmem_cache_alloc+0x5b/0x360
[ 1834.582763]  create_object.isra.0+0x3a/0xa20
[ 1834.583659]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1834.584819]  kmem_cache_alloc_trace+0x151/0x2c0
[ 1834.585891]  ? dev_uevent_filter+0xd0/0xd0
[ 1834.586847]  kobject_uevent_env+0x22b/0xf90
[ 1834.587854]  driver_bound+0x19d/0x1f0
[ 1834.588719]  device_bind_driver+0xae/0xd0
[ 1834.589664]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1834.590762]  ? ____sys_sendmsg+0x70d/0x870
[ 1834.591715]  ? ___sys_sendmsg+0xf3/0x170
[ 1834.592621]  ? __sys_sendmsg+0xe5/0x1b0
[ 1834.593445]  ? do_syscall_64+0x33/0x40
[ 1834.594232]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1834.595315]  ? lock_acquire+0x197/0x4a0
[ 1834.596116]  ? create_object.isra.0+0x3ad/0xa20
[ 1834.597087]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1834.598040]  ? __kmalloc+0x16e/0x330
[ 1834.598811]  hwsim_new_radio_nl+0x991/0x1080
[ 1834.599711]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1834.600793]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1834.602192]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1834.603663]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1834.604746]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1834.606225]  ? cap_capable+0x1d6/0x240
[ 1834.607135]  ? ns_capable+0xe2/0x110
[ 1834.607992]  genl_rcv_msg+0x33c/0x5a0
[ 1834.608861]  ? genl_get_cmd+0x480/0x480
[ 1834.609779]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1834.609818]  ? lock_release+0x6b0/0x6b0
[ 1834.609842]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1834.609881]  netlink_rcv_skb+0x14b/0x430
[ 1834.609905]  ? genl_get_cmd+0x480/0x480
[ 1834.609937]  ? netlink_ack+0xab0/0xab0
[ 1834.609986]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1834.610010]  ? is_vmalloc_addr+0x7b/0xb0
[ 1834.610042]  genl_rcv+0x24/0x40
[ 1834.610066]  netlink_unicast+0x549/0x7f0
[ 1834.610108]  ? netlink_attachskb+0x870/0x870
[ 1834.610128]  ? __virt_addr_valid+0x128/0x350
[ 1834.610181]  netlink_sendmsg+0x90f/0xdf0
[ 1834.610226]  ? netlink_unicast+0x7f0/0x7f0
[ 1834.610282]  ? netlink_unicast+0x7f0/0x7f0
[ 1834.610306]  sock_sendmsg+0x154/0x190
[ 1834.610333]  ____sys_sendmsg+0x70d/0x870
[ 1834.610365]  ? kernel_sendmsg+0x50/0x50
[ 1834.610382]  ? do_recvmmsg+0x6d0/0x6d0
[ 1834.610408]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1834.610450]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1834.610472]  ? SOFTIRQ_verbose+0x10/0x10
[ 1834.610506]  ___sys_sendmsg+0xf3/0x170
[ 1834.610535]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1834.610573]  ? lock_downgrade+0x6d0/0x6d0
[ 1834.610606]  ? find_held_lock+0x2c/0x110
[ 1834.610653]  ? __fget_files+0x296/0x4c0
[ 1834.610704]  ? __fget_light+0xea/0x290
[ 1834.610748]  __sys_sendmsg+0xe5/0x1b0
[ 1834.610771]  ? __sys_sendmsg_sock+0x40/0x40
[ 1834.610792]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1834.610858]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1834.610879]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1834.610902]  ? trace_hardirqs_on+0x5b/0x180
[ 1834.610936]  do_syscall_64+0x33/0x40
[ 1834.610961]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1834.610976] RIP: 0033:0x7f111cc48b19
[ 1834.611000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1834.611013] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1834.611039] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1834.611053] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1834.611067] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1834.611081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1834.611104] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:41:16 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:41:30 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
syz_open_dev$tty20(0xc, 0x4, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:41:30 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:41:30 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:41:30 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:41:30 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 74)

06:41:30 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:41:30 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:41:30 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

[ 1849.216385] FAULT_INJECTION: forcing a failure.
[ 1849.216385] name failslab, interval 1, probability 0, space 0, times 0
[ 1849.219035] CPU: 0 PID: 9685 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1849.220584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1849.222399] Call Trace:
[ 1849.222972]  dump_stack+0x107/0x167
[ 1849.223780]  should_fail.cold+0x5/0xa
[ 1849.224623]  ? create_object.isra.0+0x3a/0xa20
[ 1849.225635]  should_failslab+0x5/0x20
[ 1849.226462]  kmem_cache_alloc+0x5b/0x360
[ 1849.227379]  create_object.isra.0+0x3a/0xa20
[ 1849.228343]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1849.229477]  kmem_cache_alloc_trace+0x151/0x2c0
[ 1849.230507]  ? dev_uevent_filter+0xd0/0xd0
[ 1849.231424]  kobject_uevent_env+0x22b/0xf90
[ 1849.232408]  driver_bound+0x19d/0x1f0
[ 1849.233266]  device_bind_driver+0xae/0xd0
[ 1849.234184]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1849.235241]  ? ____sys_sendmsg+0x70d/0x870
[ 1849.236158]  ? ___sys_sendmsg+0xf3/0x170
[ 1849.237055]  ? __sys_sendmsg+0xe5/0x1b0
[ 1849.237934]  ? do_syscall_64+0x33/0x40
[ 1849.238800]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1849.239976]  ? lock_acquire+0x197/0x4a0
[ 1849.240855]  ? create_object.isra.0+0x3ad/0xa20
[ 1849.241922]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1849.242924]  ? __kmalloc+0x16e/0x330
[ 1849.243740]  hwsim_new_radio_nl+0x991/0x1080
[ 1849.244746]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1849.245920]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1849.247341]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1849.248779]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1849.249869]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1849.251312]  ? cap_capable+0x1d6/0x240
[ 1849.252203]  ? ns_capable+0xe2/0x110
[ 1849.253035]  genl_rcv_msg+0x33c/0x5a0
[ 1849.253909]  ? genl_get_cmd+0x480/0x480
[ 1849.254804]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1849.255964]  ? lock_release+0x6b0/0x6b0
[ 1849.256853]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1849.257875]  netlink_rcv_skb+0x14b/0x430
[ 1849.258780]  ? genl_get_cmd+0x480/0x480
[ 1849.259675]  ? netlink_ack+0xab0/0xab0
[ 1849.260566]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1849.261580]  ? is_vmalloc_addr+0x7b/0xb0
[ 1849.262498]  genl_rcv+0x24/0x40
[ 1849.263221]  netlink_unicast+0x549/0x7f0
[ 1849.264139]  ? netlink_attachskb+0x870/0x870
[ 1849.265119]  ? __virt_addr_valid+0x128/0x350
[ 1849.266140]  netlink_sendmsg+0x90f/0xdf0
[ 1849.267068]  ? netlink_unicast+0x7f0/0x7f0
[ 1849.268055]  ? netlink_unicast+0x7f0/0x7f0
[ 1849.268990]  sock_sendmsg+0x154/0x190
[ 1849.269856]  ____sys_sendmsg+0x70d/0x870
[ 1849.270782]  ? kernel_sendmsg+0x50/0x50
[ 1849.271676]  ? do_recvmmsg+0x6d0/0x6d0
[ 1849.272542]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1849.273735]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1849.274920]  ? SOFTIRQ_verbose+0x10/0x10
[ 1849.275834]  ___sys_sendmsg+0xf3/0x170
[ 1849.276680]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1849.277735]  ? lock_downgrade+0x6d0/0x6d0
[ 1849.278673]  ? find_held_lock+0x2c/0x110
[ 1849.279619]  ? __fget_files+0x296/0x4c0
[ 1849.280541]  ? __fget_light+0xea/0x290
[ 1849.281469]  __sys_sendmsg+0xe5/0x1b0
[ 1849.282322]  ? __sys_sendmsg_sock+0x40/0x40
[ 1849.283305]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1849.284406]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1849.285577]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1849.286709]  ? trace_hardirqs_on+0x5b/0x180
[ 1849.287659]  do_syscall_64+0x33/0x40
[ 1849.288488]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1849.289616] RIP: 0033:0x7f111cc48b19
[ 1849.290433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1849.294498] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1849.296195] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1849.297824] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1849.299431] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1849.301059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1849.302678] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:41:31 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, 0x0)

06:41:31 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)=ANY=[@ANYBLOB="010000010000000018000000", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32, @ANYBLOB='./file0\x00'])
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x278, 0x1}, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0x0, r0, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c200000000000000000086dd6096153f00305600fc0200000000000000000000ff0200000000000000000000000000010200907800000000600009e6000000000000ac1e0001fe8000000000000000000000000000bb00000000"], 0x0)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
perf_event_open(&(0x7f0000001080)={0x5, 0x80, 0x8, 0x3f, 0x5, 0x1, 0x0, 0x7, 0x6000, 0x4, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x1, @perf_config_ext={0x2, 0x20}, 0x4c620, 0xf3b0, 0x8, 0x3, 0x2, 0x7, 0x1, 0x0, 0xb, 0x0, 0x3}, 0x0, 0xd, r1, 0x2)
ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_open_procfs(0x0, &(0x7f0000001040)='numa_maps\x00')
setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, &(0x7f0000000040), 0x4)
r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0xfffffffffffffff7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, &(0x7f0000000100)={0x2, 0x81, 0x9, 0x4, 0xdc1f, 0x8000})
dup2(r4, r3)

06:41:31 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:41:31 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r6, 0xc0a85322, &(0x7f0000000240))
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x2400, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
dup3(r4, r0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:41:31 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 75)

[ 1849.578164] FAULT_INJECTION: forcing a failure.
[ 1849.578164] name failslab, interval 1, probability 0, space 0, times 0
[ 1849.581262] CPU: 0 PID: 9707 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1849.582964] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1849.584980] Call Trace:
[ 1849.585644]  dump_stack+0x107/0x167
[ 1849.586548]  should_fail.cold+0x5/0xa
[ 1849.587488]  ? create_object.isra.0+0x3a/0xa20
[ 1849.588612]  should_failslab+0x5/0x20
[ 1849.589545]  kmem_cache_alloc+0x5b/0x360
[ 1849.590532]  ? kmem_cache_alloc_trace+0x151/0x2c0
[ 1849.591721]  create_object.isra.0+0x3a/0xa20
[ 1849.592785]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1849.594031]  __kmalloc+0x16e/0x330
[ 1849.594829]  kobject_get_path+0xc4/0x1d0
[ 1849.595727]  kobject_uevent_env+0x251/0xf90
[ 1849.596706]  driver_bound+0x19d/0x1f0
[ 1849.597551]  device_bind_driver+0xae/0xd0
[ 1849.598463]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1849.599522]  ? ____sys_sendmsg+0x70d/0x870
[ 1849.600444]  ? ___sys_sendmsg+0xf3/0x170
[ 1849.601325]  ? __sys_sendmsg+0xe5/0x1b0
[ 1849.602364]  ? do_syscall_64+0x33/0x40
[ 1849.603319]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1849.604605]  ? lock_acquire+0x197/0x4a0
[ 1849.605611]  ? create_object.isra.0+0x3ad/0xa20
[ 1849.606767]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1849.607900]  ? __kmalloc+0x16e/0x330
[ 1849.608822]  hwsim_new_radio_nl+0x991/0x1080
[ 1849.609911]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1849.611195]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1849.612772]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1849.614361]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1849.615532]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1849.617110]  ? cap_capable+0x1d6/0x240
[ 1849.618084]  ? ns_capable+0xe2/0x110
[ 1849.618911]  genl_rcv_msg+0x33c/0x5a0
[ 1849.619757]  ? genl_get_cmd+0x480/0x480
[ 1849.620629]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1849.621761]  ? lock_release+0x6b0/0x6b0
[ 1849.622635]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1849.623626]  netlink_rcv_skb+0x14b/0x430
[ 1849.624513]  ? genl_get_cmd+0x480/0x480
[ 1849.625373]  ? netlink_ack+0xab0/0xab0
[ 1849.626258]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1849.627257]  ? is_vmalloc_addr+0x7b/0xb0
[ 1849.628131]  genl_rcv+0x24/0x40
[ 1849.628844]  netlink_unicast+0x549/0x7f0
[ 1849.629741]  ? netlink_attachskb+0x870/0x870
[ 1849.630678]  ? __virt_addr_valid+0x128/0x350
[ 1849.631660]  netlink_sendmsg+0x90f/0xdf0
[ 1849.632557]  ? netlink_unicast+0x7f0/0x7f0
[ 1849.633525]  ? netlink_unicast+0x7f0/0x7f0
[ 1849.634449]  sock_sendmsg+0x154/0x190
[ 1849.635285]  ____sys_sendmsg+0x70d/0x870
[ 1849.636179]  ? kernel_sendmsg+0x50/0x50
[ 1849.637035]  ? do_recvmmsg+0x6d0/0x6d0
[ 1849.637887]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1849.639032]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1849.640158]  ? SOFTIRQ_verbose+0x10/0x10
[ 1849.641042]  ___sys_sendmsg+0xf3/0x170
[ 1849.641893]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1849.642892]  ? lock_downgrade+0x6d0/0x6d0
[ 1849.643797]  ? find_held_lock+0x2c/0x110
[ 1849.644696]  ? __fget_files+0x296/0x4c0
[ 1849.645603]  ? __fget_light+0xea/0x290
[ 1849.646467]  __sys_sendmsg+0xe5/0x1b0
[ 1849.647290]  ? __sys_sendmsg_sock+0x40/0x40
[ 1849.648217]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1849.649263]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1849.650399]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1849.651504]  ? trace_hardirqs_on+0x5b/0x180
[ 1849.652448]  do_syscall_64+0x33/0x40
[ 1849.653253]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1849.654364] RIP: 0033:0x7f111cc48b19
[ 1849.655171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1849.659084] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1849.660717] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1849.662246] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1849.663774] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1849.665293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1849.666833] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:41:31 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
sendmsg$sock(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000140)="a6d2fb93b79c0238b0a1a493d046199ed88e02084fd00531e7ac67c1dec7eeec12565dd6971cd1b8cd00ee9372c78ae78dcc8de5edc4c931967df78ea39fbc14b19fc928236a83315153bd377b97b9bc857557aee0144843b07566382c02b2a8ead853863de0698007de", 0x6a}, {&(0x7f0000000240)="fa21520c5c21c659c083edb3012c8387d4ba7c41acdb1876044524077e9698e615a16e33359db4a27f9f6e027b25690c3b8462a7da1c0648548ab922aaf0ac25a68cfea65d4b38f1a4e00cff0f138e0225c0bb00342ee08227cbb0a50e181c5a053bb9dc8affb7d0301e1f94dd3f87bfdf56cff9c66662731254b2625f226d396aef50332cf54491228720f9b1835896565a0bfe997178d9d4847d0b36466021c9ba0359f6cb157a2eabe4d1ce68c387fa8cfde71a3fd6f0c3658263dfe757049d6d49222c16b19c43c00f40e67f6aaf0f190d147789edfa4299df3f0b38", 0xde}, {&(0x7f0000000340)}, {&(0x7f0000000380)="2e6ab87ea8f8bf98abcbe661c3242730cc226809732d75827571be7c65e798d1a5316c4b7026c8204590bb2f88417670ba20262416a0f2f9be9cefabb71257fdaec5646481cf1f8851a668", 0x4b}], 0x4, &(0x7f0000000500)=[@mark={{0x14, 0x1, 0x24, 0x640}}, @txtime={{0x18, 0x1, 0x3d, 0xffffffff}}, @timestamping={{0x14, 0x1, 0x25, 0x7fff}}, @txtime={{0x18, 0x1, 0x3d, 0x9}}, @timestamping={{0x14, 0x1, 0x25, 0x4}}], 0x78}, 0x10)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
socketpair(0x1, 0x2, 0x4, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
fsync(r4)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:41:31 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, 0x0)

06:41:47 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:41:47 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, 0x0)

06:41:47 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:41:47 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
dup2(r3, r0)
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:41:47 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

06:41:47 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:41:47 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
r0 = getpgrp(0x0)
pidfd_open(r0, 0x0)
syz_open_procfs(r0, &(0x7f0000001100)='net/netlink\x00')
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x4307, 0xc, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x4, 0x400, 0x0, 0x401}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f0000000040)=@IORING_OP_FALLOCATE={0x11, 0x3, 0x0, @fd_index=0x6, 0x0, 0x0, 0x6, 0x0, 0x1}, 0x8)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:41:47 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 76)

[ 1866.123597] FAULT_INJECTION: forcing a failure.
[ 1866.123597] name failslab, interval 1, probability 0, space 0, times 0
[ 1866.125962] CPU: 1 PID: 9738 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1866.127332] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1866.128991] Call Trace:
[ 1866.129542]  dump_stack+0x107/0x167
[ 1866.129572]  should_fail.cold+0x5/0xa
[ 1866.129594]  ? __alloc_skb+0x6d/0x5b0
[ 1866.129619]  should_failslab+0x5/0x20
[ 1866.129640]  kmem_cache_alloc_node+0x55/0x380
[ 1866.129693]  __alloc_skb+0x6d/0x5b0
[ 1866.129723]  alloc_uevent_skb+0x7b/0x210
[ 1866.129749]  kobject_uevent_env+0x99a/0xf90
[ 1866.129790]  driver_bound+0x19d/0x1f0
06:41:47 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}], [{@dont_measure}, {@smackfshat}]})

[ 1866.129815]  device_bind_driver+0xae/0xd0
[ 1866.129842]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1866.129859]  ? ____sys_sendmsg+0x70d/0x870
[ 1866.129875]  ? ___sys_sendmsg+0xf3/0x170
[ 1866.129892]  ? __sys_sendmsg+0xe5/0x1b0
[ 1866.129912]  ? do_syscall_64+0x33/0x40
[ 1866.129933]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1866.129955]  ? lock_acquire+0x197/0x4a0
[ 1866.129974]  ? create_object.isra.0+0x3ad/0xa20
[ 1866.130010]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1866.130033]  ? __kmalloc+0x16e/0x330
[ 1866.130065]  hwsim_new_radio_nl+0x991/0x1080
06:41:48 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 1866.130096]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1866.130139]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1866.130158]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
06:41:48 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}], [{@dont_measure}, {@smackfshat}]})

[ 1866.130187]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1866.130212]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1866.130232]  ? cap_capable+0x1d6/0x240
[ 1866.130270]  ? ns_capable+0xe2/0x110
[ 1866.130296]  genl_rcv_msg+0x33c/0x5a0
[ 1866.130321]  ? genl_get_cmd+0x480/0x480
[ 1866.130346]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1866.130374]  ? lock_release+0x6b0/0x6b0
[ 1866.130396]  ? netlink_deliver_tap+0xf4/0xcd0
06:41:48 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
pwrite64(r0, &(0x7f0000000140)="621b2ddfe4f61d7bb8e0fab8acdd9b935ee5d9bdd1b742d066ac368cd9f615a28e40b092008f2838576c36460a57309cf26ef78198ded908d8c21fdfbe61373033e26fd69305ec778365320610bfca785cbb8f547172dc47655fdb56", 0x5c, 0x5)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x8, 0x2000000}, &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000002a40))
syz_io_uring_submit(r5, 0x0, &(0x7f0000000100)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x2}}, 0x1)
syz_io_uring_submit(r5, r3, &(0x7f0000000280)=@IORING_OP_OPENAT2={0x1c, 0x3, 0x0, 0xffffffffffffff9c, &(0x7f0000000040)={0x6400, 0x4, 0x1}, &(0x7f0000000240)='./file0\x00', 0x18, 0x0, 0xf1365aaf55663d26}, 0x8)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 1866.130426]  netlink_rcv_skb+0x14b/0x430
[ 1866.130445]  ? genl_get_cmd+0x480/0x480
[ 1866.130471]  ? netlink_ack+0xab0/0xab0
[ 1866.130507]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1866.130527]  ? is_vmalloc_addr+0x7b/0xb0
[ 1866.130551]  genl_rcv+0x24/0x40
06:41:48 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_TEE={0x21, 0x5, 0x0, @fd=r4, 0x0, 0x0, 0x7, 0x9, 0x0, {0x0, 0x0, r0}}, 0xffff8001)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 1866.130572]  netlink_unicast+0x549/0x7f0
[ 1866.130603]  ? netlink_attachskb+0x870/0x870
[ 1866.130622]  ? __virt_addr_valid+0x128/0x350
[ 1866.130660]  netlink_sendmsg+0x90f/0xdf0
[ 1866.130693]  ? netlink_unicast+0x7f0/0x7f0
06:41:48 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 77)

06:41:48 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}], [{@dont_measure}, {@smackfshat}]})

[ 1866.130733]  ? netlink_unicast+0x7f0/0x7f0
[ 1866.130752]  sock_sendmsg+0x154/0x190
[ 1866.130774]  ____sys_sendmsg+0x70d/0x870
[ 1866.130798]  ? kernel_sendmsg+0x50/0x50
[ 1866.130815]  ? do_recvmmsg+0x6d0/0x6d0
[ 1866.130837]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1866.130860]  ? lock_downgrade+0x6d0/0x6d0
[ 1866.130886]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1866.130905]  ? SOFTIRQ_verbose+0x10/0x10
[ 1866.130931]  ___sys_sendmsg+0xf3/0x170
[ 1866.130954]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1866.130983]  ? lock_downgrade+0x6d0/0x6d0
[ 1866.131008]  ? find_held_lock+0x2c/0x110
[ 1866.131042]  ? __fget_files+0x296/0x4c0
[ 1866.131081]  ? __fget_light+0xea/0x290
[ 1866.131113]  __sys_sendmsg+0xe5/0x1b0
[ 1866.131133]  ? __sys_sendmsg_sock+0x40/0x40
[ 1866.131152]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1866.131198]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1866.131217]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1866.131238]  ? trace_hardirqs_on+0x5b/0x180
[ 1866.131265]  do_syscall_64+0x33/0x40
[ 1866.131287]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1866.131301] RIP: 0033:0x7f111cc48b19
[ 1866.131323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1866.131335] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
06:41:48 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}], [{@dont_measure}, {@smackfshat}]})

[ 1866.131357] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1866.131369] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1866.131381] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1866.131393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1866.131405] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
[ 1866.595154] FAULT_INJECTION: forcing a failure.
[ 1866.595154] name failslab, interval 1, probability 0, space 0, times 0
[ 1866.595178] CPU: 1 PID: 9763 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1866.595190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1866.595198] Call Trace:
[ 1866.595222]  dump_stack+0x107/0x167
[ 1866.595250]  should_fail.cold+0x5/0xa
[ 1866.595273]  ? create_object.isra.0+0x3a/0xa20
[ 1866.595298]  should_failslab+0x5/0x20
[ 1866.595324]  kmem_cache_alloc+0x5b/0x360
[ 1866.595354]  create_object.isra.0+0x3a/0xa20
[ 1866.595375]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1866.595405]  kmem_cache_alloc_node+0x169/0x380
[ 1866.595436]  __alloc_skb+0x6d/0x5b0
[ 1866.595467]  alloc_uevent_skb+0x7b/0x210
[ 1866.595493]  kobject_uevent_env+0x99a/0xf90
[ 1866.595536]  driver_bound+0x19d/0x1f0
[ 1866.595561]  device_bind_driver+0xae/0xd0
[ 1866.595589]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1866.595607]  ? ____sys_sendmsg+0x70d/0x870
[ 1866.595624]  ? ___sys_sendmsg+0xf3/0x170
[ 1866.595642]  ? __sys_sendmsg+0xe5/0x1b0
[ 1866.595662]  ? do_syscall_64+0x33/0x40
[ 1866.595685]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1866.595708]  ? lock_acquire+0x197/0x4a0
[ 1866.595727]  ? create_object.isra.0+0x3ad/0xa20
[ 1866.595763]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1866.595788]  ? __kmalloc+0x16e/0x330
[ 1866.595821]  hwsim_new_radio_nl+0x991/0x1080
[ 1866.595853]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1866.595897]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1866.595918]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1866.595948]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1866.595974]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1866.595994]  ? cap_capable+0x1d6/0x240
[ 1866.596034]  ? ns_capable+0xe2/0x110
[ 1866.596061]  genl_rcv_msg+0x33c/0x5a0
[ 1866.596087]  ? genl_get_cmd+0x480/0x480
[ 1866.596113]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1866.596142]  ? lock_release+0x6b0/0x6b0
[ 1866.596164]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1866.596196]  netlink_rcv_skb+0x14b/0x430
[ 1866.596216]  ? genl_get_cmd+0x480/0x480
[ 1866.596242]  ? netlink_ack+0xab0/0xab0
[ 1866.596279]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1866.596301]  ? is_vmalloc_addr+0x7b/0xb0
[ 1866.596326]  genl_rcv+0x24/0x40
[ 1866.596347]  netlink_unicast+0x549/0x7f0
[ 1866.596380]  ? netlink_attachskb+0x870/0x870
[ 1866.596399]  ? __virt_addr_valid+0x128/0x350
[ 1866.596438]  netlink_sendmsg+0x90f/0xdf0
[ 1866.596472]  ? netlink_unicast+0x7f0/0x7f0
[ 1866.596512]  ? netlink_unicast+0x7f0/0x7f0
[ 1866.596533]  sock_sendmsg+0x154/0x190
[ 1866.596555]  ____sys_sendmsg+0x70d/0x870
[ 1866.596580]  ? kernel_sendmsg+0x50/0x50
[ 1866.596597]  ? do_recvmmsg+0x6d0/0x6d0
[ 1866.596620]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1866.596643]  ? lock_downgrade+0x6d0/0x6d0
[ 1866.596669]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1866.596688]  ? SOFTIRQ_verbose+0x10/0x10
[ 1866.596715]  ___sys_sendmsg+0xf3/0x170
[ 1866.596739]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1866.596768]  ? lock_downgrade+0x6d0/0x6d0
[ 1866.596794]  ? find_held_lock+0x2c/0x110
[ 1866.596828]  ? __fget_files+0x296/0x4c0
[ 1866.596864]  ? __fget_light+0xea/0x290
[ 1866.596897]  __sys_sendmsg+0xe5/0x1b0
[ 1866.596917]  ? __sys_sendmsg_sock+0x40/0x40
[ 1866.596937]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1866.596983]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1866.597004]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1866.597025]  ? trace_hardirqs_on+0x5b/0x180
[ 1866.597052]  do_syscall_64+0x33/0x40
[ 1866.597075]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1866.597089] RIP: 0033:0x7f111cc48b19
[ 1866.597111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1866.597123] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1866.597147] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1866.597160] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1866.597173] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1866.597185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1866.597198] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:42:03 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000040)=ANY=[@ANYBLOB="000000000500000018000000", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="2e2f66696c4d05f10a83e654744eb53c6156"])
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x100)
setregid(0x0, r3)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:42:03 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}], [{@dont_measure}, {@smackfshat}]})

06:42:03 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:03 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

06:42:03 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:03 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:03 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcb}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:42:03 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 78)

[ 1882.076786] FAULT_INJECTION: forcing a failure.
[ 1882.076786] name failslab, interval 1, probability 0, space 0, times 0
[ 1882.079123] CPU: 1 PID: 9790 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1882.080517] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1882.082166] Call Trace:
[ 1882.082705]  dump_stack+0x107/0x167
[ 1882.083437]  should_fail.cold+0x5/0xa
[ 1882.084216]  ? create_object.isra.0+0x3a/0xa20
[ 1882.085124]  should_failslab+0x5/0x20
[ 1882.085924]  kmem_cache_alloc+0x5b/0x360
[ 1882.086755]  create_object.isra.0+0x3a/0xa20
[ 1882.087655]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1882.088673]  kmem_cache_alloc_node+0x169/0x380
[ 1882.089620]  __alloc_skb+0x6d/0x5b0
[ 1882.090379]  alloc_uevent_skb+0x7b/0x210
[ 1882.091214]  kobject_uevent_env+0x99a/0xf90
[ 1882.092104]  driver_bound+0x19d/0x1f0
[ 1882.092885]  device_bind_driver+0xae/0xd0
[ 1882.093732]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1882.094740]  ? ____sys_sendmsg+0x70d/0x870
[ 1882.095592]  ? ___sys_sendmsg+0xf3/0x170
[ 1882.096384]  ? __sys_sendmsg+0xe5/0x1b0
[ 1882.097187]  ? do_syscall_64+0x33/0x40
[ 1882.097998]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1882.099077]  ? lock_acquire+0x197/0x4a0
[ 1882.099876]  ? create_object.isra.0+0x3ad/0xa20
[ 1882.100836]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1882.101769]  ? __kmalloc+0x16e/0x330
[ 1882.102555]  hwsim_new_radio_nl+0x991/0x1080
[ 1882.103450]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1882.104496]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1882.105826]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1882.107144]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1882.108130]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1882.109440]  ? cap_capable+0x1d6/0x240
[ 1882.110257]  ? ns_capable+0xe2/0x110
[ 1882.111005]  genl_rcv_msg+0x33c/0x5a0
[ 1882.111781]  ? genl_get_cmd+0x480/0x480
[ 1882.112584]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1882.113631]  ? lock_release+0x6b0/0x6b0
[ 1882.114440]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1882.115359]  netlink_rcv_skb+0x14b/0x430
[ 1882.116208]  ? genl_get_cmd+0x480/0x480
[ 1882.117027]  ? netlink_ack+0xab0/0xab0
[ 1882.117840]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1882.118789]  ? is_vmalloc_addr+0x7b/0xb0
[ 1882.119628]  genl_rcv+0x24/0x40
[ 1882.120307]  netlink_unicast+0x549/0x7f0
[ 1882.121159]  ? netlink_attachskb+0x870/0x870
[ 1882.122065]  ? __virt_addr_valid+0x128/0x350
[ 1882.122990]  netlink_sendmsg+0x90f/0xdf0
[ 1882.123851]  ? netlink_unicast+0x7f0/0x7f0
[ 1882.124735]  ? netlink_unicast+0x7f0/0x7f0
[ 1882.125603]  sock_sendmsg+0x154/0x190
[ 1882.126400]  ____sys_sendmsg+0x70d/0x870
[ 1882.127220]  ? kernel_sendmsg+0x50/0x50
[ 1882.128037]  ? do_recvmmsg+0x6d0/0x6d0
[ 1882.128841]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1882.129919]  ? lock_downgrade+0x6d0/0x6d0
[ 1882.130771]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1882.131825]  ? SOFTIRQ_verbose+0x10/0x10
[ 1882.132658]  ___sys_sendmsg+0xf3/0x170
[ 1882.133443]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1882.134399]  ? lock_downgrade+0x6d0/0x6d0
[ 1882.135224]  ? find_held_lock+0x2c/0x110
[ 1882.136063]  ? __fget_files+0x296/0x4c0
[ 1882.136873]  ? __fget_light+0xea/0x290
[ 1882.137677]  __sys_sendmsg+0xe5/0x1b0
[ 1882.138478]  ? __sys_sendmsg_sock+0x40/0x40
[ 1882.139358]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1882.140338]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1882.141404]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1882.142467]  ? trace_hardirqs_on+0x5b/0x180
[ 1882.143345]  do_syscall_64+0x33/0x40
[ 1882.144110]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1882.145152] RIP: 0033:0x7f111cc48b19
[ 1882.145928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1882.149681] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1882.151256] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1882.152705] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1882.154175] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1882.155625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
06:42:03 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

[ 1882.157078] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:42:04 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0x0, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:04 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}], [{@dont_measure}, {@smackfshat}]})

06:42:04 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000180)={0x4, 0x8, 0x3, 0x9, 0x81, "def5d1b09ad41c5b0d102cfcc174f00a1be5c4", 0x0, 0x80000001})
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r0, {0xee01, <r3=>0xffffffffffffffff}}, './file0\x00'})
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x3f, 0x47, 0x5d, 0x8c, 0x0, 0x7fffffff, 0x1, 0xc, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x4, @perf_config_ext={0xb121, 0x4}, 0x8008, 0xfffffffffffffffe, 0x7ea, 0x2, 0x4, 0xba, 0xdc, 0x0, 0x3f, 0x0, 0x8b6}, 0x0, 0x3, r0, 0x2)
openat(r2, &(0x7f0000000040)='./file0\x00', 0x2022c0, 0x40)
setregid(0x0, 0x0)
setresgid(r3, r3, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:42:04 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:04 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}, {@hide}], [{@dont_measure}, {@smackfshat}]})

06:42:04 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x4307, 0x20924, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x4, 0x7}, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x9, 0xa0, 0x0, 0xfd, 0x0, 0xffffffffffffffff, 0xb120, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000040), 0x4}, 0x88f2, 0xffff, 0x2694, 0x3, 0x200, 0xc501, 0x33, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, 0x0, 0x5, r0, 0x8)
r5 = socket$packet(0x11, 0x2, 0x300)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r7=>0x0})
sendto$packet(r5, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x11, 0x8100, r7, 0x1, 0x0, 0x6, @local}, 0x14)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010026bd7000fedbdf25c6e50100000008000600", @ANYRES32=r7, @ANYBLOB="0500290000000000"], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x840)
ioctl$sock_ipv6_tunnel_SIOCADDPRL(r4, 0x89f5, &(0x7f00000003c0)={'sit0\x00', &(0x7f0000000340)={'syztnl2\x00', <r8=>0x0, 0x29, 0x81, 0x3, 0x0, 0x32, @empty, @private2={0xfc, 0x2, '\x00', 0x1}, 0x20, 0x20, 0x3f, 0x1}})
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000400)={&(0x7f00000007c0)=ANY=[@ANYBLOB="88010000", @ANYRES16=0x0, @ANYBLOB="000229bd7000fcdbdf250600000048000180140002006970365f76746930000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="140002006d6163766c616e300000000000000000140002006d6163766c616e310000000000000000440001801400020074756e6c300000000000000000000000140002006970365f76746930000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="3800018008000100", @ANYRES32=0x0, @ANYBLOB="14001500776c616e3100000000000000000000000800030002000000080003000200003c0001800800030002000000140002007668305f746f5f6873720000000008000100d5818ae54839e5fa885138e54819d969f5428944b7237885131abed602c991f427a409f0d8ec58be5fda2de0fdbcca9b268e51bd6efefa37c2fb35c88a7440b08f938823a1e005cd451ba5a8ddb691a65b7d2a33c0bd53320584a9750124d6cd15b11a18b9b06b4700002f0087e5b8940932c8b1d8a81fc5f7c2419c297a843832ff22a4bcb6fb7fa235b58189c2a9c49246f2e0633da273ecac39d92be49e0300000000000000adf03b02c263859d809a0d4e5cdd17a51f800ff7b3f53a0822ccd16a5ac1697fe076ab86bc435c7b6147a0358400000000000000a25861c0ef7b4266557c4f90f732eabb8d0b430324638a43a500be7cb98c348cce163daa4ccc920100000000000000926b31a7d4cdcabe9a6eda779c4e", @ANYRES32=r8, @ANYBLOB="140002007465616d5f736c6176655f30000000004c00018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000300000000001400020076657468305f746f5f6873720000000008000300020000001400020064756d6d7930000000000000000000002800018008000100", @ANYRES32=r7, @ANYBLOB="140002006e6574706369300000000000000000000800030002000000"], 0x188}, 0x1, 0x0, 0x0, 0x800}, 0x80)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:42:04 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 79)

06:42:04 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
ioctl$TIOCSBRK(0xffffffffffffffff, 0x5427)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000010000001e000000e80b421aafab522045428921d5307fe74392355ad54cf87af0c23011762f0625e7ddd81570387c9cac922b517850dc9e335f7557db8a0dff", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="3f0066696c6596198705b6fcb0d2d4b62187cac7ed6475ee47284720bda64f000fad8f1947229b1ce663087da33efb905cee7fa92fa9951423f636efcf8a46ab10c61bb52162f1fb5428ce10818ccb6825ac84f989b8b857a71946bc37582b1dfae2922ba3ba0a4b95af59b0727917c67e7a830e64dec88cf28703000000ab02b441c6e5dcc317217714f667f26c243164711a198642a4be1ba74a7b4d9598b6bb6b394aadf9c717343d420a351b06707391430cb0606abd8420920ef4d7f289b335ced79b4e905eceb95bdd80faa7395e36da31f7c71891ae429fa9c29bcba215ee625c88a752aca11dcf03897c10e9a7e657f0f8604646d0088c6c187247e2a33b15ffbd8b0d8186a59777d6d00216651aec3fb7778d38f1c1ab3c7a8921155898e52c70cd4689b7bd0aeb61e8ceb5ec22c9c46130debe0714dd21c268aa283475529d36dbc94a75"])
setregid(0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000005c0), 0x5, 0x4000)
r4 = getegid()
r5 = getegid()
setregid(0x0, r5)
fsetxattr$system_posix_acl(r3, &(0x7f0000000600)='system.posix_acl_default\x00', &(0x7f0000000640)={{}, {0x1, 0x5}, [{0x2, 0x2, 0xffffffffffffffff}, {0x2, 0x1, 0xffffffffffffffff}], {0x4, 0x7}, [{0x8, 0x4, r4}, {0x8, 0x7, 0xffffffffffffffff}, {0x8, 0x6, r5}], {0x10, 0x7}, {0x20, 0x2}}, 0x4c, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

[ 1882.621090] FAULT_INJECTION: forcing a failure.
[ 1882.621090] name failslab, interval 1, probability 0, space 0, times 0
[ 1882.623549] CPU: 0 PID: 9825 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1882.624951] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1882.626671] Call Trace:
[ 1882.627222]  dump_stack+0x107/0x167
[ 1882.627992]  should_fail.cold+0x5/0xa
[ 1882.628802]  should_failslab+0x5/0x20
[ 1882.629583]  __kmalloc_node_track_caller+0x74/0x310
[ 1882.630613]  ? alloc_uevent_skb+0x7b/0x210
[ 1882.631503]  __alloc_skb+0xb1/0x5b0
[ 1882.632275]  alloc_uevent_skb+0x7b/0x210
[ 1882.633118]  kobject_uevent_env+0x99a/0xf90
[ 1882.634057]  driver_bound+0x19d/0x1f0
[ 1882.634853]  device_bind_driver+0xae/0xd0
06:42:04 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}, {@hide}], [{@dont_measure}, {@smackfshat}]})

[ 1882.635716]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1882.636825]  ? ____sys_sendmsg+0x70d/0x870
[ 1882.637699]  ? ___sys_sendmsg+0xf3/0x170
[ 1882.638534]  ? __sys_sendmsg+0xe5/0x1b0
[ 1882.639333]  ? do_syscall_64+0x33/0x40
[ 1882.640123]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1882.641250]  ? lock_acquire+0x197/0x4a0
[ 1882.642067]  ? create_object.isra.0+0x3ad/0xa20
[ 1882.643081]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1882.644007]  ? __kmalloc+0x16e/0x330
[ 1882.644784]  hwsim_new_radio_nl+0x991/0x1080
[ 1882.645714]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1882.646886]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1882.648240]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1882.649545]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1882.650558]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1882.651883]  ? cap_capable+0x1d6/0x240
[ 1882.652728]  ? ns_capable+0xe2/0x110
[ 1882.653494]  genl_rcv_msg+0x33c/0x5a0
[ 1882.654299]  ? genl_get_cmd+0x480/0x480
[ 1882.655138]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1882.656219]  ? lock_release+0x6b0/0x6b0
[ 1882.657043]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1882.657998]  netlink_rcv_skb+0x14b/0x430
[ 1882.658831]  ? genl_get_cmd+0x480/0x480
[ 1882.659664]  ? netlink_ack+0xab0/0xab0
[ 1882.660486]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1882.661430]  ? is_vmalloc_addr+0x7b/0xb0
[ 1882.662303]  genl_rcv+0x24/0x40
[ 1882.662996]  netlink_unicast+0x549/0x7f0
[ 1882.663869]  ? netlink_attachskb+0x870/0x870
[ 1882.664774]  ? __virt_addr_valid+0x128/0x350
[ 1882.665730]  netlink_sendmsg+0x90f/0xdf0
[ 1882.666609]  ? netlink_unicast+0x7f0/0x7f0
[ 1882.667522]  ? netlink_unicast+0x7f0/0x7f0
[ 1882.668408]  sock_sendmsg+0x154/0x190
[ 1882.669210]  ____sys_sendmsg+0x70d/0x870
[ 1882.670084]  ? kernel_sendmsg+0x50/0x50
[ 1882.670901]  ? do_recvmmsg+0x6d0/0x6d0
[ 1882.671704]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1882.672800]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1882.673874]  ? SOFTIRQ_verbose+0x10/0x10
[ 1882.674751]  ___sys_sendmsg+0xf3/0x170
[ 1882.675562]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1882.676518]  ? lock_downgrade+0x6d0/0x6d0
[ 1882.677389]  ? find_held_lock+0x2c/0x110
[ 1882.678272]  ? __fget_files+0x296/0x4c0
[ 1882.679121]  ? __fget_light+0xea/0x290
[ 1882.679955]  __sys_sendmsg+0xe5/0x1b0
[ 1882.680750]  ? __sys_sendmsg_sock+0x40/0x40
[ 1882.681651]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1882.682670]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1882.683747]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1882.684810]  ? trace_hardirqs_on+0x5b/0x180
[ 1882.685720]  do_syscall_64+0x33/0x40
[ 1882.686509]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1882.687573] RIP: 0033:0x7f111cc48b19
[ 1882.688338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1882.692109] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1882.693657] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1882.695119] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1882.696570] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1882.698035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1882.699487] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:42:21 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 80)

06:42:21 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4303, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x6}, 0x0, 0x0, 0x400, 0x0, 0x1, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3875, &(0x7f0000000080)={0x0, 0x404}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000900)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
pwritev2(r4, &(0x7f00000007c0)=[{&(0x7f0000000400)="2ff049456be09add71663da6f12a841135153e924015d0e710aedaa127655cb1abc7779345ac51c6532d53ddeb345e0b18c9bc720ad875419e678f75a6abaf05a5f6b748e22d1cce65f2233e41f9a3a00e3093ac91a99a12ab0c69960b601e208b946e6050c35be0943f2062f581b6c7ccd4f6f5ae98", 0x76}, {&(0x7f0000000500)="423262034a47e53d326f26fdd689642f8abedadeb60d79fa494fb66fe80cd9b554d1634f33de0a8dbe4e31eb1e46f8d980ebeca6236c436e2525e735400af481875f4a87d729785a44af9c553b1c1f245de7c6f61cbf534c5ee9a98cc18ff2af06a5f5c41580298d789281ec30f5bc112e671c9838e16d91a8166ac0145c97d1c10ff192c7ecc4c585fb905836d32f42af43b3e2f3eacf10af05b1329ac204c79cb64c2193ca4b68216d16a35747023a526032f648f5bd8de54bb8d0cfedbbf478d3", 0xc2}, {&(0x7f0000000600)="f1f5bc0640fd413e158363b480e134f87ff24a02ba3f76227e85e099cd0e5729d2ac78f01c3d7a2ffcc3cd2d47de8570f6533a44650f7d8ccdada1e3304a49bb7bb12b1fdd8e0bb89443a35c3fbed094dded1349cc2a3d6b1a15c49b49b3949bd5765779a95032c154933a2dad2759a1830598af35764d71b6bca7575187b2725b8991e4b92d39f8eae302a3da7d3762f64cf2539555aa5c7d", 0x99}, {&(0x7f00000006c0)="361a85eb2ef58f3220ae10243bcae65a8017fc106106613df8acc270a4a3145cbb4aec6a427906cc69210f952888f0a5ad8723691b5e0dba1fcc3fb3f56306a292ca8b37cc287335ff150c0abe4eddfe39c5560b1f66dbb207b01b231a3a9e607149dbacb97aa66657245f10dd12424c092e4bce293a882e2e5717c087769375c9b9c6a96eafe2944825201000efec1e40be38db3a07c1b6825c534b160c71a8ce6e43e222a11ab2d7aabbcf5220daf5c11c7ea7c6947be891e86780f932ab33d2e66a809a83e3cb92ae585a397f07e7da8bac373be3a6eb25", 0xd9}], 0x4, 0x3, 0x4, 0x10)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0xc0a85322, &(0x7f0000000240))
getsockopt$bt_BT_POWER(r5, 0x112, 0x9, &(0x7f0000000040), &(0x7f00000008c0)=0x1)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
r6 = accept4(r3, 0x0, &(0x7f0000000180), 0x80400)
sendmsg$nl_generic(r6, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x283a8653740ee4cb}, 0xc, &(0x7f0000000380)={&(0x7f0000000940)=ANY=[@ANYBLOB="700000003f00000429bd700711dbdf25000000005c000e80268e2176271c859775af7dd09bc6cb371c4d75940752c2a9d90d21531deddb1f2279f950a50d07424e83b5d933bef412353be5c2c46698793bf4ab7a71074c4c8637af7f1a408374ae584b8de2cfd20908002000", @ANYRES32, @ANYBLOB="afe4daaf4d9a5579cdc32b18d1c6cc3859942e0cee86a56a571f7ceb80030149fb55c42c4b20e6ae2baad25d642832e7ef4991acc918964dd9247e661a8ce87fda4c5e560c294f270ff9e51138c5506c22cac17fec8aafa6c72429e725eb50dce384679034dd79bbae806165a6cdc2d790bc8f640ef040c86ec01fe640f824c253c894a6df88173743cb3da20caf03859a87a5e4cc2a2ba34659bae5fecc02d8f3d186bdc22274d44ccb2c3ffb380b54e844b536ade8873a5e0154585a0e9c0fe5d74288ff6d915f4993e9d4ed82ec8575bac44398a31f486f8a24bff9"], 0x70}, 0x1, 0x0, 0x0, 0x42000}, 0x44)
perf_event_open(&(0x7f0000000840)={0x4, 0x80, 0xef, 0x3, 0xff, 0x3, 0x0, 0xfffffffffffffffa, 0x2000, 0x5, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x1, 0x8}, 0x40000, 0xef8, 0x7, 0x3, 0x1, 0x400, 0x0, 0x0, 0x400, 0x0, 0x10000}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:42:21 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)=ANY=[@ANYBLOB="010a00000100d102bf1684d000001800000040653870c00370827e3f89e750b9069e02360a8ea326615c53169921f03e7e51e669595d76d0fbe033bf3c59a344b16284a0349e", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB='./file0\x00'])
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
ioctl$GIO_SCRNMAP(r1, 0x4b40, &(0x7f0000000180)=""/226)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:42:21 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

06:42:21 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:21 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0x0, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:21 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:21 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}, {@hide}], [{@dont_measure}, {@smackfshat}]})

[ 1900.050092] FAULT_INJECTION: forcing a failure.
[ 1900.050092] name failslab, interval 1, probability 0, space 0, times 0
[ 1900.052565] CPU: 1 PID: 9852 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1900.053954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1900.055622] Call Trace:
[ 1900.056157]  dump_stack+0x107/0x167
[ 1900.056899]  should_fail.cold+0x5/0xa
[ 1900.057669]  ? create_object.isra.0+0x3a/0xa20
[ 1900.058593]  ? create_object.isra.0+0x3a/0xa20
[ 1900.059538]  should_failslab+0x5/0x20
[ 1900.060302]  kmem_cache_alloc+0x5b/0x360
[ 1900.061134]  create_object.isra.0+0x3a/0xa20
[ 1900.062020]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1900.063085]  __kmalloc_node_track_caller+0x1a6/0x310
[ 1900.064110]  ? alloc_uevent_skb+0x7b/0x210
[ 1900.064976]  __alloc_skb+0xb1/0x5b0
[ 1900.065722]  alloc_uevent_skb+0x7b/0x210
[ 1900.066549]  kobject_uevent_env+0x99a/0xf90
[ 1900.067429]  driver_bound+0x19d/0x1f0
[ 1900.068190]  device_bind_driver+0xae/0xd0
[ 1900.069026]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1900.070004]  ? ____sys_sendmsg+0x70d/0x870
[ 1900.070867]  ? ___sys_sendmsg+0xf3/0x170
[ 1900.071680]  ? __sys_sendmsg+0xe5/0x1b0
[ 1900.072476]  ? do_syscall_64+0x33/0x40
[ 1900.073253]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1900.074320]  ? lock_acquire+0x197/0x4a0
[ 1900.075109]  ? create_object.isra.0+0x3ad/0xa20
[ 1900.076050]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1900.076984]  ? __kmalloc+0x16e/0x330
[ 1900.077743]  hwsim_new_radio_nl+0x991/0x1080
[ 1900.078643]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1900.079692]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1900.080993]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1900.082301]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1900.083269]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1900.084580]  ? cap_capable+0x1d6/0x240
[ 1900.085377]  ? ns_capable+0xe2/0x110
[ 1900.086137]  genl_rcv_msg+0x33c/0x5a0
[ 1900.086909]  ? genl_get_cmd+0x480/0x480
[ 1900.087711]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1900.088746]  ? lock_release+0x6b0/0x6b0
[ 1900.089541]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1900.090459]  netlink_rcv_skb+0x14b/0x430
[ 1900.091269]  ? genl_get_cmd+0x480/0x480
[ 1900.092069]  ? netlink_ack+0xab0/0xab0
[ 1900.092869]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1900.093777]  ? is_vmalloc_addr+0x7b/0xb0
[ 1900.094611]  genl_rcv+0x24/0x40
[ 1900.095274]  netlink_unicast+0x549/0x7f0
[ 1900.096105]  ? netlink_attachskb+0x870/0x870
[ 1900.096982]  ? __virt_addr_valid+0x128/0x350
[ 1900.097879]  netlink_sendmsg+0x90f/0xdf0
[ 1900.098714]  ? netlink_unicast+0x7f0/0x7f0
[ 1900.099574]  ? netlink_unicast+0x7f0/0x7f0
[ 1900.100412]  sock_sendmsg+0x154/0x190
[ 1900.101174]  ____sys_sendmsg+0x70d/0x870
[ 1900.101988]  ? kernel_sendmsg+0x50/0x50
[ 1900.102784]  ? do_recvmmsg+0x6d0/0x6d0
[ 1900.103564]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1900.104614]  ? lock_downgrade+0x6d0/0x6d0
[ 1900.105446]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1900.106525]  ? SOFTIRQ_verbose+0x10/0x10
[ 1900.106551]  ___sys_sendmsg+0xf3/0x170
[ 1900.106574]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1900.106603]  ? lock_downgrade+0x6d0/0x6d0
[ 1900.106628]  ? find_held_lock+0x2c/0x110
[ 1900.106661]  ? __fget_files+0x296/0x4c0
[ 1900.106697]  ? __fget_light+0xea/0x290
[ 1900.106728]  __sys_sendmsg+0xe5/0x1b0
[ 1900.106748]  ? __sys_sendmsg_sock+0x40/0x40
[ 1900.106768]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1900.106814]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1900.106833]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1900.106854]  ? trace_hardirqs_on+0x5b/0x180
[ 1900.106880]  do_syscall_64+0x33/0x40
[ 1900.106903]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1900.106917] RIP: 0033:0x7f111cc48b19
[ 1900.106939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1900.106951] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1900.106974] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1900.106986] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1900.106999] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1900.107011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1900.107023] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:42:22 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}], [{@dont_measure}, {@smackfshat}]})

06:42:22 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0x0, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

06:42:22 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x80000000, 0x40}, 0x0, 0xfffffffffffffffe, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:42:22 executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000280), r0)
sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x40, r1, 0x200, 0x70bd2b, 0x100, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @private=0xa010102}, @NLBL_MGMT_A_CV4DOI={0x8}, @NLBL_MGMT_A_DOMAIN={0x7, 0x1, '//\x00'}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast2}]}, 0x40}}, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r3)
sendmsg$IEEE802154_ASSOCIATE_REQ(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000640)={0x30, r4, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_COORD_PAN_ID={0x6}, @IEEE802154_ATTR_CHANNEL={0x5}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc}]}, 0x30}}, 0x0)
sendmsg$IEEE802154_ASSOCIATE_RESP(r0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="0000000087d508458b596eb7b3ad55ded39a1e9b656153966f43ce55bd9838e6ac39a74878f44e2d668d40688a9787c492045d00ce4cda6618302a4845eeb9dba6722b801c98e79ba8a2c3ba0fb4221c591b4a8b3b466fe042593fb31d70a8e4a06aaee8a1ab3c4a6183293c97e5c59e90", @ANYRES16=r4, @ANYBLOB="08002dbd7000fedbdf251300000006000800a2aa000000000800a1aa000005000300330000000c0009000101555555555555060008000000000006000800a0aa00000500030040000000"], 0x50}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r5 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0xee00, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r5, {0xee01, <r7=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r7, r7, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r6, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:42:22 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 81)

06:42:22 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0x0, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 1900.540521] FAULT_INJECTION: forcing a failure.
[ 1900.540521] name failslab, interval 1, probability 0, space 0, times 0
[ 1900.542996] CPU: 0 PID: 9882 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1900.544363] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1900.546019] Call Trace:
[ 1900.546563]  dump_stack+0x107/0x167
[ 1900.547310]  should_fail.cold+0x5/0xa
[ 1900.548092]  should_failslab+0x5/0x20
[ 1900.548858]  __kmalloc_node_track_caller+0x74/0x310
[ 1900.549856]  ? alloc_uevent_skb+0x7b/0x210
[ 1900.550734]  __alloc_skb+0xb1/0x5b0
[ 1900.551482]  alloc_uevent_skb+0x7b/0x210
[ 1900.552306]  kobject_uevent_env+0x99a/0xf90
[ 1900.553211]  driver_bound+0x19d/0x1f0
[ 1900.553985]  device_bind_driver+0xae/0xd0
[ 1900.554885]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1900.555868]  ? ____sys_sendmsg+0x70d/0x870
[ 1900.556806]  ? ___sys_sendmsg+0xf3/0x170
[ 1900.557714]  ? __sys_sendmsg+0xe5/0x1b0
[ 1900.558635]  ? do_syscall_64+0x33/0x40
[ 1900.559509]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1900.560698]  ? lock_acquire+0x197/0x4a0
[ 1900.561600]  ? create_object.isra.0+0x3ad/0xa20
[ 1900.562686]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1900.563763]  ? __kmalloc+0x16e/0x330
[ 1900.564624]  hwsim_new_radio_nl+0x991/0x1080
[ 1900.565652]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1900.566855]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1900.568343]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1900.569832]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1900.570941]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1900.572433]  ? cap_capable+0x1d6/0x240
[ 1900.573357]  ? ns_capable+0xe2/0x110
[ 1900.574225]  genl_rcv_msg+0x33c/0x5a0
[ 1900.575104]  ? genl_get_cmd+0x480/0x480
[ 1900.576015]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1900.577227]  ? lock_release+0x6b0/0x6b0
[ 1900.578142]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1900.579166]  netlink_rcv_skb+0x14b/0x430
[ 1900.580080]  ? genl_get_cmd+0x480/0x480
[ 1900.580982]  ? netlink_ack+0xab0/0xab0
[ 1900.581885]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1900.582919]  ? is_vmalloc_addr+0x7b/0xb0
[ 1900.583843]  genl_rcv+0x24/0x40
[ 1900.584588]  netlink_unicast+0x549/0x7f0
[ 1900.585526]  ? netlink_attachskb+0x870/0x870
[ 1900.586520]  ? __virt_addr_valid+0x128/0x350
[ 1900.587544]  netlink_sendmsg+0x90f/0xdf0
[ 1900.588478]  ? netlink_unicast+0x7f0/0x7f0
[ 1900.589466]  ? netlink_unicast+0x7f0/0x7f0
[ 1900.590433]  sock_sendmsg+0x154/0x190
[ 1900.591299]  ____sys_sendmsg+0x70d/0x870
[ 1900.592222]  ? kernel_sendmsg+0x50/0x50
[ 1900.593112]  ? do_recvmmsg+0x6d0/0x6d0
[ 1900.593992]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1900.595191]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1900.596356]  ? SOFTIRQ_verbose+0x10/0x10
[ 1900.597303]  ___sys_sendmsg+0xf3/0x170
[ 1900.598204]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1900.599265]  ? lock_downgrade+0x6d0/0x6d0
[ 1900.600220]  ? find_held_lock+0x2c/0x110
[ 1900.601173]  ? __fget_files+0x296/0x4c0
[ 1900.602110]  ? __fget_light+0xea/0x290
[ 1900.603040]  __sys_sendmsg+0xe5/0x1b0
[ 1900.603907]  ? __sys_sendmsg_sock+0x40/0x40
[ 1900.604881]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1900.605976]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1900.607182]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1900.608349]  ? trace_hardirqs_on+0x5b/0x180
[ 1900.609346]  do_syscall_64+0x33/0x40
[ 1900.610218]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1900.611391] RIP: 0033:0x7f111cc48b19
[ 1900.612241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1900.616413] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1900.618157] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1900.619753] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1900.621342] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1900.622946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1900.624553] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:42:22 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[], [{@dont_measure}, {@smackfshat}]})

06:42:22 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f0000000040)={0xdda5, 0x3, 0x2})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:42:22 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4, 0x0, 0x3}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000040)=<r3=>0x0)
perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0xc, 0x3, 0x1, 0x0, 0x0, 0xf0f, 0x1829, 0xc, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1000, 0x2, @perf_config_ext={0x0, 0x9}, 0x8a0, 0x3f2, 0x7, 0x4, 0x1ff, 0x1, 0x7, 0x0, 0x80000001, 0x0, 0x6}, r3, 0xa, 0xffffffffffffffff, 0x9)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
fcntl$dupfd(r5, 0x0, r5)
pread64(r5, &(0x7f0000000240)=""/135, 0x87, 0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:42:22 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:22 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[], [{@dont_measure}, {@smackfshat}]})

06:42:36 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 82)

06:42:36 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)=ANY=[@ANYBLOB='\x00'/12, @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB='./file0\x00'])
setregid(0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640)={0x0, ""/256, <r3=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={<r4=>0x0, <r5=>0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001300)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000007d440)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {r3}, {}, {}, {}, {}, {r5}, {r5}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {r6}, {}, {}, {}, {}, {<r9=>0x0}, {}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}], 0x0, "46dacd8396fe92"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640))
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={0x0, 0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, &(0x7f0000000100)={0x6, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r10=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}], 0x0, "764d8d85dbf79c"})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000001e00)={r10, 0x0, "f6b24fab1956fe42e3d08b12e4f7796237580808bee97626fdd60feb5b94c58070dd6ed34230fd5a36c8f89bae4e2e898acc25f54b970f7f035c51b7158e1a31014039df3948d7363fe59f5b5178661ab0d11202f9da09e7f6910d41e24b101b3743cadbdd029c189b524fdad87784b2419872153d7136a4dc600a960dc2d8e0a7529789c924096747581ecfaca33fdb9332c348e97a12728c4d5ee548e1e517db3903d3d72a7a06f657af3e68caf41cc753dceae18e3bcc6292510dac480b4e13ae9726b04015077680c0a19102dc7019fa5310a156db1150fb84d14b2c8853bffdfae852a6d3b4322fb9fb4941e72ba1f4a7cce83f2c0ee6a48e9e9d641ab3", "2f7708488ea7fc83c8f8ab35a2e94adbbecb6bff882fea3c904ed64d3dff0a555c11fe57cdce7b81e63832a73d3930d56cee0b4164861acba292e8cf46df52014db95de88ba6677273f787b0aac9c2772d7b2c54a33f63fdc86985f1a0ab2621aeac8dfc62314e652262ab4039b94dfe81a31bf256f1cbb124b3f296bd56f1f1b8cadf35062dcaaa165daa788d6d7a0f63886698f23f65dfb2303dcb2442525f712438b029ab87621bb9d712c62cb340668ed20efcff12a3265b9c6bfc2b6f0e93747c67b30548b61c9fdd629021cf5537dee33b1fd7977a5858193c3e2525a93c51dc1cc69bebd5b18524a897357390b241e36c247568512c9bb859eee293d2a908bc5a0cc27e103acfe1d3d2b13fec2e4b7d71b825f42cc52af482d668bfc46509855da93fc7b6e836159da73e3d6b2df628ec6286a1622cdcdaec5d7e3afae96060a38d4a77f02531da5e1dd4652ef8e9424d9a0d30322bbd3868a75c186d90847a6e3874ca76e1bfe2e828f9b32fdf9822b3f939403ac1b6272bb017272041b1a176281ee9666072e17b20897ce73c50d95e38627f81bfa477db7acda75a49ab609cd7d7dfc0302a96577bf65554584b2d20a7bab9c94467caf24a0af68f1e682aeaaa4f4eed7c9de04ead959d844b05aa20441310dfc3de77be09e3b9591e5be74b8377f56726fc97f4d071e96e92b6634ea914f9d01d926a3b84d1384767ddbce9627b24a7b9f690d42041bf7eb4384389bc9f148bbc83db2fe78049659d6f6185e739e696bec707649bd1bbd065bbe496aea4c3990214bf695da53825bed4c9dd1e92409dab6dc3058e522507e2288c6f8932d9158e8a4c8df05dc594a50132d0f59691f92ad7f2db52f138d739fc83039d22b05bc5b70d1fe8334e1040ddefef8274ba2772f35e6465e1ec940e4cf205fc43e98cf84842275b738ac9a09a396505a0d5f378465522a43c45d5d5750004db3bd4a82ab61c3702a2170300e5489051f520db2befa703ab970877323a5a80dc750073a06e339ea59e86564e2b3ab04e0fbd273c6e57042c84f21ce284f3da8be857a79764c7bc3722d15b92cb678cfa3176158af5a4316737129ed53aebb8e8751f4b0355628cff904f53f2309ff68e0455302a99e56c51b6d6814481aa805c7fb43eeed704458ac17af72141d8aa31997a751e26bd569ed135eb67a141ed5387e46c3864c7b2e82224ce0f9f829931074213e56f5e1e3f2f4af3e02372ebf6e9c356231e59c94311b59de0bf5a2d4265d99992db55b45e259f7c0669ca527624d7e7034ddfbce39fdcd5f46ef0804f74330fbdd3a75ffcc1a183b3e2e7d37236d201b0b1aefc7fbdaad55a50e33878a6b2b5680c9f4530b6d1f79c229941c99230e191521b581ad3b74a28d3b1829fc6dc60e681ea54272285c2a628897213ce917dcbb449d2d2d4de3bc74221cbb16ba987d22ebb42b28c7729a7bfec0e47b3fabb7c55e7ee3b5dc730070025960737629be8e3a40f219c149b589c51e4099fe4190fa257ef4f0a0ff5dd2ccc2df852e6db3a85ccd4b7742f0dae859081be2b6a980789624128d7189cc8248ba469782e9e63c839e8f3a7a0d80652283f394693fe96c19f459f8895e76241a85a24dc80821e2b83f59afee21b58c45508d206fedbad5144b259974b5d51d047e9e4b6c28254c7526d0e08a6bffe81de79b22989c29a096097bdc1554784e5b3dc6a042ffcd8a38c01eeb794e4d2de54815b2801786d752c87787fc712d58b121cb684b9a3d4f0b780390767c6961bd9aec68852d5a828a945c7b2eb265ddf8e8f13e8c10ac321d7ee0e17a9b4b0c746fc078614d33eef65bee5c990770fef4f3e04688e26ab2358938643d5f96b6181010c08ab03091c824aada7f363c6934da0f3c7c6218767a783734126f17ad10658164ffa7d3f014204f688cfc2d915118ab23540f58dabbac9793a76eed6b4dd741a88c331f4c555387842fb9209a649b7448e76bd977b2df1fc750ad9680dc205d9d91a6e5a22710eb615f6045d306f87a24c7b1d016aa8e3848f83b3ff93be9a70c923fbe71c793a8f32d7b65e811b0f81f53c6e32f827a0c608b5366af7d0a9c62d5a531b316ccf12a45575a32c0c96e634c29353c32a8bad17fccd7c9fdd89408d6bbdf0b4ac9a2016dd5c35879c2922f9980fa85088a50669369e0845b300c5e5e972bb721e56acb9ed04059400bfa2ba3c7ce0dd349575b6c02c9aa93019d035492079c77c73663d8dfecd1ce420c7e8689184f471a96c336a998b5006606e844491d5d1397957527dee349b9cb8c4bfd7ccacfb44f4906db27682c524593eadf0bc4a759af527406b7deffc4ae4ac7d24ac1599d477d58dde532f5b8b535628a78660ef6a7cfb0b6be706353bbb57bfb455f426f62882e623a489edb22eb30de582a663acd0bb9d2b4cd78a3727139e6787c320046ce2300bde0986c0545614f3d330d13ec7295cef18781351f58646af787e9e2707cef5bfad3af935de9de4106fe598768423f8754d9ec388c2400210c0844222baa3c7d5dcde13004f52abbb321909e746675cb0bb84bc221d05f5e1c21548730c0e419ebfe259155be8a432a9f20d64ad143cc995b8adc5e79d8ad81e103147b67bce04241aa6caaaa919bd11ba2d3a395c5859c87919e01949308e08b3adc0489101072eb67b98a43ed89315bc11b929bd21e5c265d20329c1cdd39ce0a3082139fd3ad6df70fd57ed57802ec997e3821ec8f0a5e77dfc7e1a1c492fed0773debe22fde5b80c8e510a513df456362aedb051a9fcb99b786564f303722e602d250a328b0201b4fe51b0d6d05b4c19597dafddc31584523d05e2ccd18b4f5dc33a3d333658253a182bcfa0b50a9aefacde1cc4f91cdea980d82b180212da8d7bfa13a7ac74e15c5ef98b64fdf7dcfd7db2ed7a7d345ef92381448f1aed2b41a9ad4e1c921bb25466e84a5f49fdf3811886b163b641eceef0fb90aa38866d1d9811c5100a4535953606750847c8d2bdcc68cc582b39abb6cfeca34129666142d341a293f6620d2c1aa6fe33a24a7ad1036c017e050dc3b63a3b5e7a5573f2f0a72ee07e4d7f6b96ebd35e0bee4d635d166e5ec7fb07f3c391c53f56e804223a414fb589627cf6edde6a035eae1f002681cb313c11328155c45211e11eeaef9b2abb5a63c72bc2def4b61255b04de7c955556575af7afe4c99aacfd483e6f421902f0a8e31f3710fa5942d8a53317bbad9bf46a81a3c8e61f570eb83f5a93091182fc44068820a91d834e6109ba876865d37973ff383fe19847298f2ebc118e16a60e2f95986ba1f4d799538634abf6908d20a3d340a2e044aec2ffad7c89b1a88e67b7111f03a22cd8de0a0191d1ee3a1bc0a3a5ea809bd57760985c9cb0bf4786f2fa235094dac0521985f74426f49883a9d524e7b1f2f4a1f9be0f5b892eede11ae9f3ee866d81123df90244880579dbc6aa913052d317e885e3629fe7eab13923d63eb15adbd6d3adffd68a3325c739ea80f52dc96d607279b926661ccc06f12cd396ac7ae19f9032ba5f7dafba8c5e8dc40252dfdc507b684e6f191f1efea8f529f4c8febfca386014f034c7ed8a3aff8fb3319706d8ec0b077b94039ef9998e1448ed2491db300c129784ce05b7ec9806e3c221d82f63c28e983c908a3ac67692241f538fd6b3448684e37db715e1a3da50fddd9f824304667c4b2a882a3450540965a454730198de40472b848f8a5ab758eef9abbfbf8a5e2b2f4ab9addb463b7ae3f0468b6e3db077da5c989a665eaadd69303702e4ab1b34d9f8418f7d756306e01d08517957fe5dee939ab75907565e12bd757d4a1cd18169165196962cd74ef499b6338f391a5fffbbc4a13dfea689d97cc7daa117c0863cae6069e15319e725f09b07c065a3edce133d02d7091d3462d7ee855577d8019eacaa3d7a6672ac090c4e89966c1723354ee085e49564ea73f527dc1e3dcea542586c02859395a7729074ed8911e5e97ba67babacad4f3760f280d70c5e2e01367e80b17d92c4899fe0012390892d8376a935ef911dd199d4041d2a83a09cb4f43586ba169a86f9880ed7f8c52bb9999406d8141eaee207d25bb3bb81b9d838e3504d077bde614f7988073f0e209418b287a08d175f3573bad5989da4ed6c6c9968634e9885f433491b251e9c38314fe0d088ceb01148b3b9d061a72478f57ad7a04c292f00186561c4ea4e4b542e736357506d5749d2c1df806f3da41795b710bf034ba43812072ea44d29f4371f04bd3136f403b687f1a918e53d017e750f66fcf11e2dc10cfbbad068f0c34e8a2c89a41685f42507a2fedc24271f79deb71b200019a9cac426455fdc0b8a1e0458e8682f95ed0698b370dff0e75732385c0637bd6cc88033fba242921119b6ad9ba0f10adf3f319517697c408c8bdef836a295a7dee4cb129a8893de459aa890c17ce1bfc1a9964dc8809ee7c3f3dc974dad22f061a232e7cf3c6426f3c794416cf6e918299f82c2336141b76b018cc8c0a94cc26703b98354c73abc4bd22b724fda407e54e262e6e210d89d682302b48c7a690acd2f142abe580e43634ff2c94ca65c2fd683d658f75f0d8499c8a98f5dbe1cf52bb392b4c6c2260bdd6b549f6003b94969aa4f158b3765b721c50f7bf8fcfeb0a46976cd681ea17a6e850fcc539301a44a15741f2fb9204db31d94dff342eb3abcb2db73fc4ca50fa35039d9ce72dfc14e185054ada30d2a8d134a9440f748c200f8f6fdbea40be7c15d0b20067f334a8475d5b4a6d380d7e798e1b84c485b2e7545a1ddae23a7f5d6e8a2f23d85931b9c6449b5968fb06ffc73595dd329d8f435554f4db068f57c60d5e9c602f428dead0ee16a58b1bd4b2341e5a577db879a85cc541c5223726547f42f003f79df3c6384d5435768d4553fec7ee07685610a94ef695c7ef0f8d16283dc9c5883428d297c011bfd0a1bc9d52d282bacace353abb4e515d28f664c82ba5cb231d56e9a1c7ae9066f9c5ab3a0cad7b128c876f7d1ff9e825e965c74536a065f6cc985cd70b5b22a774870489ed78a7aa3f3ef3ac35a3dd970e4937e99174c08334a935891f6859d437cabe2b3cae5e0ea7d761b65863a578341e0271eb4325f51722e3cd5c770f896d79938f93fc21a87036051685582d16f774c819b36131e41e06ee122aa4d54dc7a47cf1550b75a0d5d95bcb567386ffae65bbbea0a87b2364b497ed13bedf2be9069dcd3a31e45cc4aa185972d42ed1c9b53ce54d9ff814668e666d9b7516b75ce63fef126ec65b2c511be113ea77fdbfb3729efd87d306d683522b42b2d31dd0dd8bcc54f2b2a498b73a42f5c53c05861310f81697e852295b50cf33e7718871436d15e0f832d6b8ea7c59dc60e4dddaa4"})
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:42:36 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0x0, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:36 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[], [{@dont_measure}, {@smackfshat}]})

06:42:36 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:36 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x32ba, 0x0, 0x1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x10000}, 0x7)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x100000c, 0x10, r0, 0x8000000)

06:42:36 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x0, 0x1}, 0x0)

06:42:36 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0x0, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

[ 1915.264320] FAULT_INJECTION: forcing a failure.
[ 1915.264320] name failslab, interval 1, probability 0, space 0, times 0
[ 1915.267161] CPU: 1 PID: 9923 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1915.268522] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1915.270173] Call Trace:
[ 1915.270731]  dump_stack+0x107/0x167
[ 1915.271466]  should_fail.cold+0x5/0xa
[ 1915.272241]  ? skb_clone+0x14f/0x3d0
[ 1915.272996]  should_failslab+0x5/0x20
[ 1915.273754]  kmem_cache_alloc+0x5b/0x360
[ 1915.274606]  skb_clone+0x14f/0x3d0
[ 1915.275334]  netlink_broadcast_filtered+0xa08/0xdc0
[ 1915.276363]  netlink_broadcast+0x35/0x50
[ 1915.277208]  kobject_uevent_env+0x93d/0xf90
[ 1915.278107]  driver_bound+0x19d/0x1f0
[ 1915.278919]  device_bind_driver+0xae/0xd0
[ 1915.279783]  mac80211_hwsim_new_radio+0x3d2/0x4250
[ 1915.280786]  ? ____sys_sendmsg+0x70d/0x870
[ 1915.281654]  ? ___sys_sendmsg+0xf3/0x170
[ 1915.282496]  ? __sys_sendmsg+0xe5/0x1b0
[ 1915.283303]  ? do_syscall_64+0x33/0x40
[ 1915.284105]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1915.285204]  ? lock_acquire+0x197/0x4a0
[ 1915.286007]  ? create_object.isra.0+0x3ad/0xa20
[ 1915.286981]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1915.287923]  ? __kmalloc+0x16e/0x330
[ 1915.288690]  hwsim_new_radio_nl+0x991/0x1080
[ 1915.289590]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1915.290665]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1915.291996]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1915.293312]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1915.294286]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1915.295634]  ? cap_capable+0x1d6/0x240
[ 1915.296443]  ? ns_capable+0xe2/0x110
[ 1915.297202]  genl_rcv_msg+0x33c/0x5a0
[ 1915.297978]  ? genl_get_cmd+0x480/0x480
[ 1915.298799]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1915.299853]  ? lock_release+0x6b0/0x6b0
[ 1915.300661]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1915.301577]  netlink_rcv_skb+0x14b/0x430
[ 1915.302409]  ? genl_get_cmd+0x480/0x480
[ 1915.303224]  ? netlink_ack+0xab0/0xab0
[ 1915.304043]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1915.304970]  ? is_vmalloc_addr+0x7b/0xb0
[ 1915.305804]  genl_rcv+0x24/0x40
[ 1915.306489]  netlink_unicast+0x549/0x7f0
[ 1915.307323]  ? netlink_attachskb+0x870/0x870
[ 1915.308208]  ? __virt_addr_valid+0x128/0x350
[ 1915.309122]  netlink_sendmsg+0x90f/0xdf0
[ 1915.309972]  ? netlink_unicast+0x7f0/0x7f0
[ 1915.310861]  ? netlink_unicast+0x7f0/0x7f0
[ 1915.311715]  sock_sendmsg+0x154/0x190
[ 1915.312479]  ____sys_sendmsg+0x70d/0x870
[ 1915.313296]  ? kernel_sendmsg+0x50/0x50
[ 1915.314101]  ? do_recvmmsg+0x6d0/0x6d0
[ 1915.314902]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1915.315960]  ? lock_downgrade+0x6d0/0x6d0
[ 1915.316809]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1915.317860]  ? SOFTIRQ_verbose+0x10/0x10
[ 1915.318715]  ___sys_sendmsg+0xf3/0x170
[ 1915.319508]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1915.320453]  ? lock_downgrade+0x6d0/0x6d0
[ 1915.321300]  ? find_held_lock+0x2c/0x110
[ 1915.322142]  ? __fget_files+0x296/0x4c0
[ 1915.322973]  ? __fget_light+0xea/0x290
[ 1915.323785]  __sys_sendmsg+0xe5/0x1b0
[ 1915.324560]  ? __sys_sendmsg_sock+0x40/0x40
[ 1915.325440]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1915.326414]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1915.327473]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1915.328522]  ? trace_hardirqs_on+0x5b/0x180
[ 1915.329404]  do_syscall_64+0x33/0x40
[ 1915.330170]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1915.331235] RIP: 0033:0x7f111cc48b19
[ 1915.331997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1915.335726] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1915.337257] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1915.338715] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1915.340140] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1915.341579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1915.343019] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:42:37 executing program 5:
r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x1, 0x80240)
ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0x4010942a, &(0x7f00000001c0)={0x0, 0xa})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1, 0x0, 0xbe9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:42:37 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}], [{@dont_measure}]})

06:42:37 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]})

06:42:37 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 83)

06:42:37 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r0, {0xee01, <r3=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
getresgid(&(0x7f0000000280), &(0x7f0000000240), &(0x7f00000002c0)=<r4=>0x0)
r5 = getegid()
setregid(0x0, r5)
setgroups(0x4, &(0x7f0000000380)=[0x0, r4, r5, 0xffffffffffffffff])
setresgid(r3, r3, 0x0)
semget$private(0x0, 0x0, 0x1)
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@empty, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@dev}, 0x0, @in=@multicast2}}, &(0x7f0000000040)=0x32)
r7 = getegid()
setregid(0x0, r7)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000200)={{0x1, 0x1, 0x18, r0, {r6, r7}}, './file0\x00'})
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:42:37 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0x0, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:37 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:37 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x19, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x4, &(0x7f0000000080), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000040)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000180)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x4eafb755f4d555b5, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000180)=@IORING_OP_OPENAT2={0x1c, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000040)={0x4a01, 0x0, 0x10}, &(0x7f0000000140)='./file0\x00', 0x18, 0x0, 0x23456, {0x0, r2}}, 0x3)
r3 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r6, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r3, 0x8000000)
io_uring_enter(r3, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 1915.877505] FAULT_INJECTION: forcing a failure.
[ 1915.877505] name failslab, interval 1, probability 0, space 0, times 0
[ 1915.880393] CPU: 1 PID: 9949 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1915.881801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1915.881809] Call Trace:
[ 1915.881834]  dump_stack+0x107/0x167
[ 1915.881862]  should_fail.cold+0x5/0xa
[ 1915.881885]  ? create_object.isra.0+0x3a/0xa20
[ 1915.881909]  should_failslab+0x5/0x20
[ 1915.881929]  kmem_cache_alloc+0x5b/0x360
[ 1915.881958]  create_object.isra.0+0x3a/0xa20
[ 1915.881979]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1915.882006]  __kmalloc+0x16e/0x330
[ 1915.882039]  ieee80211_register_hw+0xc0f/0x38b0
[ 1915.882084]  ? ieee80211_ifa6_changed+0x650/0x650
[ 1915.882104]  ? net_generic+0xdb/0x2b0
[ 1915.882135]  ? lockdep_init_map_type+0x2c7/0x780
[ 1915.882161]  ? memset+0x20/0x50
[ 1915.882183]  ? __hrtimer_init+0x12c/0x270
[ 1915.882213]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 1915.882231]  ? ____sys_sendmsg+0x70d/0x870
[ 1915.882279]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1915.882303]  ? __kmalloc+0x16e/0x330
[ 1915.882359]  hwsim_new_radio_nl+0x991/0x1080
[ 1915.882390]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1915.882432]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1915.882452]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1915.882481]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1915.882506]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1915.882526]  ? cap_capable+0x1d6/0x240
[ 1915.882565]  ? ns_capable+0xe2/0x110
[ 1915.882591]  genl_rcv_msg+0x33c/0x5a0
[ 1915.882616]  ? genl_get_cmd+0x480/0x480
[ 1915.882641]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1915.882670]  ? lock_release+0x6b0/0x6b0
[ 1915.882691]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1915.882721]  netlink_rcv_skb+0x14b/0x430
[ 1915.882740]  ? genl_get_cmd+0x480/0x480
[ 1915.882766]  ? netlink_ack+0xab0/0xab0
[ 1915.882808]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1915.915975]  ? is_vmalloc_addr+0x7b/0xb0
[ 1915.915999]  genl_rcv+0x24/0x40
[ 1915.916021]  netlink_unicast+0x549/0x7f0
[ 1915.916053]  ? netlink_attachskb+0x870/0x870
[ 1915.916082]  ? __virt_addr_valid+0x128/0x350
[ 1915.920127]  netlink_sendmsg+0x90f/0xdf0
[ 1915.920959]  ? netlink_unicast+0x7f0/0x7f0
[ 1915.921854]  ? netlink_unicast+0x7f0/0x7f0
[ 1915.922717]  sock_sendmsg+0x154/0x190
[ 1915.923494]  ____sys_sendmsg+0x70d/0x870
[ 1915.924315]  ? kernel_sendmsg+0x50/0x50
[ 1915.925128]  ? do_recvmmsg+0x6d0/0x6d0
[ 1915.925918]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1915.926999]  ? lock_downgrade+0x6d0/0x6d0
[ 1915.927842]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1915.928911]  ? SOFTIRQ_verbose+0x10/0x10
[ 1915.929750]  ___sys_sendmsg+0xf3/0x170
[ 1915.930563]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1915.931510]  ? lock_downgrade+0x6d0/0x6d0
[ 1915.932350]  ? find_held_lock+0x2c/0x110
[ 1915.933191]  ? __fget_files+0x296/0x4c0
[ 1915.934011]  ? __fget_light+0xea/0x290
[ 1915.934831]  __sys_sendmsg+0xe5/0x1b0
[ 1915.935600]  ? __sys_sendmsg_sock+0x40/0x40
[ 1915.936477]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1915.937436]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1915.938516]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1915.939552]  ? trace_hardirqs_on+0x5b/0x180
[ 1915.940448]  do_syscall_64+0x33/0x40
[ 1915.941206]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1915.942255] RIP: 0033:0x7f111cc48b19
[ 1915.943025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1915.946772] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1915.948306] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1915.949738] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1915.951190] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1915.952618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1915.954060] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:42:52 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:52 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]})

06:42:52 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0xc0a85322, &(0x7f0000000240))
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x5, 0x1, 0x5, 0x20, 0x0, 0x9, 0x40284, 0x1c, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0xffffffff00000000}, 0x102, 0x1, 0x20, 0x2, 0x9, 0xfca9, 0x0, 0x0, 0xff, 0x0, 0x2bb9}, 0x0, 0x0, r5, 0xa)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x5, 0x3, 0xff, 0x8, 0x0, 0x7fffffff, 0x10, 0xb, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x7fff, 0x2}, 0x40, 0x9, 0x7fff, 0x5, 0xd4a9, 0x80000001, 0x7ff, 0x0, 0x8, 0x0, 0x5}, 0x0, 0x4, 0xffffffffffffffff, 0xa)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:42:52 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0x0, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:52 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 84)

06:42:52 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x0, 0x1}, 0x0)

06:42:52 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0x0, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

06:42:52 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r0, {0xee01, <r3=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r3, r3, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
fcntl$dupfd(r4, 0x0, r4)
copy_file_range(r4, &(0x7f0000000040)=0x4, r2, &(0x7f0000000100)=0x400, 0x5, 0x0)

[ 1930.969613] FAULT_INJECTION: forcing a failure.
[ 1930.969613] name failslab, interval 1, probability 0, space 0, times 0
[ 1930.972043] CPU: 1 PID: 9973 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1930.973423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1930.975098] Call Trace:
[ 1930.975635]  dump_stack+0x107/0x167
[ 1930.976379]  should_fail.cold+0x5/0xa
[ 1930.977156]  ? alloc_workqueue+0x16d/0xea0
[ 1930.978014]  should_failslab+0x5/0x20
[ 1930.978790]  __kmalloc+0x72/0x330
[ 1930.979503]  alloc_workqueue+0x16d/0xea0
[ 1930.980338]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 1930.981377]  ? kasan_unpoison_shadow+0x33/0x50
[ 1930.982331]  ieee80211_register_hw+0x14fa/0x38b0
[ 1930.983336]  ? ieee80211_ifa6_changed+0x650/0x650
[ 1930.984326]  ? net_generic+0xdb/0x2b0
[ 1930.985113]  ? lockdep_init_map_type+0x2c7/0x780
[ 1930.986083]  ? memset+0x20/0x50
[ 1930.986777]  ? __hrtimer_init+0x12c/0x270
[ 1930.987652]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 1930.988701]  ? ____sys_sendmsg+0x70d/0x870
[ 1930.989587]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1930.990536]  ? __kmalloc+0x16e/0x330
[ 1930.991313]  hwsim_new_radio_nl+0x991/0x1080
[ 1930.992212]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1930.993288]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1930.994635]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1930.995964]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1930.996941]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1930.998285]  ? cap_capable+0x1d6/0x240
[ 1930.999099]  ? ns_capable+0xe2/0x110
[ 1930.999865]  genl_rcv_msg+0x33c/0x5a0
[ 1931.000648]  ? genl_get_cmd+0x480/0x480
[ 1931.001453]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1931.002509]  ? lock_release+0x6b0/0x6b0
[ 1931.003333]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1931.004267]  netlink_rcv_skb+0x14b/0x430
[ 1931.005112]  ? genl_get_cmd+0x480/0x480
[ 1931.005924]  ? netlink_ack+0xab0/0xab0
[ 1931.006746]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1931.007677]  ? is_vmalloc_addr+0x7b/0xb0
[ 1931.008508]  genl_rcv+0x24/0x40
[ 1931.009186]  netlink_unicast+0x549/0x7f0
[ 1931.010028]  ? netlink_attachskb+0x870/0x870
[ 1931.010945]  ? __virt_addr_valid+0x128/0x350
[ 1931.011860]  netlink_sendmsg+0x90f/0xdf0
[ 1931.012705]  ? netlink_unicast+0x7f0/0x7f0
[ 1931.013587]  ? netlink_unicast+0x7f0/0x7f0
[ 1931.014449]  sock_sendmsg+0x154/0x190
[ 1931.015236]  ____sys_sendmsg+0x70d/0x870
[ 1931.016065]  ? kernel_sendmsg+0x50/0x50
[ 1931.016871]  ? do_recvmmsg+0x6d0/0x6d0
[ 1931.017667]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1931.018769]  ? lock_downgrade+0x6d0/0x6d0
[ 1931.019627]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1931.020696]  ? SOFTIRQ_verbose+0x10/0x10
[ 1931.021532]  ___sys_sendmsg+0xf3/0x170
[ 1931.022331]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1931.023292]  ? lock_downgrade+0x6d0/0x6d0
[ 1931.024140]  ? find_held_lock+0x2c/0x110
[ 1931.024984]  ? __fget_files+0x296/0x4c0
[ 1931.025813]  ? __fget_light+0xea/0x290
[ 1931.026630]  __sys_sendmsg+0xe5/0x1b0
[ 1931.027408]  ? __sys_sendmsg_sock+0x40/0x40
[ 1931.028290]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1931.029270]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1931.030340]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1931.031404]  ? trace_hardirqs_on+0x5b/0x180
[ 1931.032299]  do_syscall_64+0x33/0x40
[ 1931.033063]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1931.034105] RIP: 0033:0x7f111cc48b19
[ 1931.034876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1931.038824] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1931.040754] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1931.042563] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1931.044248] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1931.045734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1931.047234] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:42:52 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 85)

[ 1931.219430] FAULT_INJECTION: forcing a failure.
[ 1931.219430] name failslab, interval 1, probability 0, space 0, times 0
[ 1931.221926] CPU: 0 PID: 9992 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1931.223621] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1931.225611] Call Trace:
[ 1931.226263]  dump_stack+0x107/0x167
[ 1931.227168]  should_fail.cold+0x5/0xa
[ 1931.228094]  ? ieee80211_register_hw+0xc0f/0x38b0
[ 1931.229294]  ? ieee80211_register_hw+0xc0f/0x38b0
[ 1931.230593]  should_failslab+0x5/0x20
[ 1931.231481]  __kmalloc+0x72/0x330
[ 1931.232263]  ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1931.233377]  ieee80211_register_hw+0xc0f/0x38b0
[ 1931.234355]  ? ieee80211_ifa6_changed+0x650/0x650
[ 1931.235325]  ? net_generic+0xdb/0x2b0
[ 1931.236105]  ? lockdep_init_map_type+0x2c7/0x780
[ 1931.237063]  ? memset+0x20/0x50
[ 1931.237728]  ? __hrtimer_init+0x12c/0x270
[ 1931.238575]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 1931.239655]  ? ____sys_sendmsg+0x70d/0x870
[ 1931.240653]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1931.241706]  ? __kmalloc+0x16e/0x330
[ 1931.242581]  hwsim_new_radio_nl+0x991/0x1080
[ 1931.243591]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1931.244784]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1931.246248]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1931.247736]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1931.248823]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1931.250318]  ? cap_capable+0x1d6/0x240
[ 1931.251253]  ? ns_capable+0xe2/0x110
[ 1931.252105]  genl_rcv_msg+0x33c/0x5a0
[ 1931.252975]  ? genl_get_cmd+0x480/0x480
[ 1931.253882]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1931.255201]  ? lock_release+0x6b0/0x6b0
[ 1931.256355]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1931.257679]  netlink_rcv_skb+0x14b/0x430
[ 1931.258878]  ? genl_get_cmd+0x480/0x480
[ 1931.260024]  ? netlink_ack+0xab0/0xab0
[ 1931.260960]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1931.262009]  ? is_vmalloc_addr+0x7b/0xb0
[ 1931.262968]  genl_rcv+0x24/0x40
[ 1931.263722]  netlink_unicast+0x549/0x7f0
[ 1931.264697]  ? netlink_attachskb+0x870/0x870
[ 1931.265701]  ? __virt_addr_valid+0x128/0x350
[ 1931.266764]  netlink_sendmsg+0x90f/0xdf0
[ 1931.267721]  ? netlink_unicast+0x7f0/0x7f0
[ 1931.268728]  ? netlink_unicast+0x7f0/0x7f0
[ 1931.269711]  sock_sendmsg+0x154/0x190
[ 1931.270622]  ____sys_sendmsg+0x70d/0x870
[ 1931.271561]  ? kernel_sendmsg+0x50/0x50
[ 1931.272463]  ? do_recvmmsg+0x6d0/0x6d0
[ 1931.273358]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1931.274605]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1931.275796]  ? SOFTIRQ_verbose+0x10/0x10
[ 1931.276736]  ___sys_sendmsg+0xf3/0x170
[ 1931.277632]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1931.278726]  ? lock_downgrade+0x6d0/0x6d0
[ 1931.279686]  ? find_held_lock+0x2c/0x110
[ 1931.280649]  ? __fget_files+0x296/0x4c0
[ 1931.281596]  ? __fget_light+0xea/0x290
[ 1931.282514]  __sys_sendmsg+0xe5/0x1b0
[ 1931.283434]  ? __sys_sendmsg_sock+0x40/0x40
[ 1931.284432]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1931.285549]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1931.286753]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1931.287957]  ? trace_hardirqs_on+0x5b/0x180
[ 1931.288969]  do_syscall_64+0x33/0x40
[ 1931.289814]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1931.291028] RIP: 0033:0x7f111cc48b19
[ 1931.291890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1931.296067] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1931.297792] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1931.299442] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1931.301057] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1931.302678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1931.304305] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
[ 1931.310462] ISOFS: Unable to identify CD-ROM format.
06:42:53 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x0, 0x1}, 0x0)

06:42:53 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:42:53 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000500)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0xc0a85322, &(0x7f0000000240))
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/pci0000:00', 0x10600, 0x2)
io_submit(0x0, 0x2, &(0x7f0000000440)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x7, 0xffffffffffffffff, &(0x7f0000000240)="82e43ccb448bb2166c091e5a05973ae2ee123864c44a1d52fbaba1a18c24716b2d6bec08919d773f3d1ffc3aedada1096ace84007d860da9c0ac86057778b9365922f1387279f807692e07683d4eedd0f45575b54622ccf690aec225447cfe80a6ae82021866e0d8ce98e4065c722640cf02379f501b6137ea37b97bec5c832cc045ab89ff5cc1f23257217c9857461369e27c7ace9900eafd5125e9b24aeda078093af14c4a7adaa010337cb318d447b2a4b7e08ea2cfd050ce5774ee0ae9646d5c07b48bc2", 0xc6, 0x4}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x8, 0x2, r5, &(0x7f0000000340)="3a5ae808a7f0098d1dae514e8afd0b0030769b3adf94e838bc139936f39493b9a4951c63127679d81fe297adbe0de848a1e5cb7894d2e74e3aece5dd462ac1af8b93c2a04deca8fa78ac67ef4e7a2ba9894c06cf85191f492b", 0x59, 0x80000000, 0x0, 0x2, r6}])
readv(0xffffffffffffffff, 0x0, 0x0)
r7 = mq_open(&(0x7f0000000040)=']+\x00', 0x800, 0x24, &(0x7f0000000140)={0x8, 0x2, 0x40, 0x3})
fcntl$setsig(r7, 0xa, 0x1f)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:42:53 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018bd82c9d89e66000000", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB='./file0\x00'])
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:42:53 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 86)

06:42:53 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0xfffffffffffffc80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x7, 0x8cd70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x10, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0)
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000140)={0x2, 0x6, 0xfbff, 0x7fff, 0x2, 0x144})
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDADDIO(r1, 0x4b34, 0x38d)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
r3 = getegid()
setregid(0x0, r3)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r4=>r0, {0xee00, <r5=>r3}}, './file0\x00'})
setregid(0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000100)={{0x1, 0x1, 0x18, r4}, './file0\x00'})
setresgid(r5, r5, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:42:53 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0xc0a85322, &(0x7f0000000240))
bind$802154_raw(r4, &(0x7f0000000040)={0x24, @long={0x3, 0xffff}}, 0x14)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
ioctl$FITRIM(r3, 0xc0185879, &(0x7f0000000140)={0x9, 0x6, 0x5})
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x10c00)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x60f7, &(0x7f00000003c0)={0x0, 0x28d9, 0x8, 0x2, 0x15b, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000340), &(0x7f0000000380))

[ 1931.645147] FAULT_INJECTION: forcing a failure.
[ 1931.645147] name failslab, interval 1, probability 0, space 0, times 0
[ 1931.647721] CPU: 0 PID: 10009 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1931.649186] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1931.650950] Call Trace:
[ 1931.651527]  dump_stack+0x107/0x167
[ 1931.652321]  should_fail.cold+0x5/0xa
[ 1931.653142]  ? alloc_workqueue_attrs+0x38/0x80
[ 1931.654130]  should_failslab+0x5/0x20
[ 1931.654979]  kmem_cache_alloc_trace+0x55/0x2c0
[ 1931.655005]  ? kasan_unpoison_shadow+0x33/0x50
[ 1931.655043]  alloc_workqueue_attrs+0x38/0x80
[ 1931.655064]  alloc_workqueue+0x192/0xea0
[ 1931.655109]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 1931.655166]  ? kasan_unpoison_shadow+0x33/0x50
[ 1931.655211]  ieee80211_register_hw+0x14fa/0x38b0
[ 1931.655276]  ? ieee80211_ifa6_changed+0x650/0x650
[ 1931.655297]  ? net_generic+0xdb/0x2b0
[ 1931.655335]  ? lockdep_init_map_type+0x2c7/0x780
[ 1931.655368]  ? memset+0x20/0x50
[ 1931.655394]  ? __hrtimer_init+0x12c/0x270
[ 1931.655432]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 1931.655451]  ? ____sys_sendmsg+0x70d/0x870
[ 1931.655520]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1931.655550]  ? __kmalloc+0x16e/0x330
[ 1931.655592]  hwsim_new_radio_nl+0x991/0x1080
[ 1931.655631]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1931.655690]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1931.655711]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1931.655751]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1931.655781]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1931.655805]  ? cap_capable+0x1d6/0x240
[ 1931.655859]  ? ns_capable+0xe2/0x110
[ 1931.678337]  genl_rcv_msg+0x33c/0x5a0
[ 1931.678372]  ? genl_get_cmd+0x480/0x480
[ 1931.678402]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1931.678440]  ? lock_release+0x6b0/0x6b0
[ 1931.678463]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1931.678503]  netlink_rcv_skb+0x14b/0x430
[ 1931.678527]  ? genl_get_cmd+0x480/0x480
[ 1931.678567]  ? netlink_ack+0xab0/0xab0
[ 1931.678617]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1931.678640]  ? is_vmalloc_addr+0x7b/0xb0
[ 1931.678673]  genl_rcv+0x24/0x40
[ 1931.678696]  netlink_unicast+0x549/0x7f0
[ 1931.678738]  ? netlink_attachskb+0x870/0x870
[ 1931.678758]  ? __virt_addr_valid+0x128/0x350
[ 1931.678812]  netlink_sendmsg+0x90f/0xdf0
[ 1931.678856]  ? netlink_unicast+0x7f0/0x7f0
[ 1931.678912]  ? netlink_unicast+0x7f0/0x7f0
[ 1931.678936]  sock_sendmsg+0x154/0x190
[ 1931.678964]  ____sys_sendmsg+0x70d/0x870
[ 1931.678995]  ? kernel_sendmsg+0x50/0x50
[ 1931.679013]  ? do_recvmmsg+0x6d0/0x6d0
[ 1931.679039]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1931.679081]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1931.679103]  ? SOFTIRQ_verbose+0x10/0x10
[ 1931.679137]  ___sys_sendmsg+0xf3/0x170
[ 1931.679167]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1931.679205]  ? lock_downgrade+0x6d0/0x6d0
[ 1931.679237]  ? find_held_lock+0x2c/0x110
[ 1931.679284]  ? __fget_files+0x296/0x4c0
[ 1931.679335]  ? __fget_light+0xea/0x290
[ 1931.679382]  __sys_sendmsg+0xe5/0x1b0
[ 1931.704578]  ? __sys_sendmsg_sock+0x40/0x40
[ 1931.705452]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1931.706436]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1931.707502]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1931.708537]  ? trace_hardirqs_on+0x5b/0x180
[ 1931.709414]  do_syscall_64+0x33/0x40
[ 1931.710166]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1931.711209] RIP: 0033:0x7f111cc48b19
[ 1931.711966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1931.715636] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1931.717155] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1931.718667] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1931.720085] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1931.721507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1931.722953] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:42:53 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x0, 0x1, {0x0, r7}}, 0x0)

06:42:53 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_setup(0x70ac, &(0x7f0000000140)={0x0, 0xbc5e, 0x8, 0x2, 0x2d4, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240)=<r4=>0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280), 0x92800, 0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r5, 0x0, &(0x7f00000002c0)='./file0\x00', 0x8, 0x103100, 0x12345}, 0xfffffffb)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8, 0x40010, r0, 0x8000000)
syz_io_uring_submit(r6, r4, &(0x7f0000000400)=@IORING_OP_OPENAT2={0x1c, 0x1, 0x0, 0xffffffffffffff9c, &(0x7f0000000380)={0x541100, 0x44, 0x2}, &(0x7f00000003c0)='./file0\x00', 0x18, 0x0, 0x23456}, 0x9)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
memfd_create(&(0x7f0000000340)=':!\x00', 0x1)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:42:53 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x0, 0x1}, 0x0)

06:42:53 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r4=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r4, r4, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r3, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:42:53 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 87)

06:42:53 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r0, {0xee01, <r3=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r3, r3, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
fcntl$dupfd(r4, 0x0, r4)
copy_file_range(r4, &(0x7f0000000040)=0x4, r2, &(0x7f0000000100)=0x400, 0x5, 0x0)

[ 1932.021189] FAULT_INJECTION: forcing a failure.
[ 1932.021189] name failslab, interval 1, probability 0, space 0, times 0
[ 1932.022987] CPU: 1 PID: 10030 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1932.024009] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1932.025266] Call Trace:
[ 1932.025683]  dump_stack+0x107/0x167
[ 1932.026260]  should_fail.cold+0x5/0xa
[ 1932.026859]  ? create_object.isra.0+0x3a/0xa20
[ 1932.027558]  should_failslab+0x5/0x20
[ 1932.028145]  kmem_cache_alloc+0x5b/0x360
[ 1932.028791]  create_object.isra.0+0x3a/0xa20
[ 1932.029482]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1932.030275]  __kmalloc+0x16e/0x330
[ 1932.030849]  alloc_workqueue+0x16d/0xea0
[ 1932.031470]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 1932.032234]  ? kasan_unpoison_shadow+0x33/0x50
[ 1932.032935]  ieee80211_register_hw+0x14fa/0x38b0
[ 1932.033667]  ? ieee80211_ifa6_changed+0x650/0x650
[ 1932.034400]  ? net_generic+0xdb/0x2b0
[ 1932.034986]  ? lockdep_init_map_type+0x2c7/0x780
[ 1932.035692]  ? memset+0x20/0x50
[ 1932.036193]  ? __hrtimer_init+0x12c/0x270
[ 1932.036814]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 1932.037553]  ? ____sys_sendmsg+0x70d/0x870
[ 1932.038196]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1932.038892]  ? __kmalloc+0x16e/0x330
[ 1932.039453]  hwsim_new_radio_nl+0x991/0x1080
[ 1932.040101]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1932.040867]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1932.041813]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1932.042787]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1932.043490]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1932.044450]  ? cap_capable+0x1d6/0x240
[ 1932.045027]  ? ns_capable+0xe2/0x110
[ 1932.045569]  genl_rcv_msg+0x33c/0x5a0
[ 1932.046130]  ? genl_get_cmd+0x480/0x480
[ 1932.046721]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1932.047485]  ? lock_release+0x6b0/0x6b0
[ 1932.048061]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1932.048714]  netlink_rcv_skb+0x14b/0x430
[ 1932.049295]  ? genl_get_cmd+0x480/0x480
[ 1932.049870]  ? netlink_ack+0xab0/0xab0
[ 1932.050448]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1932.051143]  ? is_vmalloc_addr+0x7b/0xb0
[ 1932.051732]  genl_rcv+0x24/0x40
[ 1932.052212]  netlink_unicast+0x549/0x7f0
[ 1932.052803]  ? netlink_attachskb+0x870/0x870
[ 1932.053441]  ? __virt_addr_valid+0x128/0x350
[ 1932.054086]  netlink_sendmsg+0x90f/0xdf0
[ 1932.054682]  ? netlink_unicast+0x7f0/0x7f0
[ 1932.055304]  ? netlink_unicast+0x7f0/0x7f0
[ 1932.055917]  sock_sendmsg+0x154/0x190
[ 1932.056471]  ____sys_sendmsg+0x70d/0x870
[ 1932.057061]  ? kernel_sendmsg+0x50/0x50
[ 1932.057637]  ? do_recvmmsg+0x6d0/0x6d0
[ 1932.058201]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1932.058982]  ? lock_downgrade+0x6d0/0x6d0
[ 1932.059582]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1932.060345]  ? SOFTIRQ_verbose+0x10/0x10
[ 1932.060943]  ___sys_sendmsg+0xf3/0x170
[ 1932.061513]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1932.062182]  ? lock_downgrade+0x6d0/0x6d0
[ 1932.062794]  ? find_held_lock+0x2c/0x110
[ 1932.063381]  ? __fget_files+0x296/0x4c0
[ 1932.063964]  ? __fget_light+0xea/0x290
[ 1932.064528]  __sys_sendmsg+0xe5/0x1b0
[ 1932.065078]  ? __sys_sendmsg_sock+0x40/0x40
[ 1932.065700]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1932.066381]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1932.067154]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1932.067899]  ? trace_hardirqs_on+0x5b/0x180
[ 1932.068531]  do_syscall_64+0x33/0x40
[ 1932.069077]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1932.069813] RIP: 0033:0x7f111cc48b19
[ 1932.070342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1932.072982] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1932.072999] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1932.073008] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1932.073017] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
06:42:53 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r0, {0xee01, <r3=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
getresgid(&(0x7f0000000280), &(0x7f0000000240), &(0x7f00000002c0)=<r4=>0x0)
r5 = getegid()
setregid(0x0, r5)
setgroups(0x4, &(0x7f0000000380)=[0x0, r4, r5, 0xffffffffffffffff])
setresgid(r3, r3, 0x0)
semget$private(0x0, 0x0, 0x1)
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@empty, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@dev}, 0x0, @in=@multicast2}}, &(0x7f0000000040)=0x32)
r7 = getegid()
setregid(0x0, r7)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000200)={{0x1, 0x1, 0x18, r0, {r6, r7}}, './file0\x00'})
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

[ 1932.073026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1932.073034] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:42:53 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d}, 0x0)

06:42:54 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = accept4(r3, &(0x7f0000000140)=@pppoe={0x18, 0x0, {0x0, @random}}, &(0x7f0000000040)=0x80, 0x40000)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r4, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000500)={0x3f4, 0x0, 0x2, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x2, 0xf}}}}, [@NL80211_ATTR_FRAME={0x3cc, 0x33, @mgmt_frame=@probe_response={@wo_ht={{0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1}, {}, @broadcast, @device_a, @initial, {0x9, 0x20}}, 0x8, @random=0x7, 0x100, @void, @void, @val={0x3, 0x1, 0x7}, @val={0x4, 0x6, {0x0, 0x8b, 0x0, 0x5}}, @void, @val={0x2d, 0x1a, {0x1, 0x1, 0x4, 0x0, {0x7, 0xff, 0x0, 0xdc, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x6, 0xff, 0x2}}, @val={0x72, 0x6}, @val={0x71, 0x7, {0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}}, [{0xdd, 0x3c, "b59b4d4132608cdcaf9947ca1b8d50f02ba9624bcad62e7a44885c9e7a46c8c2344772edcc8b54854acfeb1458fffded6183a82c32e0b1bbe7c752bc"}, {0xdd, 0xeb, "3cd6c5f40bc2fb5a0dc6065ab0b2a4072c9ac68d4dec0868a6783258583dea6084ff933bc64bec0ef23c4ff86bee71c671d6bf31ddaeaed49b19f749749f9e5111cdb7ee23c3393203516338c03b9cfba6442e6347dde8f12aaab1f8a2217a68428b9884a783b0352b682bc6ba41beb5f746b013c4140af9008013bbff726577f735abf697e64eeb58083139d93a53aae296add1e9cc6630f7f4bb2555b2f796256aaab0f0a6ac0cf24dcfb2cfae9087ae60eb39d5df77142cbc3bb23cdf750de3ce6609bbf414ec799b35002aac6512e51931e4bb5f57917c4ad4db07502b584af15875b163f4cf53e6da"}, {0xdd, 0xbb, "4b286924caa57d7595c48ba25e9d7912cb0f42a43a11e9135872820f751efa30ba975a0e2d202be0fa58b86ff74a2c6bae5294e47baf3fff4e977855178767fa8bbf17ebbc7e23a38d848a0b41c99567a444a2f2aa2276a198527354ee9b19b6dbff7bc3062ba919e0eb73a0222de71ce86bdaf3ff95593278195247b39b5a5d53b6df745892f8be998b9f84ae1b653b3a8c38d1a57391d3f856da5eb4a86ef71bbaced5351ed6b6575866effe2b0de293f37946a4adf88d5fde80"}, {0xdd, 0x87, "25f0a2d63ba1e7fcc588de1b24e0ad014a95f5b10ffa090237077d84cd6fe8cac82bbed13232746cf067e5e1443f6df3b1d341936062ec0fb7e551911c4cffd372c8d7e5cfd9796363309dc0dc2d7e03ad90559590e61e2ea8c4925551492c8017b0ea499ab73b9c4ec9b4267fdf1f0ac0057f3c4df65c6f538c6dd70852b7c265babb9f7d3e46"}, {0xdd, 0xf9, "2ec9dc00b2b601aec24ef45f5da94aaef812cf5af65622946492a5259ad6555652543a3ba7aa21b76417d541b711eea574eeb179fad3df8b241506a0804c81629a1e91849f0bd944bed8b673af1fdde5cc8cc8ef7c1a0ad701ac62f802832240a79470d2a828470c492c8786c358e10fe85aaac928bf66aade3937a8a9ec8ae07e898832c556ad9f58e562d4268f8076be0a834fa76843084bedf8c00dcd1742017d05e12be83c2da2b507dd290b533e523de97578462e047e242a0d33d6db1d154886d77155856a5efc5079896a0a103d900dabdf4db13e1804f67c20f40e1fd9be128cfb69608cbdce1800c1f69063b62ec2b5e049b62518"}]}}]}, 0x3f4}, 0x1, 0x0, 0x0, 0x8051}, 0x4000081)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r7=>0x0})
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x11, 0x8100, r7, 0x1, 0x0, 0x6, @local}, 0x14)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r7}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x840)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000b00)={0x164, 0x0, 0x4, 0x70bd28, 0x25dfdbfd, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x4}, @HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}]}, 0x164}, 0x1, 0x0, 0x0, 0x8000}, 0x80)

06:42:54 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x0, 0x1, {0x0, r7}}, 0x0)

06:43:13 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:43:13 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d}, 0x0)

06:43:13 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x0, 0x1, {0x0, r7}}, 0x0)

06:43:13 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 88)

06:43:13 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000480)={{{@in, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@empty}, 0x0, @in6=@local}}, &(0x7f0000000580)=0xe8)
mount$9p_tcp(&(0x7f00000003c0), &(0x7f0000000400)='./file0\x00', &(0x7f0000000440), 0x840804, &(0x7f00000005c0)={'trans=tcp,', {'port', 0x3d, 0x4e22}, 0x2c, {[{@version_L}], [{@uid_gt}, {@context={'context', 0x3d, 'staff_u'}}, {@subj_role={'subj_role', 0x3d, '\\)'}}, {@smackfshat={'smackfshat', 0x3d, '-'}}, {@appraise}, {@defcontext={'defcontext', 0x3d, 'system_u'}}, {@uid_eq={'uid', 0x3d, r2}}, {@dont_measure}]}})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f0000000100)={0x1b0, 0x35, 0x200, 0x70bd2b, 0x25dfdbfc, {0x7}, [@generic="d6dff3725d58ba92ee76a7f4fc3488f29ef8ca918979a0b3538cb4849c96a5154c6f205c4c98bf86564e93c8d536883e60ee670a9c8c47a03aaede142a5c77da2f19981b8a6c93ed3cc028ee5a8755eeb112758efac193c88cd229054998e45395886852dd6deb146963ae984c8b0596b4b116368f2029f4b0", @generic="a8ac1e969b6aa2c1ecf35415b893bedfa0d85f53bac791b50b3996373b7baea6a5650d3cbca1a327ed0ab48860afb155245b5f8fdc5aafafd44b36ff24efdf33bef261da577b58077574ef8d19ecaebd68a854ea4b3987", @typed={0x14, 0xd, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x21}}, @nested={0xb7, 0x5e, 0x0, 0x1, [@generic="cafd93064662f6820c21ec78cbb16de3123c5ca67f7b0ac74b56a28d61cc32b27fb61132505f60998ebc43b62000c52d180cb8e5b3e9458811025f7964536dda104b825ca811851deccba013d4924bf871b216003390444973e5e70cf590058fb736a4d8ad893e6b27185dd14fec5fef81fedd34d624d262f079da78344f3ecbefb9d40344d5b87eb1ab3cf9e06a94b4418df339bbd891832fdf6758eceda0c534938c5d73ffda22170867ff94f1a6c2cfc5c3"]}]}, 0x1b0}, 0x1, 0x0, 0x0, 0x4000000}, 0x10)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>r0, {0xee01, <r4=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r4, r4, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
fcntl$dupfd(r5, 0x0, r5)
ioctl$BTRFS_IOC_SYNC(r5, 0x9408, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r3, 0xc0189374, &(0x7f0000000340)={{0x1, 0x1, 0x18, <r6=>r1, {0x1000}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r6, 0xc0189379, &(0x7f0000000380)={{0x1, 0x1, 0x18, r3}, './file0\x00'})

06:43:13 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x0, 0x1}, 0x0)

06:43:13 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x2, 0x400, 0x8, 0xfffffffffffffffd, 0x400, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x4, 0xffffffffffffffff, 0x8)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000340), 0x5110c1, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x205e, 0x2f0e, 0x2, &(0x7f0000000380)={[0x1]}, 0x8)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x4, &(0x7f0000000080), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x4eafb755f4d555b5, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_setup(0x1db7, &(0x7f0000000140)={0x0, 0x916c, 0x20, 0x1, 0x17d, 0x0, r1}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000240)=<r7=>0x0)
clock_gettime(0x0, &(0x7f0000000280)={<r8=>0x0, <r9=>0x0})
r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r7, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x1, &(0x7f00000002c0)={r8, r9+10000000}, 0x1, 0x0, 0x0, {0x0, r10}}, 0xffffffe1)

06:43:13 executing program 1:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[], [{@dont_measure}, {@smackfshat}]})

[ 1952.131614] FAULT_INJECTION: forcing a failure.
[ 1952.131614] name failslab, interval 1, probability 0, space 0, times 0
[ 1952.134621] CPU: 0 PID: 10063 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1952.136410] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1952.138505] Call Trace:
[ 1952.139210]  dump_stack+0x107/0x167
[ 1952.140070]  should_fail.cold+0x5/0xa
[ 1952.140951]  ? create_object.isra.0+0x3a/0xa20
[ 1952.142012]  should_failslab+0x5/0x20
[ 1952.142881]  kmem_cache_alloc+0x5b/0x360
[ 1952.143846]  create_object.isra.0+0x3a/0xa20
[ 1952.144847]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1952.145974]  kmem_cache_alloc_trace+0x151/0x2c0
[ 1952.147016]  ? kasan_unpoison_shadow+0x33/0x50
[ 1952.148052]  alloc_workqueue_attrs+0x38/0x80
[ 1952.149033]  alloc_workqueue+0x192/0xea0
[ 1952.149967]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 1952.151136]  ? kasan_unpoison_shadow+0x33/0x50
[ 1952.152183]  ieee80211_register_hw+0x14fa/0x38b0
[ 1952.153291]  ? ieee80211_ifa6_changed+0x650/0x650
[ 1952.154355]  ? net_generic+0xdb/0x2b0
[ 1952.155229]  ? lockdep_init_map_type+0x2c7/0x780
[ 1952.156287]  ? memset+0x20/0x50
[ 1952.157028]  ? __hrtimer_init+0x12c/0x270
[ 1952.157967]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 1952.159080]  ? ____sys_sendmsg+0x70d/0x870
[ 1952.160068]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1952.161108]  ? __kmalloc+0x16e/0x330
[ 1952.161979]  hwsim_new_radio_nl+0x991/0x1080
[ 1952.162981]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1952.164161]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1952.165610]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1952.167062]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1952.168130]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1952.169572]  ? cap_capable+0x1d6/0x240
[ 1952.170462]  ? ns_capable+0xe2/0x110
[ 1952.171307]  genl_rcv_msg+0x33c/0x5a0
[ 1952.172157]  ? genl_get_cmd+0x480/0x480
[ 1952.173038]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1952.174184]  ? lock_release+0x6b0/0x6b0
[ 1952.175066]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1952.176070]  netlink_rcv_skb+0x14b/0x430
[ 1952.176963]  ? genl_get_cmd+0x480/0x480
[ 1952.177844]  ? netlink_ack+0xab0/0xab0
[ 1952.178726]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1952.179745]  ? is_vmalloc_addr+0x7b/0xb0
[ 1952.180644]  genl_rcv+0x24/0x40
[ 1952.181369]  netlink_unicast+0x549/0x7f0
[ 1952.182277]  ? netlink_attachskb+0x870/0x870
[ 1952.183242]  ? __virt_addr_valid+0x128/0x350
[ 1952.184233]  netlink_sendmsg+0x90f/0xdf0
[ 1952.185145]  ? netlink_unicast+0x7f0/0x7f0
[ 1952.186102]  ? netlink_unicast+0x7f0/0x7f0
[ 1952.187034]  sock_sendmsg+0x154/0x190
[ 1952.187869]  ____sys_sendmsg+0x70d/0x870
[ 1952.188761]  ? kernel_sendmsg+0x50/0x50
[ 1952.189616]  ? do_recvmmsg+0x6d0/0x6d0
[ 1952.190463]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1952.191627]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1952.192758]  ? SOFTIRQ_verbose+0x10/0x10
[ 1952.193651]  ___sys_sendmsg+0xf3/0x170
[ 1952.194501]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1952.195514]  ? lock_downgrade+0x6d0/0x6d0
[ 1952.196424]  ? find_held_lock+0x2c/0x110
[ 1952.197332]  ? __fget_files+0x296/0x4c0
[ 1952.198226]  ? __fget_light+0xea/0x290
[ 1952.199101]  __sys_sendmsg+0xe5/0x1b0
[ 1952.199924]  ? __sys_sendmsg_sock+0x40/0x40
[ 1952.200849]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1952.201892]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1952.203038]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1952.204141]  ? trace_hardirqs_on+0x5b/0x180
[ 1952.205092]  do_syscall_64+0x33/0x40
[ 1952.205120]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1952.206709] RIP: 0033:0x7f111cc48b19
[ 1952.207524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1952.207538] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1952.207566] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1952.207581] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
06:43:13 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0xc0a85322, &(0x7f0000000240))
readv(r5, &(0x7f0000000040)=[{&(0x7f0000000500)=""/4096, 0x1000}], 0x1)

[ 1952.207595] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1952.207610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1952.207625] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:43:14 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:43:14 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d}, 0x0)

06:43:14 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0xc0a85322, &(0x7f0000000240))
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r4=>r0, @out_args}, './file0\x00'})
perf_event_open$cgroup(&(0x7f0000000100)={0x1, 0x80, 0x3, 0x0, 0x45, 0x7, 0x0, 0x8, 0x46e88, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x5, 0x4, @perf_bp={&(0x7f0000000040)}, 0x110, 0x0, 0x4, 0x3, 0x0, 0x4, 0x9, 0x0, 0x0, 0x0, 0x2}, r3, 0x4, r4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r5=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
getegid()
setresgid(r5, r5, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:43:14 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:43:14 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 89)

06:43:14 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x0, 0x1}, 0x0)

06:43:14 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x0, {0x0, r7}}, 0x0)

[ 1952.582728] FAULT_INJECTION: forcing a failure.
[ 1952.582728] name failslab, interval 1, probability 0, space 0, times 0
[ 1952.584017] CPU: 1 PID: 10093 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1952.584768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1952.585688] Call Trace:
[ 1952.585989]  dump_stack+0x107/0x167
[ 1952.586405]  should_fail.cold+0x5/0xa
[ 1952.586819]  ? create_object.isra.0+0x3a/0xa20
[ 1952.587331]  should_failslab+0x5/0x20
[ 1952.587751]  kmem_cache_alloc+0x5b/0x360
[ 1952.588203]  ? vsnprintf+0x4ba/0x1600
[ 1952.588218]  create_object.isra.0+0x3a/0xa20
[ 1952.588229]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1952.588244]  __kmalloc_track_caller+0x177/0x310
[ 1952.588256]  ? kasprintf+0xbb/0xf0
[ 1952.588267]  ? __sys_sendmsg+0xe5/0x1b0
[ 1952.588281]  kvasprintf+0xb5/0x150
[ 1952.588292]  ? bust_spinlocks+0xe0/0xe0
[ 1952.588311]  ? cpumask_next+0x1f/0x30
[ 1952.588325]  kasprintf+0xbb/0xf0
[ 1952.588337]  ? kvasprintf_const+0x1a0/0x1a0
[ 1952.588353]  ? save_trace+0xd00/0xd00
[ 1952.588364]  ? lockdep_init_map_type+0x2c7/0x780
[ 1952.588384]  alloc_workqueue+0x477/0xea0
[ 1952.588401]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 1952.588422]  ? kasan_unpoison_shadow+0x33/0x50
[ 1952.588441]  ieee80211_register_hw+0x14fa/0x38b0
[ 1952.588464]  ? ieee80211_ifa6_changed+0x650/0x650
[ 1952.588475]  ? net_generic+0xdb/0x2b0
[ 1952.588490]  ? lockdep_init_map_type+0x2c7/0x780
[ 1952.588504]  ? memset+0x20/0x50
[ 1952.588516]  ? __hrtimer_init+0x12c/0x270
[ 1952.588532]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 1952.588541]  ? ____sys_sendmsg+0x70d/0x870
[ 1952.588566]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1952.588578]  ? __kmalloc+0x16e/0x330
[ 1952.588595]  hwsim_new_radio_nl+0x991/0x1080
[ 1952.588611]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1952.588634]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1952.588644]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1952.588659]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1952.588673]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1952.588684]  ? cap_capable+0x1d6/0x240
[ 1952.588705]  ? ns_capable+0xe2/0x110
[ 1952.588718]  genl_rcv_msg+0x33c/0x5a0
[ 1952.588731]  ? genl_get_cmd+0x480/0x480
[ 1952.588745]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1952.588759]  ? lock_release+0x6b0/0x6b0
[ 1952.588771]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1952.588787]  netlink_rcv_skb+0x14b/0x430
[ 1952.588798]  ? genl_get_cmd+0x480/0x480
[ 1952.588811]  ? netlink_ack+0xab0/0xab0
[ 1952.588830]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1952.588842]  ? is_vmalloc_addr+0x7b/0xb0
[ 1952.588854]  genl_rcv+0x24/0x40
[ 1952.588865]  netlink_unicast+0x549/0x7f0
[ 1952.588882]  ? netlink_attachskb+0x870/0x870
[ 1952.588892]  ? __virt_addr_valid+0x128/0x350
[ 1952.588913]  netlink_sendmsg+0x90f/0xdf0
[ 1952.588930]  ? netlink_unicast+0x7f0/0x7f0
[ 1952.588951]  ? netlink_unicast+0x7f0/0x7f0
[ 1952.588961]  sock_sendmsg+0x154/0x190
[ 1952.588972]  ____sys_sendmsg+0x70d/0x870
[ 1952.588985]  ? kernel_sendmsg+0x50/0x50
[ 1952.588994]  ? do_recvmmsg+0x6d0/0x6d0
[ 1952.589006]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1952.589018]  ? lock_downgrade+0x6d0/0x6d0
[ 1952.589031]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1952.589042]  ? SOFTIRQ_verbose+0x10/0x10
[ 1952.589056]  ___sys_sendmsg+0xf3/0x170
[ 1952.589068]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1952.589083]  ? lock_downgrade+0x6d0/0x6d0
[ 1952.589097]  ? find_held_lock+0x2c/0x110
[ 1952.589115]  ? __fget_files+0x296/0x4c0
[ 1952.589136]  ? __fget_light+0xea/0x290
[ 1952.589155]  __sys_sendmsg+0xe5/0x1b0
[ 1952.589166]  ? __sys_sendmsg_sock+0x40/0x40
[ 1952.589176]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1952.589200]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1952.589212]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1952.589223]  ? trace_hardirqs_on+0x5b/0x180
[ 1952.589238]  do_syscall_64+0x33/0x40
[ 1952.589251]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1952.589259] RIP: 0033:0x7f111cc48b19
[ 1952.589270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1952.589276] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1952.589289] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1952.589296] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1952.589302] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1952.589309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1952.589315] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:43:30 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x4e20, 0xe52c, @mcast1, 0x1}}, 0x0, 0x0, 0x1d, 0x0, "549962bec946ca1da1a5cfb895a90be410dd6988646f7911bc88ce5cc4aacf1c68e0729a6999c540b3f077f25e04ae78761c74a09b60efe4de146b3db14a87fb4a03a75f9c987ebf6ac11a65cdb3bf3f"}, 0xd8)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r7 = syz_open_dev$vcsn(&(0x7f0000000040), 0x2, 0x10240)
ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x89f6, &(0x7f0000000240)={'ip6_vti0\x00', &(0x7f0000000140)={'sit0\x00', <r8=>0x0, 0x2f, 0x1, 0x9, 0x5, 0x6, @loopback, @empty, 0x40, 0x700, 0x200}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r7, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000280)={'sit0\x00', r8, 0x29, 0x80, 0x83, 0x4, 0x10, @empty, @private2, 0x8000, 0x20, 0x1, 0x6}})
syz_io_uring_submit(r5, 0x0, &(0x7f0000000440)=@IORING_OP_SPLICE={0x1e, 0x2, 0x0, @fd=r4, 0x1000, {0x0, r0}, 0xffffffff, 0xa, 0x3, {0x0, r6, r0}}, 0x0)

06:43:30 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:43:30 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_setup(0x3626, &(0x7f0000000140)={0x0, 0x21be, 0x8, 0x3, 0xee}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000240)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x3, 0x0, 0x7, 0x3, &(0x7f0000000280)="d4", 0x8, 0x0, 0x1, {0x3}}, 0x400)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:43:30 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d}, 0x0)

06:43:30 executing program 2:
r0 = getpgrp(0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000080)=<r1=>0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x4, 0x3, 0xf9, 0xe9, 0x0, 0x6cc3, 0x2040, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x5, 0x4, @perf_config_ext={0x3, 0x2}, 0x800, 0x10001, 0x1ff, 0x2, 0xff, 0xfffffffd, 0x180, 0x0, 0x6, 0x0, 0x200000000005}, r1, 0xd, 0xffffffffffffffff, 0x2)
pidfd_open(r0, 0x0)
syz_open_procfs(r0, &(0x7f0000001100)='net/netlink\x00')
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x22, 0x51, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8000, 0x4}, 0x0, 0x4}, r0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x20bc0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$BTRFS_IOC_BALANCE_CTL(r3, 0x40049421, 0x1)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000640)=ANY=[@ANYBLOB="010000000100000018000000b8356923eb2f6e53f19b2a0c9b7320ea696b21b3a271e25e1ec61d76b85bdc6eaac4b9108153d29fbadb19cf623e157248ca7498fee9187358c54032e0e8bce2cd8aceb4f748a0c4631358ee207845a17d049d09e23e4cce7359e61ba51a2f727d28b0ea033f88efa7071950eee291d836729b6f76f2f4f23d1a00cf76fe785cc2eeac086337c88c9c2bf7b4baab9b149cf7958de244aae02d709644ef2c313ab40f82521fe0", @ANYRES64, @ANYRES32=r2, @ANYBLOB="ac90b6382b3d58fd3f5a149ac05749373a278575113b3f1abfdd8e94f8eded9c68eb62febd76a9538d30a26e43c18149058b78b3c8a629b6d72a5f7fe18cd7153a6e960b000000000000f045d929de2f57674c9340ae5fff597d729e843881e437ec087683e48f5172118f91327deb83d8ed22b3ea8c66dbe20b91acaa007f9ffebc2498e9da8c3137c6fbed9ebe542b9c16b40f81cb38467fb8282be641ea8afe32ff1a47b4b241ec3f634d7d4735f0185ddd1ffefdc3f1c5060eb01b55c7827148e33a21668214a0db64e77d027655b85597bcd1fe427755a5056cdb113c13840a87893d49d8ecb090cb982c174a91516156f0270edbda249405664d33d630cc00b4658f1472eb4f2b60991a686067ec1002", @ANYBLOB="2e00000101000000"])
setregid(0x0, 0x0)
setresgid(0x0, 0x0, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r4, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:43:30 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 90)

06:43:30 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x0, {0x0, r7}}, 0x0)

06:43:30 executing program 1:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
r4 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r6, 0xc0a85322, &(0x7f0000000240))
pipe(&(0x7f00000035c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_VERSION(r6, 0xc0189371, &(0x7f0000003600)=ANY=[@ANYBLOB="010000007f6f5e7ddbbf323a", @ANYRES32=r7, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00'])
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000040)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x2007, @fd=r6, 0xfff, 0x6, 0x8, 0x2, 0x1, {0x3, r8}}, 0x1000)

[ 1968.435566] FAULT_INJECTION: forcing a failure.
[ 1968.435566] name failslab, interval 1, probability 0, space 0, times 0
[ 1968.437961] CPU: 0 PID: 10124 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1968.439477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1968.441171] Call Trace:
[ 1968.441726]  dump_stack+0x107/0x167
[ 1968.442501]  should_fail.cold+0x5/0xa
[ 1968.443314]  ? create_object.isra.0+0x3a/0xa20
[ 1968.444274]  should_failslab+0x5/0x20
[ 1968.445070]  kmem_cache_alloc+0x5b/0x360
[ 1968.445923]  create_object.isra.0+0x3a/0xa20
[ 1968.446826]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1968.447901]  kmem_cache_alloc_trace+0x151/0x2c0
[ 1968.448854]  ? kasan_unpoison_shadow+0x33/0x50
[ 1968.449808]  alloc_workqueue_attrs+0x38/0x80
[ 1968.450709]  alloc_workqueue+0x192/0xea0
[ 1968.451577]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 1968.452635]  ? kasan_unpoison_shadow+0x33/0x50
[ 1968.453598]  ieee80211_register_hw+0x14fa/0x38b0
[ 1968.454613]  ? ieee80211_ifa6_changed+0x650/0x650
[ 1968.455617]  ? net_generic+0xdb/0x2b0
[ 1968.456419]  ? lockdep_init_map_type+0x2c7/0x780
[ 1968.457398]  ? memset+0x20/0x50
[ 1968.458084]  ? __hrtimer_init+0x12c/0x270
[ 1968.458951]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 1968.459980]  ? ____sys_sendmsg+0x70d/0x870
[ 1968.460895]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1968.461860]  ? __kmalloc+0x16e/0x330
[ 1968.462647]  hwsim_new_radio_nl+0x991/0x1080
[ 1968.463585]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1968.464680]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1968.466026]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1968.467377]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1968.468375]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1968.469734]  ? cap_capable+0x1d6/0x240
[ 1968.470575]  ? ns_capable+0xe2/0x110
[ 1968.471383]  genl_rcv_msg+0x33c/0x5a0
[ 1968.472188]  ? genl_get_cmd+0x480/0x480
[ 1968.473021]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1968.474107]  ? lock_release+0x6b0/0x6b0
[ 1968.474931]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1968.475871]  netlink_rcv_skb+0x14b/0x430
[ 1968.476709]  ? genl_get_cmd+0x480/0x480
[ 1968.477541]  ? netlink_ack+0xab0/0xab0
[ 1968.478380]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1968.479331]  ? is_vmalloc_addr+0x7b/0xb0
[ 1968.480173]  genl_rcv+0x24/0x40
[ 1968.480852]  netlink_unicast+0x549/0x7f0
[ 1968.481704]  ? netlink_attachskb+0x870/0x870
[ 1968.482601]  ? __virt_addr_valid+0x128/0x350
[ 1968.483548]  netlink_sendmsg+0x90f/0xdf0
[ 1968.484409]  ? netlink_unicast+0x7f0/0x7f0
[ 1968.485308]  ? netlink_unicast+0x7f0/0x7f0
[ 1968.486175]  sock_sendmsg+0x154/0x190
[ 1968.486961]  ____sys_sendmsg+0x70d/0x870
[ 1968.487810]  ? kernel_sendmsg+0x50/0x50
[ 1968.488622]  ? do_recvmmsg+0x6d0/0x6d0
[ 1968.489423]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1968.490517]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1968.491601]  ? SOFTIRQ_verbose+0x10/0x10
[ 1968.492446]  ___sys_sendmsg+0xf3/0x170
[ 1968.493255]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1968.494209]  ? lock_downgrade+0x6d0/0x6d0
[ 1968.495076]  ? find_held_lock+0x2c/0x110
[ 1968.495937]  ? __fget_files+0x296/0x4c0
[ 1968.496781]  ? __fget_light+0xea/0x290
[ 1968.497607]  __sys_sendmsg+0xe5/0x1b0
[ 1968.498389]  ? __sys_sendmsg_sock+0x40/0x40
[ 1968.499288]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1968.500283]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1968.501351]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1968.502401]  ? trace_hardirqs_on+0x5b/0x180
[ 1968.503310]  do_syscall_64+0x33/0x40
[ 1968.504077]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1968.505123] RIP: 0033:0x7f111cc48b19
[ 1968.505886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1968.509613] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1968.511177] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1968.512626] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1968.514074] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1968.515531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1968.516974] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:43:30 executing program 1:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0xc0a85322, &(0x7f0000000240))
readv(r5, &(0x7f0000000040)=[{&(0x7f0000000500)=""/4096, 0x1000}], 0x1)

06:43:47 executing program 1:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0xc0a85322, &(0x7f0000000240))
readv(r5, &(0x7f0000000040)=[{&(0x7f0000000500)=""/4096, 0x1000}], 0x1)

06:43:47 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
fchown(r0, r4, r5)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:43:47 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d}, 0x0)

06:43:47 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
fcntl$dupfd(r2, 0x0, r2)
readv(r2, &(0x7f0000001200)=[{&(0x7f0000000100)=""/105, 0x69}, {&(0x7f0000000040)=""/22, 0x16}, {&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/96, 0x60}], 0x4)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000001240)=ANY=[@ANYBLOB="0100000001570100000000000dadcf3e76c36604497f94ba83dfcb5fa40d9f3e9602f9d499de9be1a81e6154078550847491f6ad4de4d32e4dd876a5c49b062bbfa4c7ab2ce838452413f1fd7a38a9f08bd1032613223d678f247ae1ba13df", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r3=>0xffffffffffffffff, @ANYBLOB='./file0\x00'])
setregid(0x0, 0x0)
setresgid(r3, r3, 0x0)
semget$private(0x0, 0x0, 0x50)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:43:47 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:43:47 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x0, {0x0, r7}}, 0x0)

06:43:47 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 91)

06:43:47 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 1985.699925] FAULT_INJECTION: forcing a failure.
[ 1985.699925] name failslab, interval 1, probability 0, space 0, times 0
[ 1985.702899] CPU: 0 PID: 10154 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1985.704396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1985.706051] Call Trace:
[ 1985.706599]  dump_stack+0x107/0x167
[ 1985.707370]  should_fail.cold+0x5/0xa
[ 1985.708152]  ? apply_wqattrs_prepare+0xac/0x810
[ 1985.709097]  should_failslab+0x5/0x20
[ 1985.709864]  __kmalloc+0x72/0x330
[ 1985.710585]  apply_wqattrs_prepare+0xac/0x810
[ 1985.711537]  apply_workqueue_attrs_locked+0xc1/0x150
[ 1985.712559]  alloc_workqueue+0x9f8/0xea0
[ 1985.713399]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 1985.714434]  ? kasan_unpoison_shadow+0x33/0x50
[ 1985.715381]  ieee80211_register_hw+0x14fa/0x38b0
[ 1985.716376]  ? ieee80211_ifa6_changed+0x650/0x650
[ 1985.717337]  ? net_generic+0xdb/0x2b0
[ 1985.718119]  ? lockdep_init_map_type+0x2c7/0x780
[ 1985.719075]  ? memset+0x20/0x50
[ 1985.719764]  ? __hrtimer_init+0x12c/0x270
[ 1985.720623]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 1985.721623]  ? ____sys_sendmsg+0x70d/0x870
[ 1985.722528]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1985.723476]  ? __kmalloc+0x16e/0x330
[ 1985.724251]  hwsim_new_radio_nl+0x991/0x1080
[ 1985.725152]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1985.726399]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1985.727754]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1985.729342]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1985.730328]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1985.731723]  ? cap_capable+0x1d6/0x240
[ 1985.732544]  ? ns_capable+0xe2/0x110
[ 1985.733310]  genl_rcv_msg+0x33c/0x5a0
[ 1985.734088]  ? genl_get_cmd+0x480/0x480
[ 1985.734894]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1985.735954]  ? lock_release+0x6b0/0x6b0
[ 1985.736758]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1985.737674]  netlink_rcv_skb+0x14b/0x430
[ 1985.738493]  ? genl_get_cmd+0x480/0x480
[ 1985.739321]  ? netlink_ack+0xab0/0xab0
[ 1985.740137]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1985.741055]  ? is_vmalloc_addr+0x7b/0xb0
[ 1985.741881]  genl_rcv+0x24/0x40
[ 1985.742550]  netlink_unicast+0x549/0x7f0
[ 1985.743403]  ? netlink_attachskb+0x870/0x870
[ 1985.744285]  ? __virt_addr_valid+0x128/0x350
[ 1985.745204]  netlink_sendmsg+0x90f/0xdf0
[ 1985.746043]  ? netlink_unicast+0x7f0/0x7f0
[ 1985.746942]  ? netlink_unicast+0x7f0/0x7f0
[ 1985.747814]  sock_sendmsg+0x154/0x190
[ 1985.748720]  ____sys_sendmsg+0x70d/0x870
[ 1985.749548]  ? kernel_sendmsg+0x50/0x50
[ 1985.750345]  ? do_recvmmsg+0x6d0/0x6d0
[ 1985.751132]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1985.752217]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1985.753268]  ? SOFTIRQ_verbose+0x10/0x10
[ 1985.754099]  ___sys_sendmsg+0xf3/0x170
[ 1985.754887]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1985.755980]  ? lock_downgrade+0x6d0/0x6d0
[ 1985.756833]  ? find_held_lock+0x2c/0x110
[ 1985.757843]  ? __fget_files+0x296/0x4c0
[ 1985.758691]  ? __fget_light+0xea/0x290
[ 1985.759679]  __sys_sendmsg+0xe5/0x1b0
[ 1985.760455]  ? __sys_sendmsg_sock+0x40/0x40
[ 1985.761505]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1985.762498]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1985.763787]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1985.764844]  ? trace_hardirqs_on+0x5b/0x180
[ 1985.765904]  do_syscall_64+0x33/0x40
[ 1985.766672]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1985.767948] RIP: 0033:0x7f111cc48b19
[ 1985.768711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1985.772721] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1985.774245] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1985.775691] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1985.777114] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1985.778543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1985.779976] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:43:47 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8020, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
fcntl$dupfd(r1, 0x0, r1)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={r1, 0x650, 0x9})
r2 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x7aab}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r5, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r2, 0x8000000)
io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:43:47 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 92)

[ 1986.081757] FAULT_INJECTION: forcing a failure.
[ 1986.081757] name failslab, interval 1, probability 0, space 0, times 0
[ 1986.084160] CPU: 0 PID: 10170 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1986.085556] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1986.087200] Call Trace:
[ 1986.087754]  dump_stack+0x107/0x167
[ 1986.088503]  should_fail.cold+0x5/0xa
[ 1986.089281]  ? create_object.isra.0+0x3a/0xa20
[ 1986.090204]  should_failslab+0x5/0x20
[ 1986.090981]  kmem_cache_alloc+0x5b/0x360
[ 1986.091830]  create_object.isra.0+0x3a/0xa20
[ 1986.092778]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1986.093940]  __kmalloc+0x16e/0x330
[ 1986.094767]  apply_wqattrs_prepare+0xac/0x810
[ 1986.095840]  apply_workqueue_attrs_locked+0xc1/0x150
[ 1986.096992]  alloc_workqueue+0x9f8/0xea0
[ 1986.097934]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 1986.099102]  ? kasan_unpoison_shadow+0x33/0x50
[ 1986.100167]  ieee80211_register_hw+0x14fa/0x38b0
[ 1986.101173]  ? ieee80211_ifa6_changed+0x650/0x650
[ 1986.102130]  ? net_generic+0xdb/0x2b0
[ 1986.102912]  ? lockdep_init_map_type+0x2c7/0x780
[ 1986.103880]  ? memset+0x20/0x50
[ 1986.104554]  ? __hrtimer_init+0x12c/0x270
[ 1986.105408]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 1986.106415]  ? ____sys_sendmsg+0x70d/0x870
[ 1986.107338]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1986.108284]  ? __kmalloc+0x16e/0x330
[ 1986.109058]  hwsim_new_radio_nl+0x991/0x1080
[ 1986.110043]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1986.111242]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1986.112738]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1986.114214]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1986.115324]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1986.116801]  ? cap_capable+0x1d6/0x240
[ 1986.117721]  ? ns_capable+0xe2/0x110
[ 1986.118573]  genl_rcv_msg+0x33c/0x5a0
[ 1986.119510]  ? genl_get_cmd+0x480/0x480
[ 1986.120419]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1986.121699]  ? lock_release+0x6b0/0x6b0
[ 1986.122518]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1986.123656]  netlink_rcv_skb+0x14b/0x430
[ 1986.124491]  ? genl_get_cmd+0x480/0x480
[ 1986.125473]  ? netlink_ack+0xab0/0xab0
[ 1986.126297]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1986.127446]  ? is_vmalloc_addr+0x7b/0xb0
[ 1986.128288]  genl_rcv+0x24/0x40
[ 1986.129101]  netlink_unicast+0x549/0x7f0
[ 1986.129955]  ? netlink_attachskb+0x870/0x870
[ 1986.131028]  ? __virt_addr_valid+0x128/0x350
[ 1986.131981]  netlink_sendmsg+0x90f/0xdf0
[ 1986.133000]  ? netlink_unicast+0x7f0/0x7f0
[ 1986.133899]  ? netlink_unicast+0x7f0/0x7f0
[ 1986.134932]  sock_sendmsg+0x154/0x190
[ 1986.135733]  ____sys_sendmsg+0x70d/0x870
[ 1986.136739]  ? kernel_sendmsg+0x50/0x50
[ 1986.137545]  ? do_recvmmsg+0x6d0/0x6d0
[ 1986.138506]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1986.139608]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1986.140880]  ? SOFTIRQ_verbose+0x10/0x10
[ 1986.141726]  ___sys_sendmsg+0xf3/0x170
[ 1986.142683]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1986.143655]  ? lock_downgrade+0x6d0/0x6d0
[ 1986.144682]  ? find_held_lock+0x2c/0x110
[ 1986.145542]  ? __fget_files+0x296/0x4c0
[ 1986.146542]  ? __fget_light+0xea/0x290
[ 1986.147378]  __sys_sendmsg+0xe5/0x1b0
[ 1986.148308]  ? __sys_sendmsg_sock+0x40/0x40
[ 1986.149180]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1986.150358]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1986.151436]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1986.152689]  ? trace_hardirqs_on+0x5b/0x180
[ 1986.153574]  do_syscall_64+0x33/0x40
[ 1986.154489]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1986.155541] RIP: 0033:0x7f111cc48b19
[ 1986.156453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1986.160141] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1986.161992] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1986.163452] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1986.164894] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1986.166331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1986.167784] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:43:48 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
r0 = perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x80, 0x89c7, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000001d40)=[{{&(0x7f00000002c0)=@caif=@rfm, 0x80, &(0x7f0000001800)=[{&(0x7f0000000340)=""/168, 0xa8}, {&(0x7f0000000400)=""/200, 0xc8}, {&(0x7f0000000500)=""/172, 0xac}, {&(0x7f00000005c0)=""/168, 0xa8}, {&(0x7f0000000680)=""/60, 0x3c}, {&(0x7f00000006c0)=""/124, 0x7c}, {&(0x7f0000000740)=""/63, 0x3f}, {&(0x7f0000000780)=""/32, 0x20}, {&(0x7f00000007c0)=""/62, 0x3e}, {&(0x7f0000000800)=""/4096, 0x1000}], 0xa}, 0x5}, {{0x0, 0x0, &(0x7f0000001b40)=[{&(0x7f00000018c0)=""/244, 0xf4}, {&(0x7f00000019c0)=""/83, 0x53}, {&(0x7f0000001a40)=""/222, 0xde}], 0x3}, 0x20}, {{&(0x7f0000001b80)=@hci, 0x80, &(0x7f0000001cc0)=[{&(0x7f0000001c00)=""/125, 0x7d}, {&(0x7f0000001c80)=""/49, 0x31}], 0x2, &(0x7f0000001d00)=""/40, 0x28}, 0x401}], 0x3, 0x10000, &(0x7f0000001e00)={0x77359400})
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r5=>r0, {0x1}}, './file0\x00'})
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x1, 0x2, 0xf4, 0x44, 0x0, 0xf800000000000000, 0x820, 0xe, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x4, @perf_config_ext={0x5, 0x6dd}, 0x12, 0x101, 0x10000, 0x8, 0x20, 0x3, 0x4, 0x0, 0x8, 0x0, 0x3}, 0xffffffffffffffff, 0xffffffffffffffff, r5, 0x8)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:43:48 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
fchown(r0, r4, r5)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:43:48 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d}, 0x0)

06:43:48 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 93)

06:43:48 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x20, 0x1, 0x1, 0x12, 0x6, 0x2, 0xa12b492dc3d51d9d, 0xfffffff7, 0x27d, 0x40, 0x22a, 0x3, 0x0, 0x38, 0x2, 0x5dc1, 0x81, 0x8}, [{0x2, 0x2, 0x316, 0xffffffffffffff80, 0x0, 0x6, 0x7, 0x6}], "4245b2461a1750c849fc97beebb3c1f81538b101ea362330acb90af64a51cea5be3dcfdc16ca3af8b8e8fa8c969bc75aad7e4d76ad1504332a0c74251334f635aa22751e6b87e57e7ebae4129372b83cb6aa69ae9f9cabde1e2884f80f80305e47c368d768634a030d246b6c5c56438745aaefaf18663f0eac692253a17c95c9903ff2f23a4f94f4ab0b432430c313ccced7f32341f23e298c8e79154a993629ef455152069d38d40bdfa6171ed4fc4f64c8d86c491b402510a67688d5326df1820f24d4c7345561f8fa9552fc2287b04e739668aa0462ad0523caf3ad9e6a803b7893eb2ef52e5be44a1653afe44d73bb30676b1ad76b7d913a8ef85929ad93ce722c9002f0024f4bae12fb1492f6cb21ddc2b7f3ea08a66081b2af4cdd220540c66d9a75d1043770984637943f788b1e421ea6613ba322270477d1064b4bb880e85b681c1d3a7a6b008be35f4259cd0a231146ff88d1a88e89be8bfc87225ef3b8cacdc1d6d08f42658c092750a73ad3ee2abcac4e129578defaf1b09ab882eeecabd8e090adc4284e5c7e0ec9410d87322ad2de1a50a8ee343899fa06f5388c0d3ddbe8508419479e23118dee74c8854fbfc01c4730e40f83da678ae7846554d4e3dac05e5deb2d3ed99c6472e1efe48dbb0c333dd1a505b26a25410b747d59814a96e41c26bd637d7ce08ed29cdd282e93468c193e230d9e112a3791f47b64a648c973a28bfc6e34ce04886237c7720e4b52f0afa0e24a8c02094112479a3d1f0ac573af302e5a45e914970d71da1755369e355d43b73f576b670989bc22207ab2d5ca262ce51840aa603c4387dac26fdd5d9f124a1d99373787fc7d489b13bd692b5e50501aa42547aa3ebe7f3796a5b9b503e5077d484d5bd65af5f66677a3ca4087e746ca7d736a908d78f465003c6258eee4c3d8d19c7470b305ffeb30fc51955ac499ce62d346cc0bb343abe3f6bbdd78932fa341cb963292bd4dbc8ced272724674a3e087af037bece6eca104483fb41ff6c095550927a19f93b712fd680f65bc8317db149d79ae954d843554da48c882346b34bdc92c67ac4fc8b23798099e3c5ed4a03b4b52ffe34e159443d1391e5b4c89ca3e4bda336f554b9d797e31387461098dcdfdfff2bc8c2960dd488b5cad65d3651253897b2018eac52ab41649364b9280255ab1a4b57fd775288e5cdac36a4be1fa738048ae9d7564cef00e04da16296ccab334c1af2496a79d6745d1666f6b19b56d4938760c3bffe043f2e86071c77158e84f016d38114a995492b7c2b096dcef54470dbd831744e5ba57f75295e2fd95c80d3b20cd3090e4143501d2b6c2758215e43532e113663aec37db348237208cdd5bd833af820aab6aad47636fcc31c026ca1d277505db6bb1d648cefc49558b2cea0445a07c3a459a85e11ac7020b1e9e2d2a1de8c645193298ddc0d3d8d516eee1fb5ef8d82dbe3399de013a9fccedd1c40178399362d2718d3f042a0f6db7c81211518e5384792a4175059ec164b4605200aa0461c17576b6cd2f094c0b3cd05c76a4fdfb6dbe5f1cd7ed288c7c61480e2ac40d2611d9b525970383212f2eeabc167c1b14a659842f18fee84ad22cfb5745f618d8689849ce80d479551f6856b6ca1f83bdb1535a2748cc9bf5cce80f58e79d2f6a28f5b6a1452a81122ae785680b463b3f4e42cb94491c046f86611e47d51fba8e6c6776da1a16e45104d9fcc9c01d266a7db1d63c662bac56bbf64a430b37aa06fc374f632bbbd007a368792f919c6dd509a19130b4850c89531cc2282a6434637c0f5ee0223aa7ad3f3f8b6ee85e489705a0d70a1200cb07f59e8a180dd02ab1970030a5e042b52b176be15da0e864daa7ab1235ad25c4cf5466df79a1b5189140ec788ffdf82d69d6022e1ee74e2e39b69bce3f39018a4df9d45947f8c66db02305b7fd4926b1c8b7c7b447f168e9a169f302d380d38d4d5f7af91e2b7bb7b88e248abc937a087608d01cee03c21f79a5b123967bf6a7de7762f1c1d6d2fa58e86569a36d945f2c2b2799b41e57749492b7429174af66631c9e67de06a8cb900e3e40c07e6f45613a4995dfe709a6522bc3bd58408971fe167213353fdc59164ab1b4ce9cd7f31dbfa4454ba03358e49050da0725dc42bce707bf76ed24b3b2bac3f988935a77fa2f2b2a0d48f794c547903460c2e8fd2d3f5513c091c961bed1e1d8a23ea437eb84c2ea625bad52356cf1ad7819401ee6eb4e360e7515ee303669715af4997f2a4a7150e3bf422142e6db7269aac4fa2888742f483cd0147342e9249c000cda6f54d8b654a6e1ae8b7e56af95fe83c68ea6998bb5b02b0c4c83eb7041d7aad2eb05278d0a7fa9cf4c21a8660fc2323b7d2a79221d981833e0ff2c67f0b57532b31b57bf7866d4ce5807378241809610db8d6325c4881b8d967e47dcd9a4f7d09591f75a8e4a11bd61e9826d69cf56aa179e2590ebd60fd21efa75923e2cb9de91667d38dd54c39a1a79a4e90d8b38ddc005cefd2ce8cfad71ea57022f21b6fe6d947c6fcacd1863f205765842a4a7b9fe6b3d72ff1d0385f13cce6a4e77b74a01f73c1ee3ddb823ef70b81e4eddeb0af3d1cf15e599f5b45e7cbc64d933e947b25f546dd7aae2eaf7d1d7aa35eff122c2371ca97b47e3b59d5235cba4944272396813d317a675771a1419f346accb14cffddef0c434d1a3358baf0c8fe8b3aeddfa97e73c9e14f5a3f796111d779c7a3751d4912ebf884b0038aa3853f7efac117f5898196bc641ea7ccd6ba0f23fc32c97749fb84ed484f16dcf34db78325ed89341ab172d61bcf789811b5dbd224520008b1575fa01da3b86744f00d3d7ccb2e7bb03a4ade57977c01e0c0e24c49845f4683f1fb04f1c727fd3485691ea54f8e7af730b746d6430292cf876ce982a0b0c0c4a767388b862305646d6a1ea18f447f11d5a08b355a1c4ea26aac7f9a550840a714ec036de7ea12576bb26d108ba98171ac628f2ea44bf56b39ab576963eca1edb5afc5ea5a5bbdb504d8057fb41fd6119f262ecb90d3d86968e8d916fa18e8bd464d10824490bfccc31eae4b69992e8414c7197170037392725cff79a9a1c20966c528c553c0d68f115b6e6b6c4a8a2c84070e0db21ebbb13d328f2082485aea0c4f9803994d3a1696bbddcaf18055dc94699ed6ff3480d55236f3ec105621f075b4239ae30e2f9c2e308801d4a478d95852fb95dfbe3ec7401331f44f73c19d8abbce1c66894380ec1835787a39db3e0a5e48ea713aa0224c8ecb2c5e25c1d63fb2701f3d27806069d7e9f2dcc02568a949820eaa1e49db0062d5bf1b719d8dce359dac2502767184364a68b1bddbce7c6125a4148139a2301e3f4a11e7995440395c664c4abb175e551a3e43abb29d998736040ab1c141df4e54a56568f606026f5e8dde5cb97d50e45d79356dd9d7fb22d04f795011a3baa1ce5d88868b8dddb3225e583cc9c125b0f17b9e9fe89f8315f4d742713b7aee116d9a8fdd1521e0034268e3d67a75fa8259b3b704868b6474a60aa5dbed6f80636d29c9cf6f6120e284d12eb92548d3de70e1cbbad595ba57047dd95d6f4073a8f72b76f2ee8bc551d7ac986a62c407be0df30b44fc42334620ecc43260fe9010146841f183d7c2f7a697004e2dedd9d0b4b8b59240734916cd3f97d639353b3cfb3cf3e5717dc7496626c7126339e83ddfa0ed9622d7d8ad8d342927e23654d17fcec8f840ccca8053eccc12b5be0b4fc48fd88bdfca0b860fa069df19438347d8bbef036f5904d112bc270f162eacfdf0e3e9e479cba68ea5b9aa2dfe242acf7eb3827614eec3fe8fb8398ba77c5627b25a060af737f06de1c7aa4da8036c7d1a54673f8c9d4f49004e3300263f53f49022b966eeb4480ecfd23bbc3fe35ed49953cb9fc1ccd975f7eb9a65a7b08d2eaed6c3f85383283953f5d5a24c97a5d3571a838dc33c5ae21c583eb0ec809ce1146476011e7393d35e8aca541ba0f696df903b662e0992cc4ab93aff48f7ba6dda05e896cd184160cda5cc80238024cdbcc40fd782b6286cb0b04dc7726866c43dd0e16bbec9d0c3de46e405daa34d1a322e14ae33ac92a6caf4be6ca7ce4e8a49f908a4364a2b126ac5276c35024dd77b22b59a611f7c7ca54dc7e93f831b6d39b47c146b19a287e0bddb71eb169181bd0c5587724801433acabb209f835a743830705d459050e9a3a439722ed89b9571c3419f5e38704cd42d116664065887bb5dff1add2524854d0a00f542068da79af58aaf6df123a79cae2ff43990c7bb4ecec0a576bdefa9c4713bac0961525c8b375d4e8531374b98ac319e647148964ef6b96b2c47524eba5fc9792bdb910a7ca4418b22fe76d53c416044ca16224f499694c2f2937e38d6f094276ec95a2797a3d558f7eefac532fc5ff1c8f75e94ae877ee46c3c0d2cea8a0ebd08e6105ef0b4c2cff7841ba76f77b047cae1615a0d3d7211f167f2b3938f271f6b38de63f28aea8c7bf942d2a96b13555a0fd2018f30b5f50eaa3549bc3d23011f7bbf17aa2c99ed92336209ada7d03eabd4547022aaa2775e4bf58f7863f29e57f354d9430028b02a0f10a3d66fb7ef313a2760244a4e21696abf80ec3d0c2ba9e84d3043aa606f73e2f73741751a1624ee047e8b83da047b1480c96147db2e196360466fd045d4943abb7f61fefde3285f8904b792425585759e181242f9daa2d0ef62ebb53645097b90529ded5ff0b87ecf222c360b303f6b0d46a877fd9f2728eabba21535568fcb08752370553cd8fcf809fd5a9c28db20274eba079fac896dcab6af31144221c71f2a84293afa3ea4c725c266b5e0438a58793139cbcbe7c17840eb49a4a11a83333d6cce8e701625a5b969da20b8a4bc5a0f7876eb37d67edc8fc69f0837ab3617e6fa0a049669863ffde78b9858b762f6414f92adaae1f8ee869e3659d623f1f2bf8337d09a6da67d9dd24ca55ffb56227b69fddcecf27e11a383d9e5b040e6e665ceb4274caec55587e5bfbfcc891669d7f51de6052db670c18ae00a4d4c7d58ba931d687ab173d89877df2e8b65e4245f239b712bbbc4f5fbc8f832a08df6c2724624a95ee0fa58aabfebcf146b2e01de5d9de3a2f646266917b7e678226312aaf4d86c372fefe4388a63bbac137e75cde65e1c5f9d2a5983415aa8215a136bc0faeca6031ed10418ad689d418a7316d9894da365d6d0ae44c904f2d8dfb96094bb917e95e20a10c2d67f0b963499bc0a2d01f6fd39714c3c5d3e3218a69f828c0cd767b42e35138a1645847474b963017008c70c7c79e42fb1a95b8fddd20966b9ffda778c4253fcc411484b3e16a4864eaa563bd24c096f27bdd820583e28cce67c5337fbc580a1d338cff45b752fa3a2f1b647c86edc00b37ead51ffeb1f177ec65b92da8126936c2d586999410cd01e86bbbf6e054d1c999f90599b7688facedb8ba265e3251a46161a9c0b4c76afb0534f52472e2b9b55205a43f66266435377b40791fbc5b1edf2bb628ca22c73f2cf07859b90355308d0384fe7cffdd7cbe34145be272f101683b02e97f82b7e03f4c648d40d33efcee3aea7bd1ac5b3c7e93d5be4a5f2db7ad4343243edff080bb931a6beccc6b3d80cd69b623d0edf7a823dcefa317a4996f9670e39ceed3c94ab84f122f9ecc2bc2b87a53c93e3e72bab0306b1449fa796678a9e19354c3b9f85cbc13905833e4568b362ce71531154dd1a6c607705724a48757dddb34da042d2b329b6d8544640db707b2b725b2aada6881f", ['\x00']}, 0x1178)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

[ 1986.596826] FAULT_INJECTION: forcing a failure.
[ 1986.596826] name failslab, interval 1, probability 0, space 0, times 0
[ 1986.599231] CPU: 1 PID: 10186 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 1986.600630] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1986.602294] Call Trace:
[ 1986.602822]  dump_stack+0x107/0x167
[ 1986.603586]  should_fail.cold+0x5/0xa
[ 1986.604358]  ? create_object.isra.0+0x3a/0xa20
[ 1986.605260]  should_failslab+0x5/0x20
[ 1986.606029]  kmem_cache_alloc+0x5b/0x360
[ 1986.606865]  create_object.isra.0+0x3a/0xa20
[ 1986.607743]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1986.608773]  kmem_cache_alloc_trace+0x151/0x2c0
[ 1986.609707]  ? kasan_unpoison_shadow+0x33/0x50
[ 1986.610638]  alloc_workqueue_attrs+0x38/0x80
[ 1986.611552]  apply_wqattrs_prepare+0xb4/0x810
[ 1986.612474]  apply_workqueue_attrs_locked+0xc1/0x150
[ 1986.613494]  alloc_workqueue+0x9f8/0xea0
[ 1986.614324]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 1986.615359]  ? kasan_unpoison_shadow+0x33/0x50
[ 1986.616293]  ieee80211_register_hw+0x14fa/0x38b0
[ 1986.617270]  ? ieee80211_ifa6_changed+0x650/0x650
[ 1986.618235]  ? net_generic+0xdb/0x2b0
[ 1986.619016]  ? lockdep_init_map_type+0x2c7/0x780
[ 1986.619981]  ? memset+0x20/0x50
[ 1986.620649]  ? __hrtimer_init+0x12c/0x270
[ 1986.621492]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 1986.622494]  ? ____sys_sendmsg+0x70d/0x870
[ 1986.623390]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 1986.624332]  ? __kmalloc+0x16e/0x330
[ 1986.625097]  hwsim_new_radio_nl+0x991/0x1080
[ 1986.625995]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1986.627053]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 1986.628381]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 1986.629694]  genl_family_rcv_msg_doit+0x22d/0x330
[ 1986.630668]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 1986.632004]  ? cap_capable+0x1d6/0x240
[ 1986.632807]  ? ns_capable+0xe2/0x110
[ 1986.633565]  genl_rcv_msg+0x33c/0x5a0
[ 1986.634337]  ? genl_get_cmd+0x480/0x480
[ 1986.635143]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 1986.636193]  ? lock_release+0x6b0/0x6b0
[ 1986.636996]  ? netlink_deliver_tap+0xf4/0xcd0
[ 1986.637908]  netlink_rcv_skb+0x14b/0x430
[ 1986.638733]  ? genl_get_cmd+0x480/0x480
[ 1986.639548]  ? netlink_ack+0xab0/0xab0
[ 1986.640359]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 1986.641277]  ? is_vmalloc_addr+0x7b/0xb0
[ 1986.642103]  genl_rcv+0x24/0x40
[ 1986.642772]  netlink_unicast+0x549/0x7f0
[ 1986.643627]  ? netlink_attachskb+0x870/0x870
[ 1986.644513]  ? __virt_addr_valid+0x128/0x350
[ 1986.645422]  netlink_sendmsg+0x90f/0xdf0
[ 1986.646254]  ? netlink_unicast+0x7f0/0x7f0
[ 1986.647129]  ? netlink_unicast+0x7f0/0x7f0
[ 1986.647986]  sock_sendmsg+0x154/0x190
[ 1986.648758]  ____sys_sendmsg+0x70d/0x870
[ 1986.649582]  ? kernel_sendmsg+0x50/0x50
[ 1986.650384]  ? do_recvmmsg+0x6d0/0x6d0
[ 1986.651173]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1986.652249]  ? lock_downgrade+0x6d0/0x6d0
[ 1986.653093]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 1986.654151]  ? SOFTIRQ_verbose+0x10/0x10
[ 1986.654995]  ___sys_sendmsg+0xf3/0x170
[ 1986.655798]  ? sendmsg_copy_msghdr+0x160/0x160
[ 1986.656741]  ? lock_downgrade+0x6d0/0x6d0
[ 1986.657583]  ? find_held_lock+0x2c/0x110
[ 1986.658415]  ? __fget_files+0x296/0x4c0
[ 1986.659239]  ? __fget_light+0xea/0x290
[ 1986.660054]  __sys_sendmsg+0xe5/0x1b0
[ 1986.660821]  ? __sys_sendmsg_sock+0x40/0x40
[ 1986.661754]  ? rcu_read_lock_any_held+0x75/0xa0
[ 1986.662721]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1986.663790]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1986.664823]  ? trace_hardirqs_on+0x5b/0x180
[ 1986.665712]  do_syscall_64+0x33/0x40
[ 1986.666477]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 1986.667520] RIP: 0033:0x7f111cc48b19
[ 1986.668276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1986.671949] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1986.673483] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 1986.674931] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 1986.676386] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1986.678146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1986.679923] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:43:48 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 2001.875871] FAULT_INJECTION: forcing a failure.
[ 2001.875871] name failslab, interval 1, probability 0, space 0, times 0
[ 2001.878191] CPU: 1 PID: 10203 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 2001.879612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2001.881709] Call Trace:
[ 2001.881759]  dump_stack+0x107/0x167
[ 2001.881789]  should_fail.cold+0x5/0xa
[ 2001.881814]  ? alloc_workqueue_attrs+0x38/0x80
[ 2001.881839]  should_failslab+0x5/0x20
[ 2001.881860]  kmem_cache_alloc_trace+0x55/0x2c0
06:44:03 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x8, 0x100010, r0, 0x10000000)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x3, 0x0, @fd_index=0xa, 0x0, 0x0, 0x0, {0x1}, 0x0, {0x0, r6}}, 0x4)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:44:03 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:44:03 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:44:03 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
r1 = inotify_init()
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000100))
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r3=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r3, r3, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:44:03 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'])
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:44:03 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})

06:44:03 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 94)

06:44:03 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 2001.881883]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2001.881910]  alloc_workqueue_attrs+0x38/0x80
[ 2001.881929]  apply_wqattrs_prepare+0xbc/0x810
[ 2001.881970]  apply_workqueue_attrs_locked+0xc1/0x150
[ 2001.881993]  alloc_workqueue+0x9f8/0xea0
[ 2001.882027]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 2001.882073]  ? kasan_unpoison_shadow+0x33/0x50
[ 2001.882107]  ieee80211_register_hw+0x14fa/0x38b0
[ 2001.882153]  ? ieee80211_ifa6_changed+0x650/0x650
[ 2001.882173]  ? net_generic+0xdb/0x2b0
06:44:03 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 95)

[ 2001.882204]  ? lockdep_init_map_type+0x2c7/0x780
[ 2001.882230]  ? memset+0x20/0x50
[ 2001.882252]  ? __hrtimer_init+0x12c/0x270
[ 2001.882283]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 2001.882301]  ? ____sys_sendmsg+0x70d/0x870
[ 2001.882349]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 2001.882374]  ? __kmalloc+0x16e/0x330
[ 2001.882406]  hwsim_new_radio_nl+0x991/0x1080
[ 2001.882437]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 2001.882481]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 2001.882500]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 2001.882530]  genl_family_rcv_msg_doit+0x22d/0x330
06:44:03 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x8, 0x100010, r0, 0x10000000)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x3, 0x0, @fd_index=0xa, 0x0, 0x0, 0x0, {0x1}, 0x0, {0x0, r6}}, 0x4)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 2001.882555]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 2001.882576]  ? cap_capable+0x1d6/0x240
[ 2001.882615]  ? ns_capable+0xe2/0x110
[ 2001.882641]  genl_rcv_msg+0x33c/0x5a0
[ 2001.882666]  ? genl_get_cmd+0x480/0x480
[ 2001.882691]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 2001.882720]  ? lock_release+0x6b0/0x6b0
[ 2001.882742]  ? netlink_deliver_tap+0xf4/0xcd0
[ 2001.882773]  netlink_rcv_skb+0x14b/0x430
06:44:03 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 96)

[ 2001.882792]  ? genl_get_cmd+0x480/0x480
[ 2001.882818]  ? netlink_ack+0xab0/0xab0
[ 2001.882855]  ? netlink_deliver_tap+0x1c4/0xcd0
06:44:03 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x39f9, 0x20, 0x1, 0x3}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000005, 0x40010, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
preadv(0xffffffffffffffff, &(0x7f0000001580)=[{&(0x7f00000015c0)=""/4106, 0x100a}], 0x1, 0x5, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x4000010, 0xffffffffffffffff, 0x8000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x11e1d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x8000000}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000280)=<r4=>0x0, &(0x7f00000005c0))
r5 = syz_open_dev$mouse(&(0x7f0000000140), 0x1, 0x10000)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000300)=@IORING_OP_WRITE={0x17, 0x0, 0xe9950f12de09ba13, @fd=r5, 0x4, &(0x7f0000000240)="3b7a2fc62521ac08e77789707772db98d09cd91a781217000c0500a75d8ce23c9e25d277088818029925bf44f655eebda90a30813f076e743376ca379fd1e53bd89d6eef490ae3f072c74c06054bff5004797ea12b2a934eee2348ca2c0029369ce4abc4c975ce6b2793bda2467656baded1cef32a3d5c5977d24d587d9ea9fe9ddb1e1dc395425df26cd0daa5ac78bf506ab4f0", 0x94, 0x8, 0x0, {0x0, r6}}, 0x40)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000380)=@IORING_OP_SEND={0x1a, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000300)="4b7fac9bb52b39de991c3f1f0bd6b9b3666363424ea7a284adc3d28e72c3921312c72ef693ff96ce817ccad401157cc1fbe4e2049e1d29b15c107cebf407857ed2a00c02432ed2dc32153cc10b67144f98ddd53221f5ae6c97e038916f469f", 0x5f, 0x0, 0x0, {0x0, r6}}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 2001.882875]  ? is_vmalloc_addr+0x7b/0xb0
[ 2001.882899]  genl_rcv+0x24/0x40
[ 2001.882920]  netlink_unicast+0x549/0x7f0
[ 2001.882953]  ? netlink_attachskb+0x870/0x870
[ 2001.882971]  ? __virt_addr_valid+0x128/0x350
[ 2001.883010]  netlink_sendmsg+0x90f/0xdf0
[ 2001.883043]  ? netlink_unicast+0x7f0/0x7f0
[ 2001.883084]  ? netlink_unicast+0x7f0/0x7f0
[ 2001.883103]  sock_sendmsg+0x154/0x190
[ 2001.883125]  ____sys_sendmsg+0x70d/0x870
[ 2001.883150]  ? kernel_sendmsg+0x50/0x50
[ 2001.883166]  ? do_recvmmsg+0x6d0/0x6d0
[ 2001.883189]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2001.883212]  ? lock_downgrade+0x6d0/0x6d0
[ 2001.883237]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2001.883256]  ? SOFTIRQ_verbose+0x10/0x10
[ 2001.883284]  ___sys_sendmsg+0xf3/0x170
[ 2001.883307]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2001.883337]  ? lock_downgrade+0x6d0/0x6d0
[ 2001.883362]  ? find_held_lock+0x2c/0x110
[ 2001.883397]  ? __fget_files+0x296/0x4c0
[ 2001.883434]  ? __fget_light+0xea/0x290
[ 2001.883487]  __sys_sendmsg+0xe5/0x1b0
06:44:04 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:44:04 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})
ioctl$BTRFS_IOC_QUOTA_CTL(r4, 0xc0109428, &(0x7f0000000380)={0x1, 0x8})
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)

[ 2001.883508]  ? __sys_sendmsg_sock+0x40/0x40
[ 2001.883527]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2001.883574]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2001.883595]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2001.883615]  ? trace_hardirqs_on+0x5b/0x180
[ 2001.883643]  do_syscall_64+0x33/0x40
[ 2001.883667]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2001.883682] RIP: 0033:0x7f111cc48b19
[ 2001.883703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
06:44:04 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000140)={0x0, 0x4, 0x0, 0x0, 0x3a}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0x2123, 0x82ba, 0x1, &(0x7f0000000040)={[0xf3]}, 0x8)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ftruncate(r3, 0x6)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 2001.883715] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2001.883738] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 2001.883751] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 2001.883763] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2001.883775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2001.883788] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
[ 2002.073968] FAULT_INJECTION: forcing a failure.
[ 2002.073968] name failslab, interval 1, probability 0, space 0, times 0
[ 2002.073995] CPU: 0 PID: 10226 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 2002.074010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2002.074020] Call Trace:
[ 2002.074048]  dump_stack+0x107/0x167
[ 2002.074085]  should_fail.cold+0x5/0xa
[ 2002.074115]  ? alloc_workqueue_attrs+0x38/0x80
[ 2002.074145]  should_failslab+0x5/0x20
[ 2002.074167]  kmem_cache_alloc_trace+0x55/0x2c0
[ 2002.074194]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2002.074233]  alloc_workqueue_attrs+0x38/0x80
[ 2002.074255]  apply_wqattrs_prepare+0xbc/0x810
[ 2002.074321]  apply_workqueue_attrs_locked+0xc1/0x150
[ 2002.074350]  alloc_workqueue+0x9f8/0xea0
[ 2002.074402]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 2002.074465]  ? kasan_unpoison_shadow+0x33/0x50
[ 2002.074518]  ieee80211_register_hw+0x14fa/0x38b0
[ 2002.074590]  ? ieee80211_ifa6_changed+0x650/0x650
[ 2002.074613]  ? net_generic+0xdb/0x2b0
[ 2002.074664]  ? lockdep_init_map_type+0x2c7/0x780
[ 2002.074705]  ? memset+0x20/0x50
[ 2002.074735]  ? __hrtimer_init+0x12c/0x270
[ 2002.074780]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 2002.074803]  ? ____sys_sendmsg+0x70d/0x870
[ 2002.074884]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 2002.074918]  ? __kmalloc+0x16e/0x330
[ 2002.074964]  hwsim_new_radio_nl+0x991/0x1080
[ 2002.075005]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 2002.075069]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
06:44:04 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 97)

[ 2002.075094]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 2002.075137]  genl_family_rcv_msg_doit+0x22d/0x330
[ 2002.075168]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 2002.075193]  ? cap_capable+0x1d6/0x240
[ 2002.075250]  ? ns_capable+0xe2/0x110
[ 2002.075287]  genl_rcv_msg+0x33c/0x5a0
[ 2002.075324]  ? genl_get_cmd+0x480/0x480
[ 2002.075355]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 2002.075395]  ? lock_release+0x6b0/0x6b0
[ 2002.075420]  ? netlink_deliver_tap+0xf4/0xcd0
[ 2002.075495]  netlink_rcv_skb+0x14b/0x430
[ 2002.075523]  ? genl_get_cmd+0x480/0x480
06:44:04 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000140)=""/85, 0x55}, {&(0x7f0000000240)=""/138, 0x8a}, {&(0x7f0000000040)=""/47, 0x2f}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000000300)=""/215, 0xd7}, {&(0x7f0000000400)=""/121, 0x79}], 0x6)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 2002.075560]  ? netlink_ack+0xab0/0xab0
[ 2002.075619]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 2002.075648]  ? is_vmalloc_addr+0x7b/0xb0
[ 2002.075688]  genl_rcv+0x24/0x40
[ 2002.075713]  netlink_unicast+0x549/0x7f0
[ 2002.075761]  ? netlink_attachskb+0x870/0x870
[ 2002.075783]  ? __virt_addr_valid+0x128/0x350
[ 2002.075853]  netlink_sendmsg+0x90f/0xdf0
[ 2002.075910]  ? netlink_unicast+0x7f0/0x7f0
[ 2002.075973]  ? netlink_unicast+0x7f0/0x7f0
[ 2002.075997]  sock_sendmsg+0x154/0x190
[ 2002.076025]  ____sys_sendmsg+0x70d/0x870
[ 2002.076058]  ? kernel_sendmsg+0x50/0x50
[ 2002.076076]  ? do_recvmmsg+0x6d0/0x6d0
[ 2002.076102]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2002.076145]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2002.076167]  ? SOFTIRQ_verbose+0x10/0x10
[ 2002.076203]  ___sys_sendmsg+0xf3/0x170
[ 2002.076232]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2002.076271]  ? lock_downgrade+0x6d0/0x6d0
[ 2002.076305]  ? find_held_lock+0x2c/0x110
[ 2002.076354]  ? __fget_files+0x296/0x4c0
[ 2002.076406]  ? __fget_light+0xea/0x290
[ 2002.076452]  __sys_sendmsg+0xe5/0x1b0
[ 2002.076476]  ? __sys_sendmsg_sock+0x40/0x40
[ 2002.076497]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2002.076565]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2002.076587]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2002.076609]  ? trace_hardirqs_on+0x5b/0x180
[ 2002.076645]  do_syscall_64+0x33/0x40
[ 2002.076670]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2002.076685] RIP: 0033:0x7f111cc48b19
[ 2002.076707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2002.076721] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2002.076747] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 2002.076762] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 2002.076776] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2002.076790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2002.076804] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
[ 2002.300481] FAULT_INJECTION: forcing a failure.
[ 2002.300481] name failslab, interval 1, probability 0, space 0, times 0
[ 2002.300505] CPU: 1 PID: 10233 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 2002.300517] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2002.300524] Call Trace:
[ 2002.300548]  dump_stack+0x107/0x167
[ 2002.300578]  should_fail.cold+0x5/0xa
[ 2002.300603]  ? alloc_workqueue_attrs+0x38/0x80
[ 2002.300628]  should_failslab+0x5/0x20
[ 2002.300648]  kmem_cache_alloc_trace+0x55/0x2c0
[ 2002.300670]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2002.300697]  alloc_workqueue_attrs+0x38/0x80
[ 2002.300716]  apply_wqattrs_prepare+0xbc/0x810
[ 2002.300757]  apply_workqueue_attrs_locked+0xc1/0x150
[ 2002.300780]  alloc_workqueue+0x9f8/0xea0
[ 2002.300814]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 2002.300855]  ? kasan_unpoison_shadow+0x33/0x50
[ 2002.300890]  ieee80211_register_hw+0x14fa/0x38b0
[ 2002.300936]  ? ieee80211_ifa6_changed+0x650/0x650
[ 2002.300956]  ? net_generic+0xdb/0x2b0
[ 2002.300991]  ? lockdep_init_map_type+0x2c7/0x780
[ 2002.301018]  ? memset+0x20/0x50
[ 2002.301040]  ? __hrtimer_init+0x12c/0x270
[ 2002.301070]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 2002.301088]  ? ____sys_sendmsg+0x70d/0x870
[ 2002.301136]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 2002.301160]  ? __kmalloc+0x16e/0x330
[ 2002.301193]  hwsim_new_radio_nl+0x991/0x1080
[ 2002.301224]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 2002.301267]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 2002.301286]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 2002.301315]  genl_family_rcv_msg_doit+0x22d/0x330
[ 2002.301340]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 2002.301361]  ? cap_capable+0x1d6/0x240
[ 2002.301400]  ? ns_capable+0xe2/0x110
[ 2002.301427]  genl_rcv_msg+0x33c/0x5a0
[ 2002.301452]  ? genl_get_cmd+0x480/0x480
[ 2002.301477]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 2002.301506]  ? lock_release+0x6b0/0x6b0
[ 2002.301528]  ? netlink_deliver_tap+0xf4/0xcd0
[ 2002.301559]  netlink_rcv_skb+0x14b/0x430
[ 2002.301578]  ? genl_get_cmd+0x480/0x480
[ 2002.301604]  ? netlink_ack+0xab0/0xab0
[ 2002.301640]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 2002.301661]  ? is_vmalloc_addr+0x7b/0xb0
[ 2002.301686]  genl_rcv+0x24/0x40
[ 2002.301707]  netlink_unicast+0x549/0x7f0
[ 2002.301739]  ? netlink_attachskb+0x870/0x870
[ 2002.301757]  ? __virt_addr_valid+0x128/0x350
[ 2002.301797]  netlink_sendmsg+0x90f/0xdf0
[ 2002.301830]  ? netlink_unicast+0x7f0/0x7f0
[ 2002.301871]  ? netlink_unicast+0x7f0/0x7f0
[ 2002.301891]  sock_sendmsg+0x154/0x190
[ 2002.301912]  ____sys_sendmsg+0x70d/0x870
[ 2002.301937]  ? kernel_sendmsg+0x50/0x50
[ 2002.301954]  ? do_recvmmsg+0x6d0/0x6d0
[ 2002.301976]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2002.301999]  ? lock_downgrade+0x6d0/0x6d0
[ 2002.302025]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2002.302044]  ? SOFTIRQ_verbose+0x10/0x10
[ 2002.302070]  ___sys_sendmsg+0xf3/0x170
[ 2002.302094]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2002.302123]  ? lock_downgrade+0x6d0/0x6d0
[ 2002.302149]  ? find_held_lock+0x2c/0x110
[ 2002.302183]  ? __fget_files+0x296/0x4c0
[ 2002.302219]  ? __fget_light+0xea/0x290
[ 2002.302252]  __sys_sendmsg+0xe5/0x1b0
[ 2002.302272]  ? __sys_sendmsg_sock+0x40/0x40
[ 2002.302291]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2002.302338]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2002.302358]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2002.302379]  ? trace_hardirqs_on+0x5b/0x180
[ 2002.302407]  do_syscall_64+0x33/0x40
[ 2002.302430]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2002.302444] RIP: 0033:0x7f111cc48b19
[ 2002.302464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2002.302475] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2002.302498] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 2002.302510] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 2002.302522] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2002.302534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2002.302547] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
[ 2002.563796] FAULT_INJECTION: forcing a failure.
[ 2002.563796] name failslab, interval 1, probability 0, space 0, times 0
[ 2002.563828] CPU: 0 PID: 10245 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 2002.563843] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2002.563857] Call Trace:
[ 2002.563887]  dump_stack+0x107/0x167
[ 2002.563922]  should_fail.cold+0x5/0xa
[ 2002.563952]  ? create_object.isra.0+0x3a/0xa20
[ 2002.563983]  should_failslab+0x5/0x20
[ 2002.564009]  kmem_cache_alloc+0x5b/0x360
[ 2002.564035]  ? mark_held_locks+0x9e/0xe0
[ 2002.564075]  create_object.isra.0+0x3a/0xa20
[ 2002.564100]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2002.564137]  kmem_cache_alloc_trace+0x151/0x2c0
[ 2002.564180]  alloc_workqueue_attrs+0x38/0x80
[ 2002.564202]  apply_wqattrs_prepare+0xbc/0x810
[ 2002.564268]  apply_workqueue_attrs_locked+0xc1/0x150
[ 2002.564301]  alloc_workqueue+0x9f8/0xea0
[ 2002.564354]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 2002.564414]  ? kasan_unpoison_shadow+0x33/0x50
[ 2002.564460]  ieee80211_register_hw+0x14fa/0x38b0
[ 2002.564537]  ? ieee80211_ifa6_changed+0x650/0x650
[ 2002.564558]  ? net_generic+0xdb/0x2b0
[ 2002.564598]  ? lockdep_init_map_type+0x2c7/0x780
[ 2002.564633]  ? memset+0x20/0x50
[ 2002.564660]  ? __hrtimer_init+0x12c/0x270
[ 2002.564701]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 2002.564720]  ? ____sys_sendmsg+0x70d/0x870
[ 2002.564790]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 2002.564821]  ? __kmalloc+0x16e/0x330
[ 2002.564864]  hwsim_new_radio_nl+0x991/0x1080
[ 2002.564905]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 2002.564968]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 2002.564989]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 2002.565031]  genl_family_rcv_msg_doit+0x22d/0x330
[ 2002.565063]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 2002.565088]  ? cap_capable+0x1d6/0x240
[ 2002.565143]  ? ns_capable+0xe2/0x110
[ 2002.565180]  genl_rcv_msg+0x33c/0x5a0
[ 2002.565218]  ? genl_get_cmd+0x480/0x480
[ 2002.565251]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 2002.565297]  ? lock_release+0x6b0/0x6b0
[ 2002.565325]  ? netlink_deliver_tap+0xf4/0xcd0
[ 2002.565372]  netlink_rcv_skb+0x14b/0x430
[ 2002.565401]  ? genl_get_cmd+0x480/0x480
[ 2002.565440]  ? netlink_ack+0xab0/0xab0
[ 2002.565498]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 2002.565522]  ? is_vmalloc_addr+0x7b/0xb0
[ 2002.565555]  genl_rcv+0x24/0x40
[ 2002.565578]  netlink_unicast+0x549/0x7f0
[ 2002.565622]  ? netlink_attachskb+0x870/0x870
[ 2002.565642]  ? __virt_addr_valid+0x128/0x350
[ 2002.565697]  netlink_sendmsg+0x90f/0xdf0
[ 2002.565742]  ? netlink_unicast+0x7f0/0x7f0
[ 2002.565799]  ? netlink_unicast+0x7f0/0x7f0
[ 2002.565824]  sock_sendmsg+0x154/0x190
[ 2002.565851]  ____sys_sendmsg+0x70d/0x870
[ 2002.565884]  ? kernel_sendmsg+0x50/0x50
[ 2002.565902]  ? do_recvmmsg+0x6d0/0x6d0
[ 2002.565928]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2002.565971]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2002.565993]  ? SOFTIRQ_verbose+0x10/0x10
[ 2002.566028]  ___sys_sendmsg+0xf3/0x170
[ 2002.566057]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2002.566097]  ? lock_downgrade+0x6d0/0x6d0
[ 2002.566130]  ? find_held_lock+0x2c/0x110
[ 2002.566178]  ? __fget_files+0x296/0x4c0
[ 2002.566230]  ? __fget_light+0xea/0x290
[ 2002.566275]  __sys_sendmsg+0xe5/0x1b0
[ 2002.566299]  ? __sys_sendmsg_sock+0x40/0x40
[ 2002.566320]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2002.566392]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2002.566415]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2002.566436]  ? trace_hardirqs_on+0x5b/0x180
[ 2002.566472]  do_syscall_64+0x33/0x40
[ 2002.566497]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2002.566513] RIP: 0033:0x7f111cc48b19
[ 2002.566536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2002.566550] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2002.566576] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 2002.566590] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 2002.566604] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2002.566617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2002.566631] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
06:44:19 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r4=>r3, {0x3, 0x1}}, './file0\x00'})
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/syz0\x00', 0x200002, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r5, 0x40286608, &(0x7f0000000140)={0x8, 0x7, 0x4, 0x1ff, 0x400, 0x7})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x100058aa, 0x461a, 0x2, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
ioctl$TIOCGPGRP(r4, 0x540f, &(0x7f0000000380)=<r6=>0x0)
clone3(&(0x7f0000000600)={0x100, &(0x7f00000003c0), &(0x7f0000000400)=<r7=>0x0, &(0x7f0000000440), {0x17}, &(0x7f0000000500)=""/24, 0x18, &(0x7f0000000540)=""/122, &(0x7f00000005c0)=[0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0], 0x6, {r4}}, 0x58)
clone3(&(0x7f00000006c0)={0x4004100, &(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0), {0x10}, &(0x7f0000000300)=""/36, 0x24, &(0x7f0000000340)=""/49, &(0x7f0000000680)=[0x0, r6, 0xffffffffffffffff, 0xffffffffffffffff, r7], 0x5, {r5}}, 0x58)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:44:19 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 98)

06:44:19 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:44:19 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x3d55, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="7db09ccd69393de76200dd961608f161ab0eceff1bd56f3623161fed6a70da326f72f5c5", 0x24, 0x100000000}], 0x1800008, &(0x7f00000002c0)={[{@overriderock}, {@hide}, {@nocompress}, {@nojoliet}, {@session={'session', 0x3d, 0xe}}, {@gid={'gid', 0x3d, 0xee00}}, {@session={'session', 0x3d, 0x2f}}], [{@dont_measure}, {@smackfshat}]})
ioctl$BTRFS_IOC_QUOTA_CTL(r4, 0xc0109428, &(0x7f0000000380)={0x1, 0x8})
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
signalfd4(r0, &(0x7f0000000040)={[0x1]}, 0x8, 0x80000)

06:44:19 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0xc0a85322, &(0x7f0000000240))
perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x7, 0x1, 0x5, 0x0, 0x6, 0x4003, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5, 0x6, @perf_config_ext={0x7, 0x6}, 0x808, 0x8, 0x59cc, 0x4, 0x7, 0x3f, 0x7fff, 0x0, 0x7, 0x0, 0x3}, 0x0, 0xa, r4, 0x5)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:44:19 executing program 1:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
fcntl$dupfd(r5, 0x0, r5)
r6 = fcntl$dupfd(r5, 0x406, r4)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r6, 0xc0a85322, &(0x7f0000000240))
ioctl$PERF_EVENT_IOC_DISABLE(r6, 0x2401, 0x4fa0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r4, 0xc0a85352, &(0x7f00000002c0)={{0x0, 0x2}, 'port0\x00', 0x13, 0x20, 0xfffffff9, 0xfffffff9, 0xd7e, 0x4, 0x80, 0x0, 0x4, 0x6})

06:44:19 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:44:19 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_setup(0x63f9, &(0x7f0000000140)={0x0, 0x8519, 0x2, 0x1, 0x222}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000240))
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 2017.758817] FAULT_INJECTION: forcing a failure.
[ 2017.758817] name failslab, interval 1, probability 0, space 0, times 0
[ 2017.760296] CPU: 0 PID: 10268 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 2017.761113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2017.762097] Call Trace:
[ 2017.762443]  dump_stack+0x107/0x167
[ 2017.762921]  should_fail.cold+0x5/0xa
[ 2017.763413]  ? alloc_unbound_pwq+0x4ad/0xcf0
[ 2017.763988]  should_failslab+0x5/0x20
[ 2017.764475]  kmem_cache_alloc_node+0x55/0x380
[ 2017.765058]  alloc_unbound_pwq+0x4ad/0xcf0
[ 2017.765603]  apply_wqattrs_prepare+0x2af/0x810
[ 2017.766196]  apply_workqueue_attrs_locked+0xc1/0x150
[ 2017.766849]  alloc_workqueue+0x9f8/0xea0
[ 2017.767386]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 2017.768073]  ? kasan_unpoison_shadow+0x33/0x50
[ 2017.768682]  ieee80211_register_hw+0x14fa/0x38b0
[ 2017.769367]  ? ieee80211_ifa6_changed+0x650/0x650
[ 2017.769985]  ? net_generic+0xdb/0x2b0
[ 2017.770514]  ? lockdep_init_map_type+0x2c7/0x780
[ 2017.771132]  ? memset+0x20/0x50
[ 2017.771571]  ? __hrtimer_init+0x12c/0x270
[ 2017.772134]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 2017.772783]  ? ____sys_sendmsg+0x70d/0x870
[ 2017.773374]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 2017.773994]  ? trace_hardirqs_on+0x5b/0x180
[ 2017.774584]  hwsim_new_radio_nl+0x991/0x1080
[ 2017.775171]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 2017.775888]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 2017.776764]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 2017.776790]  genl_family_rcv_msg_doit+0x22d/0x330
[ 2017.776809]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 2017.776827]  ? cap_capable+0x1d6/0x240
[ 2017.776866]  ? ns_capable+0xe2/0x110
[ 2017.776889]  genl_rcv_msg+0x33c/0x5a0
[ 2017.776910]  ? genl_get_cmd+0x480/0x480
[ 2017.776928]  ? mac80211_hwsim_new_radio+0x4250/0x4250
06:44:19 executing program 1:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0xc0a85322, &(0x7f0000000240))
mmap$IORING_OFF_SQES(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0xe, 0x12, r5, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r7, 0xc0a85322, &(0x7f0000000240))
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3000008, 0x80010, r7, 0x8000000)

[ 2017.776952]  ? lock_release+0x6b0/0x6b0
06:44:19 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x110, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x7ad, &(0x7f0000000340)={0x0, 0xb6e0, 0x0, 0x0, 0x2da}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000003c0), &(0x7f0000000400)=<r4=>0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000440)=@IORING_OP_READ_FIXED={0x4, 0x4, 0x2000, @fd_index=0xa, 0x401, 0x7fffffff, 0xffffffff, 0x1f, 0x0, {0x3}}, 0x815)
readv(0xffffffffffffffff, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000f50000e3a2df7b00"/128], 0xe)
syz_io_uring_setup(0x4301, &(0x7f0000000140)={0x0, 0x525f, 0x20, 0x3, 0x8, 0x0, r0}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000240))
io_uring_enter(r0, 0x7286, 0x1208, 0x2, &(0x7f0000000280)={[0x8]}, 0x8)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 2017.776967]  ? netlink_deliver_tap+0xf4/0xcd0
[ 2017.776992]  netlink_rcv_skb+0x14b/0x430
[ 2017.777007]  ? genl_get_cmd+0x480/0x480
[ 2017.777027]  ? netlink_ack+0xab0/0xab0
[ 2017.777058]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 2017.777075]  ? is_vmalloc_addr+0x7b/0xb0
[ 2017.777096]  genl_rcv+0x24/0x40
[ 2017.777110]  netlink_unicast+0x549/0x7f0
06:44:19 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = syz_open_dev$mouse(&(0x7f0000000040), 0xffffffffffffc27a, 0x4040)
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0xfe, 0x1, 0x6, 0x59, 0x0, 0x4, 0xa000, 0xa, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x91, 0x1, @perf_config_ext={0x8, 0x5}, 0x3000, 0x400, 0xffff0000, 0x5, 0xffffffff00000000, 0x5, 0xff, 0x0, 0x0, 0x0, 0xfffffffffffffbff}, 0x0, 0xb, r4, 0x3)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 2017.777137]  ? netlink_attachskb+0x870/0x870
[ 2017.777149]  ? __virt_addr_valid+0x128/0x350
06:44:19 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 99)

[ 2017.777183]  netlink_sendmsg+0x90f/0xdf0
[ 2017.777211]  ? netlink_unicast+0x7f0/0x7f0
[ 2017.777247]  ? netlink_unicast+0x7f0/0x7f0
[ 2017.777262]  sock_sendmsg+0x154/0x190
[ 2017.777278]  ____sys_sendmsg+0x70d/0x870
06:44:19 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
r3 = syz_open_dev$vcsn(&(0x7f0000000040), 0xffff, 0x40000)
r4 = semget$private(0x0, 0x6, 0x0)
semctl$IPC_SET(r4, 0x0, 0x1, &(0x7f0000000200)={{0x3}})
semop(r4, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)
ioctl$TCXONC(r3, 0x540a, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

[ 2017.777298]  ? kernel_sendmsg+0x50/0x50
[ 2017.777309]  ? do_recvmmsg+0x6d0/0x6d0
[ 2017.777325]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
06:44:19 executing program 3:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
r3 = syz_open_dev$vcsn(&(0x7f0000000040), 0xffff, 0x40000)
r4 = semget$private(0x0, 0x6, 0x0)
semctl$IPC_SET(r4, 0x0, 0x1, &(0x7f0000000200)={{0x3}})
semop(r4, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)
ioctl$TCXONC(r3, 0x540a, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

[ 2017.777352]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2017.777365]  ? SOFTIRQ_verbose+0x10/0x10
[ 2017.777387]  ___sys_sendmsg+0xf3/0x170
[ 2017.777405]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2017.777429]  ? lock_downgrade+0x6d0/0x6d0
[ 2017.777449]  ? find_held_lock+0x2c/0x110
[ 2017.777480]  ? __fget_files+0x296/0x4c0
[ 2017.777512]  ? __fget_light+0xea/0x290
[ 2017.777540]  __sys_sendmsg+0xe5/0x1b0
[ 2017.777554]  ? __sys_sendmsg_sock+0x40/0x40
06:44:19 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x110, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x7ad, &(0x7f0000000340)={0x0, 0xb6e0, 0x0, 0x0, 0x2da}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000003c0), &(0x7f0000000400)=<r4=>0x0)
syz_io_uring_submit(r1, r4, &(0x7f0000000440)=@IORING_OP_READ_FIXED={0x4, 0x4, 0x2000, @fd_index=0xa, 0x401, 0x7fffffff, 0xffffffff, 0x1f, 0x0, {0x3}}, 0x815)
readv(0xffffffffffffffff, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000f50000e3a2df7b00"/128], 0xe)
syz_io_uring_setup(0x4301, &(0x7f0000000140)={0x0, 0x525f, 0x20, 0x3, 0x8, 0x0, r0}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000240))
io_uring_enter(r0, 0x7286, 0x1208, 0x2, &(0x7f0000000280)={[0x8]}, 0x8)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:44:19 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x12, r1, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_setup(0x4, &(0x7f0000000080)={0x0, 0xadf0, 0x0, 0x0, 0xfffffffe}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x7, 0x2007, @fd=r0, 0x9, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x8000000)
syz_io_uring_setup(0x70b, &(0x7f0000000140)={0x0, 0x3531, 0x0, 0x1, 0x23c, 0x0, r1}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040), &(0x7f0000000240)=<r7=>0x0)
r8 = syz_open_dev$mouse(&(0x7f0000000140), 0x7, 0x10000)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_WRITE={0x17, 0x0, 0xe9950f12de09ba13, @fd=r8, 0x4, &(0x7f0000000240)="3b7a2fc62521ac08e77789707772db98d09cd91a781217000c0500a75d8ce23c9e25d277088818029925bf44f655eebda90a30813f076e743376ca379fd1e53bd89d6eef490ae3f072c74c06054bff5004797ea12b2a934eee2348ca2c0029369ce4abc4c975ce6b2793bda2467656baded1cef32a3d5c5977d24d587d9ea9fe9ddb1e1dc395425df26cd0daa5ac78bf506ab4f0", 0x94, 0x8, 0x0, {0x0, r9}}, 0x40)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd_index=0x4, 0x1, 0x0, 0x0, 0x4, 0x0, {0x0, r9}}, 0xc439)
syz_io_uring_submit(r5, r7, &(0x7f0000000280)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x494f)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 2017.777567]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2017.777610]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2017.777624]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2017.777636]  ? trace_hardirqs_on+0x5b/0x180
[ 2017.777663]  do_syscall_64+0x33/0x40
[ 2017.777679]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2017.777690] RIP: 0033:0x7f111cc48b19
06:44:19 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0) (fail_nth: 100)

[ 2017.777705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2017.777713] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2017.777729] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 2017.777738] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 2017.777747] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2017.777756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2017.777764] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
[ 2017.971743] FAULT_INJECTION: forcing a failure.
[ 2017.971743] name failslab, interval 1, probability 0, space 0, times 0
[ 2017.971761] CPU: 0 PID: 10289 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 2017.971769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2017.971775] Call Trace:
[ 2017.971794]  dump_stack+0x107/0x167
[ 2017.971817]  should_fail.cold+0x5/0xa
[ 2017.971839]  ? create_object.isra.0+0x3a/0xa20
[ 2017.971856]  should_failslab+0x5/0x20
[ 2017.971871]  kmem_cache_alloc+0x5b/0x360
[ 2017.971893]  create_object.isra.0+0x3a/0xa20
[ 2017.971906]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2017.971928]  kmem_cache_alloc_trace+0x151/0x2c0
[ 2017.971955]  ieee80211_init_rate_ctrl_alg+0x1fe/0x500
[ 2017.971979]  ieee80211_register_hw+0x1785/0x38b0
[ 2017.972017]  ? ieee80211_ifa6_changed+0x650/0x650
[ 2017.972031]  ? net_generic+0xdb/0x2b0
[ 2017.972059]  ? lockdep_init_map_type+0x2c7/0x780
[ 2017.972078]  ? memset+0x20/0x50
[ 2017.972095]  ? __hrtimer_init+0x12c/0x270
[ 2017.972117]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 2017.972129]  ? ____sys_sendmsg+0x70d/0x870
[ 2017.972168]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 2017.972186]  ? __kmalloc+0x16e/0x330
[ 2017.972210]  hwsim_new_radio_nl+0x991/0x1080
[ 2017.972233]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 2017.972269]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 2017.972281]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 2017.972303]  genl_family_rcv_msg_doit+0x22d/0x330
[ 2017.972321]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 2017.972338]  ? cap_capable+0x1d6/0x240
[ 2017.972372]  ? ns_capable+0xe2/0x110
[ 2017.972395]  genl_rcv_msg+0x33c/0x5a0
[ 2017.972414]  ? genl_get_cmd+0x480/0x480
[ 2017.972431]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 2017.972452]  ? lock_release+0x6b0/0x6b0
[ 2017.972467]  ? netlink_deliver_tap+0xf4/0xcd0
[ 2017.972489]  netlink_rcv_skb+0x14b/0x430
[ 2017.972503]  ? genl_get_cmd+0x480/0x480
[ 2017.972521]  ? netlink_ack+0xab0/0xab0
[ 2017.972550]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 2017.972566]  ? is_vmalloc_addr+0x7b/0xb0
[ 2017.972584]  genl_rcv+0x24/0x40
[ 2017.972598]  netlink_unicast+0x549/0x7f0
[ 2017.972622]  ? netlink_attachskb+0x870/0x870
[ 2017.972634]  ? __virt_addr_valid+0x128/0x350
[ 2017.972665]  netlink_sendmsg+0x90f/0xdf0
[ 2017.972691]  ? netlink_unicast+0x7f0/0x7f0
[ 2017.972723]  ? netlink_unicast+0x7f0/0x7f0
[ 2017.972737]  sock_sendmsg+0x154/0x190
[ 2017.972753]  ____sys_sendmsg+0x70d/0x870
[ 2017.972771]  ? kernel_sendmsg+0x50/0x50
[ 2017.972782]  ? do_recvmmsg+0x6d0/0x6d0
[ 2017.972796]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2017.972821]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2017.972833]  ? SOFTIRQ_verbose+0x10/0x10
[ 2017.972853]  ___sys_sendmsg+0xf3/0x170
[ 2017.972870]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2017.972892]  ? lock_downgrade+0x6d0/0x6d0
[ 2017.972911]  ? find_held_lock+0x2c/0x110
[ 2017.972938]  ? __fget_files+0x296/0x4c0
[ 2017.972968]  ? __fget_light+0xea/0x290
[ 2017.972993]  __sys_sendmsg+0xe5/0x1b0
[ 2017.973007]  ? __sys_sendmsg_sock+0x40/0x40
[ 2017.973020]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2017.973058]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2017.973072]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2017.973086]  ? trace_hardirqs_on+0x5b/0x180
[ 2017.973113]  do_syscall_64+0x33/0x40
[ 2017.973128]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2017.973137] RIP: 0033:0x7f111cc48b19
[ 2017.973151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2017.973159] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2017.973174] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 2017.973182] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 2017.973190] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2017.973198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2017.973206] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
[ 2018.127922] FAULT_INJECTION: forcing a failure.
[ 2018.127922] name failslab, interval 1, probability 0, space 0, times 0
[ 2018.175706] CPU: 0 PID: 10300 Comm: syz-executor.7 Not tainted 5.10.173 #1
[ 2018.175715] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2018.175720] Call Trace:
[ 2018.175739]  dump_stack+0x107/0x167
[ 2018.175759]  should_fail.cold+0x5/0xa
[ 2018.175776]  ? minstrel_ht_alloc+0x4b/0x6c0
[ 2018.175794]  should_failslab+0x5/0x20
[ 2018.175808]  kmem_cache_alloc_trace+0x55/0x2c0
[ 2018.175831]  minstrel_ht_alloc+0x4b/0x6c0
[ 2018.175856]  ieee80211_init_rate_ctrl_alg+0x293/0x500
[ 2018.175879]  ieee80211_register_hw+0x1785/0x38b0
[ 2018.175915]  ? ieee80211_ifa6_changed+0x650/0x650
[ 2018.175928]  ? net_generic+0xdb/0x2b0
[ 2018.175951]  ? lockdep_init_map_type+0x2c7/0x780
[ 2018.175970]  ? memset+0x20/0x50
[ 2018.175985]  ? __hrtimer_init+0x12c/0x270
[ 2018.176006]  mac80211_hwsim_new_radio+0x1ce0/0x4250
[ 2018.176018]  ? ____sys_sendmsg+0x70d/0x870
[ 2018.176056]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 2018.176072]  ? __kmalloc+0x16e/0x330
06:44:19 executing program 6:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1000c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000100001800000000e1d2ffffffff00000000b6070000bc8a1f8268210e83e785c4cab6253b4b54", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB='./file0\x00'])
setregid(0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x800)
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000180)={{0x3, r3, 0xee01, 0x0, 0xee00, 0x89, 0x9}, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff})
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
statx(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x100, 0x8, &(0x7f0000000200))
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

[ 2018.176095]  hwsim_new_radio_nl+0x991/0x1080
[ 2018.176117]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 2018.176151]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 2018.176162]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 2018.176184]  genl_family_rcv_msg_doit+0x22d/0x330
[ 2018.176200]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 2018.176216]  ? cap_capable+0x1d6/0x240
[ 2018.176248]  ? ns_capable+0xe2/0x110
[ 2018.176268]  genl_rcv_msg+0x33c/0x5a0
[ 2018.176286]  ? genl_get_cmd+0x480/0x480
[ 2018.176302]  ? mac80211_hwsim_new_radio+0x4250/0x4250
[ 2018.176326]  ? lock_release+0x6b0/0x6b0
[ 2018.176339]  ? netlink_deliver_tap+0xf4/0xcd0
[ 2018.176361]  netlink_rcv_skb+0x14b/0x430
[ 2018.176374]  ? genl_get_cmd+0x480/0x480
[ 2018.176392]  ? netlink_ack+0xab0/0xab0
[ 2018.176418]  ? netlink_deliver_tap+0x1c4/0xcd0
[ 2018.176432]  ? is_vmalloc_addr+0x7b/0xb0
[ 2018.176450]  genl_rcv+0x24/0x40
[ 2018.176462]  netlink_unicast+0x549/0x7f0
[ 2018.176485]  ? netlink_attachskb+0x870/0x870
[ 2018.176497]  ? __virt_addr_valid+0x128/0x350
[ 2018.176526]  netlink_sendmsg+0x90f/0xdf0
[ 2018.176551]  ? netlink_unicast+0x7f0/0x7f0
[ 2018.176582]  ? netlink_unicast+0x7f0/0x7f0
[ 2018.176595]  sock_sendmsg+0x154/0x190
[ 2018.176609]  ____sys_sendmsg+0x70d/0x870
[ 2018.176627]  ? kernel_sendmsg+0x50/0x50
[ 2018.176637]  ? do_recvmmsg+0x6d0/0x6d0
[ 2018.176651]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2018.176674]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2018.176686]  ? SOFTIRQ_verbose+0x10/0x10
[ 2018.176705]  ___sys_sendmsg+0xf3/0x170
[ 2018.176720]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2018.176741]  ? lock_downgrade+0x6d0/0x6d0
[ 2018.176759]  ? find_held_lock+0x2c/0x110
[ 2018.176786]  ? __fget_files+0x296/0x4c0
[ 2018.176814]  ? __fget_light+0xea/0x290
[ 2018.176838]  __sys_sendmsg+0xe5/0x1b0
[ 2018.176851]  ? __sys_sendmsg_sock+0x40/0x40
[ 2018.176863]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2018.176900]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2018.176913]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2018.176926]  ? trace_hardirqs_on+0x5b/0x180
[ 2018.176946]  do_syscall_64+0x33/0x40
[ 2018.176960]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2018.176970] RIP: 0033:0x7f111cc48b19
[ 2018.176983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2018.176990] RSP: 002b:00007f111a1be188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2018.177005] RAX: ffffffffffffffda RBX: 00007f111cd5bf60 RCX: 00007f111cc48b19
[ 2018.177013] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 2018.177021] RBP: 00007f111a1be1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2018.177029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 2018.177037] R13: 00007fff35f80baf R14: 00007f111a1be300 R15: 0000000000022000
[ 2018.177127] ieee80211 phy143: Failed to select rate control algorithm
06:44:20 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x100000008})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x5b66, &(0x7f0000000080)={0x0, 0x6de2, 0x0, 0xfffdfffe}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
pidfd_open(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000001100)='net/netlink\x00')
r4 = getpgrp(0x0)
pidfd_open(r4, 0x0)
syz_open_procfs(r4, &(0x7f0000001100)='net/netlink\x00')
r5 = getpid()
r6 = eventfd(0x5)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000140)=@kern={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)=[{&(0x7f0000000200)={0x88, 0x31, 0x20, 0x70bd2c, 0x25dfdbfc, "", [@typed={0x8, 0x42, 0x0, 0x0, @pid}, @generic="63c05bb49083b2313bb2546f46e691b29a62f66db9525f438ea035d2c965a858e629335207126bc8aea7de5294bfb329ec2db06fe067c9b5b194c4574381a3b3ee911cba62c6737a0336d31ad6d7c0888e695b2b3872ad019de3f006b49978b7a06708361cef358f9731adb115"]}, 0x88}, {&(0x7f0000000500)={0x1cc, 0x2f, 0x10, 0x70bd2a, 0x25dfdbfd, "", [@nested={0x12e, 0x7d, 0x0, 0x1, [@typed={0x8, 0x5b, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x19, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x19}}, @generic="796908597353bcbe45d66edc66b884fb65d6ff5e1de9f273f8492cdd872d3668212f29296a1e932e53b6fe20fab6ef891f78146113ddc3e1015b81ef33bc3f84e6f9187fea175e61425c89a62d7fc43e14760b7d8b4e8615856b50d28927e2c9b20acdce82ffb56c0809", @generic="f67ca9747fa01aea75dd8191a73825bd669987c3e428e6647b5b72a6e6", @generic="5e63c25c4f69354fffe018fdfb199843bf4f347f73f4842f65fbabfcbd91d47f7fda15542b2f7f30a3daf320332c5cbef9889f954cef7c4873f27b7a99e36d0346d3a6d919e8f72c017e49ff663cad50cfe1782a609c00b7c05133d423cf70700d277cd29b29abf9d71c1e1c23aa0affaf766f312692a81f05bdd3a95c4c37ff4739a8a6ac4eacab16b477069d89608293b220"]}, @typed={0x8, 0x2a, 0x0, 0x0, @fd}, @nested={0x7e, 0x32, 0x0, 0x1, [@typed={0x8, 0x6c, 0x0, 0x0, @ipv4=@multicast2}, @typed={0xc, 0x5, 0x0, 0x0, @u64=0x4}, @generic="9bad2f7a22205a0b94cdc5e198385cc480609f0ef22dabc173eebe98ea33704944535142bd83c0e1c6f8c8d80151534634f6f9df1b0a21598b45d61d78d63ebccdf5abb4719cb02c554b972f961b10258fe625d3b5fe5c012075b551a37bfc8316a864f6e205"]}, @typed={0x4, 0x6e}]}, 0x1cc}, {&(0x7f0000000180)={0x18, 0x24, 0x604, 0x70bd25, 0x25dfdbff, "", [@typed={0x8, 0x39, 0x0, 0x0, @pid}]}, 0x18}, {&(0x7f0000000700)={0x14ac, 0x3b, 0x8, 0x70bd2b, 0x25dfdbff, "", [@nested={0x1366, 0x3b, 0x0, 0x1, [@generic="018f4de75a42df73dde64bc25d8c8c84b204626d6f444b8cb2ca2d330b75591bf788257543d836bee4992b164b086252079a465f8b005716c512f64874d0fe9785f294545bd2390bde13962c62b064c118143ddf5520a848ee0d627bcfd6d819920d51d6e062793f23f5327a961ff71100a9d9c643f523891043d0507210a2526a2a31e4cf484ae32fc184724e833402253891b7d244401efdd42b054c678ef715d3912d7a383dc12a67de7172d23d9c01bdec8b95739d64172584a888feef20eb1ca02fa3cc214ba59a09eff5a04c471b9eb2372efe7ad35ef71694ea9d9e20cb3856f4f27a375f7b16465bf1c57575764b8e7c1d587ad97002947d617ae4413d2c4d0fe341c42c886ed098b7fba82de67db47824e33bc0785acff14be90f8fde072da4f84203eb969a0c4878f74010b8328b994db783aebfa1751570f48f80e63760579233e255fd50d6ecee48e7eb4b681d07ded118f1304a605061a9c22c4a23f446631c42ae7dddbc04cc4e5903204cdd60e4033d5bc3383103c1ae77598a0c45994812d8819148598f85ad350c74fcd8e63e2d6d1c563896bd00a2e3fe51f71fa21cb48c5a4dcd0ac7a31f03aaca7b2aa1e6d77881e8a8f13b5b50d07ef4493fc75d3bde8357c4bbc3e70ce6c392d9ea853c36307476a5c9ae71133d56caa308767ff91d6a77b5c374500d00de49e8af46cc2b2b562d2e569bb7eb11320595493ebfe71554c47f0d2e98f998dccc2e3a06a659bd0268dffcc0e779473ae8d5f0061496e4ed32080bdf119430030787e520cf9ff4c6ee5d8e38b1ab0edb9e0252df0d400334ce273ed4edd4c3fb8bbaac130aca31503f23c71d57ba1fe97b9950774abd45f5d87c0cbedded2e7431ad91648bafa8f579aa10c779256a508b45c120391bc222f4ef4e7d0c23017ef3d06bd199a0289e938890cd608345bbff095133b878394c2fec65f96e6563fb128ed674c2c5fc7b68af48da9d7c3895b81b520a035f179c771a22885a5262d127cd0f82bc81c4efc627142dd38a5f51edc3bebace87195f36fb171732a616638f5c5bdababf181a3ea2bb0fdcdf0515b1da162a7e09ec55bd0ba0c96ef58713f0f221dfb15c4c2d7a4928962d881a83f96c5eddd3c8a4629c72cff26034c062d99b0d1e048f6a42e4499df67dafb5fb3b5e7bd89b06fe70dd34b980fd262085272d7e7037871a733663a59f4fd2160128d8ca9055cff6babe0fbc7f18ffe806672f12745b857ebd4fa76d58a8ed7c0c7b5e518aa68f9a3e8f85f388beba35228317df0ed8bcc981c36a04bf729ba3e7b65328fd057cf626ee6a747f16486f90241c102f05d06a6a96903cc6a23092ae1f07d53a9005747a5824b41529f77f59e2957c360e41bbdad4a81ee337d1acecdd6d6758959503563720b79ada0996d34dc5a9fde73ca36f98ccb918b915a4675baeff778e471a66e849695f2fe08acf91dc7cfc01f78ad5fdaf46fb1a3f737b5c30ba7e1a8fe0a3f2350d10a2134bac5ce4f19a13033d1b07662040069e8b8b05e1128c1821f9e1f7a7beed047d8efee4eaa44803c65d2c9e33d0706b0f58261a706b3e574ddbdff344913e98e7afe33062df71e912d25f9abbd0a4f85f3ad1dc5735260a3f73b0c55a877fedd8f08494617e21299b55899c1ebea434cd95d425d5f7ec4fdbf097a9023ef29336972fa2626733c737cd3549b687cb3a3632ea2a74935aed4ac642e6a34e1ab4d1a5c35bb06c61ea38faed2469eb2d3a93470a9ea4b6b651d063b0ca23262a07384f9fbc483f01f8be3496dec8ee171d1fc595dc9ef962752188d35bfdc5277e1d11b7f63223c23c8bc38216312407db677542ebe3e77f5c189401ef2038a04e7c109b496cb37700df7ea7cb0763e19a0165396f1a9fc0212c6373161e7d53e71c021ae761bccd4b303c3883b3b79acc09933fd9fb142351ef1c1b383ffd3f66f32248193b501c9aa47b55291bdabec6b26aa94f8e3fb2398e756fd169ad30d9b8c1136ce97539b6758157fa6350042fa2d42be30f391a28280b33be559ebbca5552bc01a3452f736a4f26fb4fa28dc4aa37bf086df3bd03bef28c4506359fcb223c99193ce9eedf6b0715ea54fbf70730dd2022ad3b12f084778a7317f2a9e870b6ca227db38e721a51271acee298c6ab2005f3e546447eeee52201524704608cb0e9b1ecceff33e08b1f6398c4685710cb30becc6db3c7b0051ca6ca464dfe5ac158d76819f5c117f368aa0e046f72fa68ed09b0c4480c0335b6c782a13eea30d5b3ff191787fcc59bfc40d03736688b845dc9e7d84b1566972582ed12e67a56d8241c55f7161bdcc41acb7e3a177fda6e7f78d3ba6bac7b476d8b362b7cd2125fc68e412952b676a97cd5f2aab3ce6443c7f57f758d5bb05679ffb8505481bda1b81688573ce08555aa668fc60acb237b6d2d6de19d7c4f4a426b8c8d3b75748d6722e7deddd0d51d8c4715aa2dff06f318f04f63f32d521ccd7071d3e9cff7b57182a1cf64ae460d13a831bc26777d45dba01969036a63b2fa2959c176ce5ddac3685b180e7c4b242ed8881e823a9277db5d4447bb49f92372c2b2b27839fcd427e12b2d57ecc19e2a8592f881e046655ffc8e1e6ac524c8bd8cd0390ba7c29a253648b2bd07409a147eb59abe5eafc6b252f87b8da88599f7fa06f7b55479427b90eca914d7d8e9ae57a6f4ee4ef099c40703d5542eafddb43a031f89938f76b8ec2b4aba4b2b231374ee17c67e374bcee12d024a7f1aeac09b524591d0d17f2b28b24cc1be98e8da2cb7531d5e14fd7bb42aaba92cfca18de964cf2cfdee6c95a97e8a7c41f7a5735e454b54eedf1dddf6619a176b4544eff5f44683e5c119600266891969aeaa1731c175038ca4239881bbbbf78dba79cc6847ed867bca3a477ee548dd6db98aad49cce68621061de2305c181bcc6ed76a340e28eaa4772c901747332727510f0dc7bea9b9a8171df7d51c3d1edc644c1142773ce0f2961088ddaf1d9185164ce28c6f69ffb6c8c88e0a7d8d30acec639b67c6bafa4b0f99779f20f8ae6d34a4fc8fbe6f4fc620aa0147fea070c5dcf48f789ef3f3490f49712c21f8976c221887c33e729184fb7d7f68b07457bd81e1ea95152d02f654eb4ae8f8b4fe101a162a90d289ae1c552f481201fe612756be6bc73f9ecd74363919d0ac41c785f1176c0c247b4e076c6de56863ea37f8896530aa8ac11e674da6ab1f1fb4518e15c219e19fa815e729880fdf77f4e4c9bf28aacf8116f7c02d5d3920d9f79c7de364e05b2e51b8aaf73768b46083c52db8fcf53ad7075bfaae6d3fca0e39e9f0eafa1e7fdf3b28f098901cdf7a3b607a441f7f7e9ba779b15e899f99a481ec64ea78f442fe9db35e3771b0a147b287f43811753c4ee5385d918b30e9228b0a7bd01b3c248548f48cc2eaf7bce6db41a790a667af4136a94c9a478b2c75558c3263077921701fd439ae6f45ff4a8cbdbb34dfa458fc4a1a541e21b4c81a6d7b98579560a02fd48bb2bd063d4363855c84a91110318887dd275ed0bf34bc16d53a10041511bc2decbe0dfa401ca6006f7663a5526f2cae0edd7d245911b31d35621b9cd91fc2504056b21c87d8216a336b79d55d6c273179e66655b1c12c38b37db29a5462229f740cbda81164cc8224991e704e442a5b4ea6168ce0e63fddc5bdd22b5b3a852bf53b188b63a16426a42e35daf013c56221e90af992836894a40f255b5040f49e341dd4f60a5b559b0fa6deb6e03b3084197d987ef096ea2420417fe65a4223d4063e7b73bb8c023e5878533a4f4a4c70ed6cb853023ef00d0393b79d6d2659fbdfc06a921ca76a9332f17e7549f15d51126a4a374cf51ddb11d407176c14c1fc00e21cac2b31564b1968fbf2fd275a291f9b4b35a55d3b11f39029a6a1cfa0d84efed25f18bed42cdbb22ea07db304b076fc077e2662153d6d918eea6890e1be320a5bfd8d0a850bdbb6440632ef4cc4479441fd04808c1f7a4d82a3662ff5d54dce15af68b2bf8e60093c1d619400f014aa45d779bda5930815b08a7c73c07962ba14fbf544d076d64e2203d5e5fca39242e1c3aa8355b5b5b9f04fbc90bcda494b7219d909784d5d6338cf2ad256ec5e617a0d17e453f119f20bbf120f8de82e10b501335119af52d83e752032497fceb5acbb3ecac6eb2f437371ba2f86746085fcd5337d79518848b2361c09ced3ac3d4a0a2bc12956f81c6973b7478e11af4adcfbd993a7a5d049e57d53bafaf95a926d4d954ebd60c6ea833817826f4fb6e28542f18b397db983379056e3054925e8465d8c8d13615f3fb9a8c2edd3d9ea256b4d7e71eed3f9a171334365dbfb12512c10c5a87801a3334ca5a761c3d877049a7e416705e9a3245f92d4efb7d3fdac9ed5e324c995c8710e512e1ec1ecae21a586f420be15096bbb02f9a921cf57e0df6d0ca96206d9f1ebfb2297363dfa455e699ccced88202e8f4ebbe3c135c0b0a023db05422bcb10fd8c314c71caf91c0a8c71e367778a37625a043c6bdb8e459d96e8722fde6c250499b0a65e3ebae7410f5ca2f06a19641d63857f91a75d6a7e8e599c111d61ada3027711a702f180345465815c38fdd6d34aafe7cca88f48c8cd91c3b8c8e6502f40bf768f0138d60628da988d15d81925d38263f35cbb6f358781e2993c107021a5b7afdee40a8f7b6305f6204652deb4029a203fe544345cb8429b4dffa701b9de480562dcde2efd57411bf392699e2649cc028be273c2393fdb7d79f97accca016275c705d1cf0cb693b851a547f7118b0533cf38e9b6a0cce8095e2ba798562393db6754d9b2dd6c7892b43dbd1df81dea6f5c7dd13b4363e929eb67d6a3d1f57eb1b80f04d65f08d69b93a234072d5f21323d86753ef3844917776f8c3bc1dfcdc4b5cd96a24092dab9e9052d8f28d97fac4af1819cabec92b258a5240ab3d9f3425adbf2d0845798d1ea6f81997dced5cefe06646b8e4c39b872752a0896e5593cd0fbb84449fc1fab730aa025c5507309f55eb6e49144f3a083bc594c8bdf0208d853e2b8456904fa332185c3a73eae85828b225499a7242e4c1862bb516c4a2931ee2f202f354bea401d498d7f0d9942ffbc6e4b7b93a6ff7cba7cedd63dcc3b5141c5f8052bcb15fb337cb25d20e467beecee182c9844a719b0e401a0d379d80cb95d54041f3ed6dc57cd19cc99896ed679a505c2a215f094577009c29f7fae48d3826cb984caef138f8c3635a6e43684b5bba3ab432c9f305c1443595b7ee21feca81bc5e7a4072c81da473ebb88ef930cad76104d3b3cbfc2f7198b4b71b5ea4436e00547b8803b79d3b3586fbdb4781b8b93f35f5ddbfcb57f7f26ae1b4699f7226ef80030a02ffdad8c639a22c4185e4055db316f4e8adf30a4be75f6d148b045f8f4eee6e30a9d2177af115f93b036be61479e05161794ce28c61f505588730c57a9fe2881664aef3505005416d1c136f8eec1f904b3276e79ce3f84284337927474552b331554d3a2c059a0bf980db0fa80860d64520ca49e5715d0c34cc87c6a7b328e64ed6b8f99043af4b8be50edba0d46bb8bd6845886f7149feb4ab5a7a35d04be0882fef696538fa10a90bb96bbac950244e88d5c5738981cac3b5684c75a3efb7e45785325ce5e8f4d1b08a248e8aef10232d419316bd196ef446dbf8be389e0f07a7ddfef3775bbce33bb7f7943ee71a4e8111ca5a9d62075c37cf1eb9bcafbf17e31bdacde47e158cd0f3615f34117a710bc396f6c305ed792af0181e8b5eb", @generic="6e587e3e2240c2c94cf0e487a03e882fa7d550a353ba6ea30642b9df6fef85992e4bf79bed4e5becdf9aa3e2b79af79153851b5f3c241189057ff50d6d6c0f534d33c941487a87fa1b24b867f5aff06ea15f82c26279137bc5f56485814186d7cf4bdd069a534e6e1d16119f61db7d5027e0054e6325a6ee711df05831fca92012d89491579ea7b800223704033ac2ffebcdd320caf34c55b49be777aafd77653fba781cffda992a6eb1609ee6142f2979f3f947379c0778", @typed={0xea, 0xb, 0x0, 0x0, @binary="cbf4406d68e973822ef8797447eb86a28eb72303a1b52839fe0edd84337448524c8e0ca52b7f1f9d2ec86a2c4d927416085d2a0044752afbfd97494428eb03772af520f2e4402512cf24f2aa1a4ad1f9a4f0f30d84f8aa51389d07dbb75ce300440d58cbd5fa36faa216bb6ca5041854fa12e287457e5bd89bd383e698a41eb61f3d24548352dfe1b1645bf74b3ff80ba9c013902accf210139f4b004c11e55070e15612afd1dc0d94699b99d65500956b2d5b23c75bc6c6153920c7256c862de0596534e6dde75fdfe95ce4231799e01718b99ad63a2d75786337198f96a1ab2674df6300fd"}, @generic="091b0497cf48e04ba31594e9e4ee02d380bec27d2eedfff5edf5336aee23b15b52b386e4fb6ae08b22108dd186ed01fc733e81da312fc1b4be3871d4ce0152c6128fcb80ea683a48fbb04779db2a46afa4a0b7427498ab4508e7be13a9ee9a7b18421c6f49c1e46460a4cc089baf146d27fa3a086f5fbe27c80472ee40a941efedd3018cd764831c47c7e6d2c59d07399e62b1f79bdb6baf967b944e19b27b93a2d2138ae77e15b70384d4c7979cbcafafba987749cc00d55a77bdd797b3ded330f3e636f4c49cc5b6b61495ec0459203204a1f730597bb70fa7f669a8ccd4175978f2a18d1d7d76beec5ddc6d4c556b38714a63225f924094f25fe5", @generic="288731f5246e89eef3dfc6f3b4baa33662d3", @typed={0x8d, 0x52, 0x0, 0x0, @binary="45ca8024a89ec8cb9113a6e45e1223c31f1f5a7b648b1a76520987432333c4d58a27c4fc5e0b55fafc220e0a73d4584b79ffca2b524a439de943d3736a62a717c13f75d91d94b18aab34b2bd658e26392ebcf47b0529e764892f4d4ed326fa0115245b58ae9dc8bf936260ddf13d71fc1e2e756336264e1ae40aae9b6764159a30c955cb1278ba54c5"}, @typed={0x14, 0xa, 0x0, 0x0, @ipv6=@private1}, @typed={0xc, 0x58, 0x0, 0x0, @u64=0x3ff}]}, @nested={0x4, 0x7f}, @typed={0x8, 0x3b, 0x0, 0x0, @u32=0x8}, @generic="b17201c99ecd0e40c843a1ab317cf42435f0bc0d87027284276f5e396d826605c49b9ec4bbd3871e553c0cb8d36ed20ef98d638a808640dfa90df0ecaad67f2130c6fa83cbbef20c1f0443711545a23230eddfc27198ab280da3b75a9e0a32cada60230b5ba8f64d287508e52fe9198c7d35e6e9085446961a95bf349c9bc39f89a121a7f0d07d49eb890ea801ea24524414525edca4ade702119899da88cef8814821984ec50c734fe441052fb610b6552d055fe2e0403fe1df6ef58355ed52ff0ae497e2d4208080de0fe69b169200646cd19ec4313253fff76fd03489", @generic="65a28941f3099fb68e7d69329fcb90c768d738a6be7654b4e10e61d641f37875c2763dcab99943", @typed={0xc, 0x77, 0x0, 0x0, @u64=0x1f}, @typed={0x14, 0x93, 0x0, 0x0, @ipv6=@loopback}]}, 0x14ac}, {&(0x7f00000058c0)=ANY=[@ANYBLOB="fc210000120000042bbd7000ffdbdf25ea2f0cb4c16669df4b639c9fa785e7e0a82b3e618b3db4bc796801c47181d12256751a3a352be950c278bbb8cd3feafe10629a848b49e24d10878328adf0a715aedd8b609ab968d2646654b2308580ba14939c69460573331c60775bcc587691a17a380fc60ef6a52f83cb1a9053946da71085721910934f7354f9f929a070c18af8027e57b98b8a34e09987b1c84a26080e4f3d755a140f827a1c30b2bba4c5be3247785b4f1d6dfc49b8fe874293c7b2f028cd2bf2b38f80bab09a76043e9dbb59a61e09ac21da9096b85425e638b45b9ffb3b5c3dfc880f811e02ed619f1c4151eef2d37173117f11049aaad94ffdc0d338b6f82bb2464ce7c2ba134a3e0690fd68fc779bb968f5d5b20c4be6088a12285bbf217edd98f12a140ea07123b5efe8f48103366e31b19d9df1817e08d394db9d89996f986bb6c83d575692fbbd862eb8d790431d51201f81108c38712d568e87995087633e5285971badb3513fac20b3a1acb71ab8d54e90643a8fc90f3dc987dcc721ac01d7fa5d2c3e9cae3d63f539fb7bff3f7d68ffd22fe012a9c5082013973e8b55264dd36a3aa859b91ba352f9d94b1d5bff34d5be318310974973a6355910f529a63cf4cb0020209158d325400c0f302269a0370fdda0d6e61fddfb3a868cff3077c8e395c339bcc90cd4dc20da4a43d9121b10e68bd38c25d04f9451e561a4a5fd351b38693d341a42065f89c733625e5112dcaf2b914cf0fd7ce5b24a0ad872fb5c6e4b758388b1c12356e11b15604edfaf821e7e84260f89199ae56b745f7a17f872c2a83cb549676dbb3e9928eb903ce1e16ac7a9ab6b4c7e11a62e46a19de8f04ca932ad97b95b5d634249ffb967afa1ee253fa09493f96aeb823ede60749421d71301e60cb120845704bd07b0716e7a92b22a6b289abe9ffe79c4445d4c5005eb277f1f872857a39481ad51a75eb98da2869ac02914cdae40bb3fdebf517760ab308a8af9a238c3abb5fc67079b5929080f5b54b58d38695898591ca27f95be9930397e11977117df79924018896457616a478b83e2d11a231996345f525b8c384099467851e403970dad357f11a247ee1ac0abd0fbcd332e2db4b9e6f2de0bc276262fd0e9ac572303bbf72cb3039115c2705cbb3d0c611f913e5911e95d61cd840bdf234350da088db8dde870fa28fc0c6c828bb3093aa67137c5da32dc24a49b7d12e7b1fb4ae70d1ecaff0993bea358f519b521cb84b92263c7dd5258dab6fdc6b0c44982e25e6d85754c912631bec89580efe046fc22e09d2ca01b2836b7e909bc67e621ed58d50a0761ae6c6f86fbb4b790b57ee52b2dd235b5e5b03f25be334d1268c1ed61e167f7f97826c6f00f6b1a5308df014b877d1d1408725387354df702f2f12ea25313595c20e89490c9114c27d69f912a77b81d953fd738c19c12a0449e852414fc65b4905f87304b69c3a9ddc1c48b39f01da25e264e9613ee3be03c29cef3733b3ce5db5093151ba017fc16efc6a792aa90ba27a37be626d8fb2c25c811e982fadb813224056d4759579705f492e52beeee5c83e6a61560664aa09cceb969c36da49a232c44b8d3cf2dca02e52ee0fc3118f63cfb66010919dc7eca77452165d438c416bc01dbf83482ecc04d631dc7cae1e5f0648a98f467044bc9564e013bbb0988bcdcfc09a07f92b428b4653394871baba44a9fb919b8a94b70ec12e127742d8b9c65879f65645fc8e10cd2ac6fa0c0c86b8d99fddaf2f677cb748d3705088f2d8f82820506b2a17692c191efa8679870a6ac25d3bc0fe898747f793312d8c85f7b4ecd7abe5b5c3cb5114dc6df53db240508bf3261d6f3bd4c168570413558253eb85057a66f43f06e7593278bcd57df65700e2c46541e28948707a62124eaa9448cfadd506e637f0ff7e23502192e3bd48db13daee09fd0e9eaf829f2d8236e6e252e943020121a9c6901e89678278b8d0238072ffafffdb4ae3c51e4b82944aa3f8c7bc3797597bbd7d865b2a32d4aae741dcf5f0414a53010276caa7fa8ca55ea8c87a561e990fed291f4737281e3bb9800a1a51e927a6523fe4c40b2511bb5380842110ed15e6d3c70cb048b3c0adef53f3d9d2b15231264ee3119f5160d5a92bf58c66f72e5581170af18a3342f49b7b83aef0f6e085cb4afeac5b26efa1e131cabcf70c7794df264a461e50e7d452c8ef238f2a96fa476ffafa7474ad49c2cceb042ccf047c52b18d0f7be526c2db00bd78cf46745e260a4367b9e26b3ff4d059ef557a046fe3319321dd9417fe81bc4bc79630fa71e951bf73268cdbf9a5bbefca7728a7d91ad75311a107b8294bdbc41836b014f446a5d7424d35e03dc201753a746f615ed7a56cefb757250e82526b353bfa69b5fcdc05b5f8e255f6eb3e26528b79b199ac2f6535a99dc2bb1fb00ededef02865eb83b5462180da410ff50d470d2e894609304fb7e59a98e161b39125ced8d9bd5b25dd69f3c5053c6dfd037721f18d6707682b5fcfbda0671e42ab3bfcbbb3c3ca613ac6b212cf00b46c159ba82c396bcc2e74371e05e1344becc356378bb38665fd48c198e70abe2ccccf35798bb8b7b77226f4f670fb6623529a9a23844bbbc52631ed887ebe1eeb0b612892d6afa0774504c9d130fcc602421c1aedeef14c578672c0ae639bdceb5968318d69fc4b96b5bfb4a0e8cd3c7598e20d39b2fd694161db6667335b93ae41463b0c65c70c5d792e8417bb2c374ea4d5ea8c66e8b9cf42177f2e61eb6dce3037622b63fb6924203c3748ec9f9ed20f19045c787850392ece82c7e074a51df90310e000a9ef05fa1d2cd8aa39ba6480780ce6fd09c439de5e9b3a89e53cea396fd8cd1854872ae171079cd86fec7e4af303b86c548e698e22c35a4c530f1fe6bcf15a95bb90fcd9a861fec05e7890ce766774cfc29babb0e28f6c2fb144b4d00dd4435d72874d62bd81856984fa0220a691f6dbbcdf069a83b6466756948228eef18151e9ccd2d027bc10db63599a7eba521f836c7aeb65e15ff0c0d2edf7cd0f13276573d072a1cc81119637eea5ca8cf76c245443ab81b034394e329ff9609d1ecc3e3f402ace71574b9df636a46bca157170c3ed1690e0d87682fb2117a8943b6480c6dbfb5263e50346506d2a19f7cda315e5d4cae39362b424d6355ab1d9903d045193379c307f9a7009c070e20139c0f504e094dd4c5a62b8d7fbbbe9baec6c585bd179a6ce15e26f88679f456eabc326ce516330a779e9f2cf5b2a949d7e8d7a05f0bdceb3dc511cf772bf1eb59bf1730ba724b22fd9e2c9115e7dae0583960e15dbdbfb78d819f51122f85605dcbd1d0addbd2adcb1469a95f2e71597d8937432c44721ea5373e6de64e73d64ebbd3525a43e0d96d9cedfec27b5a00a527e58ff28995facff65e1f52ecabb1336aedaebe9ddbb6365781c4464ab6500067314dc0bb5d276a6b524b455f293fac09317f9f4765cac09d609bce13205846cfc11113b221b6ab21963490d6323b3821a65dd1e526e1312489f234bc6825b85279f518c9a7aa8444b81614bde3cbf03532a6d93051302a7a2f613b811c71d1d9f88015269b35154158ef026a091d4474355021b238115fc77cdcd5697c6b78a1fbe9ff2819f67f0568981915a43a8f9f705ca4f1f8c518bccd5b2156bb22fa59c9b5201a131def8741c8385dee5aafc709fc25faa3a86b3520f31fb5c682ec2e511a435cf3e227989b677143dda195044e802ac4269f5449fc6e5ee5b942ebf7168d6127dd67f85aa2d487cf62c178f2240f4aae98bdf092f1726ba0ed89f66941162395c9b4cf8defd1646955206f6e22ff3e2a64988cd1e0bc9468ed1958c227ce4dcc49e08ccd53963476fec67a3e0588c0c91137b6b82ec4140ca6246dae79e365fb02eff24a8808dc9165379b7a97be30d1e4aaed1927e115aac6b4b8b41827a9851766a4e45992cc823dbdc8e9e537517f34a8bc7e710a007cf34cd38c81a20fd7d97762932d83af7709f845aa005935ad624f22c252cceec5323d3d5fe489901db5ffbfc0bd6a632f77cfbf0aa918be6deed8c31b15c183f7f99d20744dc714bf668406912ea66d140cb13f1f9b363077666a81c6c5911a1b8db5896da4ad8b07b064656519749a50d012020227d0ffac49db0525ebb7bb61afbafad8d481cc0965253f90e404a2f0004a55c83aeef1f64294c838374fffd5c3d2a9a7b14f43b14809d0ca3ec60a073e3bd42c1481112ea6b77d79cb16118f77a4ed60cdf71255c4e12d14d881b0c0beda8e5b5d378041b23846740ecf5393e1669ecdc858798df84f1540646d403eea73beea34b86e0e50d703058028a5eddb848c8afbf9ea7335e0c952b201e133b82c6e79ea528736b90b9cec856140179cc14bbfa01822dc57e694dad86689d19023727006beb9e14de079ee21f8eb80a149a8b88abf3e5aa2041a1c0b172b8d143d1255c56f794dd0c64c836e0410e97f84523b089a5e4a6de570e95edea7be561d54f9ca499f84ccc82133c13acb5673cb6ccbb847ea13ca396247ed2415aabb5e8204d5f97c6fb2d05b5f8304b96973ec79a6e27d4ae5d8692d64a0a893dd7758d6f827dc136a519d53cd399dabc44a2a33eaba76a9ef959e121f4e52e57350ef96126f18a5aa13b4741f8743219d4ab443cf7180cc49f581c536457338a8b351d4c1cc0682de268420f6fcf9d62d574235e6b88184b8eedca5579bb49ea4b355c29213bbc3fcaaec99f817c70e885726dae85d504e8926ac5525f462f3a54f383be27dd0e9068745ffbcbbed11508649d78b97af44d148f2c5d380ee7a293d6a328eefdc3e73035f828b270b941fdae7ca93f7d54653c5335979061d7b1ae2c52f52943d48c09990a7c2b54ca3dafc947d39835a6655838c88de9d256a422632d516e477b5d9ec8e547709711b0e47dcd3cfcceab8e3f4b9618906f018c51ab20b14dc13f5b14f5a2ff2f6bac4209300c57ba5b3e3c4ceb6026c41d4ee7cd64c2c5abbb923f2ca9bc3fdd60ab4952e4bc86a933c210bcf53445823293422e79f7d7ebe63760fdebebafd854549fb7b5df986100fb8cbe8f64f5fbc070014692b6f4a68c9af2b706c56706eac441648a1b5908a251087ddd800717ac787cc63e6813720dd9100c26c2164f547f5d50cee05043bf75ee2569d856429fc2cfcc345330c4306be94a94cf845fb26db56adcaf42d87da4f7454cdb2358d083f4c4b4861b5e57f0b005e611fdfdb463518dc2e84cf6bb71aa0a62e6a7f293f1e34fd6f0483f73d3bb436fc7aaad689a50b8cceeb5fd522d257dd06ab5f8f35fe2f4c5932983e463789a9403ccf8d17da984a6cee14af3b5d6396bf438ed19d781a3ee7fa90c44537b08df0e9c4a60c2b61474318e5a2a6cced2c2de3b022ecb46ff4b0509d6410acd4db2bb3c85ddd92a80e61465ffb09484f780c235aa61823c05452552062247909683bc389fd68cb4a3e9c1629c111b945c9828ba5c354209406dfb325a82fcf243b52f788b59c65d281a7b5f3b8ed27868288a367d82ef0a827e0afd10abdd685677693825d0029843ff92beb8dc8bead714ea394fa9aca8fab705c08e94ad6fa60edc5c9fc9b9197722631be05330831acb3871442ceec8450181101a055bea2e5a6ea256d3b8fa57ed5fa9b333b0e83a7fcd0fa9951b2e276be5ddb3b1395d5b76092d26b2355d81716ec296d8599fcbc02ba42ed0932bd5d79be8352f7fbf7f33e82f9db757875aebb207dea2b9bbb3c16ce87e9114f51941c59fc5d5780b87c80ec007c800c000600000000000000000005005b000000000046e848bf6ba7055eebe5a2976bf7d2e3e40483e08d8062af77e94ee0ce4a4761ca3b9f7780aa1bb1eabe4d72fe2574572efc06453c8529ac21296c062066c0e0c388be7cb7d650895d1493b0ae4493b53df32f19c8bf12413eb113306100e62dfad1b3d2615e40918467f47df45e529c9734ca9ecd187c5c37a4f872561c4cf9fe37143f6b0a14219a3753eab1e23ea2f2d0b8cfa041cc2074a85fad6aece4b58b88eaa269951fdbab70a12178ccd2a97985f75edce2958922210eece1492a3a6c98a2255dbeab38f9a976e4b23f18bb26e0d2b714004600fe8000000000000000000000000000bbcb002e80a79ce1c90d42d1940eed19492e245ed1545158ed36d0b78d84779ebbaa92400cf77638a92f4e11894d2ce5af519a79afd130b0c33ea24e63e7ddff306caf570d9e16ca2a4907f84492cdaeb85e217da07e751268972b41d0e17ebf5b40c9e45accf1fa4040d3b854a8532fc7d705a56e83bcb1a46d826662d3b7f3e386a916fd1e0d05cae913dcf657e89c33e8163fc31eb6524134f0aa4ce0cbd922282709cf849f8ad3ed68144b1e764d169d7006619f420773353c67eb0453d00a73d52f050016000000000000246476a67226fde3e97ff80f7d480f832be7c89f274cde4e7353caa988ce88b159f7c271939a7d5bb842b50466be51f94c5876f9835d41a8ce43fbbc649f9b0cfa4b04516b66d7cc801c5ac8478fdbe711452f033333bf3994bedcc7338c0630195f60dbe2493facaef2f9684eb056b060df495f33a57f4df4cc4aad2c547ee4027d9bf0ede724dcd1123839271c1182ac957b87a2988d561510cda28c5ca1459fbf9ef73fbf279abae9a9f2644a32071df94fb0b3863e2ae774519c968eb0e59afd9a44c9e7c1a840453cca63f3d86ae112d4b9e6eb40e208ea928d0056612376c528dfcf2491a952aef990b80ac686767a18ff34b5d0f1a0cf003f584a35a8c3162261c0d725a5d3693a7c49ffc4624c5c086f19c84349dde7b60c4fe95323a5c61e1b89d92e1cf065238279281054d1ce9f221ffd86621143ca9fa6d05370d5f7c8171bfc29135148c8f31b408231961c6d133e4db00206edb4fceea44d871f0aefa6e7e672d7f4ba9eaf7eea4dab41a77c3cfb62c66ecbdea2572775918ad1814c90b4b2053dafb473e78ff661c1b6968b88093616483aa26689921553e1393a1af3265e431f96210743da358cef57280dcbddef10c1136abbd9a32888d45581e12dafe4f3ed82f5136866c0d7b8dede8f68f28245e225e0c3b1dccc8b03acb2f45278412c09c762b78387419734dccb6e7c0e96fc974ec131b6415d7848ecd84dd0f3183c7a089dee0e4523334985ba6d0bfdf3c03be59787f1cf8b34b50d993cd4483cf06a53ac6c559722d6bb38f0e495689f769e2352056689ed5d4cbbbdd2f3f229705c919cc9b3760f02e52b413aabdf6e33fb1903f2fa9e0130a7950cc3df3a3b319981fffd3245fe28796ee8aa17f2c635e52abe64267e079ba7a204190fd678be7eb080e20815796fdee2487ad0edf65ad480ab70d7872a025b0cbbe8f7efe1029765956bad196dfc6427693d4e26e597d7dd73e83bd0e066a54fb703ef151c9bbfb30dd30a8af9d8e9b49fe015d22e31e7b9cda33fbce5a5d93679cf7d4f165e16f45e1aebceed4e3799283a96eb0597411a940543e0298636f37bc2ae3b3630b781f8b39501736595423c890156314323ee5a3a849cf609ce4720fe37f2bf9b00812161ebe5a7f615c7e15223bf881ef955e63a6cacf8464c8161d0b3b9fa49c94c1de2bd705073d4c7d4bc07a8c31a112c92dc22feacb7c6fc4ea3fa8305140664547f3cfa63647d039e7bdda87d850e81370c4c1b9922cd3f8d0334f020e3264b4e41de4f8e5b6d754226380d5cdacfc27b2089d968ea44d6ab6096cc170aab1c499f8c18095b99787ace26449fe3098519925a5267f41c6f160f243498bd8c927c2367251d8ca84dcbf4ff52db8a679d5564fb7f1c84a96a002f95c7d76ce19c2db432351da75c70c201d9b3665f99b95be7ac0021cf8771b31b60f52e252e6221d8df796c19dd5f00469f9d4cf744213dd157bd8948bb17236939e5491fc51901c2a14474afe7add788f1b937a1c1e144d33db770aaa3c8bb34cb65eb92e65c0c6ac2ad432d2318efdddf4ab691988b7dd3241be9985fac14a4b01fe43e23af1aa0224532f53d816a59a1ee4341f99dec454ec72e1872164072c41999e8d9bbed8da46ff1555abe24226cd467be067850b4cacbaddb172a483519627eb96c6c8c2f9699db4e158610563f04001324ae0f443e8e48b0f1a53b59086176386409824cd7587ae06304192d01ea697ee84af7a3a16ec1c42fac66daca7710593be8805e7a74eefa67f2e5d01d8c21aced8c0c043b5d3879b31758b9f0bbb6fec52e2508011afd85f6f1af0141468d0603a24a5ca8c0e011689562f05bbc390bab51f4475b509573fc5af7383b681631d892bc417f87ea4de5607d54d808184e9620fb30a12b05a743cb025220d1fc2cac7a614f4aeb347a219edb9d19157b6d12903e13d498817fdb9c3616fae162082c7dea9e3d184f013d5d80a14b608a44c21bfed72af6be44df546963314d38933dbff55a3a9db53ed6bb8ed8dc661d300a235a0e251b3e81a3ebe74fdedd7d90e5fe48af2d4351a24b64290bd944190677782e4b3ea1f2c6b39021190285e785b99c15ce68717b4820f0084d1d21cd8fc9368bd5f230ca2e3971d39fe82752df1cb6080a38e35e33d012527b9d3496cdc8372c991c45b8d1f12de57efe8f9ec083dfc07f5b680f19f50c00d336d90319997fc5b282c54c885e348961423646a1a901b6f0c677d43fdefc898d0013d4f8cd0647ee779d2e47bda76256083e68b107f108a830c3fa8d19f7e662474ff72b8fce5241c8b60512d922e57b3b650cbf8f506196d15ee03c96ff056ffb430028212e3f8be3b1c736ae14e5715b83024c2506ee3c8f9aa0610c9b8835c81de01ef04a2ab7087dcad957c6996d2392f8b6bb88f77e2a0fb39e2eb88f976fc21ba03fff9e6bf45f398e23b5bdcbfa1d8612a464be7c136db964ddf302e6329b6ec040a72aba3d59c6d6064412742184e0d4071aeb56a0a00be15982a7ed0166e0be4ca9e69fa4133174b9e16992809d47ba7cd87b6a2765f5aa772d87eee074c803c9052b98d8d648721d0e3a02bea058eb649022662043897c34c50f53d9539081892a603064b5713b32c3cda61921c0c185da0b834baf16e25e16615312be3c2de02cfa09c32e49f17ec8f927a8d555fbcdda2afa01a9c86ea73b1240377571b8108497bde666d2dd968e3841d71275d9bbdd70be12ceffad972c68bd7974d1986c213690679442e42c0eeda907c54a8d98519974a33cf8eb783264b2829e000b47fa9bcc17ab8e8f3a65ce8979d2cb481d299ddc83436076eba457092b8461482ea33ce973d1b198b8475734336b2fab8035016457f3989c91941deedb3fb5eaf762281171df21afcc41d285ca7ef6c5bc945814e3f5b67cd8e3ed42d79aa4bf33aa23ba0b1a2ca93a98468974c7f982a0dfd4930a531e6962265b57248c2f2222f0651597ea72c3ed0864f77b2c32ad3892359813c3e8424e843f6adbb0ef88f9b17327c80481081044945fe3b07fc00ca1ac5571d2473efe7e9c2f01acefef7a938cadbf4d3127a2319d54777e161bb9c6745e34bba6b0da201b3855ac0a42df02cce75c4115bc55fa8371fce226d98a74ca675362215cdc137135f8fef1d95beb92622ba94fd10d5dad9f188f5d8f5ba9916c2bf8e7258e40d4c9cd7afaec775db5818d4b7a0f8ad115b38c2dd0874f1ce0cb831333be34417c205113891ff5aaed0ae221ccf0632b024081d4f67173efe15220257d50675bd84147e61e36c55bff4c731c83da3296aee7605dac4823f1273728c47e099d3c7e7925e2883a29ca9911edd02924ae759a7ddc0461373c0e4706b5a3cccb4595f5655e5bea7f561f32d9ac4538a224b717bf07226a6b60741b9a8dbeaef836983375d4abb449c5373a842cba44654c38815bcf5a97537f9dfaacf049c966ecb18577a80800a04619f7d813a6f7d873a7c6355a156e8f1dea851897722374d2b64d952f390f0605847d8d959c549f25d53a1a0b4df9beb386e5940bf417f60d209ee5148a486d13f26677d3fdd57eb3c682acdc4353b5cae71cc84f8cf9123cf38f8f275ec63ca885ad475fc6f860cd21ea84e59ca022718f1f9147da0d4522c7de85de81df3d6c0ebbf8fdafb4b8b535e55213132e3c6063378390d4926e7e899fda6cc1a6dbec60da9a09da5d3750f571b2e4558e096f2b2ff105866dbbb9cb6476bc92ef5999641fb9e5d752980c171abfe45421a714ae3315ce62c2118511faef5aace29e15842f26b4b967e8917d22a73dce2d552899cb44d84a23a78ba890a5e8ff7cb944e5b39197620cb76e51a900a3dbb538327cb20a9cfce9455db312a1e5499e674190124d1c187b34b967163046aff91ba8b2daef5fddda521ec2053cc6fa3d74524033a5e23d1bb928ab7515632ba5013487509b337aadb09ecefed759e78533b797cf780964494e0cbf648b714d3750b173ed00aa8122d4733f57e382d675fb0d04f24b3a96ac1ba2d067f6143b103be6fd7be6f0e5d443f98affb3cc0dffa59915e4c4cf0be41d40943c2b073c48f5f8cc2b5eae3c989179cd15c3c56e7484b35d351213d176d0e7bb0ce54ab30462487bb740de6328b9f4e55962a6038be60213fba731523df4a734f95a4c06f505903dbc57eb33c3052510f64789c608571fc2abb814016fd11d26266da94936b8c78beb6834632e524c63b6075c8e5a0b5865565e50d49f0dfc75731ac450b5fedc5c2ba00ccb11b1ccecddeadcfbf8bf52e23606a9a442278aa01ed5965e4dbc124ced23eeaca3086bad221d1e63cbec1b2b6064412a532157640458ecc777a31e3daf66ea2dd91c05595594c580543dd42f00839dfe2148aaad5962317c952982f398fe3f528db93b40b57c805ca9232d4d754fe3c66387097b37dbf620c3ca8cb5dd3451c81d2010cf23638acd79f17ba5148b25a79d65b36451fb5f6690e514d3ef7ced20169998c540ea6629f070700373b5f0931bddeeda386c75d43feb493a978c7bc4c1bb7e460e651cf2e2e1666bd7c531486b14fa97c2db9c18cf78834fb3b03f82bd299d819ce2ff99a2d01de744d14086fc3b6a67239b5c7d356eba8b7b25c012e5241ff664cdc6a6eecb830b83e05a74b4a22eee931bb90a5021581e270e51cd4cced01a4506d4121891a2c5dd8486fb63125914aec5f8d39cfe68cd36fc612a6fb1d46a06e9a28a2fb834318bcc7f666292841c8a9b43be9cfcefaf1e60607850400aafe9205c6ef0e86ab5997a3b5b0bb564b05618a7265edeab7ee8a8c991760156085390c27c547b615c2de7989a172adf755a95b1c11e2b6468a5bf0d477b10a50a47d4d2d5629ee9061e2a13993cb969ffbb55267764d76eecea649ac4d61568ed8d047a747ad9002dfe66975fe1014fba7215a265e8daae91ca8602c9d9e4e2105a8849119c82d5b862c682b552a4e4a967e69603fbeb4cd5282334683ff121c3c9c99ee7633882b532ad77fe078d581850b1d4bbac7f083f636e141e79dab325361de1c16170e304d63c10c09e69f4f687ef500bcbe01d8d2e12e8b44db075101b0a5452dff463be2c87d100386b264784ca3957890b155fd1979791172e7e610766963c7eeedf25b6c704a2a0dbe02884807eaa2a033457d98826df63766386ce747c72127a0a0be329d21cb2ce665a6140583a1f72b811c2181572b61d84340a201605fef35a65ec43bd2e9026bdfe6d785068ffe49281055e7ca05278f91f7c3cb2cf9b9224e33bcd2bfe4ce0909fc984253e3f078ede62502fb57ff2d0731efce31c56637fc21cef2d9f2f8c49330bb9eedaf6b056c5354fe7994feb692593cd0f86746ceec08a18b650462ecb59303e9dded2ac721942ae7138ba85d3667e6ca4b69c12eae00494b6803274717600d335b039e4bf97b415becde93bea90d98788f3dce9c7615f6f98e5f0b81798ab778789c09a80dfe3ed99b72458628a144a7128220c1798402c0b4c34461d127cc070e65dd60c06340794507070f6262f5992963cccc812dc5f848af1bd8b114cc64718717b484008445442cd86386c4404ca88f253a343de427e77043a390ed04edeb202eea278c54cbb0e6f9ad6a71ec9e6415069992cfc41ba8855b7295038246211ae46110c8c045fa200a2e9e42f8c0079b9a163bbc6fbea47e05f682b09d0be0247bbcc25812937a9afd4979008de8f5079e0b775ef48e82352b8eb257bba45745de358d82524dc8d65ae1b08008f00", @ANYRES32=0x0, @ANYBLOB="1800968084cbfe49e4d2330f9d215d36aa91c1f66324ce3f87371133aec06096e6449e5e970707558acb1172cee551766f"], 0x21fc}, {&(0x7f0000005440)=ANY=[@ANYBLOB="ec03000037806b542f5d82d25641dbe34344c733b965667e157f655e76595af724c514d13b67cda61ca018270cd53974c8d9448daef375db75d396a6829b4175678a5ca1e2145840caef5bea4fc25b289d74114485c072b42220ba56920088922268758bb852f4365f21117066fd4a2488c620ec71b325d4db6da7646494724b1fd6bcf5a120b8683f58c7cf6dd3040859468e350b61bcd36be93b9b4cd867612e8ae00781c694a65023286ef64de4dd83e9f21e45b13cc1b08f8d460a7d46237c5f6e40588dfe3b567cb20e155f43603c28ef53a6ac6411e78b14e8690f0dc0a493a78e1dae489085ed24db8389d5d37144d01afcdcf4791f86f500f0080045005646e057535eec9f83f16b36f4248d9ff47b04e719394b52176c46ea85077e1a8b53e9847a8eb402601ccfbf642fa40ec7a98ec7e20073b15d45c4b26359df25e1d6494c707f6e16be5d262dd9ec9f3b9221ae8c40dc22ab22a256", @ANYRES32, @ANYBLOB="00e602478008002b00", @ANYRES32=r4, @ANYBLOB="04006700c41a6e939f5fd32d0eb7266581f73498f9390ddd7886a060005c89dc7005514317adbe45c87cbba1e0ad78920dd77f9b1d926c9c1d6fecb95f20807cc434dadf4edfca263ec708fe3bfcf1b6846ca05699262f2082d15260910adb0dad8241bb480391e553d41113456fdca04484edde1d2e167246aa8feb28316fe80e83eeacd0514f2e5c004100ba46bd6380e2d94406a60a001c531b892aba3cf1b0f16439b0457183098a8325036714d776a044f403f8944d55d58730eb2389a331c27ca2de9154459c1040b4f021275cc645e44cf58e849d1f5c4d8b0c524ea119bd92c54fa84b1a7b91da940a0a8b248e09ac2159d8a2c09b925be95e9441f2e07a66c2b354e6d61b8bc13926d1f014b13b1c0596d3f965e0edc4b9ee3048b831ddc8df7bc3fdc7917938157b41b5e19303272cf74c9ca95c2b686ad222d2b22b011baf9f77349972ce9faaa9fab6581f85272c42903afdcccaed18b466ab6fb075fe08f80f0c9686b6d1e9a141943f710264ee65487546c6b66b39b1b9de551928448cfa77d46bbd31b3c70b600ed3bc79f13bc493f6cfc1aed3af8922e143902399e37760723b369677596736defa8cfa912333189d9ebc96c82bb35c97f05c94d8ce506e2ae1b5aa2f45d9a0ae2269890012c506e1386c06af159e3c3cd3d8a081b3158f4201e530178df7c126e91910152bf29450379ff8017af4cb513442e4b35bbfc9dc792f42e3271bc56bcbdf0bec8893d4abb3741bd6c84596bc42421c9979c5fdcf4804671b317c2c8da52162f527d4e93ebfeea85d4e32e68307557d597d3704e327efcf1142fb89d676fbf8b3e1623f0a7d27c50f45eba82477293336daa7659f55c7abcb0d8495dca5ce515e027172c94eba274c4982ff0bf7b4116435a22499d1395b194d0223dbda41fba98439b2030851c457291947d5eac317519300334093feeff11265552b7af1588f0ba88a9fd7137f3e10e86f41622f10e46725b353e4cb80fedf83849fa2be5971f8ec05b4731f1d0000"], 0x3ec}, {&(0x7f00000041c0)={0x1258, 0x1e, 0x600, 0x70bd28, 0x25dfdbfb, "", [@nested={0x122b, 0x3, 0x0, 0x1, [@typed={0x8, 0x34, 0x0, 0x0, @pid}, @generic="654de2b51990cd28ebc766178ddbc9b4fd", @typed={0xf7, 0x64, 0x0, 0x0, @binary="d0bcdef4cae47cb10a6f8cbe25c8f110b46796982519d0497804aedebc4d1784751a8810fb91d8002b4b817b1edc0a21fa939595e70df989941acd320b4c2656dee4cd9fb75306cd76e61f98e62b5b375f1fe38608554f9aede8fb91829b96aa79eca4a33a91d2892f7e07e86416139fd7dcccb83e70e4b591062242d75e653710780e60f449cc34168482a2ff4db7b6a9f5c64fa1d76c323ae4a8426c7efc740e7b8a24c0f865c246dc971cfc07dac7f84873e560967802e2e9b38845429c614276cadc784994de7558aafd624895de67c78844beae56a6327dbb954220450f44b04a2618f9142a83cc050da7c213922807f7"}, @typed={0x8, 0x43, 0x0, 0x0, @pid=r5}, @generic="ca", @generic="70b4e06ebfafcee64d543f19e492ce8ae4a979bf40df3c1457109b665021c337e9355fd9412795436d681af4e3dada69fe732ed84f292a05c1a773546d424e2ac8238d8e5fb154ff5c6927ee6385d96f63020b76d766919676be718c7a4f770cb9f722cb00a01874d8a37f11984ced463c7b227fea3c1f070114a6d7b40434896e7a80d3be98865b62ce04a20b446cc80d2b69743aa9a68d5332aa6647583e6fb7ffc3d7c301b7879e05b064d2f19ede4adc7419a02976f1d3fb18de70bd8ebad18172671720a75db469926da3aac4ee4c2faef812932226305d3f1ae1c30368b5a9362bcd6c3348ae8d495477eb9a573ab8049df64efa1aa5ef864d7044bb3dcc1a9f5057278a6c5fecd65c41945fdea604b0da7c01d0f5a2c02416fe478d6e80b6caed3ba142b821eb0da81740bcb4d0a946c42623ddafd33a9106bc49f16745c8282c6d58beddd1968032f160120a09bced710a11bbc48c1a8fefe074394105fb27244621de9645557bbfa4fec49195c9f3b3a400cc63f653c15b1bb94781dcd262307974d03ad5331ff2fe0ae218560e32d4d98b0e6d7bfbb430fd42a38bac9433bec4d5968f88e4b446fcf1d22b145b3a55a94d31368f866ac77871c87aab021be4fd56bb7d1316d37643a7cd06c93275bc334b362cdf5768e0245a53bab49cd0856544cd06ce73c9bd1655d17ef2da692e9190b30fdfcb8a502f3ee4e3ca1f199a15f931e4ce2e34c9ead2863108a892e8e5359ce2175d4e1ef21ffb2767ebc35f3123344eb13702455b0d8b3eb8a6cec30266240ebe2e93cfbca968c3ac1780f666b1da6a69e5bbcf82c6b0ee253820d4ea284c6d9fb1984a86de8b83bfea2bad21d9f80919cc347381afff1deb7ebb6804823635a7e0bbcbe16736aec7f4a334db3a4439cc1148a436f52346f50baab259a37a92e148888d344c35aa3ce49c92852e8b6ad6a2ea18b5d7b1068eb70a0b24566c0d4efa712f9674fe8b2336273bf5c1c109d90e98021465b705f6cd8205201d5ebc91baee877b77313c814a053354baa799fae4f97324902261e51d100b2e0bd1213979d9111555c4897eb5b12d2f4918511590305c41cd1d2ebf3e38bac48ceb05e0e70ca586798c58b27a10a9088c93514ba9caf2c9b60d485615e4d5f2534964abf152e4085e7541e7eed29c3035afd39c07820aba5700a27cb0b4764561cb7f5af0332c143e047d08c58977fb7595ab59760ed9dee5bd32886fc4a8aff1ce9aca3ee232bb0e1d7fd4b56cf709473b5721b488d30b9d1c07580eb9ca57b8e917745e1705ed285d680e1e37180a18804b28627a79ed47573f672a56a7a440f318856591ca8cee18b602b5db512c02ecb162c9b9152e5b06935516e9cb3cc125b85d9a6ab4bc5be794d859fdfb7af05734f0b1aced925d90884bb41edfbf62272295ae15f7b6c71ccef618dbd4e1c59b5a06edbfd603e881d8e5b90a5b7a617fa7d87f57a8cd0a48c831da2236117f09fe1cb35e4f4d5480558b283743f53fb873a9b489ef4c1d70c2e4279b491abf5a17d875ae6839dadd681b511d642ce4458f9f2657b2499f3acbc1954bca70764599ad8fb91efe9b6f0c259bad6eac9857ac09a89500f9da0c241d4bcef6cbe34080d2cd833e40464cd526a3796e5d2e55f985b583447d7360c81ed8041f7b312353fd302e9acb9e1682a12ef22241578520fdc0ac015879cb162992d777809c4a0de4b9d9127a8c0c0335be1de0d4623893911e949b7d6509cd88f94ac50580fbf2c9a63ea1aadfa1dc9f830b579ff582397d793ee039c708cc6ce846a30e4acdfec47fc6cace67ceaa850124002a4dd2e954771d564b0274a40e0cf4001d3c6a58b671816c0e85103e96b4e042536f3c9bb90a3bd9c77e9101a0915c8bfe9cd8b257a227ae806e7f55e0f532ca55ebe09391b186c4befd635b1ecd7e4dae44355a1fcf83998067cdfa09fa500f565b7c2580b93440978af322873645b6fa40eaa356d49a5eb70722623a0121c1491448eb7124b18c9db68734c4f93faaa40d02f20108c03e9c7e15dd79d34f4a8047b17d43305c42d8d01b1f472aa6ee97d603df970c9a8be616ab5386ed3a86694f37144bc7ec9421970be1b8a1b527270fb95a481af1a038996c61db41c3a27def986f51e1ab2cc90748b0fbd69b166f2040ab9bf8f22c2890066ff7c290eae402625263564a53b9e61ed15f6152500317fe34b20e8d4bb15195c9baf8d830c243f4c7f221253dc7f51ae89793b05b33aaa32d4d65f7cd365806dcb6be701bee25bf6d616c99dd769c3d756ebcca138ff045e68151888aac3fd649142829f8ae2deb0ed9777851a4c930ffd52c30618e605a98d8de09819418e07e4bbe793af5b3b39358e0c3e77c28ca078ad54b3b80a32c2060208dea667a1ea385e15d6b8ee99ca21959bb09ddd749d772c49dbfc0c6e05e0cfd4f5add48dc41baf5985287ef820c872c0c9466f33bc99e55e3066aa9d00ae2ce052cdb6e6c3284320f13567d093f0fcc5f6e1499628b39e0603ed3a04295a07f7b77cae08ae9dfedf9dc6df4413e6c48f94ba6f3a72f02ce3910872f0f470b3d69c4dfc6ea538f7d4126b23cab8f5247a90ab1ba1e1dc204bdddb0bd35be6d31c2cf1d69d2b96ba2ea5050b6e321a68b4631953e2572c5fc627f66bb2383ed273767454546c27692bcf56061d99a5e9ea7d38c20e3e455092946351886a27f5be386d7b407c6b4b66f83d0cbfb13a214b8d1ff261a8010a74977d7ce660b35808e4355fb7eaafcbc9fa1276137bdd2e7e44ce8cad53c70032e0bafc444bc729cf33b71abd153d2c2d4f41a3cec6118413de7e5d16b6377ffac93937293d8e0218bc49b895575cbc0162d1ab395422f935aa2e363a2312bc3dcb32058700a48cf0bfbec2a76dc5e882ae185851e86c6fcc15447e5ffd21485dc90b370d3d84a07d4df6152462d1d3d55a360be435a0ef7d28a5beba7a2f445a569356c97f3a944e7e2a41d1bfa5f86a63bcc482d879f195d8cd76619cd9007b95a7190627e1999b86ec29cae1c3555e74681c80d87da377af14e6316a623c9e3c00c5f968ca8ebea582422ea9edd2d39eb8a29e079c3a599ab7cf19d9f596411a22e74f848789ae1ee2a0603d03f81c2389d963bc778cf5e04e09371ed66c7d02f916c47b90e5b72918bbe13ea659afcdc399bd21e33eaee9704a2aba77f0224625475d4c44022c2d1ffc650b621f13aa2474605ebb8a40807ec6590e04a17fb96d147d3f562bd7ec11c01062812892f6a9dbcfb896303d9e8d23601e9a1fc48eba866e32b8315579f9c2427b9c8add86480357c5b05569b3ad29c1be5820143c04c31c926291324adf9c81d2cd40458fbe73eaca7bf08b2fb7b06a855dbbfc57adc0fdecd061b90286c6150f8bb89e3264fb2cecfc712e45e6269cbb0eb6f666e75911019c443fb5ab738b7a62465ef96fcb8eee9d352f59b124340ada29b0beaa9c0e74eaa8675b7144eab084244b5615911959ed4bfcb772d4f79c8cca10028f3c01a28eeb037a34a2755e77f23bc31916b07a558b62efeb26fa369f38ee031f5bf3d52791770c54c0c685f5dee86f42e4f8877d9f8f3c2f71947605d6b681170ad523b6b47e85e036a108d9ceab822f70905a5dd4709668bf23e772c4094de2ee1786d26563f4b94a489d3ac75f0632894c8fc6cc0fd3d7107879eb974406bd6130e5d7d901b37c32812e7a5982f5e73e173f8b984b607109bf949f0b1b779545749f476cb049f26f1e307dd05a14afffa95a4cac86fd80d6b34647d981a9696238b19d79bf246b0a897e9ed4012c62db9eb1e1097cd57455fdbabebcace250394ab982dbb3499b92e3e9f3449d6d833d647876708124c1d2e1c3c10fb9e26f2bc90ae378d2e8d13db6bae1db4e882f10148f46069a1860760ce79b063e3c99027f7af90420e53219d0d80962d7a6a5bd63801f813c3ecb7e9acc2c46e91b46926980111bbe71dc9fae986e120a306a8ac74ca0bc94cc8f1745876546d1a4a8f3fc213014fd994249fdca311281dcd7a01ffac5714ee43ed404b08d6d0d844d8fd59081e2f92fc03c1bda98ff41787b2dbffc7028698079d54085dfea12f00a546d7d6b53745d20817c40bd21f1b54354fe0acf850b3d6d527db840326f14ab1e32519ba22670bfc3425fc1155fc9acc137e906f73d5c5e3cc8e19eb31005ff8f7df15313545c61f638bb0af44c5b664af3b6ba1e0b7afa06283195ff9c3b2e712a44da2f8307fae6d26d8c6f321edd9c18b58c11beb90f7df8b571e84235d13011a0d375bc459bebe07f2dea0f9e0817f11cb0286de2197614bb01ba118242b4324e3876dcad73b62f2ee077ad0ebc6ffc46dc0dd32146d42c3b628e24897c7c3d5637a426d96f0475cd79a109fabb596e51aca2f4e8b04c708d032f25a128db85478c4c8da3a5056a0a8f65dc506946074320112f28a154a221b15f806873404176a0eebe49b72aee1a547b6c32709abecb51dbe9dd1c5478ef04c66fe4a35aebc0702379c487a5efb87f9f48919de79df92d9b75fd81384d3df7152c1d3aeda71fb218baa99eef5b334b21a8f74416bef9999e73c566219ac7b6167bd1a0dada3b136a57fdda18369611e0143c3ac7db66e1511d03debe2d2a470e08ab81064da63f3b3629c398ec97997304a5117ff1f2ba405b209b89a6af3bcadc6fc742d183e863620984fd5007ff9f1794cfa72cb8ceb9abae705589e02e9a5a0c3a757aefbfaee6b46f0d9f1e16a10643a980fb735cd1bc874f7bec00d3b7dda30d3ad46765dd8836f2811489ffdad5db6e9c6ba4c8c87b49123fc18651788122e2c2d6186ede82fbb84ffd1033bb9feae34a9ce22345bb3d610ca24361362015366cbbfed04f653c271a1ea9f196a34784c345b141bf07b8988c666d257d23961163882fec16bb4629ad12d62d388da73afada27381ba9348edf752b2d5e11b35ba1942a5d0dfba456d26257e9b7dbbf36aee599c02ea7c55057c086d87104bf5a7d29671907d1dcd7210dfe4fa6d7b57cb8ef54ad6c9784568c7a8b4aa98904348f6145160e9ccd26d444a193882632aacaf99ba1e3ee6c1fad3ee5f78bca4615e9fbf6d851b1968552c3064f60b93798433b06f17e57e62257c300f658d6e783cb31cef9191758733feb09ead345e5bafe47848fc3bfa1bd073c1634016d188f90da941ba565ff0f416ea1fdfe773d92ef09a216420fd9cfe48b5f9e68450c571090c4964a1f1a41d6ca2be46b20db6ea4ce6891d5382588a79711d91747dc231a1ad20dcf62bcbdf296e5d2f1dd8cdc28b6a8310b3f5c9adbcec435bd90f0f77c617b15e665506f6ce9d9a69990924e0a7ce60646eb17f8cfb1771e599c8f1a227f55cd39e33f7b3010302611029296e87646f29f056305145f05037bb4029323c8a16d58162663a1cfb5acf3a0cd1af3890ae399d3f2feb19c0ac81f59d70d85061d0609e1b874564340d60bc8051de150dd57f5659054b27d1a04580c3a3de5f96a3237982b7f1eff5c840b0de85785cdfc0f5449b2d219df26d4b7431d288c823ff7f1dd44af0d1f2bb55ba62ccfac49a95dc743e65489218d4c57faa1b30dcec9410cf67ed76f029200a4abee9d4293fd9642d16e862de79de3c21e2e06430c24362a1c2ab6ad2186fcbee2a6688ebed39a891874fc8f88e85e5414b05fb2412586c406f7ac97fc028fc598844b846e84c0c123c65d11b04b0fc6aec70f09f95d357b8312221779b30db1a121526fe3c104d4e28bcbd1ad35b", @generic="4062f18526dbdd52f0027ea8c3d8112eefd6d4af0bd069c94f5d8cced13cea70c7ebf1dd608df4e2ac5610975b293de9085e32ec63badcf321034dd1bc1dabb1272375869e529c23cc152b0ccb0ec1d88e32d3aa6c6c9bbfeb7f99a3a060d0f3277c8dad40aac11608726cb72af0af9edd81", @typed={0x8, 0x95, 0x0, 0x0, @fd=r6}, @generic="9178f70ee058f92f4ee04b047a8e318c69a6008eae78c3fa9df119d16ad9b549e7137d27139a7c92c5dc79be7f5cbc931f2c3659859c772473322da79007817c65b3186d6d591a79f69545767969dd6dc27f78a6ac4c1ffa4ec58f4deefeb65ad274da4b630921d6bcd629b227d910bb9b93952da559dc43b6d41e1807781a07e52b770378ad6835cccc7496d9d1a700adeec1"]}, @typed={0x14, 0x2d, 0x0, 0x0, @ipv6=@private2}, @nested={0x8, 0x52, 0x0, 0x1, [@typed={0x4, 0x6a}]}]}, 0x1258}, {&(0x7f00000002c0)={0x1c, 0x3e, 0x100, 0x70bd2b, 0x25dfdbff, "", [@generic="3be7ddeaf10221321838208d"]}, 0x1c}], 0x8, 0x0, 0x0, 0x4040011}, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:44:20 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:44:20 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0xc0a85322, &(0x7f0000000240))
ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f0000000040)={0x1, 0x0, 0x20, 0x200, 0x75b, 0x5})
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)
unshare(0x40080)

06:44:20 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
r3 = syz_open_dev$vcsn(&(0x7f0000000040), 0xffff, 0x40000)
r4 = semget$private(0x0, 0x6, 0x0)
semctl$IPC_SET(r4, 0x0, 0x1, &(0x7f0000000200)={{0x3}})
semop(r4, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)
ioctl$TCXONC(r3, 0x540a, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:44:35 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:44:35 executing program 6:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1000c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000100001800000000e1d2ffffffff00000000b6070000bc8a1f8268210e83e785c4cab6253b4b54", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB='./file0\x00'])
setregid(0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x800)
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000180)={{0x3, r3, 0xee01, 0x0, 0xee00, 0x89, 0x9}, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff})
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
statx(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x100, 0x8, &(0x7f0000000200))
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:44:35 executing program 3:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
r2 = getegid()
setregid(0x0, r2)
fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000100)={{}, {0x1, 0x3}, [], {0x4, 0x1}, [{0x8, 0x0, r2}, {0x8, 0x4, 0xffffffffffffffff}, {0x8, 0x6, 0xffffffffffffffff}], {0x10, 0x4}, {0x20, 0x6}}, 0x3c, 0x1)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>r0, {0xee01, <r4=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
r5 = getegid()
setresgid(r4, r5, 0x0)
semget$private(0x0, 0x1, 0x202)
r6 = semget$private(0x0, 0x6, 0x0)
semctl$IPC_SET(r6, 0x0, 0x1, &(0x7f0000000200)={{0x3}})
semctl$GETPID(r6, 0x4, 0xb, &(0x7f0000000140)=""/86)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)
ioctl$VFAT_IOCTL_READDIR_BOTH(r3, 0x82307201, &(0x7f0000000280)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

06:44:35 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
r2 = getegid()
setregid(0x0, r2)
fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000100)={{}, {0x1, 0x3}, [], {0x4, 0x1}, [{0x8, 0x0, r2}, {0x8, 0x4, 0xffffffffffffffff}, {0x8, 0x6, 0xffffffffffffffff}], {0x10, 0x4}, {0x20, 0x6}}, 0x3c, 0x1)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>r0, {0xee01, <r4=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
r5 = getegid()
setresgid(r4, r5, 0x0)
semget$private(0x0, 0x1, 0x202)
r6 = semget$private(0x0, 0x6, 0x0)
semctl$IPC_SET(r6, 0x0, 0x1, &(0x7f0000000200)={{0x3}})
semctl$GETPID(r6, 0x4, 0xb, &(0x7f0000000140)=""/86)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)
ioctl$VFAT_IOCTL_READDIR_BOTH(r3, 0x82307201, &(0x7f0000000280)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

06:44:35 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0)

06:44:35 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
r3 = syz_open_dev$vcsn(&(0x7f0000000040), 0xffff, 0x40000)
r4 = semget$private(0x0, 0x6, 0x0)
semctl$IPC_SET(r4, 0x0, 0x1, &(0x7f0000000200)={{0x3}})
semop(r4, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)
ioctl$TCXONC(r3, 0x540a, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:44:35 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x20, 0x81, 0x43, 0x80, 0x0, 0x8, 0x8880, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000040), 0x8}, 0x1028, 0x2, 0x4, 0xd, 0x8, 0x10001, 0x6, 0x0, 0x1, 0x0, 0x4}, 0x0, 0x3, r0, 0x12)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x4000)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)

06:44:35 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0xff, 0x20, 0x0, 0x6, 0x4008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(0xffffffffffffffff, r2, r2)
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x2, 0x2, &(0x7f00000002c0)=[{&(0x7f0000000140)="3a97a7415ed9cef7f79939a4119f89ec7adbbf88370c7c918abf54b6567cad033eea3d506e1792e76958dca0700955824ccd9cb78c552f0e999c322e43df56f22c97a01c88b4a155f730b7d24f69494170fa204443d4caa529a8a9297de9a1d9179780f35bb012631f138c63e9c783c47a5526", 0x73, 0xffff}, {&(0x7f00000001c0)="dfcec84cc9c8615d37f673dc4f3a61cd4b7874781d8d07a7a47c94913807e1d2d625672f1903c3720065f1553a92c5e3db0c198be2a9baab7061c9066f66406cd9df5578a915a131856851cf914087528b39120882761a3202a4f3c17ae7ced7b9a1b71cd1562cca7671d1dc7afc88f265dcc79bcf3870f7e6d9d84375360bae867eed44237e72be72c021b9d3de1d81886589a41e9fc813cd7a3af4c72781459614581990d140764c202442ae15388708d5273c90441307b276cb08669bf1f1c5b2a3185d6d854e1dbb2b4bbbf8", 0xce}], 0x1000, &(0x7f0000000300)={[{@nodots}, {@fat=@discard}, {@dots}], [{@euid_eq={'euid', 0x3d, r2}}, {@context={'context', 0x3d, 'root'}}]})
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000400)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r3=>0xffffffffffffffff, @ANYBLOB="2e2f5e9766696c6551a6d0e68feeaf992d5c7d2007fcecedfb30f76cd9eebed1f1f6f8e853f7fe26c78763fcf23acf438539a7ef59413246ec9c5a3eb2f8f3a925"])
setregid(0x0, 0x0)
r4 = getegid()
copy_file_range(0xffffffffffffffff, &(0x7f0000000340)=0x53, r1, &(0x7f0000000380), 0x47bdee35, 0x0)
setregid(0x0, r4)
r5 = getegid()
setregid(0x0, r5)
setresgid(r3, r3, r5)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:44:35 executing program 6:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1000c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000100001800000000e1d2ffffffff00000000b6070000bc8a1f8268210e83e785c4cab6253b4b54", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB='./file0\x00'])
setregid(0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x800)
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000180)={{0x3, r3, 0xee01, 0x0, 0xee00, 0x89, 0x9}, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff})
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
statx(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x100, 0x8, &(0x7f0000000200))
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:44:35 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDFONTOP_GET(r1, 0x4b72, &(0x7f0000001100)={0x1, 0x1, 0x4, 0x16, 0x82, &(0x7f0000001500)})
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r0, {0xee01, <r3=>0xffffffffffffffff}}, './file0\x00'})
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000001b00)={0x0, ""/256, <r5=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={0x0, <r6=>0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001300)={<r7=>0x0, ""/256, <r8=>0x0, <r9=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000007d440)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {r6}, {r6}, {}, {}, {}, {}, {}, {}, {}, {0x0, r9}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}], 0x0, "46dacd8396fe92"})
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000000100)={{r7, 0x4, 0x3ff, 0x9, 0x1, 0x200, 0x3, 0x2a1, 0x0, 0x1, 0x7fffffff, 0xd3, 0x0, 0x200, 0x4}})
setregid(0x0, 0x0)
setresgid(r3, r3, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x17)

06:44:35 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r1=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r1, r1, 0x0)
semget$private(0x0, 0x0, 0x1)
r2 = syz_open_dev$vcsn(&(0x7f0000000040), 0xffff, 0x40000)
r3 = semget$private(0x0, 0x6, 0x0)
semctl$IPC_SET(r3, 0x0, 0x1, &(0x7f0000000200)={{0x3}})
semop(r3, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)
ioctl$TCXONC(r2, 0x540a, 0x1)

06:44:35 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4, 0x10}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:44:35 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x20, 0x81, 0x43, 0x80, 0x0, 0x8, 0x8880, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, @perf_bp={&(0x7f0000000040), 0x8}, 0x1028, 0x2, 0x4, 0xd, 0x8, 0x10001, 0x6, 0x0, 0x1, 0x0, 0x4}, 0x0, 0x3, r0, 0x12)
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x4000)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)

06:44:35 executing program 3:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)
syz_io_uring_setup(0x11e1d, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x8000000}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000280)=<r3=>0x0, &(0x7f00000005c0))
r4 = syz_open_dev$mouse(&(0x7f0000000140), 0x7, 0x10000)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000300)=@IORING_OP_WRITE={0x17, 0x0, 0xe9950f12de09ba13, @fd=r4, 0x4, &(0x7f0000000240)="3b7a2fc62521ac08e77789707772db98d09cd91a781217000c0500a75d8ce23c9e25d277088818029925bf44f655eebda90a30813f076e743376ca379fd1e53bd89d6eef490ae3f072c74c06054bff5004797ea12b2a934eee2348ca2c0029369ce4abc4c975ce6b2793bda2467656baded1cef32a3d5c5977d24d587d9ea9fe9ddb1e1dc395425df26cd0daa5ac78bf506ab4f0", 0x94, 0x8, 0x0, {0x0, r5}}, 0x40)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r7, 0xc0a85322, &(0x7f0000000240))
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x4, 0x0, @fd_index=0x7, 0x0, 0x0, 0x8000, 0xe, 0x1, {0x0, r5, r7}}, 0xffff)

06:44:35 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)

06:44:36 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0)

06:44:51 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r1=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r1, r1, 0x0)
semget$private(0x0, 0x0, 0x1)
syz_open_dev$vcsn(&(0x7f0000000040), 0xffff, 0x40000)
r2 = semget$private(0x0, 0x6, 0x0)
semctl$IPC_SET(r2, 0x0, 0x1, &(0x7f0000000200)={{0x3}})
semop(r2, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

06:44:51 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:44:51 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000100)=""/65, 0x41}, {&(0x7f0000000180)=""/193, 0xc1}], 0x2, 0xfc00, 0x2)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:44:51 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x54, r4, 0x100, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x36}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3d}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0xc000}, 0x804)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:44:51 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = open(&(0x7f0000000140)='./file0\x00', 0x10000, 0x44)
accept4$unix(r4, &(0x7f0000000240), &(0x7f0000000180)=0x6e, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000040)={<r5=>0xffffffffffffffff, 0x9, 0x1, 0x100000000})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x8, 0x810, r5, 0x0)

06:44:51 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:44:51 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x2, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0)

06:44:51 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0xc0a85322, &(0x7f0000000240))
setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000000240)={0x33, 0x12, '\x00', [@hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @calipso={0x7, 0x10, {0x0, 0x2, 0x0, 0x8, [0x62647ffa]}}, @jumbo={0xc2, 0x4, 0x7}, @enc_lim={0x4, 0x1, 0x3f}, @generic={0x9, 0x60, "21e430b1e0e295cc5cd687cd89dab076a19b158993f9834e1b613f6917e7d7f2b93b0f54eacf7c69bc4046c94e95c4a0fd53d60bc892b701ce41f275919a56ffbad3e0b487e4705ad73829f7763e26007b54d8ff5f7fbc06a3d11288cd88b317"}, @ra={0x5, 0x2, 0x5d5a}]}, 0xa0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:45:05 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r1=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r1, r1, 0x0)
semget$private(0x0, 0x0, 0x1)
syz_open_dev$vcsn(&(0x7f0000000040), 0xffff, 0x40000)
r2 = semget$private(0x0, 0x6, 0x0)
semop(r2, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

06:45:05 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r4 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r4, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:45:05 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:45:05 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0xc0a85322, &(0x7f0000000240))
sendmsg$nl_xfrm(r5, &(0x7f0000000500)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000440)={&(0x7f0000000240)=@getsadinfo={0x1f8, 0x23, 0x100, 0x70bd2a, 0x25dfdbfc, 0x0, [@extra_flags={0x8, 0x18, 0x2}, @proto={0x5, 0x19, 0x33}, @algo_aead={0x10d, 0x12, {{'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x608, 0x0, "1a810a3f3d9eaf6695e7b1c69009d1a04dc66aad28e1049b3d0aecdbc85c5539c1ce4921d4aa2af1d57b0fa25ca1a6ea96a38edc2e3fedf6ed7419b229dd88e393dce2f179f57347511133d621c3d4d8e0523e3d48345bbcfb74490cab0c43f34534b0e3ddb85ff5c3b618d3ba4adb2d51090e5eeaadf5edbaf3d33c3dd9b109205f1711e9c7777f9656a51bfa4b45d630efb03c3de2f44b74a84b067728d02a281ddc7e3798b10d417f5d4c6c8485acbe283660b838726735696bd27c7f67a9f2"}}, @tmpl={0xc4, 0x5, [{{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d5, 0xff}, 0xa, @in6=@mcast2, 0x3507, 0x4, 0x2, 0x7f, 0x20, 0x7, 0x8}, {{@in6=@mcast2, 0x4d5, 0x2b}, 0xa, @in6=@private2, 0x3504, 0x1, 0x0, 0x20, 0xffffffff, 0xff, 0x343}, {{@in=@local, 0x4d2, 0x6c}, 0xa, @in=@private=0xa010100, 0x0, 0x2, 0x3, 0x9, 0x3, 0x1}]}]}, 0x1f8}, 0x1, 0x0, 0x0, 0x40000}, 0x20040010)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
get_mempolicy(&(0x7f0000000040), &(0x7f0000000140), 0xfffffffffffffff9, &(0x7f0000ffc000/0x2000)=nil, 0x6)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000800)='./file0\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
openat$dir(0xffffffffffffff9c, &(0x7f0000000840)='./file2\x00', 0x2503, 0x6)
setresuid(0xffffffffffffffff, r6, 0x0)
syz_mount_image$nfs4(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8, 0x5, &(0x7f0000000580)=[{&(0x7f0000000200)="1d88112530a336eba48946f32674b32dde4144bdf2d31c36d7f24eabc813a4c98791f6abdec865b67acd03ae8ea8bdd03cc890e2f048c18ed004e7402c29be5f8c3c2cb8559ca8271f16acb1c6d447ca764ffe2c1d199c0a4f7e33b32177785fb7e224f1282185a6e93be3c826f2f2dbb9d77f8f5398851be0228a7a592b7b480303e4398b30c9", 0x87, 0x7f}, {&(0x7f00000002c0)="9b13f249820dbfae2eed7a28a38a31f1860d6082ed9f4f09f1864dc1c1aa148ac2ef921cdd6791c5440ba29ea7dcd2f8fd22146b11d94b1cdf6c2cf5b0c57bbab067b8a4d30974b787c317844be2c4bb4aed87a8cb81c90581ebe213c843f106047b3379af4381e755bde04f9addabc06cc028ff41b62499b2f271c7c0049d403927ea033f9430ed", 0x88, 0x3}, {&(0x7f0000000380)="868f543322c350af8490f5f3ce77d01277f9b8a23b7e28549d5bcb37075de79686c3166774279a72e7d141bb240f7e1a4b7e17c7972f73ae069775c0689f3c43f71c6c479e7fa53a6499cd45223b6d2f0478af8cb9a989d5562d370c2adca9dc05898b1852d5c5b737f65e86659c323f2443d7050858e2", 0x77, 0x8001}, {&(0x7f0000000400)="7218ede0e482df79add95f647a4e53253b7006e098214077c9c37246faa4c5924bdfa7f584eadd24b9d9be01b27cac409ce2de09b299edcf902e351023a065da1d25d3ded84a124f76f20a38efc2ca9dfe2633c46fc28c00660335b90a04f6df5af683f571952dc83d903be03f17b7a58ccb8537b105944d13a9591e525ed307d1c0b147125600c4ed1040cd3fd4a73de0966e4ccb4ae08318f1fc0920b995a6f9c0dc9a290fb3c3df69e8fae1fad223f3b15aacda5806e6b61f92d7a77d8f0538d48f3cf83a665f5390dd69e6dc526a213961293a729cdc1156e8780d36df37b7956f5a6a810f404f2431e59bd2997919cd196e099a9653873cdd9eb28f", 0xfe, 0x4}, {&(0x7f0000000500)="a5010a39331e4e37b2898275c11619fefd1eeac82c0d1385f1c6b2dc1d94f809b9a7e76105a63a6dec97a14b235e36481c70f905dc63395addf8f4449fc71795e262c39d55e56dd440dfed7530181d61e50ac07e636c33db79f3", 0x5a, 0x7}], 0x51, &(0x7f0000000600)=ANY=[@ANYBLOB="5b7d2f2c6575296ce6", @ANYRESDEC=r6, @ANYBLOB="2c646566636f6e746578743d756e636f6e66696e65645f752c736d61636b66737472616e736d7574653d2d4000b721f95abb2c3b7fc0a94ab30bfb84aab59aa44fa8b5d2132f7a0baefcfe6b2a44eb7b09ba3ee8e2ba000000000000d07a64cc44f461d82f9078b5d8041975f944b74571c1ce65d90830ec0be3961f80e44e6ba6e108972c8b2f969bdb26d1e34ad5afe3fcdebea08bebea25106557f6a04ae531a4fe736d96890feaa6c032d4b879834cc49355159b0c9bc35aff5c9d83e6c76663a96e8e0756e8f9f9e4fb2b7eab75f94b1d395bcd9b3b3d3651802c6f626a5f726f6c653d2d40002c61707072616973652c6d6561737572652c736d61636b6673726f6f743d5cf5212c66736e616d653d3afa7d212c7375626a5f747970653d2d4000b721f95abb2c3b7fc0a94ab30bfb84aab59aa44fa8b5d2132f7a0baefcfe6b2a44eb7b09ba3ee8e2ba000000000000d07a64cc44f461d82f9078b5d8041975f944b74571c1ce65d90830ec0be3961f80e44e6ba6e108972c8b2f969bdb26d1e34ad5afe3fcdebea08bebea25106557f6a04ae531a4fe736d96890feaa6c032d4b879834cc49355159b0c9bc35aff5c9d83e6c76663a96e8e0756e8f9f9e4fb2b7eab75f94b1d395bcd9b3b3d3651802c00"])
stat(&(0x7f0000000880)='./file1\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setresuid(0xffffffffffffffff, r7, 0x0)

06:45:05 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
setresgid(r2, r2, r2)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:45:05 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
r4 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000040)='cpu.pressure\x00', 0x2, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
fcntl$dupfd(r5, 0x0, r5)
clock_gettime(0x0, &(0x7f0000000180)={<r6=>0x0, <r7=>0x0})
ppoll(&(0x7f0000000140)=[{r4, 0x110}, {r5, 0xc644}], 0x2, &(0x7f0000000240)={r6, r7+60000000}, &(0x7f0000000280)={[0x36]}, 0x8)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:45:05 executing program 6:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r0, {<r3=>0xee01, <r4=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r4, r4, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)
ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r5=>r0, {0x1}}, './file0\x00'})
getresgid(&(0x7f0000000100)=<r6=>0x0, &(0x7f0000000140), &(0x7f0000000180))
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {r3, r6}}, './file0\x00'})

06:45:05 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0)

[ 2064.325827] ======================================================
[ 2064.325827] WARNING: the mand mount option is being deprecated and
[ 2064.325827]          will be removed in v5.15!
[ 2064.325827] ======================================================
06:45:06 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r1=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r1, r1, 0x0)
semget$private(0x0, 0x0, 0x1)
syz_open_dev$vcsn(&(0x7f0000000040), 0xffff, 0x40000)
semop(0x0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

06:45:06 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x2000000000000000, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 2064.377929] nfs4: Unknown parameter '[}/'
06:45:06 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r1 = getegid()
setregid(0x0, r1)
setresgid(0x0, 0x0, r1)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000103002513963afd0218000000", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r3=>0xffffffffffffffff, @ANYBLOB='./file0\x00'])
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
fcntl$dupfd(r4, 0x0, r4)
fcntl$setown(r4, 0x8, 0xffffffffffffffff)
setregid(0x0, 0x0)
setresgid(r3, r3, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:45:06 executing program 3:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:45:06 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000004, 0x20010, r0, 0x10000000)

06:45:21 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x3, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:45:21 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r1=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r1, r1, 0x0)
semget$private(0x0, 0x0, 0x1)
syz_open_dev$vcsn(&(0x7f0000000040), 0xffff, 0x40000)
semop(0x0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

06:45:21 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r1 = getegid()
setregid(0x0, r1)
setresgid(0x0, 0x0, r1)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000103002513963afd0218000000", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r3=>0xffffffffffffffff, @ANYBLOB='./file0\x00'])
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
fcntl$dupfd(r4, 0x0, r4)
fcntl$setown(r4, 0x8, 0xffffffffffffffff)
setregid(0x0, 0x0)
setresgid(r3, r3, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:45:21 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r0, {0xee01, <r3=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
dup(r2)
setresgid(r3, r3, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:45:21 executing program 3:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:45:21 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:45:21 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0)

06:45:21 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:45:21 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0)
ioctl$VT_RESIZE(r3, 0x5609, &(0x7f0000000100)={0x3, 0x8, 0x400})

06:45:21 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

06:45:21 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r1=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r1, r1, 0x0)
semget$private(0x0, 0x0, 0x1)
syz_open_dev$vcsn(&(0x7f0000000040), 0xffff, 0x40000)
semop(0x0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

06:45:21 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

06:45:21 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000140)=ANY=[@ANYBLOB="010000321d61dcb1f4b44a805b4964ca5320959a452bc9c07ef05b2a5fb74bacf266604a8b2475958ca0d64c8a5d613f8813d52327153fe32c7cef5feb64033cbdfd1dfecf4c1e98dc236cb4ed13944baf338a49f5f593a5433691bdd622f1680961cc73705aa80dc53a18e012", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB='./file0\x00'])
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:45:21 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 2079.907878] FAULT_INJECTION: forcing a failure.
[ 2079.907878] name failslab, interval 1, probability 0, space 0, times 0
[ 2079.909190] CPU: 0 PID: 10493 Comm: syz-executor.0 Not tainted 5.10.173 #1
[ 2079.909932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2079.910838] Call Trace:
[ 2079.911129]  dump_stack+0x107/0x167
[ 2079.911529]  should_fail.cold+0x5/0xa
[ 2079.911947]  should_failslab+0x5/0x20
[ 2079.912360]  kmem_cache_alloc_bulk+0x4b/0x320
[ 2079.912865]  io_submit_sqes+0x7099/0x86e0
[ 2079.913317]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2079.913851]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2079.914393]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2079.914913]  ? lock_downgrade+0x6d0/0x6d0
[ 2079.915373]  ? find_held_lock+0x2c/0x110
[ 2079.915824]  ? io_submit_sqes+0x86e0/0x86e0
[ 2079.916299]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2079.916833]  ? wait_for_completion_io+0x270/0x270
[ 2079.917360]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2079.917860]  ? vfs_write+0x354/0xa70
[ 2079.918274]  ? fput_many+0x2f/0x1a0
[ 2079.918674]  ? ksys_write+0x1a9/0x260
[ 2079.919094]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2079.919661]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2079.920223]  do_syscall_64+0x33/0x40
[ 2079.920655]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2079.921214] RIP: 0033:0x7f7fb60aab19
[ 2079.921625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2079.923591] RSP: 002b:00007f7fb3620188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2079.924415] RAX: ffffffffffffffda RBX: 00007f7fb61bdf60 RCX: 00007f7fb60aab19
[ 2079.925188] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2079.925956] RBP: 00007f7fb36201d0 R08: 0000000000000000 R09: 0000000000000000
[ 2079.926730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2079.927497] R13: 00007ffdcfab6fff R14: 00007f7fb3620300 R15: 0000000000022000
[ 2079.949790] FAULT_INJECTION: forcing a failure.
[ 2079.949790] name failslab, interval 1, probability 0, space 0, times 0
[ 2079.951049] CPU: 0 PID: 10497 Comm: syz-executor.6 Not tainted 5.10.173 #1
[ 2079.951783] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2079.952668] Call Trace:
[ 2079.952951]  dump_stack+0x107/0x167
[ 2079.953352]  should_fail.cold+0x5/0xa
[ 2079.953759]  should_failslab+0x5/0x20
[ 2079.954160]  kmem_cache_alloc_bulk+0x4b/0x320
[ 2079.954640]  io_submit_sqes+0x7099/0x86e0
[ 2079.955089]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2079.955619]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2079.956147]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2079.956680]  ? lock_downgrade+0x6d0/0x6d0
[ 2079.957130]  ? find_held_lock+0x2c/0x110
[ 2079.957560]  ? io_submit_sqes+0x86e0/0x86e0
[ 2079.958025]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2079.958537]  ? wait_for_completion_io+0x270/0x270
[ 2079.959049]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2079.959547]  ? vfs_write+0x354/0xa70
[ 2079.959944]  ? fput_many+0x2f/0x1a0
[ 2079.960332]  ? ksys_write+0x1a9/0x260
[ 2079.960746]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2079.961299]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2079.961846]  do_syscall_64+0x33/0x40
[ 2079.962249]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2079.962791] RIP: 0033:0x7fa423b4bb19
[ 2079.963190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2079.965162] RSP: 002b:00007fa4210c1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2079.965957] RAX: ffffffffffffffda RBX: 00007fa423c5ef60 RCX: 00007fa423b4bb19
[ 2079.966720] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2079.967471] RBP: 00007fa4210c11d0 R08: 0000000000000000 R09: 0000000000000000
[ 2079.968223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2079.968976] R13: 00007fff81bac09f R14: 00007fa4210c1300 R15: 0000000000022000
06:45:21 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r1=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r1, r1, 0x0)
semget$private(0x0, 0x0, 0x1)
r2 = semget$private(0x0, 0x6, 0x0)
semop(r2, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

06:45:21 executing program 2:
r0 = perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0xff, 0x0, 0x0, 0x40000005e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x556, 0x1, @perf_bp={&(0x7f0000000040)}, 0x100, 0x800000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='blkio.bfq.idle_time\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:45:21 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r2=>0xffffffffffffffff}}, './file0\x00'})
r3 = getpgid(0xffffffffffffffff)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x2000, 0x1)
perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x9, 0x4, 0x73, 0x0, 0x0, 0xc0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7fffffff, 0x4, @perf_config_ext={0x1, 0xf3}, 0x20, 0x10001, 0x2, 0x8, 0x8000, 0x10001, 0x6, 0x0, 0x7, 0x0, 0x7f}, r3, 0xe, r4, 0xa)
setregid(0x0, 0x0)
setresgid(r2, r2, 0x0)
semget$private(0x0, 0x0, 0x1)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x3)

06:45:21 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r1=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r1, r1, 0x0)
semget$private(0x0, 0x0, 0x1)
syz_open_dev$vcsn(&(0x7f0000000040), 0xffff, 0x40000)
semop(0x0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

06:45:21 executing program 2:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 2080.174833] FAULT_INJECTION: forcing a failure.
[ 2080.174833] name failslab, interval 1, probability 0, space 0, times 0
[ 2080.176140] CPU: 0 PID: 10513 Comm: syz-executor.2 Not tainted 5.10.173 #1
[ 2080.176897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2080.177809] Call Trace:
[ 2080.178101]  dump_stack+0x107/0x167
[ 2080.178498]  should_fail.cold+0x5/0xa
[ 2080.178915]  should_failslab+0x5/0x20
[ 2080.179322]  kmem_cache_alloc_bulk+0x4b/0x320
[ 2080.179810]  io_submit_sqes+0x7099/0x86e0
[ 2080.180256]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2080.180794]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2080.181326]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2080.181852]  ? lock_downgrade+0x6d0/0x6d0
[ 2080.182295]  ? find_held_lock+0x2c/0x110
[ 2080.182735]  ? io_submit_sqes+0x86e0/0x86e0
[ 2080.183202]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2080.183721]  ? wait_for_completion_io+0x270/0x270
[ 2080.184232]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2080.184748]  ? vfs_write+0x354/0xa70
[ 2080.185150]  ? fput_many+0x2f/0x1a0
[ 2080.185161]  ? ksys_write+0x1a9/0x260
[ 2080.185176]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2080.185186]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2080.185200]  do_syscall_64+0x33/0x40
[ 2080.185212]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
06:45:22 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, <r1=>0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
setresgid(r1, r1, 0x0)
r2 = semget$private(0x0, 0x6, 0x0)
semop(r2, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

[ 2080.185220] RIP: 0033:0x7f89fccd7b19
[ 2080.185232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2080.185238] RSP: 002b:00007f89fa24d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2080.185250] RAX: ffffffffffffffda RBX: 00007f89fcdeaf60 RCX: 00007f89fccd7b19
[ 2080.185256] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2080.185263] RBP: 00007f89fa24d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2080.185269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2080.185275] R13: 00007ffdfdcd9b0f R14: 00007f89fa24d300 R15: 0000000000022000
06:45:35 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

[ 2093.295000] FAULT_INJECTION: forcing a failure.
[ 2093.295000] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.296471] CPU: 0 PID: 10527 Comm: syz-executor.3 Not tainted 5.10.173 #1
[ 2093.297325] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2093.298334] Call Trace:
[ 2093.298670]  dump_stack+0x107/0x167
[ 2093.299125]  should_fail.cold+0x5/0xa
[ 2093.299609]  ? __do_sys_memfd_create+0xfb/0x450
[ 2093.300183]  should_failslab+0x5/0x20
[ 2093.300654]  __kmalloc+0x72/0x330
[ 2093.301098]  __do_sys_memfd_create+0xfb/0x450
[ 2093.301651]  ? ksys_write+0x1a9/0x260
[ 2093.302118]  ? memfd_file_seals_ptr+0x170/0x170
[ 2093.302695]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2093.303383]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2093.304024]  do_syscall_64+0x33/0x40
[ 2093.304488]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2093.305128] RIP: 0033:0x7f9da5fd2b19
[ 2093.305609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2093.307978] RSP: 002b:00007f9da3547f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2093.309163] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 00007f9da5fd2b19
[ 2093.310243] RDX: 00007f9da3548000 RSI: 0000000000000000 RDI: 00007f9da602c0fb
[ 2093.311326] RBP: 0000000000000000 R08: 00007f9da3547ff8 R09: ffffffffffffffff
[ 2093.312412] R10: 00007f9da3547ffc R11: 0000000000000246 R12: 0000000020000140
[ 2093.313509] R13: 0000000020000180 R14: 0000000000000000 R15: 00000000200002c0
06:45:35 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:45:35 executing program 2:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:45:35 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x5, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0)

06:45:35 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]}) (fail_nth: 1)

06:45:35 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:45:35 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:45:35 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, 0xffffffffffffffff}}, './file0\x00'})
setregid(0x0, 0x0)
r1 = semget$private(0x0, 0x6, 0x0)
semop(r1, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

[ 2093.335297] FAULT_INJECTION: forcing a failure.
[ 2093.335297] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.337058] CPU: 0 PID: 10533 Comm: syz-executor.5 Not tainted 5.10.173 #1
[ 2093.337886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2093.338964] Call Trace:
[ 2093.339286]  dump_stack+0x107/0x167
[ 2093.339727]  should_fail.cold+0x5/0xa
[ 2093.340180]  should_failslab+0x5/0x20
[ 2093.340629]  kmem_cache_alloc_bulk+0x4b/0x320
[ 2093.341172]  io_submit_sqes+0x7099/0x86e0
[ 2093.341665]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2093.342259]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2093.342846]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2093.343426]  ? lock_downgrade+0x6d0/0x6d0
[ 2093.343908]  ? find_held_lock+0x2c/0x110
[ 2093.344429]  ? io_submit_sqes+0x86e0/0x86e0
[ 2093.344964]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2093.345559]  ? wait_for_completion_io+0x270/0x270
[ 2093.346133]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2093.346266] FAULT_INJECTION: forcing a failure.
[ 2093.346266] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.346704]  ? vfs_write+0x354/0xa70
[ 2093.346721]  ? fput_many+0x2f/0x1a0
[ 2093.346735]  ? ksys_write+0x1a9/0x260
[ 2093.346757]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2093.351252]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2093.351927]  do_syscall_64+0x33/0x40
[ 2093.352410]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2093.353074] RIP: 0033:0x7f6d68476b19
[ 2093.353558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2093.355917] RSP: 002b:00007f6d659ec188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2093.356892] RAX: ffffffffffffffda RBX: 00007f6d68589f60 RCX: 00007f6d68476b19
[ 2093.357806] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2093.358723] RBP: 00007f6d659ec1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2093.359637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2093.360547] R13: 00007ffea8e70e7f R14: 00007f6d659ec300 R15: 0000000000022000
[ 2093.361520] CPU: 1 PID: 10530 Comm: syz-executor.0 Not tainted 5.10.173 #1
[ 2093.363052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2093.364872] Call Trace:
[ 2093.365458]  dump_stack+0x107/0x167
[ 2093.366269]  should_fail.cold+0x5/0xa
[ 2093.367114]  ? create_object.isra.0+0x3a/0xa20
[ 2093.368120]  should_failslab+0x5/0x20
[ 2093.368969]  kmem_cache_alloc+0x5b/0x360
[ 2093.369391] FAULT_INJECTION: forcing a failure.
[ 2093.369391] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.369867]  create_object.isra.0+0x3a/0xa20
[ 2093.369894]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2093.373310]  kmem_cache_alloc_bulk+0x168/0x320
[ 2093.374316]  io_submit_sqes+0x7099/0x86e0
[ 2093.375225]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2093.376302]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2093.377396]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2093.378450]  ? lock_downgrade+0x6d0/0x6d0
[ 2093.379354]  ? find_held_lock+0x2c/0x110
[ 2093.380247]  ? io_submit_sqes+0x86e0/0x86e0
[ 2093.381217]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2093.382276]  ? wait_for_completion_io+0x270/0x270
[ 2093.383331]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2093.384330]  ? vfs_write+0x354/0xa70
[ 2093.385150]  ? fput_many+0x2f/0x1a0
[ 2093.385937]  ? ksys_write+0x1a9/0x260
[ 2093.386778]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2093.387902]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2093.389052]  do_syscall_64+0x33/0x40
[ 2093.389861]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2093.390973] RIP: 0033:0x7f7fb60aab19
[ 2093.391786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2093.395799] RSP: 002b:00007f7fb3620188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2093.397478] RAX: ffffffffffffffda RBX: 00007f7fb61bdf60 RCX: 00007f7fb60aab19
[ 2093.399037] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2093.400597] RBP: 00007f7fb36201d0 R08: 0000000000000000 R09: 0000000000000000
[ 2093.402153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2093.403714] R13: 00007ffdcfab6fff R14: 00007f7fb3620300 R15: 0000000000022000
[ 2093.405306] CPU: 0 PID: 10536 Comm: syz-executor.6 Not tainted 5.10.173 #1
[ 2093.406200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2093.407268] Call Trace:
[ 2093.407596]  dump_stack+0x107/0x167
[ 2093.408063]  should_fail.cold+0x5/0xa
[ 2093.408548]  ? create_object.isra.0+0x3a/0xa20
[ 2093.409134]  should_failslab+0x5/0x20
[ 2093.409618]  kmem_cache_alloc+0x5b/0x360
[ 2093.410130]  create_object.isra.0+0x3a/0xa20
[ 2093.410686]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2093.411330]  kmem_cache_alloc_bulk+0x168/0x320
[ 2093.411911]  io_submit_sqes+0x7099/0x86e0
[ 2093.412434]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2093.413077]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2093.413708]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2093.414308]  ? io_submit_sqes+0x86e0/0x86e0
[ 2093.414866]  ? recalibrate_cpu_khz+0x10/0x10
[ 2093.415425]  ? ktime_get+0x158/0x1f0
[ 2093.415906]  ? lapic_timer_set_periodic+0x60/0x60
[ 2093.416515]  ? clockevents_program_event+0x131/0x360
[ 2093.417188]  ? tick_program_event+0xa8/0x140
[ 2093.417206]  ? hrtimer_interrupt+0x771/0x9b0
[ 2093.417236]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2093.417253]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2093.417272]  do_syscall_64+0x33/0x40
[ 2093.417292]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
06:45:35 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]}) (fail_nth: 2)

[ 2093.417307] RIP: 0033:0x7fa423b4bb19
[ 2093.417327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2093.417334] RSP: 002b:00007fa4210c1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2093.417347] RAX: ffffffffffffffda RBX: 00007fa423c5ef60 RCX: 00007fa423b4bb19
[ 2093.417363] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2093.417377] RBP: 00007fa4210c11d0 R08: 0000000000000000 R09: 0000000000000000
06:45:35 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 2093.417392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2093.417407] R13: 00007fff81bac09f R14: 00007fa4210c1300 R15: 0000000000022000
[ 2093.423710] FAULT_INJECTION: forcing a failure.
[ 2093.423710] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.423723] CPU: 0 PID: 10528 Comm: syz-executor.2 Not tainted 5.10.173 #1
[ 2093.423730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2093.423734] Call Trace:
[ 2093.423745]  dump_stack+0x107/0x167
[ 2093.423761]  should_fail.cold+0x5/0xa
[ 2093.423773]  ? create_object.isra.0+0x3a/0xa20
[ 2093.423786]  should_failslab+0x5/0x20
[ 2093.423797]  kmem_cache_alloc+0x5b/0x360
[ 2093.423814]  create_object.isra.0+0x3a/0xa20
[ 2093.423826]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2093.423843]  kmem_cache_alloc_bulk+0x168/0x320
06:45:35 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

[ 2093.423859]  io_submit_sqes+0x7099/0x86e0
[ 2093.423874]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2093.423905]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2093.423916]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2093.423932]  ? lock_downgrade+0x6d0/0x6d0
[ 2093.423942]  ? find_held_lock+0x2c/0x110
06:45:35 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]}) (fail_nth: 3)

[ 2093.423958]  ? io_submit_sqes+0x86e0/0x86e0
[ 2093.423976]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2093.423992]  ? wait_for_completion_io+0x270/0x270
[ 2093.424006]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2093.424016]  ? vfs_write+0x354/0xa70
[ 2093.424031]  ? fput_many+0x2f/0x1a0
[ 2093.424043]  ? ksys_write+0x1a9/0x260
[ 2093.424061]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2093.424072]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2093.424088]  do_syscall_64+0x33/0x40
[ 2093.424102]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2093.424110] RIP: 0033:0x7f89fccd7b19
[ 2093.424122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2093.424129] RSP: 002b:00007f89fa24d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2093.424143] RAX: ffffffffffffffda RBX: 00007f89fcdeaf60 RCX: 00007f89fccd7b19
[ 2093.424151] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2093.424157] RBP: 00007f89fa24d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2093.424164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2093.424172] R13: 00007ffdfdcd9b0f R14: 00007f89fa24d300 R15: 0000000000022000
[ 2093.499627] FAULT_INJECTION: forcing a failure.
[ 2093.499627] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.499641] CPU: 0 PID: 10546 Comm: syz-executor.3 Not tainted 5.10.173 #1
[ 2093.499648] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2093.499651] Call Trace:
[ 2093.499664]  dump_stack+0x107/0x167
[ 2093.499679]  should_fail.cold+0x5/0xa
[ 2093.499692]  ? create_object.isra.0+0x3a/0xa20
[ 2093.499705]  should_failslab+0x5/0x20
[ 2093.499717]  kmem_cache_alloc+0x5b/0x360
[ 2093.499736]  create_object.isra.0+0x3a/0xa20
[ 2093.499747]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2093.499762]  __kmalloc+0x16e/0x330
[ 2093.499777]  __do_sys_memfd_create+0xfb/0x450
[ 2093.499788]  ? ksys_write+0x1a9/0x260
[ 2093.499799]  ? memfd_file_seals_ptr+0x170/0x170
[ 2093.499815]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2093.499826]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2093.499842]  do_syscall_64+0x33/0x40
[ 2093.499855]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2093.499863] RIP: 0033:0x7f9da5fd2b19
[ 2093.499875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2093.499882] RSP: 002b:00007f9da3547f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2093.499895] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 00007f9da5fd2b19
[ 2093.499902] RDX: 00007f9da3548000 RSI: 0000000000000000 RDI: 00007f9da602c0fb
[ 2093.499910] RBP: 0000000000000000 R08: 00007f9da3547ff8 R09: ffffffffffffffff
[ 2093.499917] R10: 00007f9da3547ffc R11: 0000000000000246 R12: 0000000020000140
[ 2093.499924] R13: 0000000020000180 R14: 0000000000000000 R15: 00000000200002c0
[ 2093.624877] ISOFS: Unable to identify CD-ROM format.
[ 2093.742542] FAULT_INJECTION: forcing a failure.
[ 2093.742542] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.742567] CPU: 0 PID: 10556 Comm: syz-executor.0 Not tainted 5.10.173 #1
[ 2093.742574] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2093.742579] Call Trace:
[ 2093.742596]  dump_stack+0x107/0x167
[ 2093.742614]  should_fail.cold+0x5/0xa
[ 2093.742629]  ? create_object.isra.0+0x3a/0xa20
[ 2093.742643]  should_failslab+0x5/0x20
[ 2093.742655]  kmem_cache_alloc+0x5b/0x360
[ 2093.742668]  ? mark_held_locks+0x9e/0xe0
[ 2093.742682]  create_object.isra.0+0x3a/0xa20
[ 2093.742694]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2093.742709]  kmem_cache_alloc_bulk+0x168/0x320
[ 2093.742726]  io_submit_sqes+0x7099/0x86e0
[ 2093.742741]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2093.742769]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2093.742779]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2093.742793]  ? lock_downgrade+0x6d0/0x6d0
[ 2093.742803]  ? find_held_lock+0x2c/0x110
[ 2093.742818]  ? io_submit_sqes+0x86e0/0x86e0
[ 2093.742836]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2093.742851]  ? wait_for_completion_io+0x270/0x270
[ 2093.742865]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2093.742875]  ? vfs_write+0x354/0xa70
[ 2093.742889]  ? fput_many+0x2f/0x1a0
[ 2093.742901]  ? ksys_write+0x1a9/0x260
[ 2093.742918]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2093.742929]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2093.742950]  do_syscall_64+0x33/0x40
[ 2093.742963]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2093.742971] RIP: 0033:0x7f7fb60aab19
[ 2093.742983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2093.742990] RSP: 002b:00007f7fb3620188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2093.743003] RAX: ffffffffffffffda RBX: 00007f7fb61bdf60 RCX: 00007f7fb60aab19
[ 2093.743010] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2093.743016] RBP: 00007f7fb36201d0 R08: 0000000000000000 R09: 0000000000000000
[ 2093.743023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2093.743030] R13: 00007ffdcfab6fff R14: 00007f7fb3620300 R15: 0000000000022000
[ 2093.768743] FAULT_INJECTION: forcing a failure.
[ 2093.768743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2093.821349] CPU: 0 PID: 10558 Comm: syz-executor.3 Not tainted 5.10.173 #1
[ 2093.821355] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2093.821359] Call Trace:
[ 2093.821371]  dump_stack+0x107/0x167
[ 2093.821385]  should_fail.cold+0x5/0xa
[ 2093.821399]  _copy_from_user+0x2e/0x1b0
[ 2093.821412]  __do_sys_memfd_create+0x16d/0x450
[ 2093.821423]  ? memfd_file_seals_ptr+0x170/0x170
[ 2093.821436]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2093.821446]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2093.821466]  do_syscall_64+0x33/0x40
[ 2093.827622]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2093.828143] RIP: 0033:0x7f9da5fd2b19
[ 2093.828549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2093.830404] RSP: 002b:00007f9da3547f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2093.831178] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 00007f9da5fd2b19
[ 2093.831903] RDX: 00007f9da3548000 RSI: 0000000000000000 RDI: 00007f9da602c0fb
[ 2093.832650] RBP: 0000000000000000 R08: 00007f9da3547ff8 R09: ffffffffffffffff
[ 2093.833394] R10: 00007f9da3547ffc R11: 0000000000000246 R12: 0000000020000140
[ 2093.834135] R13: 0000000020000180 R14: 0000000000000000 R15: 00000000200002c0
06:45:35 executing program 2:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 2094.011331] FAULT_INJECTION: forcing a failure.
[ 2094.011331] name failslab, interval 1, probability 0, space 0, times 0
[ 2094.014101] CPU: 1 PID: 10563 Comm: syz-executor.2 Not tainted 5.10.173 #1
[ 2094.015616] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2094.017405] Call Trace:
[ 2094.017990]  dump_stack+0x107/0x167
[ 2094.018784]  should_fail.cold+0x5/0xa
[ 2094.019623]  ? create_object.isra.0+0x3a/0xa20
[ 2094.020613]  should_failslab+0x5/0x20
[ 2094.021454]  kmem_cache_alloc+0x5b/0x360
[ 2094.022335]  ? mark_held_locks+0x9e/0xe0
[ 2094.023226]  create_object.isra.0+0x3a/0xa20
[ 2094.024182]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2094.025289]  kmem_cache_alloc_bulk+0x168/0x320
[ 2094.026290]  io_submit_sqes+0x7099/0x86e0
[ 2094.027195]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2094.028270]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2094.029379]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2094.030421]  ? lock_downgrade+0x6d0/0x6d0
[ 2094.031320]  ? find_held_lock+0x2c/0x110
[ 2094.032199]  ? io_submit_sqes+0x86e0/0x86e0
[ 2094.033177]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2094.034219]  ? wait_for_completion_io+0x270/0x270
[ 2094.035285]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2094.036284]  ? vfs_write+0x354/0xa70
[ 2094.037112]  ? fput_many+0x2f/0x1a0
[ 2094.037898]  ? ksys_write+0x1a9/0x260
[ 2094.038735]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2094.039857]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2094.040993]  do_syscall_64+0x33/0x40
[ 2094.041799]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2094.042910] RIP: 0033:0x7f89fccd7b19
[ 2094.043715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2094.047747] RSP: 002b:00007f89fa24d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2094.049421] RAX: ffffffffffffffda RBX: 00007f89fcdeaf60 RCX: 00007f89fccd7b19
[ 2094.050963] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2094.052507] RBP: 00007f89fa24d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2094.054056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2094.055594] R13: 00007ffdfdcd9b0f R14: 00007f89fa24d300 R15: 0000000000022000
06:45:49 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xee01, 0xffffffffffffffff}}, './file0\x00'})
r1 = semget$private(0x0, 0x6, 0x0)
semop(r1, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

06:45:49 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:45:49 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:45:49 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]}) (fail_nth: 4)

06:45:49 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x6, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0)

06:45:49 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

06:45:49 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:45:49 executing program 2:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 2108.084770] FAULT_INJECTION: forcing a failure.
[ 2108.084770] name failslab, interval 1, probability 0, space 0, times 0
[ 2108.086089] CPU: 1 PID: 10581 Comm: syz-executor.3 Not tainted 5.10.173 #1
[ 2108.087083] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2108.088270] Call Trace:
[ 2108.088650]  dump_stack+0x107/0x167
[ 2108.089185]  should_fail.cold+0x5/0xa
[ 2108.089735]  ? shmem_alloc_inode+0x18/0x40
[ 2108.090340]  should_failslab+0x5/0x20
[ 2108.090885]  kmem_cache_alloc+0x5b/0x360
[ 2108.091469]  ? shmem_destroy_inode+0x70/0x70
[ 2108.092095]  shmem_alloc_inode+0x18/0x40
[ 2108.092667]  ? shmem_destroy_inode+0x70/0x70
[ 2108.093313]  alloc_inode+0x63/0x240
[ 2108.093832]  new_inode+0x23/0x250
[ 2108.094330]  shmem_get_inode+0x15e/0xbc0
[ 2108.094907]  __shmem_file_setup+0xb8/0x320
[ 2108.095508]  ? _copy_from_user+0xfb/0x1b0
[ 2108.096098]  __do_sys_memfd_create+0x275/0x450
[ 2108.096662]  ? memfd_file_seals_ptr+0x170/0x170
[ 2108.097184]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2108.097753]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2108.098321]  do_syscall_64+0x33/0x40
[ 2108.098728]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2108.099282] RIP: 0033:0x7f9da5fd2b19
[ 2108.099693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2108.101673] RSP: 002b:00007f9da3547f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2108.102495] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 00007f9da5fd2b19
[ 2108.103264] RDX: 00007f9da3548000 RSI: 0000000000000000 RDI: 00007f9da602c0fb
[ 2108.104041] RBP: 0000000000000000 R08: 00007f9da3547ff8 R09: ffffffffffffffff
[ 2108.104811] R10: 00007f9da3547ffc R11: 0000000000000246 R12: 0000000020000140
[ 2108.105592] R13: 0000000020000180 R14: 0000000000000000 R15: 00000000200002c0
[ 2108.107972] FAULT_INJECTION: forcing a failure.
[ 2108.107972] name failslab, interval 1, probability 0, space 0, times 0
[ 2108.110601] CPU: 0 PID: 10571 Comm: syz-executor.6 Not tainted 5.10.173 #1
[ 2108.112013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2108.113714] Call Trace:
[ 2108.114255]  dump_stack+0x107/0x167
[ 2108.115012]  should_fail.cold+0x5/0xa
[ 2108.115958]  ? create_object.isra.0+0x3a/0xa20
[ 2108.116903]  should_failslab+0x5/0x20
[ 2108.117786]  kmem_cache_alloc+0x5b/0x360
[ 2108.118654]  ? mark_held_locks+0x9e/0xe0
[ 2108.119534]  create_object.isra.0+0x3a/0xa20
[ 2108.120474]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
06:45:49 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f00000000c0)={0x3})
r1 = semget$private(0x0, 0x6, 0x0)
semop(r1, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

[ 2108.121582]  kmem_cache_alloc_bulk+0x168/0x320
[ 2108.122762]  io_submit_sqes+0x7099/0x86e0
[ 2108.123630]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2108.124850]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2108.125894]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2108.127081]  ? lock_downgrade+0x6d0/0x6d0
[ 2108.127875] FAULT_INJECTION: forcing a failure.
[ 2108.127875] name failslab, interval 1, probability 0, space 0, times 0
[ 2108.127929]  ? find_held_lock+0x2c/0x110
[ 2108.129952]  ? io_submit_sqes+0x86e0/0x86e0
[ 2108.131019]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2108.132003]  ? wait_for_completion_io+0x270/0x270
[ 2108.133198]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2108.134136]  ? vfs_write+0x354/0xa70
[ 2108.135051]  ? fput_many+0x2f/0x1a0
[ 2108.135797]  ? ksys_write+0x1a9/0x260
[ 2108.136736]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2108.137819]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2108.138992]  do_syscall_64+0x33/0x40
[ 2108.139746]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2108.140777] RIP: 0033:0x7fa423b4bb19
[ 2108.141543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2108.145232] RSP: 002b:00007fa4210c1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2108.146746] RAX: ffffffffffffffda RBX: 00007fa423c5ef60 RCX: 00007fa423b4bb19
[ 2108.148172] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2108.149607] RBP: 00007fa4210c11d0 R08: 0000000000000000 R09: 0000000000000000
[ 2108.151045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2108.152470] R13: 00007fff81bac09f R14: 00007fa4210c1300 R15: 0000000000022000
[ 2108.153926] CPU: 1 PID: 10579 Comm: syz-executor.5 Not tainted 5.10.173 #1
[ 2108.154845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2108.155940] Call Trace:
[ 2108.156305]  dump_stack+0x107/0x167
[ 2108.156777]  should_fail.cold+0x5/0xa
[ 2108.157271]  ? create_object.isra.0+0x3a/0xa20
[ 2108.157867]  should_failslab+0x5/0x20
[ 2108.158361]  kmem_cache_alloc+0x5b/0x360
[ 2108.158906]  create_object.isra.0+0x3a/0xa20
[ 2108.159485]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2108.160146]  kmem_cache_alloc_bulk+0x168/0x320
[ 2108.160734]  io_submit_sqes+0x7099/0x86e0
[ 2108.161285]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2108.161924]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2108.162570]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2108.163195]  ? lock_downgrade+0x6d0/0x6d0
[ 2108.163731]  ? find_held_lock+0x2c/0x110
[ 2108.164255]  ? io_submit_sqes+0x86e0/0x86e0
[ 2108.164819]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2108.165490]  ? wait_for_completion_io+0x270/0x270
[ 2108.166126]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2108.166734]  ? vfs_write+0x354/0xa70
[ 2108.167041] FAULT_INJECTION: forcing a failure.
[ 2108.167041] name failslab, interval 1, probability 0, space 0, times 0
[ 2108.167231]  ? fput_many+0x2f/0x1a0
[ 2108.169791]  ? ksys_write+0x1a9/0x260
[ 2108.170298]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2108.170869]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2108.171528]  do_syscall_64+0x33/0x40
[ 2108.171940]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2108.172594] RIP: 0033:0x7f6d68476b19
[ 2108.173019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2108.175333] RSP: 002b:00007f6d659ec188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2108.176313] RAX: ffffffffffffffda RBX: 00007f6d68589f60 RCX: 00007f6d68476b19
[ 2108.177177] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2108.178004] RBP: 00007f6d659ec1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2108.178833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2108.179670] R13: 00007ffea8e70e7f R14: 00007f6d659ec300 R15: 0000000000022000
[ 2108.180525] CPU: 0 PID: 10583 Comm: syz-executor.2 Not tainted 5.10.173 #1
[ 2108.182094] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2108.183951] Call Trace:
[ 2108.184545]  dump_stack+0x107/0x167
[ 2108.185388]  should_fail.cold+0x5/0xa
[ 2108.186247]  ? create_object.isra.0+0x3a/0xa20
[ 2108.187272]  should_failslab+0x5/0x20
[ 2108.188126]  kmem_cache_alloc+0x5b/0x360
[ 2108.189046]  ? mark_held_locks+0x9e/0xe0
[ 2108.189965]  create_object.isra.0+0x3a/0xa20
[ 2108.190952]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2108.192100]  kmem_cache_alloc_bulk+0x168/0x320
[ 2108.193155]  io_submit_sqes+0x7099/0x86e0
[ 2108.194090]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2108.195196]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2108.196329]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2108.196358]  ? lock_downgrade+0x6d0/0x6d0
[ 2108.196376]  ? find_held_lock+0x2c/0x110
[ 2108.196406]  ? io_submit_sqes+0x86e0/0x86e0
[ 2108.196439]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2108.196468]  ? wait_for_completion_io+0x270/0x270
[ 2108.196494]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2108.196513]  ? vfs_write+0x354/0xa70
[ 2108.196540]  ? fput_many+0x2f/0x1a0
[ 2108.196563]  ? ksys_write+0x1a9/0x260
[ 2108.196596]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2108.196617]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2108.196647]  do_syscall_64+0x33/0x40
[ 2108.196672]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2108.196687] RIP: 0033:0x7f89fccd7b19
[ 2108.196710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2108.196723] RSP: 002b:00007f89fa24d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2108.196748] RAX: ffffffffffffffda RBX: 00007f89fcdeaf60 RCX: 00007f89fccd7b19
[ 2108.196761] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2108.196774] RBP: 00007f89fa24d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2108.196787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2108.196801] R13: 00007ffdfdcd9b0f R14: 00007f89fa24d300 R15: 0000000000022000
[ 2108.210981] FAULT_INJECTION: forcing a failure.
[ 2108.210981] name failslab, interval 1, probability 0, space 0, times 0
[ 2108.211024] CPU: 0 PID: 10582 Comm: syz-executor.0 Not tainted 5.10.173 #1
[ 2108.211036] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2108.211044] Call Trace:
[ 2108.211066]  dump_stack+0x107/0x167
[ 2108.211094]  should_fail.cold+0x5/0xa
[ 2108.211113]  ? create_object.isra.0+0x3a/0xa20
[ 2108.211133]  ? create_object.isra.0+0x3a/0xa20
[ 2108.211157]  should_failslab+0x5/0x20
[ 2108.211177]  kmem_cache_alloc+0x5b/0x360
[ 2108.211198]  ? mark_held_locks+0x9e/0xe0
[ 2108.211225]  create_object.isra.0+0x3a/0xa20
[ 2108.211247]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2108.211278]  kmem_cache_alloc_bulk+0x168/0x320
[ 2108.211308]  io_submit_sqes+0x7099/0x86e0
[ 2108.211336]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2108.211391]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
06:45:50 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

[ 2108.211412]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2108.211440]  ? lock_downgrade+0x6d0/0x6d0
[ 2108.211458]  ? find_held_lock+0x2c/0x110
[ 2108.211487]  ? io_submit_sqes+0x86e0/0x86e0
[ 2108.211524]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2108.211552]  ? wait_for_completion_io+0x270/0x270
[ 2108.211578]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2108.211597]  ? vfs_write+0x354/0xa70
[ 2108.211623]  ? fput_many+0x2f/0x1a0
[ 2108.211647]  ? ksys_write+0x1a9/0x260
[ 2108.211679]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2108.211700]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2108.211729]  do_syscall_64+0x33/0x40
[ 2108.211754]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2108.211769] RIP: 0033:0x7f7fb60aab19
[ 2108.211791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2108.211804] RSP: 002b:00007f7fb3620188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2108.211828] RAX: ffffffffffffffda RBX: 00007f7fb61bdf60 RCX: 00007f7fb60aab19
[ 2108.211842] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2108.211855] RBP: 00007f7fb36201d0 R08: 0000000000000000 R09: 0000000000000000
[ 2108.211868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
06:45:50 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]}) (fail_nth: 5)

[ 2108.211882] R13: 00007ffdcfab6fff R14: 00007f7fb3620300 R15: 0000000000022000
06:45:50 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x7, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0)

06:45:50 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = semget$private(0x0, 0x6, 0x0)
semop(r1, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

[ 2108.444326] FAULT_INJECTION: forcing a failure.
[ 2108.444326] name failslab, interval 1, probability 0, space 0, times 0
[ 2108.447125] CPU: 0 PID: 10594 Comm: syz-executor.0 Not tainted 5.10.173 #1
[ 2108.448529] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2108.450221] Call Trace:
[ 2108.450763]  dump_stack+0x107/0x167
[ 2108.451510]  should_fail.cold+0x5/0xa
[ 2108.452278]  ? create_object.isra.0+0x3a/0xa20
[ 2108.453227]  should_failslab+0x5/0x20
[ 2108.454163]  kmem_cache_alloc+0x5b/0x360
[ 2108.455150]  ? mark_held_locks+0x9e/0xe0
[ 2108.456139]  create_object.isra.0+0x3a/0xa20
[ 2108.457218]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2108.458444]  kmem_cache_alloc_bulk+0x168/0x320
[ 2108.459549]  io_submit_sqes+0x7099/0x86e0
[ 2108.460554]  ? percpu_ref_tryget_many+0x166/0x2d0
06:45:50 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = semget$private(0x0, 0x6, 0x0)
semop(r1, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

[ 2108.461760]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2108.462979]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2108.463949]  ? lock_downgrade+0x6d0/0x6d0
[ 2108.464773]  ? find_held_lock+0x2c/0x110
[ 2108.465612]  ? io_submit_sqes+0x86e0/0x86e0
[ 2108.466488]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2108.467458]  ? wait_for_completion_io+0x270/0x270
[ 2108.468426]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2108.469377]  ? vfs_write+0x354/0xa70
[ 2108.470124]  ? fput_many+0x2f/0x1a0
[ 2108.470859]  ? ksys_write+0x1a9/0x260
[ 2108.471631]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2108.472673]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2108.473716]  do_syscall_64+0x33/0x40
[ 2108.474466]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2108.475504] RIP: 0033:0x7f7fb60aab19
[ 2108.476248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2108.479906] RSP: 002b:00007f7fb3620188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2108.481420] RAX: ffffffffffffffda RBX: 00007f7fb61bdf60 RCX: 00007f7fb60aab19
[ 2108.482841] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2108.484250] RBP: 00007f7fb36201d0 R08: 0000000000000000 R09: 0000000000000000
[ 2108.485711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2108.487129] R13: 00007ffdcfab6fff R14: 00007f7fb3620300 R15: 0000000000022000
[ 2108.494596] FAULT_INJECTION: forcing a failure.
[ 2108.494596] name failslab, interval 1, probability 0, space 0, times 0
[ 2108.496963] CPU: 0 PID: 10601 Comm: syz-executor.3 Not tainted 5.10.173 #1
[ 2108.498355] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2108.500002] Call Trace:
[ 2108.500528]  dump_stack+0x107/0x167
[ 2108.501429]  should_fail.cold+0x5/0xa
[ 2108.502209]  ? create_object.isra.0+0x3a/0xa20
[ 2108.503132]  should_failslab+0x5/0x20
[ 2108.504045]  kmem_cache_alloc+0x5b/0x360
[ 2108.504895]  create_object.isra.0+0x3a/0xa20
[ 2108.505956]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2108.506979]  kmem_cache_alloc+0x159/0x360
[ 2108.507814]  ? shmem_destroy_inode+0x70/0x70
[ 2108.508891]  shmem_alloc_inode+0x18/0x40
[ 2108.509713]  ? shmem_destroy_inode+0x70/0x70
[ 2108.510762]  alloc_inode+0x63/0x240
[ 2108.511495]  new_inode+0x23/0x250
[ 2108.512332]  shmem_get_inode+0x15e/0xbc0
[ 2108.513174]  __shmem_file_setup+0xb8/0x320
[ 2108.514036]  ? _copy_from_user+0xfb/0x1b0
[ 2108.514865]  __do_sys_memfd_create+0x275/0x450
[ 2108.515772]  ? memfd_file_seals_ptr+0x170/0x170
[ 2108.516703]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2108.517753]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2108.518807]  do_syscall_64+0x33/0x40
[ 2108.519561]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2108.520571] RIP: 0033:0x7f9da5fd2b19
[ 2108.521342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2108.525900] RSP: 002b:00007f9da3547f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2108.527700] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 00007f9da5fd2b19
[ 2108.529162] RDX: 00007f9da3548000 RSI: 0000000000000000 RDI: 00007f9da602c0fb
[ 2108.530678] RBP: 0000000000000000 R08: 00007f9da3547ff8 R09: ffffffffffffffff
[ 2108.532114] R10: 00007f9da3547ffc R11: 0000000000000246 R12: 0000000020000140
06:45:50 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 2108.533558] R13: 0000000020000180 R14: 0000000000000000 R15: 00000000200002c0
06:45:50 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
readv(0xffffffffffffffff, 0x0, 0x0)
r1 = semget$private(0x0, 0x6, 0x0)
semop(r1, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

[ 2108.592789] FAULT_INJECTION: forcing a failure.
[ 2108.592789] name failslab, interval 1, probability 0, space 0, times 0
[ 2108.594217] CPU: 1 PID: 10606 Comm: syz-executor.6 Not tainted 5.10.173 #1
[ 2108.594918] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2108.595748] Call Trace:
[ 2108.596019]  dump_stack+0x107/0x167
[ 2108.596391]  should_fail.cold+0x5/0xa
[ 2108.596778]  ? create_object.isra.0+0x3a/0xa20
[ 2108.597253]  should_failslab+0x5/0x20
[ 2108.597645]  kmem_cache_alloc+0x5b/0x360
[ 2108.598055]  ? mark_held_locks+0x9e/0xe0
[ 2108.598504]  create_object.isra.0+0x3a/0xa20
[ 2108.598952]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2108.599467]  kmem_cache_alloc_bulk+0x168/0x320
[ 2108.599931]  io_submit_sqes+0x7099/0x86e0
[ 2108.600357]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2108.600877]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2108.601379]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2108.601866]  ? lock_downgrade+0x6d0/0x6d0
[ 2108.602318]  ? find_held_lock+0x2c/0x110
[ 2108.602730]  ? io_submit_sqes+0x86e0/0x86e0
[ 2108.603187]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2108.603677]  ? wait_for_completion_io+0x270/0x270
[ 2108.604207]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2108.604679]  ? vfs_write+0x354/0xa70
[ 2108.605103]  ? fput_many+0x2f/0x1a0
[ 2108.605473]  ? ksys_write+0x1a9/0x260
[ 2108.605856]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2108.606382]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2108.606910]  do_syscall_64+0x33/0x40
[ 2108.607288]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2108.607843] RIP: 0033:0x7fa423b4bb19
[ 2108.608227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2108.610061] RSP: 002b:00007fa4210c1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2108.610821] RAX: ffffffffffffffda RBX: 00007fa423c5ef60 RCX: 00007fa423b4bb19
[ 2108.611534] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2108.612321] RBP: 00007fa4210c11d0 R08: 0000000000000000 R09: 0000000000000000
[ 2108.613038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2108.613819] R13: 00007fff81bac09f R14: 00007fa4210c1300 R15: 0000000000022000
06:45:50 executing program 1:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000100)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r1 = semget$private(0x0, 0x6, 0x0)
semop(r1, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

[ 2108.737482] ISOFS: Unable to identify CD-ROM format.
[ 2123.184524] FAULT_INJECTION: forcing a failure.
[ 2123.184524] name failslab, interval 1, probability 0, space 0, times 0
[ 2123.186242] CPU: 0 PID: 10623 Comm: syz-executor.3 Not tainted 5.10.173 #1
[ 2123.187079] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2123.188079] Call Trace:
[ 2123.188405]  dump_stack+0x107/0x167
[ 2123.188858]  should_fail.cold+0x5/0xa
[ 2123.189335]  ? security_inode_alloc+0x34/0x160
[ 2123.189909]  should_failslab+0x5/0x20
[ 2123.190380]  kmem_cache_alloc+0x5b/0x360
[ 2123.190893]  security_inode_alloc+0x34/0x160
[ 2123.191445]  inode_init_always+0xa4e/0xd10
[ 2123.191979]  ? shmem_destroy_inode+0x70/0x70
06:46:04 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]}) (fail_nth: 6)

06:46:04 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:46:04 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

[ 2123.192532]  alloc_inode+0x84/0x240
[ 2123.193193]  new_inode+0x23/0x250
[ 2123.193632]  shmem_get_inode+0x15e/0xbc0
[ 2123.194136]  __shmem_file_setup+0xb8/0x320
[ 2123.194616]  ? _copy_from_user+0xfb/0x1b0
[ 2123.195131]  __do_sys_memfd_create+0x275/0x450
[ 2123.195694]  ? memfd_file_seals_ptr+0x170/0x170
[ 2123.196264]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2123.196901]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2123.197564]  do_syscall_64+0x33/0x40
[ 2123.198018]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2123.198653] RIP: 0033:0x7f9da5fd2b19
[ 2123.199109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2123.201152] RSP: 002b:00007f9da3547f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2123.202108] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 00007f9da5fd2b19
[ 2123.202980] RDX: 00007f9da3548000 RSI: 0000000000000000 RDI: 00007f9da602c0fb
[ 2123.203850] RBP: 0000000000000000 R08: 00007f9da3547ff8 R09: ffffffffffffffff
06:46:04 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

06:46:04 executing program 1:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
setresgid(0x0, 0x0, 0x0)
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

[ 2123.204715] R10: 00007f9da3547ffc R11: 0000000000000246 R12: 0000000020000140
[ 2123.205642] R13: 0000000020000180 R14: 0000000000000000 R15: 00000000200002c0
06:46:04 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x8, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0)

06:46:04 executing program 2:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:46:04 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 2123.249866] FAULT_INJECTION: forcing a failure.
[ 2123.249866] name failslab, interval 1, probability 0, space 0, times 0
[ 2123.252717] CPU: 1 PID: 10626 Comm: syz-executor.6 Not tainted 5.10.173 #1
[ 2123.254133] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2123.255814] Call Trace:
[ 2123.256355]  dump_stack+0x107/0x167
[ 2123.257113]  should_fail.cold+0x5/0xa
[ 2123.257888]  ? create_object.isra.0+0x3a/0xa20
[ 2123.258818]  should_failslab+0x5/0x20
[ 2123.259586]  kmem_cache_alloc+0x5b/0x360
[ 2123.260421]  ? mark_held_locks+0x9e/0xe0
[ 2123.261267]  create_object.isra.0+0x3a/0xa20
[ 2123.262148]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2123.263229]  kmem_cache_alloc_bulk+0x168/0x320
[ 2123.264170]  io_submit_sqes+0x7099/0x86e0
[ 2123.265189]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2123.266193]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2123.267391]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2123.268371]  ? lock_downgrade+0x6d0/0x6d0
[ 2123.269380]  ? find_held_lock+0x2c/0x110
[ 2123.270208]  ? io_submit_sqes+0x86e0/0x86e0
[ 2123.271254]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2123.272230]  ? wait_for_completion_io+0x270/0x270
[ 2123.273406]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2123.274341]  ? vfs_write+0x354/0xa70
[ 2123.275117]  ? fput_many+0x2f/0x1a0
[ 2123.275853]  ? ksys_write+0x1a9/0x260
[ 2123.276622]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2123.277684]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2123.278738]  do_syscall_64+0x33/0x40
[ 2123.279483]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2123.280518] RIP: 0033:0x7fa423b4bb19
[ 2123.281274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2123.284941] RSP: 002b:00007fa4210c1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2123.286468] RAX: ffffffffffffffda RBX: 00007fa423c5ef60 RCX: 00007fa423b4bb19
[ 2123.287879] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2123.289306] RBP: 00007fa4210c11d0 R08: 0000000000000000 R09: 0000000000000000
[ 2123.290713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2123.292117] R13: 00007fff81bac09f R14: 00007fa4210c1300 R15: 0000000000022000
[ 2123.301108] FAULT_INJECTION: forcing a failure.
[ 2123.301108] name failslab, interval 1, probability 0, space 0, times 0
[ 2123.303739] CPU: 1 PID: 10627 Comm: syz-executor.5 Not tainted 5.10.173 #1
[ 2123.305298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2123.307146] Call Trace:
[ 2123.307739]  dump_stack+0x107/0x167
[ 2123.308565]  should_fail.cold+0x5/0xa
[ 2123.309447]  ? create_object.isra.0+0x3a/0xa20
[ 2123.310471]  should_failslab+0x5/0x20
[ 2123.311326]  kmem_cache_alloc+0x5b/0x360
[ 2123.312235]  ? mark_held_locks+0x9e/0xe0
[ 2123.313159]  create_object.isra.0+0x3a/0xa20
[ 2123.314143]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2123.315287]  kmem_cache_alloc_bulk+0x168/0x320
[ 2123.316324]  io_submit_sqes+0x7099/0x86e0
[ 2123.317277]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2123.318391]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2123.319497]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2123.320577]  ? lock_downgrade+0x6d0/0x6d0
[ 2123.321506]  ? find_held_lock+0x2c/0x110
[ 2123.322421]  ? io_submit_sqes+0x86e0/0x86e0
[ 2123.323554]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2123.324650]  ? wait_for_completion_io+0x270/0x270
[ 2123.325970]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2123.327010]  ? vfs_write+0x354/0xa70
[ 2123.327850]  ? fput_many+0x2f/0x1a0
[ 2123.328669]  ? ksys_write+0x1a9/0x260
[ 2123.329558]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2123.330724]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2123.331884]  do_syscall_64+0x33/0x40
[ 2123.332719]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2123.333875] RIP: 0033:0x7f6d68476b19
[ 2123.334707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2123.338765] RSP: 002b:00007f6d659ec188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2123.340454] RAX: ffffffffffffffda RBX: 00007f6d68589f60 RCX: 00007f6d68476b19
[ 2123.342044] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2123.343607] RBP: 00007f6d659ec1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2123.345186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2123.346754] R13: 00007ffea8e70e7f R14: 00007f6d659ec300 R15: 0000000000022000
[ 2123.349828] FAULT_INJECTION: forcing a failure.
06:46:05 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]}) (fail_nth: 7)

[ 2123.349828] name failslab, interval 1, probability 0, space 0, times 0
[ 2123.351293] CPU: 0 PID: 10638 Comm: syz-executor.0 Not tainted 5.10.173 #1
[ 2123.352032] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2123.352907] Call Trace:
[ 2123.353200]  dump_stack+0x107/0x167
[ 2123.353587]  should_fail.cold+0x5/0xa
[ 2123.353987]  ? create_object.isra.0+0x3a/0xa20
[ 2123.354237] FAULT_INJECTION: forcing a failure.
[ 2123.354237] name failslab, interval 1, probability 0, space 0, times 0
[ 2123.354462]  should_failslab+0x5/0x20
[ 2123.354476]  kmem_cache_alloc+0x5b/0x360
[ 2123.354491]  ? io_uring_alloc_task_context+0xf5/0x6a0
[ 2123.354513]  create_object.isra.0+0x3a/0xa20
[ 2123.358701]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2123.359238]  __kmalloc+0x16e/0x330
[ 2123.359637]  io_wq_create+0xeb/0xc00
[ 2123.360036]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 2123.360583]  ? io_sqe_buffer_register+0x13d0/0x13d0
[ 2123.361114]  ? io_issue_sqe+0x7660/0x7660
[ 2123.361553]  ? __io_req_find_next+0x260/0x260
[ 2123.362022]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2123.362528]  __io_uring_add_tctx_node+0x2c6/0x520
[ 2123.363031]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 2123.363596]  __do_sys_io_uring_enter+0x136d/0x17b0
[ 2123.364117]  ? lock_downgrade+0x6d0/0x6d0
[ 2123.364555]  ? find_held_lock+0x2c/0x110
[ 2123.364982]  ? io_submit_sqes+0x86e0/0x86e0
[ 2123.365443]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2123.365952]  ? wait_for_completion_io+0x270/0x270
[ 2123.366459]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2123.366943]  ? vfs_write+0x354/0xa70
[ 2123.367338]  ? fput_many+0x2f/0x1a0
[ 2123.367721]  ? ksys_write+0x1a9/0x260
[ 2123.368120]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2123.368677]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2123.369229]  do_syscall_64+0x33/0x40
[ 2123.369674]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2123.370200] RIP: 0033:0x7f7fb60aab19
[ 2123.370645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2123.372527] RSP: 002b:00007f7fb35ff188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2123.373321] RAX: ffffffffffffffda RBX: 00007f7fb61be020 RCX: 00007f7fb60aab19
[ 2123.374115] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2123.374894] RBP: 00007f7fb35ff1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2123.375652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2123.376420] R13: 00007ffdcfab6fff R14: 00007f7fb35ff300 R15: 0000000000022000
[ 2123.377222] CPU: 1 PID: 10634 Comm: syz-executor.2 Not tainted 5.10.173 #1
[ 2123.378766] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2123.380560] Call Trace:
[ 2123.381142]  dump_stack+0x107/0x167
[ 2123.381941]  should_fail.cold+0x5/0xa
[ 2123.382765]  ? create_object.isra.0+0x3a/0xa20
[ 2123.383749]  should_failslab+0x5/0x20
[ 2123.384569]  kmem_cache_alloc+0x5b/0x360
[ 2123.385457]  ? mark_held_locks+0x9e/0xe0
[ 2123.386336]  create_object.isra.0+0x3a/0xa20
[ 2123.387300]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2123.388401]  kmem_cache_alloc_bulk+0x168/0x320
[ 2123.389405]  io_submit_sqes+0x7099/0x86e0
[ 2123.390315]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2123.391383]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2123.392467]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2123.393518]  ? lock_downgrade+0x6d0/0x6d0
[ 2123.394419]  ? find_held_lock+0x2c/0x110
[ 2123.395297]  ? io_submit_sqes+0x86e0/0x86e0
[ 2123.396245]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2123.397304]  ? wait_for_completion_io+0x270/0x270
[ 2123.398355]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2123.399362]  ? vfs_write+0x354/0xa70
[ 2123.400175]  ? fput_many+0x2f/0x1a0
[ 2123.400967]  ? ksys_write+0x1a9/0x260
[ 2123.401812]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2123.402945]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2123.404068]  do_syscall_64+0x33/0x40
[ 2123.404881]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2123.405996] RIP: 0033:0x7f89fccd7b19
[ 2123.406805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2123.410791] RSP: 002b:00007f89fa24d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2123.412440] RAX: ffffffffffffffda RBX: 00007f89fcdeaf60 RCX: 00007f89fccd7b19
[ 2123.413989] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2123.415523] RBP: 00007f89fa24d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2123.417055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2123.418603] R13: 00007ffdfdcd9b0f R14: 00007f89fa24d300 R15: 0000000000022000
[ 2123.424946] FAULT_INJECTION: forcing a failure.
[ 2123.424946] name failslab, interval 1, probability 0, space 0, times 0
[ 2123.426177] CPU: 0 PID: 10641 Comm: syz-executor.3 Not tainted 5.10.173 #1
[ 2123.426967] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2123.427897] Call Trace:
[ 2123.428191]  dump_stack+0x107/0x167
[ 2123.428618]  should_fail.cold+0x5/0xa
[ 2123.429047]  ? create_object.isra.0+0x3a/0xa20
[ 2123.429594]  should_failslab+0x5/0x20
[ 2123.430022]  kmem_cache_alloc+0x5b/0x360
[ 2123.430488]  create_object.isra.0+0x3a/0xa20
[ 2123.430978]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2123.431564]  kmem_cache_alloc+0x159/0x360
[ 2123.432038]  security_inode_alloc+0x34/0x160
[ 2123.432548]  inode_init_always+0xa4e/0xd10
[ 2123.433022]  ? shmem_destroy_inode+0x70/0x70
[ 2123.433532]  alloc_inode+0x84/0x240
[ 2123.433940]  new_inode+0x23/0x250
[ 2123.434329]  shmem_get_inode+0x15e/0xbc0
[ 2123.434791]  __shmem_file_setup+0xb8/0x320
[ 2123.435265]  ? _copy_from_user+0xfb/0x1b0
[ 2123.435737]  __do_sys_memfd_create+0x275/0x450
[ 2123.436247]  ? memfd_file_seals_ptr+0x170/0x170
[ 2123.436787]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2123.437378]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2123.437966]  do_syscall_64+0x33/0x40
[ 2123.438390]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2123.439021] RIP: 0033:0x7f9da5fd2b19
[ 2123.439481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2123.441670] RSP: 002b:00007f9da3547f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2123.442575] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 00007f9da5fd2b19
[ 2123.443442] RDX: 00007f9da3548000 RSI: 0000000000000000 RDI: 00007f9da602c0fb
06:46:05 executing program 1:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

[ 2123.444322] RBP: 0000000000000000 R08: 00007f9da3547ff8 R09: ffffffffffffffff
[ 2123.445300] R10: 00007f9da3547ffc R11: 0000000000000246 R12: 0000000020000140
[ 2123.446163] R13: 0000000020000180 R14: 0000000000000000 R15: 00000000200002c0
06:46:05 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 2123.518443] ISOFS: Unable to identify CD-ROM format.
06:46:19 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x9, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0)

[ 2137.909197] FAULT_INJECTION: forcing a failure.
[ 2137.909197] name failslab, interval 1, probability 0, space 0, times 0
[ 2137.912687] CPU: 0 PID: 10671 Comm: syz-executor.3 Not tainted 5.10.173 #1
[ 2137.914169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2137.915849] Call Trace:
[ 2137.916390]  dump_stack+0x107/0x167
[ 2137.917132]  should_fail.cold+0x5/0xa
[ 2137.917943]  ? __d_alloc+0x2a/0x990
[ 2137.918680]  should_failslab+0x5/0x20
[ 2137.919458]  kmem_cache_alloc+0x5b/0x360
[ 2137.920277]  ? trace_hardirqs_on+0x5b/0x180
[ 2137.921155]  __d_alloc+0x2a/0x990
[ 2137.921871]  d_alloc_pseudo+0x19/0x70
[ 2137.922636]  alloc_file_pseudo+0xce/0x250
[ 2137.923467]  ? alloc_file+0x5a0/0x5a0
[ 2137.924229]  ? shmem_get_inode+0x55c/0xbc0
[ 2137.925080]  __shmem_file_setup+0x144/0x320
[ 2137.925946]  ? _copy_from_user+0xfb/0x1b0
[ 2137.926784]  __do_sys_memfd_create+0x275/0x450
[ 2137.927726]  ? memfd_file_seals_ptr+0x170/0x170
[ 2137.928670]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2137.929735]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2137.930757]  do_syscall_64+0x33/0x40
[ 2137.931501]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2137.932521] RIP: 0033:0x7f9da5fd2b19
[ 2137.933268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2137.936910] RSP: 002b:00007f9da3547f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2137.938433] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 00007f9da5fd2b19
[ 2137.939839] RDX: 00007f9da3548000 RSI: 0000000000000000 RDI: 00007f9da602c0fb
[ 2137.941242] RBP: 0000000000000000 R08: 00007f9da3547ff8 R09: ffffffffffffffff
[ 2137.942658] R10: 00007f9da3547ffc R11: 0000000000000246 R12: 0000000020000140
[ 2137.944067] R13: 0000000020000180 R14: 0000000000000000 R15: 00000000200002c0
06:46:19 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:46:19 executing program 1:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

06:46:19 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x10, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:46:19 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

06:46:19 executing program 2:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:46:19 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:46:19 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]}) (fail_nth: 8)

[ 2137.971117] FAULT_INJECTION: forcing a failure.
[ 2137.971117] name failslab, interval 1, probability 0, space 0, times 0
[ 2137.972937] CPU: 0 PID: 10662 Comm: syz-executor.0 Not tainted 5.10.173 #1
[ 2137.973974] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2137.975193] Call Trace:
[ 2137.975592]  dump_stack+0x107/0x167
[ 2137.976132]  should_fail.cold+0x5/0xa
[ 2137.976706]  ? create_object.isra.0+0x3a/0xa20
[ 2137.977383]  should_failslab+0x5/0x20
[ 2137.977943]  kmem_cache_alloc+0x5b/0x360
[ 2137.978536]  ? mark_held_locks+0x9e/0xe0
[ 2137.979132]  create_object.isra.0+0x3a/0xa20
[ 2137.979775]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2137.980564]  kmem_cache_alloc_bulk+0x168/0x320
[ 2137.981243]  io_submit_sqes+0x7099/0x86e0
[ 2137.981867]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2137.982595]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2137.983334]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2137.984050]  ? io_submit_sqes+0x86e0/0x86e0
[ 2137.984688]  ? recalibrate_cpu_khz+0x10/0x10
[ 2137.985342]  ? ktime_get+0x158/0x1f0
[ 2137.985894]  ? lapic_timer_set_periodic+0x60/0x60
[ 2137.986604]  ? clockevents_program_event+0x131/0x360
[ 2137.987384]  ? tick_program_event+0xa8/0x140
[ 2137.988034] FAULT_INJECTION: forcing a failure.
[ 2137.988034] name failslab, interval 1, probability 0, space 0, times 0
[ 2137.989628]  ? hrtimer_interrupt+0x771/0x9b0
[ 2137.990282]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2137.991052]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2137.991808]  do_syscall_64+0x33/0x40
[ 2137.992350]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2137.993092] RIP: 0033:0x7f7fb60aab19
[ 2137.993657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2137.996329] RSP: 002b:00007f7fb3620188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2137.997440] RAX: ffffffffffffffda RBX: 00007f7fb61bdf60 RCX: 00007f7fb60aab19
[ 2137.998487] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2137.999523] RBP: 00007f7fb36201d0 R08: 0000000000000000 R09: 0000000000000000
[ 2138.000577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2138.001632] R13: 00007ffdcfab6fff R14: 00007f7fb3620300 R15: 0000000000022000
[ 2138.002712] CPU: 1 PID: 10673 Comm: syz-executor.5 Not tainted 5.10.173 #1
[ 2138.004442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2138.004942] FAULT_INJECTION: forcing a failure.
[ 2138.004942] name failslab, interval 1, probability 0, space 0, times 0
[ 2138.006485] Call Trace:
[ 2138.006511]  dump_stack+0x107/0x167
[ 2138.006542]  should_fail.cold+0x5/0xa
[ 2138.006565]  ? create_object.isra.0+0x3a/0xa20
[ 2138.011743]  should_failslab+0x5/0x20
[ 2138.012654]  kmem_cache_alloc+0x5b/0x360
[ 2138.013645]  ? mark_held_locks+0x9e/0xe0
[ 2138.014633]  create_object.isra.0+0x3a/0xa20
[ 2138.015697]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2138.016965]  kmem_cache_alloc_bulk+0x168/0x320
[ 2138.018091]  io_submit_sqes+0x7099/0x86e0
[ 2138.019143]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2138.020338]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2138.021548]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2138.022710]  ? lock_downgrade+0x6d0/0x6d0
[ 2138.023705]  ? find_held_lock+0x2c/0x110
[ 2138.024685]  ? io_submit_sqes+0x86e0/0x86e0
[ 2138.025742]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2138.026910]  ? wait_for_completion_io+0x270/0x270
[ 2138.028074]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2138.029187]  ? vfs_write+0x354/0xa70
[ 2138.030111]  ? fput_many+0x2f/0x1a0
[ 2138.030995]  ? ksys_write+0x1a9/0x260
[ 2138.031932]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2138.033190]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2138.034446]  do_syscall_64+0x33/0x40
[ 2138.035349]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2138.036580] RIP: 0033:0x7f6d68476b19
[ 2138.037503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2138.041904] RSP: 002b:00007f6d659ec188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2138.043728] RAX: ffffffffffffffda RBX: 00007f6d68589f60 RCX: 00007f6d68476b19
[ 2138.045456] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2138.047170] RBP: 00007f6d659ec1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2138.048885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2138.050600] R13: 00007ffea8e70e7f R14: 00007f6d659ec300 R15: 0000000000022000
[ 2138.052349] CPU: 0 PID: 10669 Comm: syz-executor.2 Not tainted 5.10.173 #1
[ 2138.053455] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2138.054701] Call Trace:
[ 2138.055103]  dump_stack+0x107/0x167
[ 2138.055672]  should_fail.cold+0x5/0xa
[ 2138.056252]  ? create_object.isra.0+0x3a/0xa20
[ 2138.056952]  should_failslab+0x5/0x20
[ 2138.057533]  kmem_cache_alloc+0x5b/0x360
[ 2138.058149]  ? mark_held_locks+0x9e/0xe0
[ 2138.058766]  create_object.isra.0+0x3a/0xa20
[ 2138.059437]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2138.060214]  kmem_cache_alloc_bulk+0x168/0x320
[ 2138.060920]  io_submit_sqes+0x7099/0x86e0
[ 2138.061563]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2138.062322]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2138.063089]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2138.063845]  ? lock_downgrade+0x6d0/0x6d0
[ 2138.064477]  ? find_held_lock+0x2c/0x110
[ 2138.065097]  ? io_submit_sqes+0x86e0/0x86e0
[ 2138.065780]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2138.066518]  ? wait_for_completion_io+0x270/0x270
[ 2138.067257]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2138.067968]  ? vfs_write+0x354/0xa70
[ 2138.068545]  ? fput_many+0x2f/0x1a0
[ 2138.069102]  ? ksys_write+0x1a9/0x260
[ 2138.069711]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2138.070536]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2138.070841] FAULT_INJECTION: forcing a failure.
[ 2138.070841] name failslab, interval 1, probability 0, space 0, times 0
[ 2138.071323]  do_syscall_64+0x33/0x40
[ 2138.071340]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2138.071350] RIP: 0033:0x7f89fccd7b19
[ 2138.071364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2138.071373] RSP: 002b:00007f89fa24d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2138.071389] RAX: ffffffffffffffda RBX: 00007f89fcdeaf60 RCX: 00007f89fccd7b19
[ 2138.071398] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2138.071417] RBP: 00007f89fa24d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2138.083304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2138.084396] R13: 00007ffdfdcd9b0f R14: 00007f89fa24d300 R15: 0000000000022000
[ 2138.085532] CPU: 1 PID: 10672 Comm: syz-executor.6 Not tainted 5.10.173 #1
[ 2138.087196] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2138.089194] Call Trace:
[ 2138.089842]  dump_stack+0x107/0x167
[ 2138.090767]  should_fail.cold+0x5/0xa
[ 2138.091695]  ? create_object.isra.0+0x3a/0xa20
[ 2138.092852]  should_failslab+0x5/0x20
[ 2138.093786]  kmem_cache_alloc+0x5b/0x360
[ 2138.094801]  ? mark_held_locks+0x9e/0xe0
[ 2138.095795]  create_object.isra.0+0x3a/0xa20
[ 2138.096897]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2138.098156]  kmem_cache_alloc_bulk+0x168/0x320
[ 2138.099310]  io_submit_sqes+0x7099/0x86e0
[ 2138.100314]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2138.101562]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2138.102762]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2138.103965]  ? lock_downgrade+0x6d0/0x6d0
[ 2138.104994]  ? find_held_lock+0x2c/0x110
[ 2138.106045]  ? io_submit_sqes+0x86e0/0x86e0
[ 2138.107137]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2138.108304]  ? wait_for_completion_io+0x270/0x270
[ 2138.109529]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2138.110638]  ? vfs_write+0x354/0xa70
[ 2138.111577]  ? fput_many+0x2f/0x1a0
[ 2138.112451]  ? ksys_write+0x1a9/0x260
[ 2138.113425]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2138.114687]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2138.115984]  do_syscall_64+0x33/0x40
[ 2138.116895]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2138.118189] RIP: 0033:0x7fa423b4bb19
[ 2138.119083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2138.123681] RSP: 002b:00007fa4210c1188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2138.125527] RAX: ffffffffffffffda RBX: 00007fa423c5ef60 RCX: 00007fa423b4bb19
[ 2138.127320] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2138.129090] RBP: 00007fa4210c11d0 R08: 0000000000000000 R09: 0000000000000000
[ 2138.130875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2138.132641] R13: 00007fff81bac09f R14: 00007fa4210c1300 R15: 0000000000022000
06:46:19 executing program 1:
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

06:46:20 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]}) (fail_nth: 9)

06:46:20 executing program 1:
r0 = semget$private(0x0, 0x0, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

[ 2138.299192] FAULT_INJECTION: forcing a failure.
[ 2138.299192] name failslab, interval 1, probability 0, space 0, times 0
[ 2138.301049] CPU: 0 PID: 10686 Comm: syz-executor.3 Not tainted 5.10.173 #1
[ 2138.302161] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2138.303495] Call Trace:
[ 2138.303917]  dump_stack+0x107/0x167
[ 2138.304500]  should_fail.cold+0x5/0xa
[ 2138.305111]  ? create_object.isra.0+0x3a/0xa20
[ 2138.305846]  should_failslab+0x5/0x20
[ 2138.306431]  kmem_cache_alloc+0x5b/0x360
[ 2138.307081]  create_object.isra.0+0x3a/0xa20
[ 2138.307737]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2138.308558]  kmem_cache_alloc+0x159/0x360
[ 2138.309231]  ? trace_hardirqs_on+0x5b/0x180
[ 2138.309928]  __d_alloc+0x2a/0x990
[ 2138.310492]  d_alloc_pseudo+0x19/0x70
[ 2138.311096]  alloc_file_pseudo+0xce/0x250
[ 2138.311749]  ? alloc_file+0x5a0/0x5a0
[ 2138.312328]  ? shmem_get_inode+0x55c/0xbc0
[ 2138.312994]  __shmem_file_setup+0x144/0x320
[ 2138.313666]  ? _copy_from_user+0xfb/0x1b0
[ 2138.314334]  __do_sys_memfd_create+0x275/0x450
[ 2138.315024]  ? memfd_file_seals_ptr+0x170/0x170
[ 2138.315771]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2138.316574]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2138.317398]  do_syscall_64+0x33/0x40
[ 2138.317953]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2138.318793] RIP: 0033:0x7f9da5fd2b19
[ 2138.319348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2138.322268] RSP: 002b:00007f9da3547f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2138.323466] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 00007f9da5fd2b19
[ 2138.324617] RDX: 00007f9da3548000 RSI: 0000000000000000 RDI: 00007f9da602c0fb
[ 2138.325769] RBP: 0000000000000000 R08: 00007f9da3547ff8 R09: ffffffffffffffff
[ 2138.326897] R10: 00007f9da3547ffc R11: 0000000000000246 R12: 0000000020000140
[ 2138.327985] R13: 0000000020000180 R14: 0000000000000000 R15: 00000000200002c0
06:46:20 executing program 1:
r0 = semget$private(0x0, 0x0, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

06:46:20 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0xa, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0)

06:46:20 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x10, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 2138.572093] ISOFS: Unable to identify CD-ROM format.
06:46:20 executing program 1:
r0 = semget$private(0x0, 0x0, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

06:46:20 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]}) (fail_nth: 10)

[ 2138.809397] FAULT_INJECTION: forcing a failure.
[ 2138.809397] name failslab, interval 1, probability 0, space 0, times 0
[ 2138.812233] CPU: 0 PID: 10701 Comm: syz-executor.3 Not tainted 5.10.173 #1
[ 2138.814067] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2138.816279] Call Trace:
[ 2138.816991]  dump_stack+0x107/0x167
[ 2138.817982]  should_fail.cold+0x5/0xa
[ 2138.819014]  ? __alloc_file+0x21/0x320
[ 2138.820070]  should_failslab+0x5/0x20
[ 2138.821107]  kmem_cache_alloc+0x5b/0x360
[ 2138.822231]  __alloc_file+0x21/0x320
[ 2138.823240]  alloc_empty_file+0x6d/0x170
[ 2138.824353]  alloc_file+0x5e/0x5a0
[ 2138.825340]  alloc_file_pseudo+0x16a/0x250
[ 2138.826493]  ? alloc_file+0x5a0/0x5a0
[ 2138.827401]  ? shmem_get_inode+0x55c/0xbc0
[ 2138.828577]  __shmem_file_setup+0x144/0x320
[ 2138.829653]  ? _copy_from_user+0xfb/0x1b0
[ 2138.830802]  __do_sys_memfd_create+0x275/0x450
[ 2138.831936]  ? memfd_file_seals_ptr+0x170/0x170
[ 2138.833066]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2138.834398]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2138.835656]  do_syscall_64+0x33/0x40
[ 2138.836592]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2138.837885] RIP: 0033:0x7f9da5fd2b19
[ 2138.838826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2138.843054] RSP: 002b:00007f9da3547f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2138.844654] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 00007f9da5fd2b19
[ 2138.846172] RDX: 00007f9da3548000 RSI: 0000000000000000 RDI: 00007f9da602c0fb
[ 2138.847685] RBP: 0000000000000000 R08: 00007f9da3547ff8 R09: ffffffffffffffff
[ 2138.849205] R10: 00007f9da3547ffc R11: 0000000000000246 R12: 0000000020000140
[ 2138.850680] R13: 0000000020000180 R14: 0000000000000000 R15: 00000000200002c0
[ 2154.749152] FAULT_INJECTION: forcing a failure.
[ 2154.749152] name failslab, interval 1, probability 0, space 0, times 0
[ 2154.751458] CPU: 0 PID: 10717 Comm: syz-executor.3 Not tainted 5.10.173 #1
[ 2154.752633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2154.754286] Call Trace:
[ 2154.754731]  dump_stack+0x107/0x167
[ 2154.755450]  should_fail.cold+0x5/0xa
[ 2154.756096]  ? create_object.isra.0+0x3a/0xa20
[ 2154.756995]  should_failslab+0x5/0x20
[ 2154.757639]  kmem_cache_alloc+0x5b/0x360
[ 2154.758329]  create_object.isra.0+0x3a/0xa20
[ 2154.759086]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2154.759954]  kmem_cache_alloc+0x159/0x360
[ 2154.760653]  __alloc_file+0x21/0x320
[ 2154.761303]  alloc_empty_file+0x6d/0x170
[ 2154.762031]  alloc_file+0x5e/0x5a0
[ 2154.762632]  alloc_file_pseudo+0x16a/0x250
[ 2154.763379]  ? alloc_file+0x5a0/0x5a0
[ 2154.764033]  ? shmem_get_inode+0x55c/0xbc0
[ 2154.764747]  __shmem_file_setup+0x144/0x320
[ 2154.765489]  ? _copy_from_user+0xfb/0x1b0
[ 2154.766201]  __do_sys_memfd_create+0x275/0x450
[ 2154.766970]  ? memfd_file_seals_ptr+0x170/0x170
[ 2154.767750]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2154.768621]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2154.769512]  do_syscall_64+0x33/0x40
[ 2154.770158]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2154.771015] RIP: 0033:0x7f9da5fd2b19
[ 2154.771633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2154.774711] RSP: 002b:00007f9da3547f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2154.775993] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 00007f9da5fd2b19
[ 2154.777182] RDX: 00007f9da3548000 RSI: 0000000000000000 RDI: 00007f9da602c0fb
[ 2154.778379] RBP: 0000000000000000 R08: 00007f9da3547ff8 R09: ffffffffffffffff
[ 2154.779563] R10: 00007f9da3547ffc R11: 0000000000000246 R12: 0000000020000140
[ 2154.780745] R13: 0000000020000180 R14: 0000000000000000 R15: 00000000200002c0
06:46:36 executing program 1:
semget$private(0x0, 0x6, 0x0)
semop(0x0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

06:46:36 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x10, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:46:36 executing program 2:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:46:36 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

06:46:36 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0xb, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0)

06:46:36 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]}) (fail_nth: 11)

06:46:36 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:46:36 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 2154.824836] FAULT_INJECTION: forcing a failure.
[ 2154.824836] name failslab, interval 1, probability 0, space 0, times 0
[ 2154.827767] CPU: 1 PID: 10720 Comm: syz-executor.0 Not tainted 5.10.173 #1
[ 2154.829410] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2154.831399] Call Trace:
[ 2154.832023]  dump_stack+0x107/0x167
[ 2154.832880]  should_fail.cold+0x5/0xa
[ 2154.833791]  ? create_object.isra.0+0x3a/0xa20
[ 2154.834881]  should_failslab+0x5/0x20
[ 2154.835774]  kmem_cache_alloc+0x5b/0x360
[ 2154.836761]  ? mark_held_locks+0x9e/0xe0
[ 2154.837749]  create_object.isra.0+0x3a/0xa20
[ 2154.838817]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2154.840032]  kmem_cache_alloc_bulk+0x168/0x320
[ 2154.841142]  io_submit_sqes+0x7099/0x86e0
[ 2154.842169]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2154.843385]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2154.844591]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2154.845789]  ? lock_downgrade+0x6d0/0x6d0
[ 2154.846784]  ? find_held_lock+0x2c/0x110
[ 2154.847770]  ? io_submit_sqes+0x86e0/0x86e0
[ 2154.848828]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2154.850006]  ? wait_for_completion_io+0x270/0x270
[ 2154.851180]  ? rcu_read_lock_any_held+0x75/0xa0
06:46:36 executing program 1:
semget$private(0x0, 0x6, 0x0)
semop(0x0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

[ 2154.852311]  ? vfs_write+0x354/0xa70
[ 2154.853336]  ? copy_kernel_to_fpregs+0x9e/0xe0
[ 2154.854478]  ? trace_event_raw_event_x86_fpu+0x390/0x390
[ 2154.855798]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2154.857071]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2154.858355]  do_syscall_64+0x33/0x40
[ 2154.859273]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2154.860512] RIP: 0033:0x7f7fb60aab19
[ 2154.861426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2154.865898] RSP: 002b:00007f7fb3620188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2154.867760] RAX: ffffffffffffffda RBX: 00007f7fb61bdf60 RCX: 00007f7fb60aab19
[ 2154.869470] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2154.871179] RBP: 00007f7fb36201d0 R08: 0000000000000000 R09: 0000000000000000
[ 2154.872873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2154.874598] R13: 00007ffdcfab6fff R14: 00007f7fb3620300 R15: 0000000000022000
06:46:36 executing program 1:
semget$private(0x0, 0x6, 0x0)
semop(0x0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}, {0x2, 0x8, 0x1800}], 0x7)

06:46:36 executing program 1:
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, 0x0, 0x0)

06:46:36 executing program 1:
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, 0x0, 0x0)

[ 2155.100461] ISOFS: Unable to identify CD-ROM format.
06:46:36 executing program 1:
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, 0x0, 0x0)

06:46:36 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]}) (fail_nth: 12)

06:46:37 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0xc, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0)

06:46:37 executing program 1:
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}, {0x3, 0x80}], 0x6)

[ 2155.291449] FAULT_INJECTION: forcing a failure.
[ 2155.291449] name failslab, interval 1, probability 0, space 0, times 0
[ 2155.294132] CPU: 1 PID: 10750 Comm: syz-executor.3 Not tainted 5.10.173 #1
[ 2155.295695] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2155.297569] Call Trace:
[ 2155.298172]  dump_stack+0x107/0x167
[ 2155.299007]  should_fail.cold+0x5/0xa
[ 2155.299879]  ? security_file_alloc+0x34/0x170
[ 2155.300902]  should_failslab+0x5/0x20
[ 2155.301782]  kmem_cache_alloc+0x5b/0x360
[ 2155.302713]  security_file_alloc+0x34/0x170
[ 2155.303712]  __alloc_file+0xb6/0x320
[ 2155.304579]  alloc_empty_file+0x6d/0x170
[ 2155.305513]  alloc_file+0x5e/0x5a0
[ 2155.306334]  alloc_file_pseudo+0x16a/0x250
[ 2155.307300]  ? alloc_file+0x5a0/0x5a0
[ 2155.308177]  ? shmem_get_inode+0x55c/0xbc0
[ 2155.309152]  __shmem_file_setup+0x144/0x320
[ 2155.310133]  ? _copy_from_user+0xfb/0x1b0
[ 2155.311084]  __do_sys_memfd_create+0x275/0x450
[ 2155.312118]  ? memfd_file_seals_ptr+0x170/0x170
[ 2155.313188]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2155.314407]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2155.315603]  do_syscall_64+0x33/0x40
[ 2155.316467]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2155.317674] RIP: 0033:0x7f9da5fd2b19
[ 2155.318535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2155.322751] RSP: 002b:00007f9da3547f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2155.324507] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 00007f9da5fd2b19
[ 2155.326176] RDX: 00007f9da3548000 RSI: 0000000000000000 RDI: 00007f9da602c0fb
[ 2155.327819] RBP: 0000000000000000 R08: 00007f9da3547ff8 R09: ffffffffffffffff
[ 2155.329454] R10: 00007f9da3547ffc R11: 0000000000000246 R12: 0000000020000140
[ 2155.331110] R13: 0000000020000180 R14: 0000000000000000 R15: 00000000200002c0
06:46:37 executing program 1:
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}, {0x4, 0x8, 0x1000}], 0x5)

06:46:37 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

[ 2155.668687] FAULT_INJECTION: forcing a failure.
[ 2155.668687] name failslab, interval 1, probability 0, space 0, times 0
[ 2155.670316] CPU: 0 PID: 10757 Comm: syz-executor.0 Not tainted 5.10.173 #1
[ 2155.671169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2155.672262] Call Trace:
[ 2155.672606]  dump_stack+0x107/0x167
[ 2155.673091]  should_fail.cold+0x5/0xa
[ 2155.673578]  ? create_object.isra.0+0x3a/0xa20
[ 2155.674180]  should_failslab+0x5/0x20
[ 2155.674655]  kmem_cache_alloc+0x5b/0x360
[ 2155.675191]  ? mark_held_locks+0x9e/0xe0
[ 2155.675696]  create_object.isra.0+0x3a/0xa20
[ 2155.676273]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2155.676901]  kmem_cache_alloc_bulk+0x168/0x320
[ 2155.677513]  io_submit_sqes+0x7099/0x86e0
[ 2155.678035]  ? percpu_ref_tryget_many+0x166/0x2d0
[ 2155.678689]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2155.679312]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2155.679950]  ? lock_downgrade+0x6d0/0x6d0
[ 2155.680483]  ? find_held_lock+0x2c/0x110
[ 2155.681028]  ? io_submit_sqes+0x86e0/0x86e0
[ 2155.681593]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2155.682229]  ? irqentry_enter+0x26/0x60
[ 2155.682771]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2155.683488]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2155.684209]  ? trace_hardirqs_on+0x5b/0x180
[ 2155.684809]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2155.685541]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2155.686261]  do_syscall_64+0x33/0x40
[ 2155.686760]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2155.687449] RIP: 0033:0x7f7fb60aab19
[ 2155.687943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2155.690456] RSP: 002b:00007f7fb3620188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2155.691483] RAX: ffffffffffffffda RBX: 00007f7fb61bdf60 RCX: 00007f7fb60aab19
[ 2155.692429] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2155.693362] RBP: 00007f7fb36201d0 R08: 0000000000000000 R09: 0000000000000000
[ 2155.694312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2155.695250] R13: 00007ffdcfab6fff R14: 00007f7fb3620300 R15: 0000000000022000
06:46:37 executing program 1:
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}, {0x2, 0x6, 0x1800}], 0x4)

06:46:37 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]}) (fail_nth: 13)

06:46:37 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:46:37 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:46:37 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:46:37 executing program 2:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 2155.759070] FAULT_INJECTION: forcing a failure.
[ 2155.759070] name failslab, interval 1, probability 0, space 0, times 0
[ 2155.761073] CPU: 1 PID: 10767 Comm: syz-executor.3 Not tainted 5.10.173 #1
[ 2155.762256] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2155.763673] Call Trace:
[ 2155.764124]  dump_stack+0x107/0x167
[ 2155.764749]  should_fail.cold+0x5/0xa
[ 2155.765399]  ? create_object.isra.0+0x3a/0xa20
[ 2155.766207]  should_failslab+0x5/0x20
[ 2155.766864]  kmem_cache_alloc+0x5b/0x360
[ 2155.767548]  ? percpu_ref_put_many.constprop.0+0x4e/0x110
[ 2155.768477]  create_object.isra.0+0x3a/0xa20
[ 2155.769226]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2155.770092]  kmem_cache_alloc+0x159/0x360
[ 2155.770797]  security_file_alloc+0x34/0x170
[ 2155.771527]  __alloc_file+0xb6/0x320
[ 2155.772157]  alloc_empty_file+0x6d/0x170
[ 2155.772849]  alloc_file+0x5e/0x5a0
[ 2155.773463]  alloc_file_pseudo+0x16a/0x250
[ 2155.774182]  ? alloc_file+0x5a0/0x5a0
[ 2155.774842]  ? shmem_get_inode+0x55c/0xbc0
[ 2155.775564]  __shmem_file_setup+0x144/0x320
[ 2155.776289]  ? _copy_from_user+0xfb/0x1b0
[ 2155.777008]  __do_sys_memfd_create+0x275/0x450
[ 2155.777805]  ? memfd_file_seals_ptr+0x170/0x170
[ 2155.778602]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2155.779497]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2155.780391]  do_syscall_64+0x33/0x40
[ 2155.781020]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2155.781930] RIP: 0033:0x7f9da5fd2b19
[ 2155.782583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2155.785776] RSP: 002b:00007f9da3547f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2155.787072] RAX: ffffffffffffffda RBX: 0000000020000280 RCX: 00007f9da5fd2b19
[ 2155.788250] RDX: 00007f9da3548000 RSI: 0000000000000000 RDI: 00007f9da602c0fb
[ 2155.789479] RBP: 0000000000000000 R08: 00007f9da3547ff8 R09: ffffffffffffffff
[ 2155.790684] R10: 00007f9da3547ffc R11: 0000000000000246 R12: 0000000020000140
[ 2155.791889] R13: 0000000020000180 R14: 0000000000000000 R15: 00000000200002c0
[ 2155.870598] ISOFS: Unable to identify CD-ROM format.
06:46:52 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]}) (fail_nth: 14)

06:46:52 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:46:52 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x3, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:46:52 executing program 0:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1, {0x0, r7}}, 0x0)

06:46:52 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x3, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:46:52 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0xd, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0)

06:46:52 executing program 2:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x3, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 2170.442506] FAULT_INJECTION: forcing a failure.
[ 2170.442506] name failslab, interval 1, probability 0, space 0, times 0
[ 2170.445089] CPU: 1 PID: 10798 Comm: syz-executor.3 Not tainted 5.10.173 #1
06:46:52 executing program 1:
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x2, 0x5, 0x800}], 0x3)

[ 2170.446771] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2170.448650] Call Trace:
[ 2170.449191]  dump_stack+0x107/0x167
[ 2170.449967]  should_fail.cold+0x5/0xa
[ 2170.450744]  ? getname_flags.part.0+0x50/0x4f0
[ 2170.451670]  should_failslab+0x5/0x20
[ 2170.452443]  kmem_cache_alloc+0x5b/0x360
[ 2170.453273]  getname_flags.part.0+0x50/0x4f0
[ 2170.454179]  getname+0x8e/0xd0
[ 2170.454831]  do_sys_openat2+0xf9/0x420
[ 2170.455623]  ? build_open_flags+0x6f0/0x6f0
[ 2170.456496]  ? find_held_lock+0x2c/0x110
[ 2170.457321]  ? do_syscall_64+0x33/0x40
[ 2170.458128]  __x64_sys_openat+0x13f/0x1f0
[ 2170.458968]  ? __ia32_sys_open+0x1c0/0x1c0
[ 2170.459849]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2170.460907]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2170.461970]  do_syscall_64+0x33/0x40
[ 2170.462725]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2170.463758] RIP: 0033:0x7f9da5f85a04
[ 2170.464510] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 2170.468214] RSP: 002b:00007f9da3547ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2170.469760] RAX: ffffffffffffffda RBX: 00007f9da601c970 RCX: 00007f9da5f85a04
[ 2170.471192] RDX: 0000000000000002 RSI: 00007f9da3548000 RDI: 00000000ffffff9c
[ 2170.472621] RBP: 00007f9da3548000 R08: 0000000000000000 R09: ffffffffffffffff
[ 2170.474075] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 2170.475512] R13: 0000000000000004 R14: 0000000020000280 R15: 0000000000000000
[ 2170.511895] FAULT_INJECTION: forcing a failure.
[ 2170.511895] name failslab, interval 1, probability 0, space 0, times 0
[ 2170.514692] CPU: 1 PID: 10800 Comm: syz-executor.0 Not tainted 5.10.173 #1
[ 2170.516087] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2170.517783] Call Trace:
[ 2170.518327]  dump_stack+0x107/0x167
[ 2170.519082]  should_fail.cold+0x5/0xa
[ 2170.519866]  ? __io_queue_sqe+0x691/0xa60
[ 2170.520729]  should_failslab+0x5/0x20
[ 2170.521505]  kmem_cache_alloc_trace+0x55/0x2c0
[ 2170.522452]  __io_queue_sqe+0x691/0xa60
[ 2170.523261]  ? io_timeout_prep+0x8b0/0x8b0
[ 2170.524125]  io_submit_sqes+0x4484/0x86e0
[ 2170.525001]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2170.526121]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2170.527111]  ? lock_downgrade+0x6d0/0x6d0
[ 2170.528114]  ? find_held_lock+0x2c/0x110
[ 2170.529107]  ? io_submit_sqes+0x86e0/0x86e0
[ 2170.530188]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2170.531363]  ? wait_for_completion_io+0x270/0x270
[ 2170.532541]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2170.533664]  ? vfs_write+0x354/0xa70
[ 2170.534495]  ? fput_many+0x2f/0x1a0
[ 2170.535232]  ? ksys_write+0x1a9/0x260
[ 2170.536009]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2170.537055]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2170.538110]  do_syscall_64+0x33/0x40
[ 2170.538840]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2170.539870] RIP: 0033:0x7f7fb60aab19
[ 2170.540632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2170.544383] RSP: 002b:00007f7fb3620188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2170.545959] RAX: ffffffffffffffda RBX: 00007f7fb61bdf60 RCX: 00007f7fb60aab19
[ 2170.547408] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2170.548848] RBP: 00007f7fb36201d0 R08: 0000000000000000 R09: 0000000000000000
[ 2170.550289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2170.551728] R13: 00007ffdcfab6fff R14: 00007f7fb3620300 R15: 0000000000022000
[ 2170.553407] general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN NOPTI
[ 2170.555591] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]
[ 2170.555946] ieee80211 phy169: Selected rate control algorithm 'minstrel_ht'
[ 2170.557139] CPU: 1 PID: 10800 Comm: syz-executor.0 Not tainted 5.10.173 #1
[ 2170.557148] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2170.557165] RIP: 0010:__io_queue_sqe+0x69f/0xa60
[ 2170.557191] Code: 0f 85 24 03 00 00 48 8b 3d d6 8a da 02 ba 48 00 00 00 be 20 0a 00 00 e8 cf ce 7d ff 48 8d 78 14 49 89 c5 48 89 f8 48 c1 e8 03 <42> 0f b6 14 20 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85
[ 2170.569643] RSP: 0018:ffff8880459a7b28 EFLAGS: 00010213
[ 2170.570729] RAX: 0000000000000002 RBX: 1ffff11008b34f6b RCX: 0000000000000000
[ 2170.572167] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000014
[ 2170.573608] RBP: ffff88800f1ad000 R08: 0000000000000000 R09: ffffffff8509e133
[ 2170.575060] R10: fffffbfff0a13c26 R11: 0000000000000001 R12: dffffc0000000000
[ 2170.576497] R13: 0000000000000000 R14: ffff88800f1ad058 R15: ffff88800f1ad048
[ 2170.577947] FS:  00007f7fb3620700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[ 2170.579571] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2170.580733] CR2: 00007f7fb361ff78 CR3: 0000000047586000 CR4: 0000000000350ee0
[ 2170.582182] Call Trace:
[ 2170.582713]  ? io_timeout_prep+0x8b0/0x8b0
[ 2170.583563]  io_submit_sqes+0x4484/0x86e0
[ 2170.584416]  ? __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2170.585417]  __do_sys_io_uring_enter+0x6b5/0x17b0
[ 2170.586416]  ? lock_downgrade+0x6d0/0x6d0
[ 2170.587262]  ? find_held_lock+0x2c/0x110
[ 2170.588086]  ? io_submit_sqes+0x86e0/0x86e0
[ 2170.588962]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2170.589959]  ? wait_for_completion_io+0x270/0x270
[ 2170.590930]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2170.591870]  ? vfs_write+0x354/0xa70
[ 2170.592622]  ? fput_many+0x2f/0x1a0
[ 2170.593354]  ? ksys_write+0x1a9/0x260
06:46:52 executing program 1:
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}], 0x2)

[ 2170.594127]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2170.595315]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2170.596354]  do_syscall_64+0x33/0x40
[ 2170.597109]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2170.598158] RIP: 0033:0x7f7fb60aab19
[ 2170.598919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2170.602683] RSP: 002b:00007f7fb3620188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2170.604227] RAX: ffffffffffffffda RBX: 00007f7fb61bdf60 RCX: 00007f7fb60aab19
[ 2170.605678] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2170.607138] RBP: 00007f7fb36201d0 R08: 0000000000000000 R09: 0000000000000000
[ 2170.608593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2170.610060] R13: 00007ffdcfab6fff R14: 00007f7fb3620300 R15: 0000000000022000
[ 2170.611510] Modules linked in:
[ 2170.614154] ---[ end trace d62b9fc8d409152f ]---
[ 2170.615673] RIP: 0010:__io_queue_sqe+0x69f/0xa60
[ 2170.616684] Code: 0f 85 24 03 00 00 48 8b 3d d6 8a da 02 ba 48 00 00 00 be 20 0a 00 00 e8 cf ce 7d ff 48 8d 78 14 49 89 c5 48 89 f8 48 c1 e8 03 <42> 0f b6 14 20 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85
[ 2170.620537] RSP: 0018:ffff8880459a7b28 EFLAGS: 00010213
[ 2170.621722] RAX: 0000000000000002 RBX: 1ffff11008b34f6b RCX: 0000000000000000
[ 2170.623252] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000014
[ 2170.624757] RBP: ffff88800f1ad000 R08: 0000000000000000 R09: ffffffff8509e133
[ 2170.626305] R10: fffffbfff0a13c26 R11: 0000000000000001 R12: dffffc0000000000
[ 2170.627851] R13: 0000000000000000 R14: ffff88800f1ad058 R15: ffff88800f1ad048
[ 2170.629362] FS:  00007f7fb3620700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[ 2170.631057] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2170.632293] CR2: 00007f7fb361ff78 CR3: 0000000047586000 CR4: 0000000000350ee0
06:46:52 executing program 1:
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}], 0x2)

[ 2170.741634] ieee80211 phy170: Selected rate control algorithm 'minstrel_ht'
06:46:52 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@overriderock}]}) (fail_nth: 15)

[ 2170.816813] FAULT_INJECTION: forcing a failure.
[ 2170.816813] name failslab, interval 1, probability 0, space 0, times 0
[ 2170.819217] CPU: 1 PID: 10817 Comm: syz-executor.3 Tainted: G      D           5.10.173 #1
[ 2170.820899] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2170.822592] Call Trace:
[ 2170.823136]  dump_stack+0x107/0x167
[ 2170.823886]  should_fail.cold+0x5/0xa
[ 2170.824668]  ? create_object.isra.0+0x3a/0xa20
[ 2170.825605]  should_failslab+0x5/0x20
[ 2170.826388]  kmem_cache_alloc+0x5b/0x360
[ 2170.827212]  create_object.isra.0+0x3a/0xa20
[ 2170.828109]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2170.829139]  kmem_cache_alloc+0x159/0x360
[ 2170.829998]  getname_flags.part.0+0x50/0x4f0
[ 2170.830890]  getname+0x8e/0xd0
[ 2170.831543]  do_sys_openat2+0xf9/0x420
[ 2170.832334]  ? build_open_flags+0x6f0/0x6f0
[ 2170.833212]  ? lock_release+0x4df/0x6b0
[ 2170.834054]  ? do_syscall_64+0x33/0x40
[ 2170.834842]  __x64_sys_openat+0x13f/0x1f0
[ 2170.835677]  ? __ia32_sys_open+0x1c0/0x1c0
[ 2170.836533]  ? fput_many+0x2f/0x1a0
[ 2170.837273]  ? fpregs_assert_state_consistent+0xb9/0xe0
[ 2170.838370]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2170.839414]  do_syscall_64+0x33/0x40
[ 2170.840171]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[ 2170.841212] RIP: 0033:0x7f9da5f85a04
[ 2170.841984] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 2170.845714] RSP: 002b:00007f9da3547ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2170.847252] RAX: ffffffffffffffda RBX: 00007f9da601c970 RCX: 00007f9da5f85a04
[ 2170.848695] RDX: 0000000000000002 RSI: 00007f9da3548000 RDI: 00000000ffffff9c
[ 2170.850154] RBP: 00007f9da3548000 R08: 0000000000000000 R09: ffffffffffffffff
[ 2170.851594] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 2170.853035] R13: 0000000000000004 R14: 0000000020000280 R15: 0000000000000000
06:46:52 executing program 1:
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}], 0x2)

06:46:52 executing program 1:
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x0, 0x5, 0x800}], 0x3)

06:46:52 executing program 5:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xdcf}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x300, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)

06:46:52 executing program 1:
r0 = semget$private(0x0, 0x6, 0x0)
semop(r0, &(0x7f0000000340)=[{0x2, 0x4, 0x1000}, {0x4, 0x0, 0x800}, {0x0, 0x5, 0x800}], 0x3)

06:46:52 executing program 6:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000001c0)={0x0, 0x8})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x300, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, r5, 0x10000000)
syz_io_uring_submit(0x0, r6, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

[ 2171.033622] ISOFS: Unable to identify CD-ROM format.
06:46:52 executing program 4:
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xdcf}, 0x0, 0x0, 0x400, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x4}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_FSYNC={0x3, 0x4, 0x0, @fd, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x1010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r5, &(0x7f0000000040)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x4007, @fd_index=0x1, 0xffffffff80000000, 0x0, 0x0, 0x1d, 0x1}, 0x0)

06:46:52 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000001d80)={0x2, 0x8a, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0xe, &(0x7f0000000480)={&(0x7f0000000040)={0x18, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x4}]}, 0x18}}, 0x0)

[ 2171.101317] ieee80211 phy171: Selected rate control algorithm 'minstrel_ht'
[ 2171.224539] ieee80211 phy172: Selected rate control algorithm 'minstrel_ht'

VM DIAGNOSIS:
06:46:52  Registers:
info registers vcpu 0
RAX=000000000001aceb RBX=ffffffff849456e0 RCX=ffffc9000b642000 RDX=0000000000040000
RSI=ffffffff839ed878 RDI=0000000000000004 RBP=0000000000000002 RSP=ffff88804b37ee88
R8 =0000000000000000 R9 =ffffffff854e5b07 R10=000000000025c010 R11=0000000000000001
R12=0000000000000000 R13=00000000000da430 R14=ffffffff849457bc R15=fffffbfff0928ade
RIP=ffffffff81408332 RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f111a19d700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f6d659cad80 CR3=000000004c016000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822d31b1 RDI=ffffffff879e4160 RBP=ffffffff879e4120 RSP=ffff8880459a7488
R8 =0000000000000000 R9 =ffffffff856728cf R10=0000000000000000 R11=0000000000000001
R12=0000000000000030 R13=0000000000000030 R14=ffffffff879e4120 R15=dffffc0000000000
RIP=ffffffff822d3208 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f7fb3620700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f7fb361ff78 CR3=0000000047586000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=ffffffffffffffffffffffffffff0000 XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000